Turnkey Linux turns everything up to 12 on their 4th B-Day...

The guys over at Turnkey Linux have released version 12 of their awesome server appliance core platform.  They also added 60+ new appliances.  If you haven't given them a shot I highly suggest it especially if you are new to Linux.  Heck I am an old time Linux user and love the ability to just download an appliance like the one they that comes setup with the Redmine project management server and Git, Bazaar, Mercurial and Subversion SCM.  Everyone of them is setup and ready for you to use.  Just download the appliance in any of 7 formats from ISO images to OpenVZ VMs and so much in between.  The best feature I have come to love and rely on is their server back and migration tool.  They call it TKLBAM - AKA the TurnKey Linux Backup and Migration system.  It allows you to take any currently existing system and back it up to S3.  Then restore the backup to a new machine leaving you in the same state but on updated software.  All the benefits but none of the pain.  It's an awesome idea and works well.  Watch for a full review and description of my experience coming soon. 

One really import change is their migration away from Ubuntu to Debian.  Check out the article for a very clear description and explanation of why.  The reasons are sound and hopefully the right people are listening.

Most of all though we would like to wish them a Happy 4th B-Day.  Let's hope there are plenty more in their future.

Java Zero Day Attach and it affects Linux...

This comes from our guest host Greg Martin on Google+:

Java 0-day being exploited in the wild. There have been confirmed infections on Windows-based computers but it's possible to compromise a Mac or Linux system as well. Currently the only recommendation for mitigation is to completely disable Java.

Links for thought:

Ars Technica article: http://arstechnica.com/security/2012/08/critical-java-exploit-spreads/

In-depth breakdown of the exploit (technical with mildly poor English): http://immunityproducts.blogspot.com.ar/2012/08/java-0day-analysis-cve-2012-4681.html

Proof-of-concept for the exploit (actual source code): http://pastie.org/pastes/4594319/text

There are also some claims that Oracle have known about the vulnerabilities for some time. https://www.pcworld.com/businesscenter/article/261612/oracle_knew_about_currently_exploited_java_vulnerabilities_for_months_researcher_says.html

I'm currently testing this out on my system (Linux) to see if I can get it to work.


Your Navy drones are now running Linux....

Well they will be after Raytheon get's done migrating them over from Windows.  Redmond lost another battle against Linux and we here at Linuxinstall.net feel a little safer for it.  The Navy had a small hacking issue with some of their drones and decided to replace Windows with Linux.  The hope is that the open source base will result in a harder to hack and more secure system.  Let's hope that Raytheon gets it right.