securityfocus.com · Domains · Slashdot Mirror

Re:Windows is unfit for business uses. by Anonymous Coward · 2007-04-07 20:04 · Score: 0 · on Asus.com Compromised With Exploit Code

http://www.securityfocus.com/bid/8244/info
http://www.securityfocus.com/bid/18858/discuss
http://www.securityfocus.com/bid/15067/discuss
http://www.securityfocus.com/bid/13873/discuss

Pick one?

Re:Windows is unfit for business uses. by Anonymous Coward · 2007-04-07 20:04 · Score: 0 · on Asus.com Compromised With Exploit Code

http://www.securityfocus.com/bid/8244/info
http://www.securityfocus.com/bid/18858/discuss
http://www.securityfocus.com/bid/15067/discuss
http://www.securityfocus.com/bid/13873/discuss

Pick one?

Re:Windows is unfit for business uses. by Anonymous Coward · 2007-04-07 20:04 · Score: 0 · on Asus.com Compromised With Exploit Code

http://www.securityfocus.com/bid/8244/info
http://www.securityfocus.com/bid/18858/discuss
http://www.securityfocus.com/bid/15067/discuss
http://www.securityfocus.com/bid/13873/discuss

Pick one?

Re:Windows is unfit for business uses. by Anonymous Coward · 2007-04-07 20:04 · Score: 0 · on Asus.com Compromised With Exploit Code

http://www.securityfocus.com/bid/8244/info
http://www.securityfocus.com/bid/18858/discuss
http://www.securityfocus.com/bid/15067/discuss
http://www.securityfocus.com/bid/13873/discuss

Pick one?

Re:.ANI problem is what? by cciRRus · 2007-04-04 03:55 · Score: 1 · on .ANI Vulnerability Patch Breaks Applications

Basically, IE/Outlook users can get owned by visiting sites fitting with the ANI exploit, which is reported to be in the wild. Read more here.

Mac OS X security guesstimate is low by ZoOnI · 2007-03-29 09:37 · Score: -1 · on Top 12 Operating Systems Vulnerability Survey

There are four issues here
The number of code vulnerabilities (will never be known).
The number of code vulnerabilities that have been exploited by hackers (will never be known).
The number of exploited code vulnerabilities or bugs that have been found by security experts. (known).
The number of exploited code vulnerabilities (security bugs) that get fixed.

Since the real security measure of an OS is actual number of code vulnerabilities and this is based on the number of lines of code, the language, the known exploits types, the experience in security of the programmers, how much time programmers have to make the OS, security testing, the security tools used and many more items. This means the actual security of an OS is unmeasureable.

The next best step to try and measure OS security is to see the number of code vulnerabilities that have been exploited. The more hackers focused on an OS given the same number of code vulnerabilities will result in more exploits found. Since the imagination of the hacker and the OS surface area for exploitation on these OS are so large the number of exploited code vulnerabilities can't be found. This means your PC is never safe when connected to the internet because the number of exploits will always be more than the number of known security bugs which will always be more than the number of fixed security bugs.

Looking for known exploits is next best step to see how secure a OS is. What is being measured here is exploited code vulnerabilities that have been found and this in no way determines the security of an OS, but just a guesstimate. 90+% of the hackers and security experts are focused on Windows OS. This is driven by the business community. This means the database tools used by security analysis are filled with mostly Windows bugs. Using these databases gives you a unbalanced picture of Windows security when compared to other OS. It will make the other OS look better than they are due to the lack of non Windows bugs (example Messenger service bugs).

