Cobalt Shows Gains After Source is Opened

The Cobalt line of Linux-based hosting appliances is gaining new users following the decision by Sun Microsystems to open its source. More than 918K sites are currently running Cobalt, up more than 47K since November, when Sun announced it was discontinuing its last remaining Cobalt product, the RaQ 550 server.

Cobalt Usage by Hosting FirmsIn December, Sun released the ROM source code for the RaQ 550 under a BSD-style license, a year after open sourcing the Cobalt Qube code, which is now maintained by the Cobalt Users Group community as Blue Quartz. Prior to Sun's Christmas Eve announcement, the number of sites on Cobalt had been in steady decline from a peak of 3.1 million hostnames in August 2002.

While many hosting companies are phasing out the use of Cobalt since it officially reached its end-of-life on Feb. 19, others continue to see growth in the number of active sites running on Cobalt. A notable example is VIA Net.Works, which has seen 50 percent growth in sites on Cobalt at its newly-acquired Amen Hosting unit. Among those scaling back are two hosts who had some of the largest Cobalt installations prior to Sun's end-of-life announcement, Host Europe and EV1Servers.

Continue reading

Phishing Attacks Level Off in May

After months of rapid growth, the number of phishing attacks leveled off in May, rising just 6 percent with a total of 1,197 unique campaigns, according to new data from the Anti-Phishing Working Group (APWG).

The group, which battles identity theft and fraud tied to phishing and web site spoofing, said the modest increase from April's 1,125 attacks was likely related to the Memorial Day holiday in the U.S., as attacks declined late in the month. Even so, the data marks a significant departure from increases of 180 percent in April and 43 percent for March.

Continue reading

Tomorrow’s great Eclipse

The software development platform Eclipse is still something of a well-kept secret. In a way, this is not so surprising; whereas all computer users have an operating system, and most of them use the Internet in some way - and hence are likely to come across both GNU/Linux and Apache, even if tangentially - the only people who get really excited by programming tools are developers. But the rise of Eclipse is, in its own way, potentially just as important as that of GNU/Linux or Apache.

The Eclipse project was launched in November 2001. Although the initial list of supporters included Borland, Red Hat and SuSE, the main driving force behind the idea was IBM, which donated $40 million of code. As both a good background presentation and FAQ explain, Eclipse is an extensible Java-based development environment created from a basic core plus plug-ins. Using Java means that the project is cross-platform, while modularity provides the ability to draw on other plug-ins for functionality and permits a classic open source distributed development approach.

It also allows the platform to expand way beyond its Java roots. Alongside the original Java IDE, called JDT - which allows Eclipse to be a development environment for itself - there are now IDEs for C/C++ and COBOL, as well as a proposal to create an IDE for Web/J2EE application development.

Together with this broadening of goals, another indication of the vigour of Eclipse is the range of community resources and the large number of plug- ins now available. These embrace both open source and commercial projects. Among the latter are products from Borland, HP and IBM - for its WebSphere Studio and Rational product lines. Also of note is how major embedded software companies such as MontaVista and QNX are turning to Eclipse as a framework for their programming tools. Other members of the Eclipse supporters club include Intel, Oracle and Novell. The last of these has announced that it will use Eclipse to provide a common tools platform across all its products.

Continue reading

As Blogging Icons Mend Fences, GPLed Blog Tools Reap Buzz

Blogging icons Dave Winer and Six Apart took steps late last week to defuse separate controversies illustrating how bloggers hooked on freebies can become a management challenge. While the fallout is leading some bloggers to shift to paid services, it is also prompting interest in free and open source blogging software.

Winer, who was sharply criticized for the sudden shutdown of many free sites, Thursday announced a transition plan to help shift stranded bloggers to new hosting digs. Meanwhile, Six Apart, which was blasted for pricey new licensing for Movable Type 3.0, unveiled a new payment structure designed to make its new software more affordable for non-profits and personal bloggers.

Continue reading

RIAA Site Still Battling MyDoom.F

On the 17th of each month, computers still infected with MyDoom.F launch a distributed denial of service (DDoS) attack on the web sites of Microsoft and the Recording Industry Association of America (RIAA). While the well-defended Microsoft site has suffered nary a blip from MyDoom.F, the RIAA site was offline from March 17-24 and again last month.

The RIAA site began experiencing performance problems again this morning, although it seems to be faring somewhat better than on previous MyDoom.F trigger dates. The site index is using a text-only redirection page at in an attempt to reduce the load on its server.

RIAA Web Site Availability

A dynamically updating graph of the sites targeted for DDoS by various MyDoom variants is available here.

Continue reading

Akamai Attack Highlights Threat From Bot Networks

Have hacker-controlled "botnets" grown mighty enough to disrupt even Akamai's content distribution network and its 15,000 servers? Until yesterday, the notion seemed far-fetched. But Akamai today offered more details on a distributed denial of service attack by a large network of "zombie" machines that bogged down its DNS system for several hours.

"There are enormous bot networks out there that can do a lot of damage," said Akamai chief scientist Tom Leighton. "It's a tremendous problem, and presents a threat to the Internet." Akamai said it was able to quickly identify the attacking botnet, which was shut down by the originating network. The outages were limited to approximately 4 percent of Akamai's 1,100 customers, with 1 percent - about a dozen sites - experiencing a significant impact.

The attack was "more sophisticated than we've seen before," said Leighton. "The volume was problematic, and how it was done was problematic. For this nature of attack, it was an unusual volume." While not offering details on the technique involved, he said it was "a step ahead" of known DDoS techniques. The attack targeted the DNS addresses of four large Akamai customers. "It's possible these sites were targeted, and just happened to all be our customers," said Leighton. "But we assume it was an attempt to attack Akamai."

Continue reading