Domain: stiller.com
Stories and comments across the archive that link to stiller.com.
Comments · 8
-
Question your best practices!
There have been some very good research projects done on how to build a more secure system, and some of the most amazingly effective ones have been the ones that challenge the basic assumptions of "best practice".
MIT Kerberos takes the view that no machine on the network can be implicitly trusted; access to network services is controlled by tickets, mediated by a ticket distribution service with which each user and service has a pre-shared key. This works even for systems in which the local operating systems have no internal access control mechanisms whatsoever.
Capability-based systems essentially throw out the classic security model of users, roles and permissions, replacing them with a system of nonforgeable references by means of a combination of memory protection and cryptographically strong naming.
Finally, people need to come to terms with the fundamental fact that content-based security schemes are a losing proposition (1, 2). Virus scanners, adware scanners, porn blockers, spam filters, and even national customs departments all face the same problem: they can only inspect what goes by and apply a list of tests to winnow bad items. There is strong economic pressure to find ways to bypass these types of checkpoints, so new tricks are constantly being invented, only to be compensated for by the guardians; thus the guardians are always a step behind. -
Re:Simple and More Reliable
I can see the next ms.blaster worm that wipes your bios requireing you to replace the ROM
This has already happened!
Thankfully the person it happened to had two machines with the exact same ABit motherboard. He took out the BIOS from the good machine, used it to boot the dead one. Once it was running he put the bad BIOS back and re-flashed it.
I didn't think it would work, but the machine is going great now. Well, until the capacitors starting blowing up ... but that's another story ... :) -
Re:Somehow ...
KFC? Chicken? Everyone knows the reason they changed their name from "Kentucky Fried Chicken" to "KFC" is because they no longer use chickens in their meals.
Kentucky Fried Chicken has become KFC. Does
anybody know why? We thought the real reason
was because of the "FRIED" food issue. It's
not. The reason why they call it KFC is
because they cannot use the word chicken
anymore. Why? KFC does not use real chickens.
They actually use genetically manipulated
organisms.
C'mon... I saw it on my innernet, so it must be true! -
Re:How will billg make out?
I hope some of the spam went to Bill Gates... His net worth has been hurting lately, after all.
Didn't you know? Bill Gates sends tons of spam. It's how he recruits beta testers for Windows. -
Re:Only the FTP...
This is wrong...you don't need the source to a program to alter the binary. The only difference between altering the source code and infecting a binary is that the binary is always some "magic code" that has to be trusted...think of it, a trojan that isn't "in the wild" could be inserted into any of your favorite closed-source programs and the only way you'd find out is if it was malicious or someone happened to find out. This is how many viruses like Michelangelo propagate...no one knows about it till it's too late...your anti-virus software can't protect you against viruses/trojans that it doesn't know exist...
With Open Source, this kind of stuff isn't as easy to pass off...there ARE ppl that frequently review the code (yea, not every day)...but I'ld be supprised if anything like this lasted for much longer than a week or 2...OpenSSH's FTP source was only infected for 1-2 days...
As I said before, a "very destructive trojan" was inserted onto the main distro site of PKzip. -
Re:Only the FTP...
Ok, how about
...
A PC Gamer CD with a virus in Q-Paint
Another magazine's CD (Developers Review) was infected with a macro virus
PK Zip V3 (gee, this sounds rather familar)
A Mac virus found on the Journal of Vacuum Science & Technology CD-ROM Vol.12 1Q94
And...
Slashdot even did a story about a spyware program that removed Ad-Aware (Trojan)...and this was done by the author!!!
I'm sure if you look around for a while, you can find more. Just do a search on Google...only took me a few minutes to find these. -
Re:Only the FTP...
Ok, how about
...
A PC Gamer CD with a virus in Q-Paint
Another magazine's CD (Developers Review) was infected with a macro virus
PK Zip V3 (gee, this sounds rather familar)
A Mac virus found on the Journal of Vacuum Science & Technology CD-ROM Vol.12 1Q94
And...
Slashdot even did a story about a spyware program that removed Ad-Aware (Trojan)...and this was done by the author!!!
I'm sure if you look around for a while, you can find more. Just do a search on Google...only took me a few minutes to find these. -
Re:Life Imitates Art
This by no stretch the first time MS has caused life to imitate satire. Remember setting anyone straight on the Good Times "virus"? "No," you said, "emails aren't programs, so such a thing is impossible." Then, they wrote Outlook.