The number of exploited code vulnerabilities that get fixed is a good measure to see how serious a company is about security, which in turn will reflect in a reduction of code vulnerabilities due to security vidulance. OSX is now using Unix and there are a lot of good hackers who love Unix/Linux, OSX is now very vulnerable due to the low number of Mac security experts vs the large number of Unix/Linux hackers. There are a lot of Unix bugs that have been fixed by the open source community that haven't been fixed in OSX. Apple has generally refused to discuss the security of its Mac OS X operating system with the media, which should raise some eyebrows. It also has been very slow in fixing known security bugs. Here is an article that shows a Mac security expert getting hit with an exploit at a hackers conference. The exploit was an unknown. http://www.securityfocus.com/news/11375

Hackers focus on Windows http://www.globalcontinuity.com/current_headlines/ microsoft_windows_still_top_hacking_target

Yeah... by Anonymous Coward · 2007-03-29 04:09 · Score: 0 · on Secure Programming Exams Launched

We noticed

Re:i'm in awe by not_hylas(+) · 2007-03-22 07:32 · Score: 1 · on Trojan Analysis Leads To Russian Data Hoard

Me too.
Speaking of Evil Genius(TM):

Researchers: Rootkits headed for BIOS

http://www.securityfocus.com/comments/articles/113 72/33500/threaded#33500

Arhiveus Ransomware Trojan Analysis

http://www.secureworks.com/research/threats/arhive us/

It almost appears that we'd run in to the the "loving" arms of DRM (etc.) to escape future, more powerful variants.
These "guys" (in general) are PhDs/Engineers and are not competing anymore, they're leading the "innovators", (look at AV Companies and the all struggling) OpenSource has been the only real response. ... tap, tap, tap, ... what to do, what to do.

Re:Stay the hell away from Linksys!!! by peekitty · 2007-03-18 06:08 · Score: 2 · on Beef Up Your Wireless Router

A great bargain alternative is the Dell Truemobile 2300, it runs DD-WRT perfectly, and can usually be found for less than $20 on ebay thanks to a critical vulnerability in the stock firmware that Dell chose not to address.

A Vist From the F.B.I. by Anonymous Coward · 2007-03-15 04:15 · Score: 0 · on Don't Google "How To Commit Murder" Before Killing

"If you're a bad guy and you want to frustrate law enforcement, use a Mac."

"A Visit From The F.B.I." by Anonymous Coward · 2007-03-13 07:41 · Score: 1, Interesting · on New US Computer Forensic Institute

"If you're a bad guy and you want to frustrate law enforcement, use a Mac."

Re:time to modify the hosts file by j79zlr · 2007-03-07 16:30 · Score: 1 · on Microsoft WGA Phones Home Even When Told No

Interesting idea, unfortunately MS bypasses the hosts file for its own servers:
See here

Re:time to modify the hosts file by QuietLagoon · 2007-03-07 05:31 · Score: 1 · on Microsoft WGA Phones Home Even When Told No

Microsoft bypasses the hosts file for their own hosts.

Re:data-retention policies for network traffic ??? by Augmento · 2007-03-06 14:16 · Score: 2, Informative · on Cybercrime Treaty — Hidden Costs For All

this treaty is old news but as far as i can tell not enforced as such, i.e. we don't have terabytes of packet captures laying around my cubicle. bleh. just read the article and it doesn't even link the treaty http://conventions.coe.int/Treaty/EN/Treaties/Html /185.htm happy reading! oh and for the USA signing it, we did back in 2004! can you say old news? how do i get to tag stuff? OFN! http://www.securityfocus.com/news/8529

Re:Your Philosophies by not_hylas(+) · 2007-03-04 10:50 · Score: 1 · on Hacker Defeats Hardware-based Rootkit Detection

Teun:
"Haratio, is he related to that famous character called Horatio? '

I bet you're right, and I bet you pretty much know what I meant.
Have you got anything to contribute, as per the subject? Or, are you just checking hall passes?

Everyone makes mistakes, ... don't you agree?
Don't feel bad - It' a human condition, you'll get over it, I did.

http://slashdot.org/comments.pl?sid=221826&cid=179 73182

"... claiming their IP is being infringes upon and ..."

