Tech

  • Bloggers under attack as pingback abused

    Steve WoodsLinux, Media, Open Source, Tech

    WordPress logoWordPress’ pingback function can be abused to mount a denial of service (DoS) attack on blogs without their owners noticing, Germany’s Heise IT website reports. It is unlikely that the problem will be remedied with an update.

    Security company Sucuri reports on an attack on one WordPress installation in which more than 162,000 other WordPress sites were misused as a DDoS platform. In this instance the attacker used the software’s pingback function in order to cripple the target website. With a pingback, one WordPress site can notify another that it has quoted its blog post.

    The attack works in such a manner that an attacker searches for a legitimate blog which has pingback activated (currently the default configuration for new WordPress installations) and then simulate a pingback from the victim’s site. The victim’s blog then queries the victim for the post which was quoted in the faked pingback. If the attacker does this with many sites, the flood of traffic is difficult for the target site to black as the queries look completely legitimate and originate from trustworthy sources.

    In the attack observed by Sucuri randomly generated URLs were quoted in the fake pingbacks for the victim’s ostensible posts. This results in WordPress’ caching mechanism does not take effect and the web server is so overloaded since the database must attempt to deliver the supposed posts for each request. Of course, in reality the server just serves up 404 error pages, since there are no pages for the random URLs. Nevertheless, if there are many such requests, this is sufficient to cripple the WordPress installation’s database. On Unix and Linux systems such an attack can be launched very simply by using the curl command on the command line.

    As the attack is misusing the ordinary working of the pingback function, it cannot be assumed that WordPress developers are going to do something about the problem. Site owners can prevent their blog being miused in this way by deactivating their installation’s pingback functions. Sucuri itself is proposing source code for a WordPress plug-in which should block the attacks, as follows:

    add_filter( ‘xmlrpc_methods’, function( $methods ) {
    unset( $methods[‘pingback.ping’] );
    return $methods;
    } );

    Use Sicuri’s WordPress DDoS Scanner to check if your site is being used for launching such attacks on other websites.

  • OmegaT, the basics

    Steve WoodsLanguage, Open Source, Tech

    OmegaT is a free and open source translation memory application written in Java. It’s a tool intended for professional translators.

    OmegaT has the following features:

    • Fuzzy matching
    • Match propagation
    • Simultaneous processing of multiple-file projects
    • Simultaneous use of multiple translation memories
    • User glossaries with recognition of inflected forms
    • Document file formats include:
      Open Document Format (the native format of the LibreOffice, OpenOffice and Calligra office suites)
      Microsoft Word, Excel, Powerpoint (.docx, .xlsx, .pptx)
      XHTML and HTML
      MediaWiki (Wikipedia)
      Plain text
      …plus about 30 other file formats
    • Unicode (UTF-8) support: can be used with non-Latin alphabets
    • Support for right-to-left languages
    • Integral spelling checker
    • Compatible with other translation memory applications (TMX, TTX, TXML, XLIFF, SDLXLIFF)

    OmegaT is cross-platform: it will run on any system on which the JRE (Java Runtime Environment) has been or can be installed.

    Over on YouTube, user weasel75 has produced a short (10 minutes) tutorial on the basics of OmegaT. Hopefully you’ll find it as useful as I did.

  • 2 weeks to Document Freedom Day

    Steve WoodsOpen Standards, Tech

    logo for Document Freedom Day 2014Document Freedom Day is a day for celebrating and raising awareness of open standards and formats; it takes place on the last Wednesday in March each year. On this day people who believe in fair access to communications technology teach, perform and demonstrate.

    Document freedom means documents that are free can be used in any way that the author intends. They can be read, transmitted, edited, and transformed using a variety of tools. Documents that aren’t free – like Microsoft Office’s .docx, .xlsx, .pptx, etc. – are locked to some particular software or company. Their author cannot choose how to use them because they are controlled by technical restrictions. This is akin to having a racehorse and never letting get above a trot.

    However, document freedom is about more than spreadsheets, presentations and word processing documents. Document freedom embraces all forms of data, including artwork, sheet and recorded music, emails and statistics. These can all be stored in ways which empower users, but they can also be stored in formats which constrain and manipulate us at enormous cost.

