As of yesterday, Linux Client and Server Security 5.30 is no longer a supported version. This was a nice release, at least from our perspective. It introduced several new and improved features:

• Scanning core placed in its own rpm package, the f-secure-security-platform.
• The core introduced riskware scanning.
• Database updates abandoned the old HTTP download client and replaced it with Automatic Update Agent. AUA is a robust background daemon with advanced binary diff capabilities that save bandwidth.
• We took into use syscall hooking in the dazuko driver for Linux 2.6 kernels. This made it possible to provide scan-on-close functionality and support Red Hat kernels. Earlier versions required Red Hat customers to recompile a kernel with capability as a module.
• Firewall rules wizard was introduced in the web user interface.
• Support for servers running Samba. (That was easy. We just tested that realtime protection works with Samba.)
• We shipped a guide for integrating with popular mail transport agent software.

Today, this fine release is history. We encourage everyone to upgrade to Client or Server Security 5.52. You will get:

• Support for 64 bit Linux distributions.
• Command-line-only installation mode for customers who don’t need anything else.
• Rock-solid stability. We’ve worked very hard to eliminate any possibility for system hangs and fixed lots of bugs.

A company called Untangle arranged a test for Linux anti-virus products (Be careful! The page has links to live viruses!)

Because the test did not look very well set up, we chose not to participate in it. Others have already commented on the merits of the test arrangements, so I won’t go into more details in here.

However, curiosity got the best of me and I downloaded the test set and tried it on F-Secure Linux Server Security 5.52. Of the 34 files in the test set, we detect 31 as infected. The remaining 3 files are password-protected zip files, which obviously cannot be scanned.

So, we did rather well in the test after all. But you don’t have to take my word for it. For good testing of anti-virus software see Virus Bulletin and AV-Comparatives where our software has always gotten top scores.

Just had a look at Symphony OS 2007 which we found inside Linux Format September 2007 issue DVD. Symphony is a Ubuntu based Linux distribution which uses the Mezzo for desktop environment. Mezzo in turn is a FVWM-based usability driven desktop project aiming to give us a new way of presenting information. The four hot corners of the screen are very well utilized and all the applications and files are visible on the desktop, instead of hidden inside complex menus.

While Symphony OS still has some bugs and the overall experience felt a bit sluggish, it seems like something to keep an eye on.

I’ve been participating Guadec 2007 this week in Birmingham. There has been some really interesting presentations about the future of`desktop computing and what are the possible ways in which Gnome could go forward. Online Desktop seems to be the next big thing and there have been some concrete improvements in that direction. One good example of this is the Pyro Desktop, which was released here in Guadec just a few days ago. Also, Telepathy framework seems to be strongly supporting the connected lifestyle of today’s computer users. As mentioned in some presentations, it seems that Open Source Software has the advantage of being able to make bold moves without having to worry too much about backwards compatibility and other such things that commercial desktop systems often have to face.

Mobile computing seems to be another hot thing and Nokia has been widely visible in the conference with Maemo, their Gnome based desktop used in the 770 and 800 devices.

On the usability side, MacSlow was here presenting his lowfat approach, which was even nicer when seen live than watching the videos from his website. I am definitely going to install it and try it out. MacSlow also had a very focused and
clear picture on how to improve the usability of desktops, so lowfat is definitely not only about showing cool bling bling :) And speaking of bling, there is also a new library called clutter which is able to do some neat stuff on your screen. Check out the demos.

This is also a ten-year birthday for Gnome, which is nice. Gnome has definitely come a long way to be where it is today. And, as Jono Bacon said in his keynote speech, even if Gnome kind of competes with KDE, in the end it does not really matter which one wins or is more popular. We still have a Free Software desktop system, something which did not exist ten years ago.

We here at the F-Secure Linux team are currently working hard on our next major release, preliminarily scheduled for the fourth quarter of 2007. There’s going to be quite a few changes, and the whole feature set is not even completely decided yet. A lot of it depends on customer and partner feedback during the project as well as from previous versions, which is why we have decided to make a public Technology Preview at this relatively early stage. It should be noted that this is in early alpha stage - although we continuously test our builds and try to make sure it doesn’t crash and burn too badly, some of it contains very new code working deeply within your kernel, still wet behind its ears. In short: do not run it on a production machine under any circumstances. It can possibly crash your computer, and even (although unlikely) make it unable to boot without deep repair magic involved. I recommend using a virtualized environment (such as VMware) to try this out.

Despite these warnings, based on what we’ve heard from customers, I think this release has some eagerly-anticipated features.

