http://www.givewell.org/ rigorously evaluates charities and their top recommendations benefit poor people. http://www.thelifeyoucansave.o... has a longer list of recommended charities. Both websites are part of the effective altruism movement which applies evidence and reason to determine the most effective ways to improve the world.

Does anyone use Libsafe This library protects against buffer overflow vulnerabilities, and is very easy to install (basically you just install the RPM and you're done)

If more sysadmins installed this, perhaps we wouldn't have problems with so many Linux compromises? Of course it's no substitute for patching, but seems like a good additional security measure.

This is from the gnu.org software directory

The exploitation of buffer overflow and format string vulnerabilities in process stacks are a significant portion of security attacks. 'libsafe' is based on a middleware software layer that intercepts all function calls made to library functions known to be vulnerable. A substitute version of the corresponding function implements the original function in a way that ensures that any buffer overflows are contained within the current stack frame, which prevents attackers from overwriting the return address and hijacking the control flow of a running program.

The true benefit of using libsafe is protection against future attacks on programs not yet known to be vulnerable. The performance overhead of libsafe is negligible, it does not require changes to the OS, it works with existing binary programs, and it does not need access to the source code of defective programs, or recompilation or off-line processing of binaries.