Domain: hup.hu
Stories and comments across the archive that link to hup.hu.
Comments · 13
-
Re:OpenBSD?
This list should clarify things a bit.
While OpenBSD had ASLR it is lacking in many other ways.
That is the thing with security, it isn't the doors you locked that matters, it's that single one you didn't lock that is the problem.Hmmm... While I agree with you on the general principle, here are a couple of things, off the top of my head:
1. False positives ("Vulnerable" tests in your example) do exist, you know. How are you sure that OpenBSD (or FreeBSD) is vulnerable in such and such case? Have you created an exploit specifically for the things being tested by paxtest? Maybe OpenBSD has other capabilities
2. False negatives are also a thing. Even if paxtest says: "such-and-such is OK", how do you know if a clever hacker won't be able to find a way around the ASLR protection?
Also important: paxtest dates back to 2004, and, as far as I know, has never been updated since (web site here). Not that this is a bad thing, but ASLR, and security, has changed a lot since then...
-
Re:OpenBSD?
This list should clarify things a bit.
While OpenBSD had ASLR it is lacking in many other ways.
That is the thing with security, it isn't the doors you locked that matters, it's that single one you didn't lock that is the problem. -
Re:Why not just use OpenBSDs?
Wouldn't it be easier to just import OpenBSD's implementation?
See the pictures under this link: http://hup.hu/node/140322 .
;) -
Video
Razor-qt desktop environment on Ubuntu 11.10:
http://youtu.be/n6Ro1Qc4UaE
Article (hungarian):
http://hup.hu/cikkek/20111219/razor-qt_qt-alapu_gyors_desktop_kornyezet_telepitese_ubuntu_11.10-re -
Re:anchient debate
"I didn't mean to imply that I think the secure web server is going to be slow"
Don't worry, my reply was just an echo of the age old microkernel-vs-monolithic kernel debate of Tanenbaum-vs-Linus rather than being directed at you. -
Re:Downloads
As usual, you can find an unofficial - and of course unsupported by the OpenBSD dev team - i386 install ISO, and a short install guide (unfortunately just in hungarian language) at the Hungarian Unix Portal.
-
removed, but...
Credit line removed by the editor, but i found this report on HUP.
-
Unofficial install ISO-s
From OSNews:
"Some unofficial (and of course unsupported by OpenBSD team) install ISOs:
http://hup.hu/node/24625" -
Re:New Icon?
I vote for the two chicks at the same time icon that we've all come to know and love.
-
Re:Oracle and its security record
Yes. I've read it on the Hungarian Unix Portal. (you could obviously try googling too, if you don't speak hungarian.
:]) A quick googling turned up this aswell.
That was the reference and proof. Obviously spammers not only know about this technique but use it to spam effectively and quite anonymously (spammers use windows zombies to flood vulnerable php forms). With a smart google query you could turn up hundreds of vulnerable php forms. But you shouldn't look so suprised. PHP is a security mess, even the Secure PHP effort is basically offering workarounds only. Serious users should avoid PHP and use Perl, Python or Ruby. -
ISO-s
-
Re:part 2- not trolling, just a little frustrated
Two ways:
1. Make your own ISO (http://www.pantz.org/os/openbsd/makingaopenbsdcd. shtml)
2. Download an inofficial ISO (http://www.hup.hu/modules.php?name=News&file=arti cle&sid=9953)
Both of these steps should of course be followed by buying at least something from the OpenBSD store at http://www.openbsd.org/orders.html -
Screenshots
Solaris 10 screenshots here.