Here’s a short summary of the things we’re bringing out:

• Our current sister products Linux Client Security and Linux Server Security will be merged into one product called F-Secure Linux Security. By using different keycodes, the user can choose what feature set to purchase.
• On the same theme, you will be able to entirely disable parts of the product that you do not need. For example, on a centrally managed installation where the end-user need not interact with the product, one can disable the web user-interface to conserve resources. If you already have an existing firewall management infrastructure in place, you can disable the firewall component. This has previously been done by many customers by simply removing the corresponding .config file in /etc/opt/f-secure/fsma/modules, but hopefully you can now do the same in a much cleaner and well-supported way.
• The installer will be simplified to not ask any questions upon installation. Instead, the customer can tweak needed settings using command-line tools, the web user-interface or the Policy Manager after installation. Of course, we will still support supplying the --auto command-line option to configure the product directly upon installation.
• We will provide better integration with the modern desktops with native alert notifications.
• Of course, under the hood there are tons of changes aimed at improving stability, usability and support for new technologies and platforms. One notable change is that we have decided to drop support for some old platforms like Red Hat Enterprise Linux 2.1 and SUSE Linux Enterprise Server 8, where maintaining compatibility would increase complexity regards to both product code base and testing efforts, with little added benefit. However, the final set of supported distributions is not decided yet - it will be decided as the project nears completion, after discussions with customers and partners.

To check out the Technology Preview, first read the release notes! Really, please do. It contains important information about known problems and the new installation and setup procedure. We haven’t got any manual ready yet, so the release notes is the closest thing you’ll get.

Then, download the package: f-secure-linux-security-7.00.6275.tgz (MD5, SHA1).

Please email us your feedback about the Technology Preview! You can find the address at the bottom of the page. If your feedback includes a bug report, please remember to mention which distribution (name and version) you’re using as well as kernel version.

Some of us were at the HP Linux Forum here in Helsinki last thursday and saw some nice presentations. The topics circled around the usage of Open Source Software in projects, JBoss, Red Hat, Xen virtualization, and Linux services offered by HP, quite naturally.

It was nice to hear that the discussion on Linux and Open Source isn’t anymore about if they are ready to do this and that, but rather how to take most out of them and how to migrate your existing systems into Open Source platforms.

We have just released version 5.52 of our Server Security (70 MB evaluation download) and Client Security (69 MB evaluation download). This release was mainly prompted by some issues discovered when running our product on Turbolinux, a popular Japanese Linux distribution and hence an important target platform for us. Also, in light of our recent security advisory FSC-2007-1, we would like to encourage all users to upgrade to the latest versions. Note that the latest version of F-Secure Internet Gatekeeper for Linux is affected: download the latest build here.

The 2nd Google Test Automation Conference will take place in New York on 23rd and 24th of August. I’ve been given the honor of presenting our team’s test automation system that’s in use for all F-Secure’s Linux/UNIX Anti-Virus products. The conference is free of charge, but the number of participants is limited to 150. If you’re working with testing or test automation you have a good change to see my presentation and many top speakers during the two days by applying to the conference here.

My presentation will introduce some ideas of test automation system architecture, using virtualization to test on ever increasing number of Linux variants, utilizing version control and moving to automated reporting and test documentation. I’ll be also covering some specifics of testing anti-virus products, testing proprietary products on open source platforms and testing products with GUIs, Web UIs, kernel modules and firewalls as well as HTTP/SMTP/POP proxies with clients and servers. And even bootable CDs. It’s quite clear that there isn’t a single free or commercial product that would do all that. So I’ll show how we have tackled many of these problems by modularity of the automation system and by keeping all the different parts easy to use and understand. And oh yes… I’ll be advocating “automating everything” :)

As mentioned by Alexey, currently the International Antivirus Testing Workshop is ongoing in Reykjavík, Iceland, and I am here representing the F-Secure Linux team. Here I am learning everything there is to know about malware testing, and, of course, enjoying the amazing nature of Iceland and the charming city of Reykjavík - yesterday we visited the Blue Lagoon geothermal spa.

Some of us has recently become addicted to Twitter. As I discovered that someone has already made a Net::Twitter Perl module, the natural extension of this lunacy was to integrate Twitter support into our LED sign. We created a common Twitter account, to which we added as friends all the team members that wished to participate. With just a few lines of Perl code, we then got our tweets prominently displayed on the team LED sign. Pure Web 2.0 goodness!

my $twit = Net::Twitter->new(username=>"foo", password=>"bar" );
my @seentweets;

sub fetchtwits() {

    my $timeline = $twit->friends_timeline();

    my $firsttime = @seentweets ? 0 : 1;

    return "" unless $timeline;
    TWEET: for (@{$timeline}) {
	my %tweet = %{$_};
	if ($firsttime) {
	    # if this is the first time we're running, just
	    # populate the seen list with all tweets so that
	    # we don't spew out the whole timeline on startup
	    push @seentweets, $tweet{'id'};
	}

	for (@seentweets) {
	    if ($_ eq $tweet{'id'}) {
		next TWEET;
	    }
	}
	my %user = %{$tweet{'user'}};
	my $msg = '<GD1>' . $user{'screen_name'} . ": " . $tweet{'text'};

	print "new tweet: " . $msg . " [" .$tweet{'id'} . "]\n";
	toled('A', $msg);
	push @seentweets, $tweet{'id'};
	return $msg;
    }

    return "";

}