This weekend I discovered a feature of Ubuntu that I think is so interesting is has to be posted here. I am sure most of you are familiar with the orange spiky blob that appears to tell you there are updates available. Over this weekend, a different icon appeared in place of the blob - a bright red down-arrow with an exclamation point in the middle. This icon indicates important updates, mostly security-related.

So why is this such a great idea? After all, it is just an icon. What is big deal?

Ubuntu, and most Linux distributions, don’t try and force you to let your computer automatically install updates. This makes sense, because, generally speaking, Linux users want more choice and are tech-savvy enough to remember to do the updates on their own, with a little reminding from an orange spiky blob of course. This means, however, that when a less tech-savvy user starts running Ubuntu on their desktop, they might miss important updates. At least they might if the red icon did not exist.

The orange blob blends into the interface well and is so often up there that it is easy to ignore if you don’t look for it. The red exclamation icon is far less easy to ignore for three reasons. First, it does not blend into the interface as well as orange does, making it easier to spot. Second, it rarely appears, making its appearance even more noticable. And third, people link the color red with danger. For these three reasons, even someone who misses the normal updates will at least see the most important updates, keeping them at least fairly safe.

Once every couple of months someone claims that product x is better than product y based on absolutely no legitimate evidence and every time the argument is the same. This time around, Jeff Jones, a security expert who works for Microsoft, is claiming on his blog that Windows Vista is the most secure operating system of all the modern operating systems (which, by the way, does include Linux, specifically a version of both Red Hat and Ubuntu.) The headline is great, but the argument does not stand up to, well, anything.

In this comparison, the metric for security is the number of reported bugs. It does not matter if they have been fixed or not, it does not matter what the level of severity is, and there is no adjustment for the fact that Microsoft or Apple might not report all the bugs that exist, while in open-source software, almost any bug that anyone finds is reported. Do I even need to say any more?

eBay recently preformed an analysis of the security threats facing them and found something quite surprising. Apparently, many phishers are using Linux machines with rootkits, pieces of software that hide files and activities of a piece of malicious code, on them to serve the fake web pages used in phishing attacks. Although it is not certain, it is likely that the vulnerabilities used to put rootkits on Linux PCs come from third-party software, not the base system, which would mean that real servers may not be at much risk.

Luckily, there are a number of utilities, such as rkdet (I have not tested rkdet or others myself.), to detect rootkits on Linux.

Sorry, this is a few days old, but it is still very interesting. It is based on Java/JavaScript, so it’s not just a Windows-only thing. (It works on Linux.) There is a demo as well as more information here.