Are you running Linux just because you think it's safer than Windows?
Think again. Sure, security is a built-in (and not a bolt-on) feature
and extends right from the Linux kernel to the desktop, but it still
leaves enough room to let someone muck about with your /home folder.
Linux
might be impervious to viruses and worms written for Windows, but
that's just a small subset of the larger issue. Attackers have various
tricks up their sleeves to get to those precious bits and bytes that
make up everything from your mugshot to your credit card details.
Computers
that connect to the internet are the ones most exposed to attackers,
although computers that never get to see online action are just as
vulnerable. Think of that ageing laptop or that old hard disk you just
chucked away without a second thought. Bad move.
With the kind of
data recovery tools available today (many as a free download) it
doesn't matter what OS was installed on the disk. If it holds data –
corrupted or otherwise – it can be retrieved, bank accounts recreated,
chat transcripts reconstructed, images restitched. But don't be scared.
Don't stop using the computer.
While it's virtually impossible to
make a machine connected to the internet impenetrable to attacks, you
can make an attacker's task difficult and also ensure they have nothing
to learn from a compromised system. Best of all, with Linux, and some
pieces of open source software, it doesn't take much effort to secure
your Linux installation.
There is no golden rule for security
that applies in every single case, and even if there were it would have
been cracked already. Security is something that needs to be worked
upon, and personalised. Follow the tips and tools in this tutorial as we
show you how to adapt them to your very own Linux installation.
Follow these six tips to get a safer computer the easy way
1. Keep up with security updates
All mainstream Linux desktop distros (such as Debian, Ubuntu, Fedora,
etc) have security teams that work with the package teams to make sure
you stay on top of any security vulnerabilities. Generally these teams
work with each other to make sure that security patches are available as
soon as a vulnerability is discovered.
Your distro will have a
repository solely dedicated to security updates. All you have to do is
make sure the security specific repository is enabled (chances are it
will be, by default), and choose whether you'd like to install the
updates automatically or manually at the press of a button.
For
example, under Ubuntu, head over to System > Administration >
Software Sources. Here, under the Updates tab, specify how frequently
the distro should ping the security repository for updates, and whether
you'd like to install them without confirmation, or just be notified
about the updates.
The latter is a better option, because it lets
you review the updates before installing them. But chances are they'll
be fine, and you can save yourself some time by having your distro
install them automatically.
In addition to the updates, distros
also have a security mailing list to announce vulnerabilities, and also
share packages to fix them. It's generally a good idea to keep an eye on
the security list for your distro, and look out for any security
updates to packages that are critical to you.
There's a small lag
between the announcement and the package being pushed to the
repository; the security mailing lists guide the impatient on how to
grab and install the updates manually.
2. Disable unnecessary services
A Linux desktop distro starts a number of services to be of use to as
many people as possible. But one really doesn't need all these
services.
For example, do you really need Samba for sharing files
over the network on your secure server, or the Bluetooth service to
connect to Bluetooth devices on a computer that doesn't have a Bluetooth
adapter?
All distros let you control the services that run on
your Linux installation, and you should make full use of this
customisation feature.
Under Ubuntu, head to System >
Preferences > Startup Applications. Here you can remove check marks
next to the services you wish to disable. But be careful when turning
off services. Some applications might stop functioning because you
decided to disable a service on which they rely.
For example,
many server applications rely on databases, so before you turn off MySQL
or PostgreSQL you should make sure you aren't running any applications
that rely on them.
3. Restrict root access
Most distros these days don't allow you to login as root at boot
time, which is good. When you have to execute a task that requires super
user privileges you'll be prompted for a password. It might be a little
irritating but it goes a long way to making sure that admin tasks are
isolated from the user.
You can restrict access privileges for a
user from under System > Administration > Users and Groups. Here
you can broadly categorise a user as a desktop user or a system
administrator or customise access privileges manually. By default, users
are created as with 'Desktop user' permissions and can't install
software or change settings that affect other users.
On the
command line, the su command (on Fedora, and the like) lets normal users
switch to the root account, while the sudo command (on Debian, Ubuntu,
etc) grants more privileges to the user. The usage of these commands can
be limited to a particular group, which prevents any user from
administering the system. sudo is also the more secure of the two, and
it keeps an access log under /var/log/auth.log.
