Archive for the ‘Free Open Source Software FOSS’ Category

Remove question mark and add your own icon to the ubuntu 11.04 natty narwhal unity launcher

June 28, 2011

Hi everyone,

I have moved this post to my new blog site. Click here to get to the post.

Thank you.

Regards,
Manohar Bhattarai (मनोहर भट्टराई)

Advertisements

Happy New Year 2011 to you all

January 2, 2011

Hello everyone,

I wish you all a very very Happy and prosperous New Year 2011.

May God bless everyone and bring peace and happiness to all in this world.

Regards,
Manohar Bhattarai (मनोहर भट्टराई)

http://manoharbhattarai.com.np/
http://about.me/manoharbhattarai 

Add xfce or KDE Desktop environment to ubuntu

November 28, 2010

Hi all,

If you want to add xfce/KDE desktop environment to your Ubuntu(Gnome), that can be done  using following steps-

1. Go to System->Administration->Synaptic Package Manager.

2. Click search and write xubuntu-desktop/kubuntu-desktop and search.

3. Check Mark for installation and then click Apply

This will install xubuntu-desktop/kubuntu-desktop to your Ubuntu system.

To login to xfce or KDE environment change the session on the main Log-on screen.

I have three desktop environments(Gnome(default), xfce and KDE) on my Ubuntu 8.04 system.

Enjoy all environment. 🙂

 

Regards,

Manohar Bhattarai

http://about.me/manoharbhattarai

 

Ubuntu 10.10 Maverick Meerkat releasing on 10/10/10

October 9, 2010

Hi all,

The new version of Ubuntu is going to be released on October 10, 2010 (10/10/10) by Canonical Ltd. The Ubuntu 10.10 version which has been named Maverick Meerkat has a lot of features. As the version number signifies, hope that it comes out to be 10 out of 10. If you want to know Technical overview of this version of Ubuntu, you can find it here.

If you want to download Ubuntu, you can download from the Ubuntu website here. Or you can request Ubuntu CD from here.

I think this version of Ubuntu will attract more users to migrate from other OSs to Linux. Hope you all who have not used Linux before will try this and enjoy the experience.

The next version of Ubuntu is coming soon

 

Regards,

Manohar Bhattarai

http://about.me/manoharbhattarai

Why Free Software is More Secure

July 24, 2010

Hi all,

I found this article and thought of sharing with you all. I am posting an extract from the article and the link as well. Anyone interested in reading the full article can use the link. Hope it will be informative to all.

Why Free Software is More Secure

“Continuous and broad peer-review, enabled by publicly available source code, improves software reliability and security through the identification and elimination of defects that might otherwise go unrecognized by the core development team. Conversely, where source code is hidden from the public, attackers can attack the software anyway …. Hiding source code does inhibit the ability of third parties to respond to vulnerabilities (because changing software is more difficult without the source code), but this is obviously not a security advantage. In general, ‘Security by Obscurity’ is widely denigrated.” — Department of Defense (DoD) FAQ’s response to question: “Doesn’t Hiding Source Code Automatically Make Software More Secure?”

The DoD indicates that FOSS has been central to its Information Technology (IT) operations since the mid-1990’s, and, according to some estimates, one-third to one-half of the software currently used by the agency is open source.The U.S. Office of Management and Budget issued a memorandum in 2004, which recommends that all federal agencies use the same procurement procedures for FOSS as they would for proprietary software. Other public sector agencies, such as the U.S. Navy, the Federal Aviation Administration, the U.S. Census Bureau and the U.S. Patent and Trademark Office have been identified as recognizing the security benefits of publicly auditable source code.

To understand why free and open source software has become a common component in the IT systems of so many businesses and organizations that perform life-critical or mission-critical functions, one must first accept that software bugs are a fact of life. The Software Engineering Institute estimates that an experienced software engineer produces approximately one defect for every 100 lines of code. Based on this estimate, even if most of the bugs in a modest, one million-line code base are fixed over the course of a typical program life cycle, approximately 1,000 bugs would remain.