Here, check this out, it's pretty fascinating stuff (PC-wise):

The quest for ring 0

http://www.securityfocus.com/columnists/402

Your Philosophies by not_hylas(+) · 2007-03-04 07:21 · Score: 1 · on Hacker Defeats Hardware-based Rootkit Detection

Joanna Rutkowska's research is catching up to a truth few realized until just recently, This is just the tip of a whole can of worms that has been wiggling right under our noses for years.

If you check the comments below, (to a very good article) some commenters are rather hysterical, (in a bad way) and for good reason, but reflect the truth.

Rootkits headed for BIOS
Comments:

http://www.securityfocus.com/cgi-bin/index.cgi?c=a rticlecomments&op=display_comments&ArticleID=11372 &expand_all=true&mode=threaded

After reading this, if you don't have experience in these matters please refrain from commenting.
Rather, go read more of what Ms. Rutkowska has so expertly revealed:

http://invisiblethings.org/papers.html

"There are more things in heaven and earth , Haratio, than are dreamt of in your philosophies."

Hahaha, Sun network apparently got hit by the worm by Anonymous Coward · 2007-03-02 10:05 · Score: 1, Interesting · on Worm Exploiting Solaris Telnetd Vulnerability

According to this blog entry (see http://zetarace.blogspot.com/2007/03/dont-use-teln et.html), his honeypot network caught one of the worm attempt.

[**] [1:10136:3] TELNET Solaris login environment variable authentication bypass attempt [**]
[Classification: Attempted Administrator Privilege Gain] [Priority: 1]
03/01-13:44:29.556771 192.18.17.206:1134 -> 192.168.0.34:23
TCP TTL:46 TOS:0x0 ID:52835 IpLen:20 DgmLen:86 DF
***AP*** Seq: 0xED89493C Ack: 0x9D57147C Win: 0xC4E0 TcpLen: 20
[Xref => http://www.securityfocus.com/bid/22512%5D

However, looking at the source ip attacking his honeypot machine.. seems it's coming directly
from Sun network range:

whois 192.18.17.206

OrgName: Sun Microsystems, Inc
OrgID: SUN
Address: 4150 Network Circle
City: Santa Clara
StateProv: CA
PostalCode: 95054
Country: US

NetRange: 192.18.0.0 - 192.18.194.255
CIDR: 192.18.0.0/17, 192.18.128.0/18, 192.18.192.0/23, 192.18.194.0/24
NetName: SUN1
NetHandle: NET-192-18-0-0-1
Parent: NET-192-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.SUN.COM
NameServer: NS2.SUN.COM
NameServer: NS7.SUN.COM
NameServer: NS8.SUN.COM
Comment:
RegDate: 1985-09-09
Updated: 2003-10-10

RTechHandle: IS189-ARIN
RTechName: Sun Microsystems, Inc.
RTechPhone: +1-303-272-7000
RTechEmail: Netmaster@sun.com

OrgTechHandle: IS189-ARIN
OrgTechName: Sun Microsystems, Inc.
OrgTechPhone: +1-303-272-7000
OrgTechEmail: Netmaster@sun.com

It seems to me that Sun is spreading the Worm.^H^Hd.

Re:even if... by tobiasly · 2007-02-20 03:03 · Score: 1 · on March To Be Month of PHP Bugs

This stinks of self-promotion.

Of course it's self-promotion. Why does the guy stick his picture on the front of the article?

Attention geek bloggers: You are not attractive. Stop posting pictures of your dorky looking selves at the top of your blog.

It doesn't make you look like a real journalist, it just makes you look like a tool.

(Note: in case you're wondering how I got so many pictures to prove my point, I simply looked up the fud tag on Slashdot and started clicking away :)

Pot and kettle still black.. by ericthughes · 2007-02-05 14:03 · Score: 0 · on Bitlocker No Real Threat To Decryption?

Well, I think the author may have a few points considering that the government itself does not know how to use encryption properly...

http://www.securityfocus.com/news/11393 [Security Focus]

Why we'd expect the average Joe to do it right is beyond me.