Make a habit of regularly scanning the log for failed and successful sudo attempts.
Don't auto-mount devices
If you're really concerned about security, you need to lean on the
customisation feature of the Users And Groups settings. One of the areas
to look at is auto-mounting devices.
Most distros auto-mount USB
drives and CDs as soon as they are inserted. It's convenient, but
allows anybody to just walk up to your machine, plug in a USB disk and
copy all your data. To avoid such a situation, go to to System >
Administration > Users and Groups, select your user and head to the
Advanced Settings > User Privileges tab.
Make sure you uncheck
the boxes corresponding to the Access External Storage Devices
Automatically option, the Mount Userspace Filesystems, and Use CD-ROM
Drives option. When unchecked, these options will prompt the user for a
password before giving them access to these devices.
You might
also want to disable sharing files on the network, as well as require
the user to enter a password before connecting to the Ethernet and
wireless devices. By disabling access to configure printers you prevent
important data from being printed.
5. Don't stay on the bleeding edge
Packages included in a desktop Linux distribution are updated
regularly. Besides the official repositories, there are custom
repositories for third-party software. While developers do take care to
scan the packages for vulnerabilities before pushing them on to the
repository, it's almost inevitable that some updates with defects do get
through.
While it's good to keep the system updated, from a
security point of view, not all updates are good for the system. Some
updates conflict with existing installed package or may even pull in new
dependencies that may make the system more prone to attack. All this is
why you should only update packages if you have to.
Scan the
updates and look for updates to packages that are critical to you. Most
package managers also make it possible to check an update and display
its changelog and a brief description of the changes. UI changes can
safely be ignored or delayed until a package has been thoroughly tested.
Instead, look out for and grab updates that offer a fix to existing
issues with packages.
Don't upgrade every six months
Linux security basics
Make sure your browser is routing traffic via Privoxy to stop people snooping on your browsing
Are
you running Linux just because you think it's safer than Windows? Think
again. Sure, security is a built-in (and not a bolt-on) feature and
extends right from the Linux kernel to the desktop, but it still leaves
enough room to let someone muck about with your /home folder.
Linux
might be impervious to viruses and worms written for Windows, but
that's just a small subset of the larger issue. Attackers have various
tricks up their sleeves to get to those precious bits and bytes that
make up everything from your mugshot to your credit card details.
Computers
that connect to the internet are the ones most exposed to attackers,
although computers that never get to see online action are just as
vulnerable. Think of that ageing laptop or that old hard disk you just
chucked away without a second thought. Bad move.
With the kind of
data recovery tools available today (many as a free download) it
doesn't matter what OS was installed on the disk. If it holds data –
corrupted or otherwise – it can be retrieved, bank accounts recreated,
chat transcripts reconstructed, images restitched. But don't be scared.
Don't stop using the computer.
While it's virtually impossible to
make a machine connected to the internet impenetrable to attacks, you
can make an attacker's task difficult and also ensure they have nothing
to learn from a compromised system. Best of all, with Linux, and some
pieces of open source software, it doesn't take much effort to secure
your Linux installation.
There is no golden rule for security
that applies in every single case, and even if there were it would have
been cracked already. Security is something that needs to be worked
upon, and personalised. Follow the tips and tools in this tutorial as we
show you how to adapt them to your very own Linux installation.
Follow these six tips to get a safer computer the easy way
1. Keep up with security updates
All
mainstream Linux desktop distros (such as Debian, Ubuntu, Fedora, etc)
have security teams that work with the package teams to make sure you
stay on top of any security vulnerabilities. Generally these teams work
with each other to make sure that security patches are available as soon
as a vulnerability is discovered.
Your distro will have a
repository solely dedicated to security updates. All you have to do is
make sure the security specific repository is enabled (chances are it
will be, by default), and choose whether you'd like to install the
updates automatically or manually at the press of a button.
For
example, under Ubuntu, head over to System > Administration >
Software Sources. Here, under the Updates tab, specify how frequently
the distro should ping the security repository for updates, and whether
you'd like to install them without confirmation, or just be notified
about the updates.
The latter is a better option, because it lets
you review the updates before installing them. But chances are they'll
be fine, and you can save yourself some time by having your distro
install them automatically.