    Open standards are formats which everybody can use free of charge and restriction. They come with compatibility “built-in” – the way they work is shared publicly and any organisation can use them in their products and services without asking for permission. Open Standards are the foundation of cooperation and modern society. Today we celebrate the 25th anniversary of the world wide web – a vital resource that relies on open standards to work. Read more on open standards.

    You can get involved in Document Freedom Day by organising local activities, distributing fliers, adding a banner on your blog, donating money, and much more. See the Document Freedom Day site for more ideas and information.

  • Applications open for new round of Gnome OPW internships

    Steve WoodsOpen Source, Tech

    OPW logoThe Gnome Outreach Program* for Women (OPW) helps women get involved in free and open source software and has just announced the opening of a new round of internship applications. Women can apply for an internship to contribute to an open source project from May to August; and OPW is not just asking for applications from programmers.

    Successful applicants can obtain a Gnome Foundation internship from 19th May until 18th August 2014 under the aegis of the OPW. The outreach programme is intended to increase the proportion of women in open source projects and twice a year promotes the contribution of women to projects such as Gnome, Wikimedia and OpenStack. The deadline for applications for the next round is 19th May 2014.

    As previously stated, the programme is not restricted to women with programming skills; those with design, documentation or marketing skills can also apply. All participants will be supported by a mentor in the participating organisations. Details on how to apply are on the Gnome Foundation’s dedicated OPW site.

    * = It’s an American institution, hence the US spelling.

  • Powerful virus targets Ukraine

    Steve WoodsPolitics, Tech

    malware symbolFrance’s Le Monde reports that a very powerful computer virus has infected computers in Ukraine, where 22 instances of infection has been recorded since 2013, the year that country’s political crisis started, according to a report from BAE Systems.

    This virus, baptised Snake, but also known as Ouroboros after the serpent in Greek mythology, is “one of the most sophisticated and persistent threats that we track,” states BAE Systems Applied Intelligence, in a report published on Friday, 7th March.

    Although it appeared as early as 2006, Snake appears to have been deployed more aggressively since 2013, according to the same source: of the 56 instances identified since 2010 throughout the world, 44 have been recorded since last year. Ukraine is the main target with 22 instances since 2013, of which 14 alone have been confirmed since the start of 2014 when that country’s political crisis accelerated with the fall of its pro-Russian president at the end of February.

    Lithuania, Britain and Georgia are amongst the other countries where Snake has also shown up.

    Snake’s operators act on weekdays and operate mainly from a time zone corresponding to Moscow, BAE Systems states. “Our report shows that a technically sophisticated and well-organised group has been developing and using these tools for the last eight years,” said David Garfield, the managing director of cyber security at BAE Systems Applied Intelligence.

    “There is some evidence that links these tools to previous breaches connected to Russian threat actors but it is not possible to say exactly who is behind this campaign.”

    Snake’s controllers can access all of the computer systems they have infiltrated, in addition to which the virus’ capacity to hibernate by remaining completely inactive for many days makes its detection complex.

    According to Saturday’s Financial Times (paywall), the virus has in particular infiltrated the Kiev government’s computer systems and those of major Ukrainian organisations.

  • Tor network used to hide botnets and darknets

    Steve WoodsOpen Source, Tech

    According to IT security vendors Kaspersky Lab, the Tor anonymity network is under threat of being swamped by criminals abusing the anonymity it provides for hiding zombie networks, malicious command and control servers and ‘darknets’, Le Monde Informatique reports.

    How to works diagram

    Tor – otherwise known as The Onion Router – has always had its dark side, but last year the network’s use by criminals seems to have grown appreciably. According to researcher Sergey Lozhkin, “Kaspersky Lab had uncovered evidence of 900 services using Tor, equivalent to 5,500 nodes (server relays) and 1,000 exit nodes (servers from which traffic emerges) in total.”

    “It all started from the notorious Silk Road market and evolved into dozens of specialist markets: drugs, arms and, of course, malware.

    “Carding shops are firmly established in the Darknet. Stolen personal info is for sale with a wide variety of search attributes like country, bank, etc. Offers for customers of this kind are not limited to credit cards. Dumps, skimmers and carding equipment are for sale too”, he added.

    “In addition, command and control (C&C) servers hosted by Tor are more difficult to flush out, blacklist or eliminate,” Lozhkin continued. “Although creating a Tor communication module within a malware sample means extra work for the malware developers. We expect there will be a rise in new Tor-based malware, as well as Tor support for existing malware.”