Even if the crypto chip become widely available the NSA/CSA/ big bro will have pulled some patriot act shenanigans to get a back door put in anyway.

VIVA LA PGP!

Re:That stampede sound you are hearing.... by UncleTogie · 2007-01-29 09:30 · Score: 1 · on Professor Michael Geist on Vista's Fine Print

According to this researcher, Apple IS using the TPM modules. Wonder which is true?

Re:The ISPs could help stop this by Fez · 2007-01-26 11:51 · Score: 2, Informative · on 25 Percent of All Computers in a Botnet?

Botnets spoof IP addresses to make if harder to track down the bots. But the IPS know where the bots are and could kill them, or filter them, if they had the testicles to do it. By pass the spoofed IP addressed traffic they make it harder for the rest of the world to filter the bots. Spoofing might work for simple attacks like ping or flooding-style attacks, but IP spoofing does not help them with spam delivery or infection, which is where they make the bulk of their money (unless it's DoS blackmail...) Ingress/Egress filtering helps, but it's not a magic bullet against botnets. (See http://www.securityfocus.com/infocus/1674)

Also -- If finding and killing the bots were that easy, it would be done a lot more often.

Re:This is painfully obvious and hopelessly naive by Ambidisastrous · 2007-01-25 04:39 · Score: 1 · on Catching Spam by Looking at Traffic, Not Content

I was going to say...What would happen if we all started replying with the same auto generated mails? How would the spammers tell the difference from legit spam replies?

Sure, it'd be pretty tedious to do that by hand, but if we automated the process somehow...

Oh, wait.

I imagine that if you ran a script by yourself, your e-mail address would be targeted as belonging to a valid sucker, and passed around on lists, so you'd be spammed even more. The efforts of a scrappy community of geeks are no match for the millions of pwned PCs around the world.

Re:Could have just said 'tracking cattle' by rifter · 2007-01-19 05:42 · Score: 1 · on RFID Tattoo for Tracking Cattle and Humans

"2: I'm sure that if the article related to barcoding cattle and soldiers, you'd have received similar comments. To be honest, I don't want RFID or barcodes printed on me for the world to see."

I'd go out on a limb and guess that what he meant was that it was alarmist. This isn't about the use of RFID as such. It's just a new innovation using the technology. Mentioning that humans could be tattooed as well is superfluous and not at all different from saying the same thing about any tracking technology used for animal life. "Barcodes/RFID/generic radio tags/GPS/ect is used to track animals and could be used to track humans, too! Your privacy is at risk!". It'd be slightly annoying to have to read that every time some sort of identification technology was frontpaged on Slashdot.

I think a major reason this concerns people is when it is mandated by law. Right now you cannot get a passport in certain countries (including the US) that does not contain an RFID chip. There are companies now that require you to have an RFID chip emplanted in you in order to work for them. Now we hear you can have RFID tattoos. How long before companies or governments require these tattoos for everyone? It could start with the military, sure, but you never know.

Meanwhile people like you have been saying all along that this will never happen. And now that it has you're still denying the possibility. I wonder why the people that are concerned about this sort of thing do not believe you. It boggles the mind how far denial can go. It's this kind of denial that allows governments to do things like repeal human rights with impunity. After all, why get our panties in a bunch over a little thing like that?

Nevermind that some people think of this sort of technology fulfills an apocolyptic prophecy. It does not help that the word used in the phrase "mark of the beast" is also used for a tattoo.

I have no problem with RFID being used for the purpose for which it was designed, tracking stock. It is great for supply chain and inventory management. Unfortunately governments are already showing that our fears that we are considered their stock are better-founded than one would think. I would expect it to be strictly tinfoil-hat stuff, but it is really happening. The price of liberty is eternal vigilance. Whenever something like this happens, there is always a debate between the "alarmists" and the naysayers. We only see which side is right in the cases where naysayers win but are wrong. Otherwise it is a matter of conjecture whether the nefarious does not occur because it was not going to happen or because it was prevented because people raised alarm.