In addition to the updates, distros
also have a security mailing list to announce vulnerabilities, and also
share packages to fix them. It's generally a good idea to keep an eye on
the security list for your distro, and look out for any security
updates to packages that are critical to you.
There's a small lag
between the announcement and the package being pushed to the
repository; the security mailing lists guide the impatient on how to
grab and install the updates manually.
2. Disable unnecessary services
A
Linux desktop distro starts a number of services to be of use to as
many people as possible. But one really doesn't need all these services.
For example, do you really need Samba for sharing files over the
network on your secure server, or the Bluetooth service to connect to
Bluetooth devices on a computer that doesn't have a Bluetooth adapter?
All
distros let you control the services that run on your Linux
installation, and you should make full use of this customisation
feature.
Under Ubuntu, head to System > Preferences >
Startup Applications. Here you can remove check marks next to the
services you wish to disable. But be careful when turning off services.
Some applications might stop functioning because you decided to disable a
service on which they rely.
For example, many server
applications rely on databases, so before you turn off MySQL or
PostgreSQL you should make sure you aren't running any applications that
rely on them.
3. Restrict root access
Most
distros these days don't allow you to login as root at boot time, which
is good. When you have to execute a task that requires super user
privileges you'll be prompted for a password. It might be a little
irritating but it goes a long way to making sure that admin tasks are
isolated from the user.
You can restrict access privileges for a
user from under System > Administration > Users and Groups. Here
you can broadly categorise a user as a desktop user or a system
administrator or customise access privileges manually. By default, users
are created as with 'Desktop user' permissions and can't install
software or change settings that affect other users.
On the
command line, the su command (on Fedora, and the like) lets normal users
switch to the root account, while the sudo command (on Debian, Ubuntu,
etc) grants more privileges to the user. The usage of these commands can
be limited to a particular group, which prevents any user from
administering the system. sudo is also the more secure of the two, and
it keeps an access log under /var/log/auth.log.
Make a habit of regularly scanning the log for failed and successful sudo attempts.
4. Don't auto-mount devices
If
you're really concerned about security, you need to lean on the
customisation feature of the Users And Groups settings. One of the areas
to look at is auto-mounting devices.
Most distros auto-mount USB
drives and CDs as soon as they are inserted. It's convenient, but
allows anybody to just walk up to your machine, plug in a USB disk and
copy all your data. To avoid such a situation, go to to System >
Administration > Users and Groups, select your user and head to the
Advanced Settings > User Privileges tab.
Make sure you uncheck
the boxes corresponding to the Access External Storage Devices
Automatically option, the Mount Userspace Filesystems, and Use CD-ROM
Drives option. When unchecked, these options will prompt the user for a
password before giving them access to these devices.
You might
also want to disable sharing files on the network, as well as require
the user to enter a password before connecting to the Ethernet and
wireless devices. By disabling access to configure printers you prevent
important data from being printed.
5. Don't stay on the bleeding edge
Packages
included in a desktop Linux distribution are updated regularly. Besides
the official repositories, there are custom repositories for
third-party software. While developers do take care to scan the packages
for vulnerabilities before pushing them on to the repository, it's
almost inevitable that some updates with defects do get through.
While
it's good to keep the system updated, from a security point of view,
not all updates are good for the system. Some updates conflict with
existing installed package or may even pull in new dependencies that may
make the system more prone to attack. All this is why you should only
update packages if you have to.
Scan the updates and look for
updates to packages that are critical to you. Most package managers also
make it possible to check an update and display its changelog and a
brief description of the changes. UI changes can safely be ignored or
delayed until a package has been thoroughly tested. Instead, look out
for and grab updates that offer a fix to existing issues with packages.
6. Don't upgrade every six months
Most
major desktop Linux distributions make a new release every six months,
but you don't have to install every last upgrade just because it's
there. Debian, for example, offers three distributions to choose from
based on the extent of the stability of the software available in it.
After Debian 6.0, stable releases will be made every two years.
Other
distros take a different approach to guarantee secure releases. Ubuntu
marks certain releases as LTS (or Long Term Support). A desktop release
of the LTS version is supported for three years, and a server release is
supported for five years, which is a lot longer than the 18 months for a
standard Ubuntu release.