    Experts from Kaspersky Lab have so far found Zeus with Tor capabilities and then detected ChewBacca and finally analysed the first Tor Trojan for Android.

  • Addio XP

    Steve WoodsBristol, Linux, Open Source, Tech

    It’s not just the Bristol & Bath Linux User Group (LUG) that’s organising an event to mark the end support for Microsoft’s superannuated Windows XP operating system (posts passim).

    In Italy a consortium of the Perugia GNU/Linux User Group, LibreUmbria, the Perugia Centro di Competenza Open Source and Girl Geek Life is also organising a half-day event to inform people that they don’t need to buy a new computer to have a modern, secure operating system again; all that’s needed is a change to a free and open source Linux operating system and its vast range of software.

    publicity for Perugia GNU/LUG's XP event
    Addio XP, ciao software libero!

    The Perugia event takes place at Perugia University on Saturday, 5th April 2014 from 9.00 am to 1.00 pm. Full details can be found at http://xpaddio.perugiagnulug.org/.

    Windows XP Zombie Edition
    Install Linux: don’t end up with an operating system that should died years ago!

    Support for XP (and MS Office 2003 too. Ed.) ends on 8th April 2014.

  • Upgrading Debian from stable to testing

    Steve WoodsLinux, Open Source, Tech

    Debian logoI’ve been using Debian GNU/Linux for many years and have been very pleased with its stability, reliability and security.

    Yesterday I decided to do something I’ve never done before: upgrade a production machine from Debian stable (codename ‘wheezy’) to Debian testing (codename ‘jessie’). See this guide for an explanation of Debian versions and releases.

    Anyway, after installing the apt-listbugs package which a Bristol Wireless colleague recommended, I then proceeded with the upgrade via the command line.

    The sequence of commands to perform the upgrade itself is very easy.

    # cp /etc/apt/sources.list{,.bak}
    # sed -i -e ‘s/ \(stable\|wheezy\)/ testing/ig’ /etc/apt/sources.list
    # apt-get update
    # apt-get –download-only dist-upgrade
    # apt-get dist-upgrade

    The first command backs up the software sources list, whilst the second edits the sources list to replace release versions. After that, the actual fun begins, downloading updated package information, downloading the packages themselves and then installing them.

    All told, it went very smoothly. The laptop rebooted normally after the upgrade and brought up the GUI. The only major problem was that I lost the functionality of the Broadcom wireless network card; this was resolved by reinstalling the card’s firmware – a 2 minute job. The upgrade also resulted in 2 packages being broken. The command (as root) for fixing this problem is apt-get -f install.

    In total, the upgrade took about 2 hours and I now have a machine running a more modern version of Debian on the same machine and have kept all my previous personal settings, which is a definite plus compared with a clean install where one has to spend hours reinstalling software packages not included in the ISO disc image and tweaking.

  • LibreUmbria taking free software into schools

    Steve WoodsOpen Source, Tech

    LibreUmbria free software in schools promotional flyerThe first of three free seminars organised by LibreUmbria – the organisation promoting free and open source software in Italy’s Umbria region – aimed at parents and teachers is being organised at the Giovanni Cena primary school in Perugia at 3.30 pm on Monday 10th March, the LibreUmbria blog reports.

    For some months the LibreUmbria working group has been making contact with a number of Umbrian schools in order to take free software into classrooms. They wish to start with primary schools where it is easy to raise children on open source (and there’s some great free and open source education software available at primary level. Ed). LibreUmbria’s wave of training is being heralded in with the arrival of spring thanks to collaboration with Perugia’s Terzo Circolo Didattico, which helped get this LibreUmbria experiment off the ground.

    The LibreUmbria@Scuola programme will include three seminars on the subjects of awareness, freedom and security. Each word will address one aspect of new technology and open up a debate with attendees.

    The seminars will be followed by two courses on the LibreOffice productivity suite in multimedia classrooms: one aimed at parents and another at teachers, who will in turn act as mentors and recommend them to colleagues and then to children in accordance with the cascade training approach.

    Just to emphasize the need for a digital culture that generates awareness, the title of the events being arranged by LibreUmbria is “Digital natives do not exist”. That awareness is currently lacking and there are as yet no “natives”.

Posts navigation