There's more to the story. by Anonymous Coward · 2007-01-17 02:43 · Score: 0 · on Is It Illegal To Disclose a Web Vulnerability?

http://www.securityfocus.com/brief/191

"It wasn't that he could access the database and showed that it could be bypassed," said Michael Zweiback, an assistant U.S. Attorney for the U.S. Department of Justice's cybercrime and intellectual property crimes section. "He went beyond that and gained additional information regarding the personal records of the applicant. If you do that you are going to face, like he does, prosecution."

Re:rtfa people by 0xdeadbeef · 2007-01-12 04:41 · Score: 1 · on No Third-party Apps on iPhone Says Jobs

The lack of code signing hasn't prevented Cingular from selling Treos.

It appears they are working on it: http://www.securityfocus.com/archive/142/449695/30 /120/threaded

But I don't expect Apple to change with code signing in place.

This is not the same control provided by Symbian. I can download the Symbian SDKs without a contract or NDA, and I can deploy code to the vast majority of Symbian-based devices. Symbian is an open platform.

Re:Can I ask an obvious question without being fla by Anonymous Coward · 2007-01-09 02:25 · Score: 0 · on Internet Explorer 7 on Linux

I say screw IE7, 6, 5, and all others. Seriously. No two flavors of IE render alike, and quite a few high profile sites (newspapers especially) simply don't render correctly at work (IE6). I find it annoying when graphics cover up the text. I don't have that problem at home with Firefox on Linux.

Just code to specs and forget about the idiots who can't write a decent browser (I'm talking to YOU, Microsoft programmers). When womeone emails you with "your site is shit" write back with "no, your BROWSER is shit, download one that CSS actually WORKS in that will have a nice side effect of not making you vulnerable to exploits 284 days a year. Get Firefox, Opera, or anybody else's browser."

Nobody who knows anything at all about computers uses IE. NOBODY. Yeah, grandma uses it but she's pwned, isn't she?

Code to spec. When everybody does, Microsoft will have to write a browser that actually WORKS.

Re:Wait, wait, wait by whitehatlurker · 2007-01-03 12:22 · Score: 1 · on Adobe Acrobat JavaScript Execution Bug

According to the discoverer, this is patched. Get version 8.0.

Re:rushed fixes, and untested at that by daveschroeder · 2007-01-02 09:50 · Score: 5, Informative · on Month of Apple Fixes

All this is a little fun exercise and a public service, if you will. Also, anyone can examine the code.

How do you uninstall these quick fixes? Simple. They'll almost all invariably be runtime fixes with Application Enhancer (APE). APE modules are just self-contained directories; nothing more. They can be unloaded on demand, and APE itself can be easily installed, uninstalled, disabled, and modules can be loaded and unloaded at will.

Also, Landon Fuller is anything but an "Apple fanboy", or in any way remotely interested in "saving Apple's rep". The idea is to look at the bugs, and see if a quick technical solution or remediation can be provided. No one has to install them. Since the code is available, anyone can see what's being done, including the rest of the community. If one wishes to wait for Apple's official patches, fine.

Aside from all of this, of course Mac OS X, like any other operating system or large software project, has bugs. Some of these bugs will enable vulnerabilities that can be exploited. I fail to see how any of this is surprising. If you're actually interested, I've summed up my thoughts on this here.

Response from Kevin Finisterre, second bug by daveschroeder · 2007-01-02 09:34 · Score: 4, Interesting · on Month of Apple Fixes

Kevin Finisterre, security researcher, founder of Digital Munition, and co-presenter of the Month of Apple Bugs, has also responded on the SecurityFocus focus-apple list to some of my concerns, expanding on some of the motivations and reasoning behing MOAB (followup).