Although not up to date, these releases
are much more secure from a security point of view, with packages that
are a lot more stable and more thoroughly tested than their latest
versions. If running a secure system is your goal, you should think of
sticking to one of these long-term stable releases and avoid the
temptation to upgrade as soon as the latest version of your becomes
available.
Google search engine can be used to hack into remote servers or gather confidential or sensitive information which are not visible through common searches.
Google is the world’s most popular and powerful search engine. It has the ability to accept pre-defined commands as inputs which then produces unbelievable results.
Google’s Advanced Search Query Syntax
Discussed below are various Google’s special commands and I shall be explaining each command in brief and will show how it can be used for getting confidential data.
[ intitle: ]
The “intitle:” syntax helps Google restrict the search results to pages containing that word in the title.
intitle: login password
will return links to those pages that has the word “login” in their title, and the word “password” anywhere in the page.
Similarly, if one has to query for more than one word in the page title then in that case “allintitle:” can be used instead of “intitle” to get the list of pages containing all those words in its title.
intitle: login intitle: password
is same as
allintitle: login password
[ inurl: ]
The “inurl:” syntax restricts the search results to those URLs containing the search keyword. For example: “inurl: passwd” (without quotes) will return only links to those pages that have “passwd” in the URL.
Similarly, if one has to query for more than one word in an URL then in that case “allinurl:” can be used instead of “inurl” to get the list of URLs containing all those search keywords in it.
allinurl: etc/passwd
will look for the URLs containing “etc” and “passwd”. The slash (“/”) between the words will be ignored by Google.
[ site: ]
The “site:” syntax restricts Google to query for certain keywords in a particular site or domain.
exploits site:hong.web.id
will look for the keyword “exploits” in those pages present in all the links of the domain “hackingspirits.com”. There should not be any space between “site:” and the “domain name”.
[ filetype: ]
This “filetype:” syntax restricts Google search for files on internet with particular extensions (i.e. doc, pdf or ppt etc).
filetype:doc site:gov confidential
will look for files with “.doc” extension in all government domains with “.gov” extension and containing the word “confidential” either in the pages or in the “.doc” file. i.e. the result will contain the links to all confidential word document files on the government sites.
[ link: ]
“link:” syntax will list down webpages that have links to the specified webpage.
link:www.expertsforge.com
will list webpages that have links pointing to the SecurityFocus homepage. Note there can be no space between the “link:” and the web page url.
[ related: ]
The “related:” will list web pages that are “similar” to a specified web page.
related:www.facebook.com
will list web pages that are similar to the Securityfocus homepage. Note there can be no space between the “related:” and the web page url.
[ cache: ]
The query “cache:” will show the version of the web page that Google has in its cache.
cache:www.hackingspirits.com
will show Google’s cache of the Google homepage. Note there can be no space between the “cache:” and the web page url.
If you include other words in the query, Google will highlight those words within the cached document.
cache:www.facebook.com guest
will show the cached content with the word “guest” highlighted.
[ intext: ]
The “intext:” syntax searches for words in a particular website. It ignores links or URLs and page titles.
intext:exploits
will return only links to those web pages that has the search keyword “exploits” in its webpage.
[ phonebook: ]
“phonebook” searches for U.S. street address and phone number information.
phonebook:Lisa+CA
will list down all names of person having “Lisa” in their names and located in “California (CA)”. This can be used as a great tool for hackers incase someone want to do dig personal information for social engineering.
Google Hacks
Well, the Google’s query syntaxes discussed above can really help people to precise their search and get what they are exactly looking for.
Now Google being so intelligent search engine, hackers don’t mind exploiting its ability to dig much confidential and secret information from the net which they are not supposed to know. Now I shall discuss those techniques in details how hackers dig information from the net using Google and how that information can be used to break into remote servers.
Index Of
Using “Index of ” syntax to find sites enabled with Index browsing
A webserver with Index browsing enabled means anyone can browse the webserver directories like ordinary local directories. The use of “index of” syntax to get a list links to webserver which has got directory browsing enabled will be discussd below. This becomes an easy source for information gathering for a hacker. Imagine if the get hold of password files or others sensitive files which are not normally visible to the internet. Below given are few examples using which one can get access to many sensitive information much easily.
