Spying on Spyware
Spyware is an increasing problem, especially for individuals and companies running desktop versions of Microsoft Windows. Indeed, according to industry analyst group IDC, approximately 67 percent of all computers run some sort of spyware, which often secretly collects and transmits personal information to the spyware’s nefarious author.
To combat spyware and the attendant wasteful Internet traffic, Astaro (http://www.astaro.com
), a maker of Linux-
based firewall software and network security appliances, has released Astaro Security Linux Version 5.2
(ASL). Like previous versions, ASL is based on Novell’s SUSE Linux Enterprise Server
and other open source components, and provides virus protection, intrusion detection, content filtering (based on URLs), safeguards against spam, and a VPN
gateway. Uniquely, the new version also adds “inbound” and “outbound” filtering of spyware. The inbound filter prevents spyware from passing through a firewall into the local network; the product’s outbound filter intercepts outgoing spyware traffic.
Astaro’s product is a mix of open source and proprietary software. The spyware database and anti-virus engine used in ASL are derived from commercial products, and Astaro’s own “middleware” is also proprietary. However, ASL leverages public databases for anti-spam filtering, a job that’s simply too large for any one company to tackle.
ASL can be downloaded and evaluated for free for thirty days. Astaro offers a software-only version of ASL, but also offers the software bundled with hardware as a security appliance (pictured). Existing Astaro customers with subscriptions to either Surf Protection or Astaro Secure Web can upgrade to version 5.2 free of charge. Home users can request a free license for ASL from https://my.astaro.com.
Ladies and Gentlemen, Start Your Compiles!
Chances are that the GNU Compiler Collection, or GCC, is the most-widely used compiler on the planet. It’s the compiler of choice for open source projects and its support of an inordinate number of processors make it the obvious choice for porting or cross-compiling code.
GCC Version 4.0, now in active development, aims to improve an already powerful tool. GCC 4.0 has been restructured to generate much better code, a framework the GCC developers call “Tree Static Single Assignment” (Tree SSA). Using Tree SSA, the compiler is able to analyze both the macro structure of your entire program and small, localized sections of code, yielding more efficient executables, not just faster subroutines. In addition to GCC-provided optimizations — such as keeping frequently used object components in processor memory — software developers can write “plug-ins” to leverage Tree SSA to apply highly-specialized optimizations.
GCC 4.0 also introduces a security feature called “Mudflap,” which adds extra code to a compiled program to automatically detect buffer overruns. Aptly-named Mudflap can be enabled during development and testing, and disabled once the code proves to be free of such vulnerabilities. (See the February 2005 issue of Linux Magazine
to learn more about the threat of buffer overruns. It’s online at http://www.linuxmagazine.com/2005-02/
.) GCC 4.0 also promises to (in some cases) dramatically improve the performance of C++
programs, and will include a preview of technology to compile Fortran 95
GCC Version 1.0
was released in 1987. The last major release, GCC Version 3.0
was released in 2001. No release date has been set for 4.0. You can check for early releases and learn more at http://gcc.gnu.org
AO-K Desktop Environment
After more than six months and thousands of bug fixes, the KDE Project has released K Desktop Environment Version 3.4 (KDE).
In 3.4, Many of KDE’s productivity applications, such as the Kontact address book and the Kopete instant messenger have been improved. Kontact is easier to use than ever: improvements include a new message composer and start screen, and support for Kolab Version 2.0. Kopete features an improved contact list, improved Kontact integration, and support for messaging protocols AIM, Gadu-Gadu, GroupWise, ICQ, IRC, Jabber, Lotus Sametime, MSN, Yahoo, and SMS.
KDE 3.4 also features the advanced KDE Text-to-Speech Framework. Now KDE’s PDF viewer, editor, and web browser can speak the text of documents using the new speaker tool, KSayIt. Text-to-speech is invaluable for partially-sighted and speech-impaired users.
Other accessibility improvements include high-contrast themes for users with poor vision, and a magnifying tool, KMagnify, to enlarge arbitrary portions of the screen. The KDE project will continue its close cooperation with the accessibility community to reach even more people in the future.
KDE 3.4 is available for free under open source licenses. It is available in 49 languages and boasts eighteen packages of optional applications including accessibility, development, games, PIM, network, utilities, administration, edutainment, multimedia, graphics and more. Full information on how to download and install KDE 3.4 is available at http://www.kde.org/info
. Other KDE-based applications are freely available from http://www.KDE-Apps.org
and different look and feel improvents can be downloaded from http://www.KDE-Look.org