Domain: infowarrior.org
Stories and comments across the archive that link to infowarrior.org.
Comments · 15
-
Re:Please, don't overreact.
Judging from his paper (if it's still up), the vulnerabilities allow for total execution takeover on the router, as long as you know where to hit up the overflows. Granted that's still not the *exact* nature of the vulnerability, but it sounds pretty squarely in the "CRITICAL" category to me.
you can't assume that the truth is 100% on Lynn's side
No, but the evidence is definitely in his favor. FBI investigation, talks of trade secret violation, and Cisco hasn't denied anything stated in the presentation, correct? But they did go to great lengths to ensure that the information didn't get disseminated. Not an open and shut case, but in the truth casino, my money's on Lynn. -
Download the Presentation
PDF:
Lynn-cisco.pdf" -
Just so we're clear...
Everyone is aware that the presentation has been published on numerous mailing lists and websites, right?
-
PDF of the Presentation
I found this linked on Nick84's site (http://www.rootsecure.net/): http://www.infowarrior.org/users/rforno/lynn-cisc
o .pdf If I'm correct, it's the slides that were taken off of the hand out cd. Another link from a Wired article: http://cryptome.org/lynn-cisco.zip -
Poster must be American - 1st Step: SUE
purchased over the last five years which you never bothered to register,
So it is their fault that YOU didn't register the product ?
Learn to take some personal responsibility for your actions, or lack thereof in this specific case.
First step in your learning process, read Weapons of Mass Delusion: America's Real National Emergency, Chapter 4, "Why Stop The Buck, When You Can Pass It?"
-
Exactly rightSee Muckraking, the PC Way, written by Richard Forno (former Chief Security Officer at Network Solutions), which was referenced by Slashdot earlier. Excerpt:
Contrary to his article, the small market segment held by Apple doesn't automatically make the Mac OS less vulnerable to attack or exploitation. Any competent security professional will tell you that "security through obscurity" - what Lance is referring to toward the end of his article - doesn't work. In other words, if, as he suggests, Mac OS was the dominant operating system, its users would still enjoy an inherently more secure and trustworthy computing environment even if the number of attacks against it increased. That's because unlike Windows, Mac OS was designed from the ground up with security in mind. Is it totally secure? Nothing will ever be totally secure. But when compared to Windows, Mac OS is proving to be a significantly more reliable and (exponentially) more secure computing environment for today's users, including this security professional.
This point has been debated often in the past. -
Re:Exactly what I was thinking
-
Microsoft - A Proven Danger to National Security
This is old news. In May 2000, infowarrior.org carried an article "Microsoft - A Proven Danger to National Security". I can't find the article on infowarrior but it was very popular and controversial for a while -- even here on
/. The sad thing is this article, was a warning that nobody in the government ever listened to. Microsoft sure didn't read this document. If they did, they've spent 3 years doing absolutely nothing. -
Re:Untrue
*sigh* -- where to begin? SoBig.F. Welchia32. MSBlaster.exe. And almost 70,000 other pieces of crap that exist only to make life on Windows miserable. Zero viruses for MacOS X. XP more stable? What planet are you on? When you've had to remove Welchia32 from someone's network because ONE machine was left without virus protection, you can talk. Oh, and since people love to make all kinds of lame excuses for the Swiss Cheese security model of Win2K/XP, read Rick Forno's excellent article "Forget California, It's Time to Recall Microsoft" here.
-
Re:Huh?
Um, sorry but you don't know what you're talking about. The first Castle Wolfenstein game was made by id Software and was called "Wolfenstein-3D."
Oh dear.
I'm afraid it is you who are mistaken.
(Hint: scroll down a bit) -
Your analogy is flawed..
The hard drive is but a small chunk of a computer. I don't mind if the drive is sealed and the firmware proprietary, as long as it conforms to a well-documented standard interface, and doesn't require any proprietary tweaks to perform well.
Likewise, I don't care what shape my pistons are ground in, or how the valvetrain actually works. Overhead or pushrod, seal it up so I never see it, I don't care.
However, my computer as a whole had better not be welded shut! I want to be able to inspect its operation, make sure I'm the user and it's the tool, not the other way around. I want to be able to control its operation, write my own programs, and tweak the misfeatures of others' programs. I'll never need to manually adjust the flying gap on my hard drive, but I definitely do want to customize my boot sequence, and scrutinize data leaving over my net connection.
Likewise, my car should be open enough that I can change the parts I want to. I'm happy with the engine, but why can't I turn off my headlights when I pull into my friend's driveway, so as not to wake his neighbors? I want wiring diagrams, so I can make the lighter socket behave more sensibly. I don't care if certain parts are sealed for practical reasons, but the rest of it should be open for me, the owner, to customize.
I think your analoy is flawed because you compare the hard drive to a car. The drive can be a black-box with no ill effect. It's the computer system as a whole that must be open to the user. The car can contain several black-box components, but I should be free to inspect and reconfigure the connections between them.
If you think this tendency in cars is scary, go read this article on Microsoft's Palladium plan. Talk about welded shut! At least your car doesn't refuse to carry passengers and cargo that haven't been approved by the manufacturer. -
See also Richard Frono's articleAnother opinion on this issue: The Freedom to Innovate Includes The Freedom to Obfuscate: Why Microsoft's New "Security Framework" is Just Another
.NET Vulnerability.(also on The Register).
/ol -
Essay - DMCA Threatens Individual/Natl Security
From one of my mailing lists...
National Security and Individual Freedoms: How the Digital Millenium Copyright Act (DMCA) Threatens Both.
The article is here."
A good read, particularly after the crap Adobe is pulling with poor Dmitry.
-
MIcrosoft English DictionaryThe latest incarnation of the Microsoft English Dictionary has been made available just the other day.
One interesting tidbit:
"Heroin Economics" - Common practice of drug dealers looking to establish a customer base by providing free samples to "hook" users, at which time the dealer raises his prices for his product. Since people are now dependent, they will naturally pay whatever is necessary to obtain the substance. In the software world, for years Microsoft tolerated software piracy (both casual and organized) as its user base expanded and the company became a monopoly on the desktop with millions of "hooked" users and organizations...at which time it raised its prices and plans to force users to pay annual tributes to feed their dependence on Microsoft products and services. (See "Product Activation Technology")
Check out the Vinny the Vampire comic strip
-
A risk to national security
Found an article here, that ought to be good to print out and put on your CIO's desk. It's titled Microsoft: A Proven Danger to National Security. (Warning - it's a PDF file.) Microsoft ought to find it interesting reading, anyway.
...phil