Index of /admin Index of /passwd Index of /password Index of /mail
“Index of /” +passwd “Index of /” +password.txt “Index of /” +.htaccess
“Index of /secret” “Index of /confidential” “Index of /root” “Index of /cgi-bin” “Index of /credit-card” “Index of /logs” “Index of /config”
Looking for vulnerable sites or servers using “inurl:” or “allinurl:”
a. Using “allinurl:winnt/system32/” (without quotes) will list down all the links to the server which gives access to restricted directories like “system32” through web. If you are lucky enough then you might get access to the cmd.exe in the “system32” directory. Once you have the access to “cmd.exe” and is able to execute it.
b. Using “allinurl:wwwboard/passwd.txt”(without quotes) in the Google search will list down all the links to the server which are vulnerable to “WWWBoard Password vulnerability”. To know more about this vulnerability you can have a look at the following link:
c. Using “inurl:.bash_history” (without quotes) will list down all the links to the server which gives access to “.bash_history” file through web. This is a command history file. This file includes the list of command executed by the administrator, and sometimes includes sensitive information such as password typed in by the administrator. If this file is compromised and if contains the encrypted unix (or *nix) password then it can be easily cracked using “John The Ripper”.
d. Using “inurl:config.txt” (without quotes) will list down all the links to the servers which gives access to “config.txt” file through web. This file contains sensitive information, including the hash value of the administrative password and database authentication credentials.
For Example: Ingenium Learning Management System is a Web-based application for Windows based systems developed by Click2learn, Inc. Ingenium Learning Management System versions 5.1 and 6.1 stores sensitive information insecurely in the config.txt file. For more information refer the following links: http://www.securiteam.com/securitynews/6M00H2K5PG.html
Other similar search using “inurl:” or “allinurl:” combined with other syntax
inurl:gov filetype:xls “restricted” index of ftp +.mdb allinurl:/cgi-bin/ +mailto
Looking for vulnerable sites or servers using “intitle:” or “allintitle:”
a. Using [allintitle: "index of /root”] (without brackets) will list down the links to the web server which gives access to restricted directories like “root” through web. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.
b. Using [allintitle: "index of /admin”] (without brackets) will list down the links to the websites which has got index browsing enabled for restricted directories like “admin” through web. Most of the web application sometimes uses names like “admin” to store admin credentials in it. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.
Other similar search using “intitle:” or “allintitle:” combined with other syntax
Oracle Solaris, sebelumnya dikenal sebagai Sun Solaris merupakan sebuah sistem operasi keluarga Unix yang sebelumnya dikembangkan oleh Sun Microsystems Inc. Sun Microsystem menggantikan Sun OS sebelumnya yang telah ada pada tahun 1993. Setelah proses akuisisi Sun oleh Oracle pada bulan januari 2010, Solaris menjadi lebih dikenal sebagai Oracle Solaris. Sistem operasi Solaris dikenal secara luas karena skalabilitas yang dimilikinya, utamanya pada sistem komputer berbasis SPARC, dan sejumlah fitur-fitur inovatif yang dibawanya seperti DTrace, ZFS (Zettabyte File System), dan Time Slider. Sistem operasi ini dapat dijalankan di atas prosesor x86 baik 32bit atau 64bit (berbasis instruksi Amd64), serta prosesor SPARC baik yang diproduksi oleh Sun ataupun Fujitsu. Solaris terdaftar sebagai sistem operasi yang kompatibel dan memenuhi spesifikasi Single Unix Specification.
Solaris dalam sejarahnya dikenal sebagai perangkat lunak yang dikembangkan berbasis kode sumber tertutup, kemudian pada bulan Juni 2005 Sun Microsystem merilis sebagian besar basis kode di bawah lisensi CDDL dan mendirikan proyek sumber terbuka OpenSolaris. Melalui OpenSolaris Sun ingin membuat sebuah komunitas pengembang dan pengguna atas sistem operasi tersebut. Setelah Oracle melakukan akuisisi Sun Microsystem pada bulan Januari 2010, Oracle memutuskan untuk menghentikan distribusi OpenSolaris dan model pengembangannya. Atas keputusan oracle tersebut, komunitas OpenSolaris kemudian menanggapinya dengan membuat turunan distribusi OpenSolaris melalui proyek OpenIndiana yang merupakan bagian dari yayasan Illumos. Namun meski demikian, di mulai dari rilis Solaris 11, pembaruan atas kode-kode sumber Solaris akan tetap didistribusikan oleh Oracle dibawah lisensi CCDL setelah versi penuh biner dirilis. Oracle juga akan memulai program mitra teknologi seperti yang telah dilakukan pada produk-produk oracle lainnya dengan nama Oracle Technology Network (OTN) yang memberikan akses serta izin atas kode sumber solaris yang tengah dikembangkan kepada para mitra bisnis.
