The Linux Foundation yesterday announced that Nokia Siemens Networks has become a member. Nokia Siemens Networks will work with the foundation and its members to continue improving Carrier Grade Linux (CGL). Nokia Siemens Networks, a leading enabler of communications services, will be working with the foundation specifically on Linux-based technologies for use in User Plane …

To mark the second birthday of the openSUSE project, the community program last week celebrated with two announcements – the availability of the first beta of openSUSE 10.3 and the growth of the openSUSE Build Service with a new end-user interface. The openSUSE Build Service is a framework that provides an infrastructure for software developers to create and compile packages for multiple Linux distributions. It addresses the problem that developers have in providing their software across multiple Linux platforms. The development team released the first version of the build service’s end-user interface, with which users of any openSUSE, SUSE Linux Enterprise, Fedora, Debian, Ubuntu or Mandriva distribution can search and browse new software for their distribution. In the past four months, more than 13 million packages have been downloaded from the openSUSE Build Service. Currently there are more than 700 projects and 20 000 software packages available.

Vulnerability Discovery and Analysis (VDA) Labs, founded in April by Jared DeMott, notifies software vendors of security bugs found in their software, as do many other security researchers. But as part of VDA’s business model, vendors are asked to pay for the bugs it discovers, or its consulting services, otherwise VDA threatens to sell the bug to a third party or make the details of the security flaw public. DeMott, who has done work for the National Security Agency among other places, describes his business model as “edgy,” while other security researchers see it as more akin to “extortion.” The practice, in either case, veers from the more traditional ways bug hunters have worked with software vendors and security firms. Just two weeks ago, LinkedIn, the popular social-networking site, got a taste of VDA’s business practices, when the Michigan security company claimed it had found a critical security flaw in …

When it comes to security expertise, you have two options: become a security expert or hire a security expert. There really is no middle ground. How prepared is your IT department or administrator to handle security incidents? Many organizations learn how to respond to security incidents only after suffering attacks. By this time, incidents often become much more costly than needed. Here’s some guidance on responding to IT security incidents. Learn how to define an incident response plan and contain the damage and minimize risks. And here are six easy steps that every company should take to enhance computer security in terms of getting the proverbial biggest bang for the security buck. Each suggestion is described in some detail with links to more in-depth treatment, templates, and tools. For a heads-up on the latest malware, including e-mail and desktop threats, find it all in one convenient location on the new …

After years of development, intensive fine-tuning, and much anticipation, Windows Server 2008 is almost ready for release. But not before it passes one more test. Microsoft is handing it over to the global Information Technology community for final scrutiny. And we’d like you to be part of that process. Here’s how the Face of Windows Server 2008 website lets you make a personal contribution to the development of this exciting technology, and share your knowledge and experience with colleagues from around the world. Download Beta 3 if you have not done so already. See the most recent and sophisticated version of Longhorn in action, trial it in your own work environment, discover what’s new and different, and send your feedback to Microsoft. Find, meet, and learn from other IT professionals. Get insights into the creation of Windows Server 2008 from its Redmond developers. Search for a colleague you know, or …

Lenovo will offer a version of Linux on its ThinkPad notebooks beginning in the fourth quarter, the company announced Monday. The Chinese PC maker has selected Suse Linux Enterprise Desktop 10 from Novell as its first supported entry into the world of open source. Though ThinkPads have been certified to run Linux in the past, this is the first time Lenovo will support the hardware and operating system directly. Novell will be responsible for providing operating system updates to Lenovo’s customers. ThinkPads with Suse Linux will be available to Lenovo’s commercial customers and individuals. The announcement coincides with the opening of the LinuxWorld conference in San Francisco on Monday. Lenovo is not the only top PC manufacturer to offer a version of the open-source operating system preinstalled on its PCs. In May, Dell opted for the Ubuntu version of Linux on a smattering of notebooks and PCs. Dell should also …

This year’s Black Hat was pretty much summed up in a prescient keynote by Richard Clarke, the nation’s former cyber security czar now novelist and chairman of Good Harbor Consulting. Clarke said “we’re building more and more of our economy on cyberspace 1.0, yet we have secured very little of cyberspace 1.0.” The apparent speed gained in Ajax (Asynchronous JavaScript and XML), which is technology that divides processing tasks between the Web server (Web site) and the Web client (browser), has opened Web 2.0 to some old school attacks. Nothing more clearly demonstrated this than a live hijack of a gMail account. In a talk originally to have been presented alongside his colleague David Maynor, Errata Security CEO Robert Graham demonstrated for a standing room only crowd how he was able to use a tool called Hamster and Ferret to sniff the wireless airwaves for the URLs of Web 2.0 …

Bicara tentang sosok Iwan Fals, kita tidak akan bisa melupakan kaum marjinal di negeri ini. Sebab, berbagai judul lagu yang membesarkan nama Iwan Fals seolah tak lepas dari masalah kepedulian sosial, seperti kemiskinan, pengangguran, dan berbagai protes sosial. Semisal lagu Oemar Bakri, yang menggambarkan pahit getir nasib guru, hingga lagu Bento yang merupakan sindiran bagi pejabat negeri. Pria bernama asli Virgiawan Listanto ini memang dekat dengan kaum miskin kota, terutama pengamen jalanan. Sebab, meski terlahir dari keluarga berkecukupan, kepeduliannya justru membawa kelahiran Jakarta 3 September 1961 ini banyak bergaul dengan pemusik jalanan. Sejak kecil, ia memang terkenal sudah berjiwa sosial tinggi. Tak jarang, ia memberikan pakaian dan sepatu baru yang mahal kepada teman yang benar-benar membutuhkan. Kepedulian itu juga yang membuatnya tak jengah untuk ikut menjadi pengamen jalanan, bersama teman-temannya sewaktu SMP di Bandung. Kecintaannya pada gitar kemudian membuat ia bertekad untuk menekuni musik sebagai jalan hidupnya. Iwan pun kemudian …

For years Microsoft kept its “shared source” distinct from the broader open-source movement, but now the company is seeking official blessing for its work from the organization that bestows official open-source status. The company said last week at the O’Reilly’s Open Source Conference that it’s submitting its shared-source licenses to the Open Source Initiative, which judges whether new licenses meet its criteria for listing. Increasingly, the organization also is trying to cut down on the number of open-source licenses, too, which is a problem for programmers who don’t want legal obstacles in the way of source code sharing. Jon Rosenberg, Microsoft’s director of source programs, described the move on the company’s open-source blog, Port 25. “Today, we reached another milestone with the decision to submit our open licenses to the OSI approval process, which, if the licenses are approved, should give the community additional confidence that the code we’re sharing …