Also, the second bug was just posted a few minutes ago: a udp:// URI handling vulnerability in VLC Media Player that affects both the Mac OS X and Windows versions of VLC Media Player. While not exactly what I'd call an "Apple bug" (yes, yes, I know the FAQ says they're also looking at "popular applications" that run on Mac OS X as well), it is interesting to note that vulnerabilities in cross platform applications may transfer more easily to the Intel-based Macs running Mac OS X...

In any event, Apple's immediate technical response and longer-term strategic response to MOAB should be interesting.

(Disclaimer: I am the story submitter.)

Response from Kevin Finisterre, second bug by daveschroeder · 2007-01-02 09:34 · Score: 4, Interesting · on Month of Apple Fixes

Kevin Finisterre, security researcher, founder of Digital Munition, and co-presenter of the Month of Apple Bugs, has also responded on the SecurityFocus focus-apple list to some of my concerns, expanding on some of the motivations and reasoning behing MOAB (followup).

Also, the second bug was just posted a few minutes ago: a udp:// URI handling vulnerability in VLC Media Player that affects both the Mac OS X and Windows versions of VLC Media Player. While not exactly what I'd call an "Apple bug" (yes, yes, I know the FAQ says they're also looking at "popular applications" that run on Mac OS X as well), it is interesting to note that vulnerabilities in cross platform applications may transfer more easily to the Intel-based Macs running Mac OS X...

In any event, Apple's immediate technical response and longer-term strategic response to MOAB should be interesting.

(Disclaimer: I am the story submitter.)

Response from Kevin Finisterre, second bug by daveschroeder · 2007-01-02 09:34 · Score: 4, Interesting · on Month of Apple Fixes

Kevin Finisterre, security researcher, founder of Digital Munition, and co-presenter of the Month of Apple Bugs, has also responded on the SecurityFocus focus-apple list to some of my concerns, expanding on some of the motivations and reasoning behing MOAB (followup).

Also, the second bug was just posted a few minutes ago: a udp:// URI handling vulnerability in VLC Media Player that affects both the Mac OS X and Windows versions of VLC Media Player. While not exactly what I'd call an "Apple bug" (yes, yes, I know the FAQ says they're also looking at "popular applications" that run on Mac OS X as well), it is interesting to note that vulnerabilities in cross platform applications may transfer more easily to the Intel-based Macs running Mac OS X...

In any event, Apple's immediate technical response and longer-term strategic response to MOAB should be interesting.

(Disclaimer: I am the story submitter.)

Re:Well then don't use it by Mike+McCune · 2006-12-25 12:33 · Score: 3, Interesting · on Vista Security The 'Longest Suicide Note in History'?

Venders build mission critical apps on Windows all the time. It is easier to use what you know than the best tool for the job.

http://www.securityfocus.com/news/6767

The worst case I ever saw in person was at an assisted living facility. Their pull chains (that the residents pull when they are in trouble) was being monitored by a PC running Windows 95 (this was in 2006).

>You're not supposed to use a consumer grade OS for mission critical apps anyway. So if you went with a vendor that >builds its apps on such an OS, then you are at fault.

Re:I don't have to... by wikes82 · 2006-12-22 14:33 · Score: 2, Funny · on Vista Exploit Surfaces on Russian Hacker Site

more story here http://www.securityfocus.com/brief/391 hehehe... He also reminds me of that city manager from oklahoma.. what's that guy name ?

SafeDisc? by Digiratus · 2006-12-21 09:34 · Score: 1 · on Sony BMG Settles Over CD DRM

So does this give me any kind of legal precedence against the Macrovision Corporation for installing their unsolicited SafeDisc copy protection driver to my PC? It is suggested there may be a local local privilege-escalation vulnerability similar to the kind that Microsoft has patched in their own services: http://www.securityfocus.com/bid/17070/info/

O yes, if you've Installed any games or programs using SafeDisc *and there are lots of them* it is there.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Secdrv

I wouldn't be at all surprised if Sony's own SecuROM protection has something similar.