Sejarah
Tahun 1987, AT&T dan Sun mengumumkan bahwa mereka bekerjasama dalam sebuah proyek untuk menggabungkan varian Unix yang paling popular di pasaran saat itu: BSD, System V, dan Xenix. Sehingga terbentuklah Unix System V Release 4 (SVR4).
Pada tanggal 4 September1991, Sun mengumumkan bahwa mereka akan menggantikan Unix yang dikembangkan dari BSD, SunOS4, dengan sebuah produk berbasis SVR4 yang secara internal dinamai sebagi SunOS 5, Namun nama baru yang dikenalkan saat produk tersebut mulai dipasarkan adalah Solaris 2. Sementara itu SunOS 4.1.x rilis mikro dinamai sebagai Solaris 1, nama Solaris digunakan oleh Sun secara khusus merujuk pada produk yang berbasis SRV4, SunOS 5.0, dan rilis-rilis berikutnya.
Versi minor SunOS yang dirilis oleh Sun disertakan dalam penamaan Solaris; misalnya Solaris 2.4 yang merupakan Sun OS 5.4. Namun setelah versi Solaris 2.6, Sun menghilangkan angka "2" di depan kodifikasi versinya, sehingga rilis SunOS 5.7 dinamai sebagai Solaris 7 dan rilis SunOS 5.10 sebagai Solaris 10.
Arsitektural Pendukung
Solaris menggunakan basis kode sumber yang sama untuk platform yang mendukung SPARC dan i86pc (termasuk x86 dan x86-64).
Solaris mempunyai reputasi yang cukup baik untuk multiprocessing simetris yang mendukung sejumlah besar CPU yang berjalan secara paralel. Secara historis Solaris merupakan produk yang terintegrasi secara erat dengan mesin-mesin berbasis prosesor SPARC Sun (termasuk di dalamnya dukungan untuk aplikasi SPARC 64-bit sejak Solaris 7) yang telah dipasarkan sebagai paket gabungan. Hal ini membuat sistem menjadi lebih handal meski harus dibayar dengan biaya yang lebih tinggi dari tingkat harga pasar rata-rata komoditas komputer personal (PC).
Namun Solaris juga telah mendukung prosesor berbasis x86 sejak Solaris 2.1 dan versi-versi berikutnya. Solaris 10 mendukung aplikasi 64-bit x86, memungkinkan Sun untuk memanfaatkan pangsa pasar yang ada atas ketersediaan komoditas prosesor berbasis 64-bit berbasis arsitektur x86-64. Sun secara internal telah melakukan banyak hal dalam memasarkan Solaris untuk dapat digunakan secara luas baik pada kelas penggunaan workstation "x64" dan ataupun sebagai mesin peladen baik yang berbasis AMD Opteron ataupun prosesor Intel Xeon pada mesin-mesin berbasis x86 yang diproduksi oleh perusahaan seperti Dell, Hewlet-Packard dan IBM. Pada tahun 2009, vendor berikut mendukung sistem Solaris x86 pada prosuk mesin peladen mereka :
Dell akan menguji sertifikasi dan Solaris akan mengoptimalkan OpenSolaris pada tatanan serta bilah server mereka serta dan menawarkan hal tersebut sebagai salah satu dari beberapa pilihan dalam menu perangkat lunak Dell keseluruhan
IBM juga mendistribusikan Solaris dan Solaris berlangganan berbasis x86 IBM System x server dan BladeCenter server.