In its first “State of Software Security” report released in March 2010, the private software security analysis firm Veracode reviewed the source code of 1,591 software applications voluntarily submitted by commercial vendors, businesses, and government agencies. Regardless of program origins, Veracode found that 58 percent of all software submitted for review did not meet the security assessment criteria the report established. Based on its findings, Veracode concluded that “most software is indeed very insecure …[and] more than half of the software deployed in enterprises today is potentially susceptible to an application layer attack similar to that used in the recent …Google security breaches.”

Though open source applications had almost as many source code vulnerabilities upon first submission as proprietary programs, researchers found that they contained fewer potential backdoors than commercial or outsourced software and that open source project teams remediated security vulnerabilities within an average of 36 days of the first submission, compared to 48 days for internally developed applications and 82 days for commercial applications. Not only were bugs patched the fastest in open source programs, but the quality of remediation was also higher than commercial programs.

Veracode’s study confirms the research and anecdotal evidence into the security benefits of open source software published over the past decade. According to the web-security analysis site SecurityPortal, vulnerabilities took an average of 11.2 days to be spotted in Red Hat/Linux systems with a standard deviation of 17.5 compared to an average of 16.1 days with a standard deviation of 27.7 in Microsoft programs.

Sun Microsystems’ COO Bill Vass summed up the most common case for FOSS in a blog post published in April 2009: “By making the code open source, nothing can be hidden in the code,” Vass wrote. “If the Trojan Horse was made of glass, would the Trojans have rolled it into their city? NO.”

Vass’ logic is backed up by numerous research papers and academic studies that have debunked the myth of security through obscurity and advanced the “more eyes, fewer bugs” thesis. Though it might seem counterintuitive, making source code publicly available for users, security analysts, and even potential adversaries does not make systems more vulnerable to attack in the long-run. To the contrary, keeping source code under lock-and-key is more likely to hamstring “defenders” by preventing them from finding and patching bugs that could be exploited by potential attackers to gain entry into a given code base, whether or not access is restricted by the supplier. “In a world of rapid communications among attackers where exploits are spread on the Internet, a vulnerability known to one attacker is rapidly learned by others,” reads a 2006 article comparing open source and proprietary software use in government systems. “For Open Source, the next assumption is that disclosure of a flaw will prompt other programmers to improve the design of defenses. In addition, disclosure will prompt many third parties — all of those using the software or the system — to install patches or otherwise protect themselves against the newly announced vulnerability. In sum, disclosure does not help attackers much but is highly valuable to the defenders who create new code and install it.”

Academia and internet security professionals appear to have reached a consensus that open, auditable source code gives users the ability to independently assess the exposure of a system and the risks associated with using it; enables bugs to be patched more easily and quickly; and removes dependence on a single party, forcing software suppliers and developers to spend more effort on the quality of their code, as authors Jaap-Henk Hoepman and Bart Jacobs also conclude in their 2007 article, Increased Security Through Open Source.

By contrast, vulnerabilities often go unnoticed, unannounced, and unfixed in closed source programs because the vendor, rather than users who have a higher stake in maintaining the quality of software, is the only party allowed to evaluate the security of the code base. Some studies have argued that commercial software suppliers have less of an incentive to fix defects after a program is initially released so users do not become aware of vulnerabilities until after they have caused a problem. “Once the initial version of [a proprietary software product] has saturated its market, the producer’s interest tends to shift to generating upgrades …Security is difficult to market in this process because, although features are visible, security functions tend to be invisible during normal operations and only visible when security trouble occurs.”

The consequences of manufacturers’ failure to disclose malfunctions to patients and physicians have proven fatal in the past. In 2005, a 21-year-old man died from cardiac arrest after the ICD he wore short-circuited and failed to deliver a life-saving shock. The fatal incident prompted Guidant, the manufacturer of the flawed ICD, to recall four different device models they sold. In total 70,000 Guidant ICDs were recalled in one of the biggest regulatory actions of the past 25 years.

Guidant came under intense public scrutiny when the patient’s physician Dr. Robert Hauser discovered that the company first observed the flaw that caused his patient’s device to malfunction in 2002, and even went so far as to implement manufacturing changes to correct it, but failed to disclose it to the public or health-care industry.

