29 February, 2016

Google Drive on Linux

Google Drive
I didn't really think much about it, but when I started using "InSync" a few years ago, all my woes using Google Drive on desktop-Linux vanished :)

It is simply the best client-side synchronization-tool for desktop use of Google's cloud-storage solution ("Drive") on Linux today. Both simple and quite configurable at the same time.

It is cross-platform compatible, i.e.: works on Windows, Mac OS X and Linux!

Only drawback is that it costs a one-off fee of $20, but after that, you can use it on as many machines as you want :P

It basically works just like Dropbox (which actually has a Linux-native client! Boo Google!), allowing the user to maintain his file system and offering share options as well as other features by right clicking on files and widgets.

You can get InSync here: https://www.insynchq.com/downloads

Spare time

Siesta-time
Yet another period of contracting-work is now at an end. It was a good, solid 10 months :) New experiences - new technology.

Being able to join the starting effort at building something from the ground up is satisfying work :) especially as a technophile setting up core infrastructure and backend(s) for mission critical services.

As with all specialization; if the competence is hard to find, the need tends to round-robin back to the starting point again.

Good fun :P

What new adventures and / or challenges awaits?

Who knows... but I bet they're right around the corner ;) they always are.

Besides, now I have the spare time to pursue hobbies and interests again ^_^

22 February, 2016

*AMP-takeover

Just another in a long line of successful *AMP-stack takeovers.

The usual suspect attack-vectors:

  • a publicly open FTP-service (why, oh why do people absolutely need FTP? SSH FTW!)
  • web-panel software for administration of website
The first attack took over the project's main website and replaced the installation-ISO download-links with new links to 3rd party malware-infected ones. So, beware the checksum for any ISO downloaded on the 20th this month.

Following this attack, another was also successful in getting the phpBB database for the Mint support-forum/-community.

Users of the support-community site were urged to change their passwords as the database was found (on the same day as the attack) for sale on The Dark Web.

This is not new.

Poorly maintained web-servers (or any Linux-based server for that matter) often suffer from "update-ignorance", i.e: system-operators / -administrators who fail to (or just blatantly ignore vulnerability advisories, and) patch vital system-components and / or applications on Linux-servers in good time before a so-called "in-the-wild" exploit takes place, and the evidence of such activity it removed completely.


http://news.softpedia.com/news/linux-mint-website-hack-a-timeline-of-events-500719.shtml