Intel mendistribusikan dan menyediakan dukungan piranti lunak Solaris pada server blade Proliant dan sistem
Fujitsu Siemens pada Juli 2010, Dell dan HP telah bersertifikasi dan menjual oracle Solaris, Oracle Enterprise Linux dan Oracle VM masing-masing pada platform x86. IBM berhenti mendukung Solaris pada x64 kit.
Platform lainnya
Solaris 2.5.1 dapat mendukung platform Power PC ( Power PC Reference Platform ), tapi platform tersebut telah dibatalkan sebelum Solaris 2.6 di rilis. Pada bulan Januari 2006, komunitas pengembang Blastwave bekerjasama dengan Proyek Sun Labs yang telah terintegrasi dengan pada bagian-bagian relevan dari Solaris 2.5.1 dalam Open Solaris. Sebuah port intel itanium diumumkan pada tahun 1997 tetapi tidak pernah muncul di pasar. Pada tanggal 28 November 2007, IBM, Sun dan Sine Nomune Associates menampilkan preview dari dari OpenSolaris untuk Sistem Z yang dapat dijalankan pada IBM Sistem Z Mainframe dibawah Z/VM yang biasa disebut Sirrius ( dianalogikan proyek Polaris, pengembang utama berkebangsaan Australuia, HM Sirius pada tahun 1786 melakukan pesiar pertama ke Australia. Pada 17 Oktober 2008, prototipe yang dirilis oleh Sirius telah ada dan pada 19 November 2008 IBM mengautorisasi penggunaan Sirius pada prosesor Sistem Z. Solaris juga mendukung platform Linux ABI, yang memungkinkan Solaris menjalankan binary Linux pada sistem x86. Fitur tersebut biasa disebut Solaris Containers for Linux Application atau SCLA, berdasarkan zona merek secara fungsional yang diperkenalkan Solaris pada 10 Juli 2008.
Ragam pilihan model instalasi dan penggunaan
Instalasi Solaris dibedakan dari beberapa kelompok perangkat lunak yang dipaketkan menurut tipikalnya yang dapat dipilih sesuai dengan kebutuhan pengguna, ragam pilihan yang ada mulai dariReduced Network Support hingga versi yang paling lengkap Entire plus OEM. Beberapa perangkat lunak tambahan lain seperti Apache, MySQL dan lainnya dapat diinstal baik melalui paket aplikasi yang disertakan oleh Sun, ataupun melalui penyedia ekternal seperti sunfreeware, OpenCSW, dan Blastwave.
Penggunaan dengan Instalasi
Solaris dapat diinstal dari media fisik ataupun jaringan yang digunakan pada desktop atau server. Solaris dapat diinstal secara interaktif dari konsol teks pada platform tanpa tampilan video dan mouse. Hal ini mungkin dipilih untuk server, dalam tatanan, di dalam remote pusat data, dari terminal server atau bahkan dial-up modem. Solaris juga dapat diinstal secara interaktif dari konsol grafis. Hal ini bisa dipilih untuk workstation pribadi atau laptop, di lokal area, dimana konsol biasa digunakan. Solaris secara otomatis dapat diinstal melalui jaringan. Administrator sistem dapat mengkustomisasi instalasi dengan script dan file konfigurasi, termasuk konfigurasi dan instalasi otomatis dari perangkat lunak third-party, tanpa membeli tambahan perangkat lunak . Ketika Solaris terinstal, sistem operasi akan berada pada sistem yang sama dimana instalasi dilakukan. Aplikasi secara individual diinstal pada sistem lokal, atau dapat dipasang melalui jaringan dari remote sistem.
