Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Password guessing with Medusa 2.0 - Medusa was created by the fine folks at foofus.net, in fact the much awaited Medusa 2.0 update was released in February of 2010. For a complete change log please visit

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

(Feb 19)

It was a hacker conference, so just about everyone was wearing a T-shirt. And most of the T-shirts had something to say. "Know Your Enemy," said one, just beneath that familiar Microsoft Windows logo.
How to encrypt a partition with Cryptoloop (Feb 21)

This article will describe how to encrypt entire partition with a Cryptoloop. Cryptoloop is a disk encryption module for Linux. It was first introduced in the 2.5.x kernel series.
Use an Old Game Boy as a Raspberry Pi Case (Feb 19)

There's no shortage of creative enclosures for your Raspberry Pi. We've seen the tiny linux computer stuffed inside of a coffee table, a keyboard, and now, an original Game Boy!
US students get cracking on Chinese malware code (Feb 21)

Wesley McGrew, a research assistant at Mississippi State University, may be among the few people thrilled with the latest grim report into a years-long hacking campaign against dozens of U.S. companies and organizations.
Chinese Army link to hack no reason for cyberwar (Feb 20)

Security vendor Mandiant's 60-page report on Chinese cyberespionage, which offers proof that it is coming from a Chinese military unit housed in a building in the Pudong district of Shanghai, adds new fuel to two hotly debated cybersecurity questions.
Jeep joins Burger King in Twitter hack club (Feb 19)

Just a day after Burger King's Twitter account was hacked and renamed McDonalds, Jeep is suffering the same fate -- but the takeover hoax isn't credited to the fast food empire this time. Jeep's hacked account says it's been bought by Cadillac, of all things.
(Feb 20)

The Pirate Bay said it has alerted Finnish authorities to what it termed a "suspected crime" over an anti-piracy group allegedly pilfering the "files from which The Pirate Bay is built, to produce a fraudulent parody site."
Vulnerability in recent Linux kernels offers root rights (Feb 26)

An error in the handling of special netlink messages in the Linux kernel can allow a user to surreptitiously gain root privileges. The discoverer of the hole, Mathais Krause, confirmed to The H's associates at heise Security that Linux kernel versions 3.3 to 3.8 are affected.
(Feb 26)

Following threats of legal action in its traditional home of Sweden, a few hours ago The Pirate Bay set sail for pastures new. Sweden's Pirate Party had been providing bandwidth to the site for the last three years but came under intense pressure last week when a local anti-piracy group threatened to sue.
Kernel developer criticises Linux over security (Feb 26)

A senior Linux kernel developer has pointed to an instance of what he calls a lax approach to security in the Linux kernel, citing the case of a serious vulnerability that is now more than a month old and is yet to be fixed.
Linux, Windows, and security FUD (Feb 26)

It's 2013. but the Linux FUD just keeps coming. In the most recent example, security firm Trustwave claimed that Linux kernel vulnerabilities went unpatched more than twice as long as it took to fix unpatched flaws in Windows. This assertion would be a lot more believable if it wasn't coming from a Microsoft partner.