Introduced in Ubuntu 7.10 was install-time encryption support where using the alternate installer one can fully encrypt their disk in an LVM using dm-crypt. Unfortunately, the Ubiquity installer in Ubuntu 8.04 continues to lack LVM and encryption support, but using Ubuntu 8.04 Alpha 6 we have looked at the performance cost of this encrypted configuration on Ubuntu Linux. Rather than looking directly at the disk read/write overhead caused by the encryption process, we have provided some benchmarks to see how the real-world performance is impacted in both gaming and other desktop tasks.

http://www.phoronix.com/scan.php?page=article&item=ubuntu_hdd_encrypt&num=1

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.

http://www.ossec.net/main/

Ubuntu 8.04 was officially released as production code on Friday. I’d already been running beta versions of it on two laptops (or the wife was, I should say) so I felt that I pretty much was ready to take my production laptop to it as soon as it hit general release code.

All the public distribution sites were swamped, of course, but it was pretty easy to snag it via Ubuntu’s official torrent.

I burnt the iso out to CD and did a full clean install from it. It nice how little there is to backup when you run all your work through a windows virtual machine and all your personal life data lives on web based applications.

On my Dell D620, it loaded fine, detected all hardware, and was ready to go in about 15 minutes. I ran Envy to get the newest video drivers (nice that it’s included in packages now), and then followed the instructions for making VMWare workstation support the newest 2.6 kernel.

Encrypted LVM didn’t seem to be an option on my build, so I didn’t do it even though I’d been planning on it.

Also, Firefox Beta 3 started refusing to remember my bookmarks. I probably caused that by resetting it back to defaults initially, but got tired of that fast and moved by to Firefox 2. Really, probably should included a default browser in a distro that hasn’t made it to a general release.. but that’s just like my opinion, man.

Also, default fonts always seem sucky - am I the only one who notices?

SANTA ANA, California (Reuters) - A computer hacker testified on Wednesday that a News Corp (NWSa.N) unit hired him to develop pirating software, but denied using it to penetrate the security system of a rival satellite television service.

Christopher Tarnovsky — who said his first payment was $20,000 in cash hidden in electronic devices mailed from Canada — testified in a corporate-spying lawsuit brought against News Corp’s NDS Group (NNDS.O) by DISH Network Corp (DISH.O).

Yahoo! News

I’ve been a big fan of the $9.99 special wireless routers for a while, but I’ve started having problems recently. I’m not sure if it’s because everybody in the neighborhood is buying fios and all the lame actiontek routers are being installed with the wifi enabled, but for whatever reason I’ve been having a hard time associating and staying associated with my ap for a while. In the last couple days it’s gotten really bad, to the point where I’d put in the wpa shared key and retry for twenty minutes before being able to get on.

I decided what I needed to do was get some reasonable router and put some nice stable package on it like dd-wrt.

Digging through the dd-wrt forums, it looked like the recommended highest performance router was the Asus 500g Premium. I found it at NewEgg for $79, not a bad deal at all.

Factory out of the box, it’s a pretty neat little router - it’ll take an external hard drive, act as a UPNP stream server, print server, run bittorrent apps, fileshare, streaming webcam, etc.

Instructions for installing the dd-wrt firmware are here. I accidentally followed the ones for a slightly different model and did a bunch of tftp prep files that were entirely unnecessary, but ultimately had it running in ten minutes.

It’s pretty amazing the stuff people are doing on these little routers - here’s a bunch of prepackaged apps ready to be installed. If you want, you could run just about anything on this little device.

And only fair to say that I was reminded and inspired by this project.

So, some password expirations along with the revelation that one of the more sizeable forums had been hacked and all their usernames and passwords stolen made me finally get do what I’d meant to for a while and start using KeePass.

KeePass is a free/multi-operating system/open source program with encrypted database to maintain your passwords, and includes a password generator. Now, instead of having my three passwords (one throw away, one root, one financials) I’m basically generating a unique 20 character value for each and every site. It’s certainly more of a pain in the ass - I’ll need to start using some scripts on things instead of manually looking up and typing a password every time - but in the long term, it’s the only way to eliminate the potential of compromise between different sites.

I know some people are already better at this than me - what do you use?

Got this one in the gmail today, wonder if we’ll suddenly see a flood of irs spams.

In discussions about examples like this quickly deleted digg post:

“Please note, this is legal.Scientology is bull, and it’s time to do something about it. At 6pmEST on the 18th, there will be a raid on http://www.scientology.org . Come join the fun, if you wish, by gigaloading the sites images, destroying the bandwidth, thus taking down the site hopefully in a hours. It’s time to do something, guys.”

It’s clear that botnet isn’t quite correct when the computers aren’t compromised by some nefarious 3rd party, and their owners are actively intending the activity. Therefore, I suggest the term ‘meatnet’. Remember kids, you saw it here first.

Here’s the kicker: To maintain that immunity, AT&T must transmit data “without selection of the material by the service provider” and “without modification of its content.” Once AT&T gets in the business of picking and choosing what content travels over its network, while the law is not entirely clear, it runs a serious risk of losing its all-important immunity. An Internet provider voluntarily giving up copyright immunity is like an astronaut on the moon taking off his space suit. As the world’s largest gatekeeper, AT&T would immediately become the world’s largest target for copyright infringement lawsuits.

On the technical side, if I were an AT&T engineer asked to implement this plan, I would resign immediately and look for work at Verizon. AT&T’s engineers are already trying to manage the feat of getting trillions of packets around the world at light speed. To begin examining those packets for illegal pictures of Britney Spears would be a nuisance, at best, and a threat to the whole Internet, at worst. Imagine if FedEx were forced to examine every parcel for drug paraphernalia: Next-day delivery would soon go up in smoke. Even China’s Internet, whose performance suffers greatly from its filtering, doesn’t go as far as what AT&T is proposing.

Slate Magazine

Kerry Beal was taken aback when he discovered last March that many of his fellow security guards at the Peach Bottom nuclear power plant in Pennsylvania were taking regular naps in what they called “the ready room.”

When he spoke to supervisors at his company, Wackenhut Corp., they told Beal to be a team player. When he alerted the regional office of the Nuclear Regulatory Commission, regulators let the matter drop after the plant’s owner, Exelon, said it found no evidence of guards asleep on the job.

So Beal videotaped the sleeping guards. The tape, eventually given to WCBS, a CBS television affiliate in New York City, showed the armed workers snoozing against walls, slumped on tabletops or with eyes closed and heads bobbing.

The fallout of the broadcast is still being felt. Last month, Exelon, the country’s largest provider of nuclear power, fired Wackenhut, which had guarded each of its 10 nuclear plants. The NRC is reviewing its own oversight procedures, having failed to heed Beal’s warning. And Wackenhut says that the entire nuclear industry needs to rethink security if it hopes to meet the tougher standards the NRC has tried to impose since the Sept. 11, 2001, terrorist attacks on the United States.

Danger Room