Penggunaan tanpa instalasi
Solaris dapat digunakan tanpa menginstal sistem operasi secara terpisah pada desktop atau server. Solaris dapat ditukarkan dari sebuah remote server yang menyediakan tampilan OS dalam keadaan sediktnya ketersediaan cakram, atau dalam keadaan dimana internal cakram hanya digunakan sebagai tempat swap. Dalam konfigurasi ini maka sistem operasi masih dapat berjalan secara lokal dalam sistem. Aplikasi dimungkinkan ataupun tidak dimungkinkan berada pada lokal area ketika aplikasi dijalankan. Hal tersebut mungkin dipilih untuk area bisnis dan lembaga pendidikan dimana pengaturan awal yang cepat diperlukan ( workstation dapat digulirkan dari loading dock, alamat MAC yang teregistrasi pada pusat server, terpasang, dan digunakan secara lebih cepat) atau penggantian secara cepat diperlukan ( apabila terjadi kegagalan pada desktop perangkat keras, sebuah workstation baru ditarik dari closet, dipasang, dan pengguna dapat melanjutkan pekerjaannya pada tahap terakhir pengerjaannya disimpan.. Aplikasi, Sistem Operasi, Window Manager dan memberikan grafis berjalan pada satu atau lebih remote sistem. Administrator dapat menambahkan sebuah akun pengguna untuk sistem utama Solaris, diletakkan pada desktop, dan pengguna dapat memulai kerja secepatnya. Apabila terdapat kegagalan perangkat keras, maka hal tersebut dapat ditukarkan dan pengguna dapat melanjutkan pekerjaannya dari titik poin kegagalan, apakah pekerjaan tersebut masih dapat disimpan.
Lisensi
Sumber kode Solaris dengan beberapa pengecualian sudah dirilis oleh Common Development and Distribution License ( CCDL ) melalui proyek Open Solaris. CCDL adalah lisensi yang disetujui oleh OSI. Hal ini dianggap oleh Free Software Foundation bebas tapi GPL tidak kompatibel dengan hal tersebut. OpenSolaris diunggulkan pada tanggal 14 Juni 2005 dari kode perkembangan Solaris pada saat tersebut, baik versi secara biner ataupun versi sumber dapat diunduh dan telah terlisensi tanpa harus dipungut biaya. Sumber fitur yang akan segera ada seperti pendukung Xen sekarang dapat ditambahkan ke proyek Open Solaris yang selanjutkan akan dirilis sebagai turunan dari Open Solaris tersebut.
Intel and Qualcomm agree to help Apple
in its defence against patent infringement lawsuits from Samsung by
providing source code to the former.
Friday, April 06, 2012:
Apple-Samsung endless wars
over smartphone patents aren't new! The battle between the two giants
now covers at least 30 complaints across four continents. And in what
comes as a respite to Apple, Intel and Qualcomm have agreed to provide
source code to the Cupertino giant against Samsung according to Apple’s
lawyer Andrew Fox. He also added that further non-infringing arguments
can be made from the source code which has been examined and would be
provided to Apple soon.
Intel has been a giant producer of chips and processors while Qualcomm is one of the main 3G wireless standard developers.
Sometime back, Apple sued
Samsung over the design of its Galaxy S handset (a smartphone that bears
a strong resemblance to an iPhone) and its Galaxy Tab (which looks
rather like an iPad), claiming that they copied hardware and design
features from Apple products. On the other hand, in its Australian
lawsuit, Samsung claimed that Apple infringes some of its wireless
patents.
But this time the war is going to get simpler for Apple
as it has Qualcomm on its side which is an expert in the wireless
domain. Apple is likely to retaliate the lawsuit filed by Samsung.
We will have to wait and watch whether the two companies still continue with their unified business instead of recurring wars!
The Chrome Stable and Beta channels have been updated to 18.0.1025.151 on Windows, Mac, Linux and Chrome Frame.
Friday, April 06, 2012:
Google on Thursday announced
that it has patched 12 Chrome vulnerabilities. The updates to the Stable
and Beta channels of its Chrome browser come for the second time in
eight days since the search giant updated its browser.
"The
Chrome Stable and Beta channels have been updated to 18.0.1025.151 on
Windows, Mac, Linux and Chrome Frame," Google announced.
Seven of the 12 security
fixes were rated as 'high'-risk problems (the second-most-serious
ranking in Google's scoring system). Google earlier paid a total of
$6000 to three researchers who discovered seven of the vulnerabilities.
The others were reported by the company's own security team or were
ineligible for a finder's fee.
Thursday's update to Chrome 18
also includes a new version of the bundled Flash Player. Revising the
Flash Player advisory from the end of March, Adobe has included fixes
for a Chrome/Flash only pair of memory corruption issues listed as
CVE-2012-0724 and CVE-2012-0725.
Google has also fixed several
non-security issues. Some of these are related to hardware acceleration;
this feature was switched on in Chrome when version 18 debuted in
March.