The body of research analyzed for this paper points to the same conclusion: security is not achieved through obscurity and closed source programs force users to forfeit their ability to evaluate and improve a system’s security. Though there is lingering debate over the degree to which end-users contribute to the maintenance of FOSS programs and how to ensure the quality of the patches submitted, most of the evidence supports our paper’s central assumption that auditable, peer-reviewed software is comparatively more secure than proprietary programs.

Programs have different standards to ensure the quality of the patches submitted to open source programs, but even the most open, transparent systems have established methods of quality control. Well-established open source software, such as the kind favored by the DoD and the other agencies mentioned above, cannot be infiltrated by “just anyone.” To protect the code base from potential adversaries and malicious patch submissions, large open source systems have a “trusted repository” that only certain, “trusted,” developers can directly modify. As an additional safeguard, the source code is publicly released, meaning not only are there more people policing it for defects, but more copies of each version of the software exist making it easier to compare new code.

The original article link is : http://www.softwarefreedom.org/resources/2010/transparent-medical-devices.html


Regards,
Manohar Bhattarai (मनोहर भट्टराई)
Blogs:
https://manoharbhattarai.wordpress.com/
http://manoharbhattarai.posterous.com/
http://manoharbhattarai.blogspot.com/
Microblogs:
Twitter :- http://twitter.com/manoharmailme
Identi.ca :- http://identi.ca/manoharbhattarai

How to Install Chromium (Google Chrome) web browser in Ubuntu

May 24, 2010

Hi,

Here is how we can install google chrome (chromium) web browser in Ubuntu. It is an open-source browser project that is safer, faster, and more stable.

1) First you need to edit the /etc/apt/sources.list file

manohar@manohar-desktop:~$ sudo gedit /etc/apt/sources.list

2) Add one of the following

a) For ubuntu 9.10 (Karmic) Users add the following two lines

deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu karmic main

deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu karmic main

b) For ubuntu 9.04 (Jaunty) Users add the following two lines

deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu jaunty main

deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu jaunty main

c) For ubuntu 8.10 (Intrepid) Users add the following two lines

deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu intrepid main

deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu intrepid main

3) Save and exit the file

4) Now add the GPG key using the following command

manohar@manohar-desktop:~$ sudo apt-key adv –recv-keys –keyserver keyserver.ubuntu.com 0xfbef0d696de1c72ba5a835fe5a9bf3bb4e5e17b5

5) Update the source list using the following command

manohar@manohar-desktop:~$ sudo apt-get update

6) Install chromium using the following command

manohar@manohar-desktop:~$ sudo apt-get install chromium-browser

This blog written with the help from different sites. Thank you all.

Regards,

Manohar Bhattarai

Linux : Introduction to sudo

May 12, 2010

Hi everyone,

I have moved this post to my new blog site. Click here to get to the post.

Thank you.

Regards,
Manohar Bhattarai (मनोहर भट्टराई) 

Plymouth themes in Ubuntu 10.04 (Lucid Lynx)

May 8, 2010

Hi

Quick tip for those having trouble with their splash screens in lucid.

To change the default splash screen:

sudo update-alternatives –config default.plymouth
sudo update-initramfs -u

To fix the delayed loading of the splash:

sudo -s
echo FRAMEBUFFER=y >>/etc/initramfs-tools/conf.d/splash
update-initramfs -u

Please try it at your own risk.

Regards,

Manohar Bhattarai

JBoss server unable to start within 50 seconds. How to increase the JBoss server start time.

May 6, 2010

Hi everyone,

I have moved this post to my new blog site. Click here to get to the post.

Thank you.

Regards,
Manohar Bhattarai (मनोहर भट्टराई)

How to rotate or flip your ubuntu desktop upside down

May 6, 2010

Hi everyone,

I have moved this post to my new blog site. Click here to get to the post.

Thank you.

Regards,
Manohar Bhattarai (मनोहर भट्टराई)


%d bloggers like this: