Open Source

Opera 10.60 beta available, Unreal IRC Server finds backdoor trojan

Opera released the 10.60 beta version of its browser, claiming huge speed increases as well as other enhancements. Also, if you missed it, check out the Unreal IRC Server malware alert and verify your version.

Opera announced that it would skip the 10.5 Final version and release the 10.60 version in sync for Windows, Mac, and Linux. Safari 5.0 just arrived, also claiming to be the fastest browser on the Web, but Opera says that some benchmark tests show that it's javascript engine gives it as much as a 75% improvement on speed over previous versions. I'm still testing it out, so I can't yet tell a discernible difference in speed, say from Firefox, in such limited use. If you'd like to try it out yourself, you can download Opera 10.60 here.

Other enhancements and features included are:

  • Geolocation API to provide local, relevant search results
  • Appcache allows users to work on some Web applications while offline
  • New support for HTML5
  • Support for Google's new WebM video format

Of course, the browser that is getting the most buzz these days is Google's Chrome, and its open source version Chromium is apparently making headway on Linux desktops. Linux-mag.com reports that the Ubuntu 10.10 Netbook Edition (UNE) will sport Chromium installed by default to replace Firefox as the browser. Do you expect to see more Linux distributions changing the default browser?

Malware alert

As a reminder that no one is completely safe from malware, the folks at Unreal IRC Server had to make a tough disclosure this week:

This is very embarrassing...

We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (trojan) in it.

This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user

restrictions (so even if you have passworded server or hub that doesn't allow any users in).

It appears the replacement of the .tar.gz occurred in November 2009 (at least on some mirrors). It seems nobody noticed it until now.

Obviously, this is a very serious issue, and we're taking precautions so this will never happen again, and if it somehow does that it will be noticed quickly.

We will also re-implement PGP/GPG signing of releases. Even though in practice (very) few people verify files, it will still be useful for those people who do.

The notice goes on to give details on safe versions and instructions for how to check your version.

Were you affected by this malware?

About Selena Frye

Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and...

Editor's Picks

Free Newsletters, In your Inbox