Slashdot Mirror
Domain: threatpost.com
Stories and comments across the archive that link to threatpost.com.
Comments · 308
-
84 security issues on ANDROID now
Anyone that's not a deluded zealot's free to look @ the links I posted, & decide for themselves in these posts of mine as to whether these are "good things" going on with ANDROID (a Linux variant on smartphones) or not:
http://news.slashdot.org/comments.pl?sid=2586024&cid=38463414
http://news.slashdot.org/comments.pl?sid=2586024&cid=38488282
http://news.slashdot.org/comments.pl?sid=2586024&cid=38495050
http://news.slashdot.org/comments.pl?sid=2586024&cid=38495800
http://news.slashdot.org/comments.pl?sid=2586024&cid=38507222
http://news.slashdot.org/comments.pl?sid=2586024&cid=38519768
APK
P.S.=> For "good measure"? Here's 12 more, sending the total up to 84 now:
http://news.slashdot.org/story/11/10/06/0118231/android-malware-using-blog-as-cc-server
http://www.theregister.co.uk/2011/10/06/trend_discovers_more_android_malware/
http://www.theregister.co.uk/2011/11/14/android_anti_virus/
http://www.theregister.co.uk/2011/11/30/google_android_security_bug/
http://www.theregister.co.uk/2011/12/12/android_market_malware/
http://blogs.cio.com/mobile-security/16704/android-app-permissions-may-spark-false-sense-security
http://tech.slashdot.org/story/11/12/21/0058235/gaining-a-remote-shell-on-android
http://www.theregister.co.uk/2011/12/22/android_trojan_maytyr/
http://threatpost.com/en_us/blogs/fake-antivirus-scams-targeting-android-users-122911
-
Another Linux using server compromised? LMAO!
http://uptime.netcraft.com/up/graph?site=www.stratfor.com
* Let the facts speak for themselves in 2011 that support my subject-line...
(Especially regarding what we heard for YEARS here on
APK
P.S.=> This does the rest: It's more such current information, & along the same lines (E.G.-> Linux servers being breached, ANDROID Linux variant phones being nuked too, security failures & exploitations, galore, etc./et al):
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
... apk Linux servers being breached, ANDROID Linux variant phones being nuked too, security failures
-
Re:Defined & "Distilled" (upon request)... apk
"of course and it is not on desktop because it is too expensive" - by Anonymous Coward on Wednesday December 28, @11:01AM (#38515588)
Linux gets used less than Windows means it's not as good & PC marketshare shows it (Windows nearly 95% of it on desktops shows that much). I mean, Linux DEFIES business logic! I.E. -> EVEN WHEN GIVEN AWAY FREE IT CANNOT GET A LARGER MARKETSHARE THAN WINDOWS HAS (especially with desktop users).
---
"why do you combine these figures all of a sudden" - by Anonymous Coward on Wednesday December 28, @11:01AM (#38515588)
Why not? It's FACT that on PC desktops, workstation, & servers (from departmental up thru enterprise class ones), Windows overall HAS THE MOST MARKETSHARE... period!
(Everyone knows it too!)
---
"not _the most_ the word you are looking for is _only_" - by Anonymous Coward on Wednesday December 28, @11:01AM (#38515588)
ANDROID does the rest in an area that Linux gets used a lot/has big marketshare (smartphones) where that proves that Linux was really enjoying security by obscurity due to lack of widespread usage (like it is on PC's with end users)...
Once it got more used as it is on smartphones, like Windows is on PC's? It began to be RAMPANTLY exploited, & yes - ANDROID is a Linux! So much for Linux fud on
---
"yeah opensource is all about security-by-obscurity." - by Anonymous Coward on Wednesday December 28, @11:01AM (#38515588)
On these servers, where Linux is USED A LOT?
Hey!
Well, looks MORE LIKE THIS from current information from this year @ years' end in 2011 (lol, just verifiable documented facts from reputable sources mind you, so don't get all "hot & bothered" as you've been doing, ok?? LMAO!):
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on th
-
Sure is @ hand: Exposed 4 what it is
In 2011, for being as security-vulnerable as other OS, ala these very current examples:
---
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
NOW - ESPECIALLY TOSS ON ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
APK
P.S.=> NewsFlash/New NEWS: Linux Security Blunders DOMINATE in 2011, despite all
... apk
-
Depending on Linux 4 security (LSE)?
"But anyone who cares about security uses linux - and by default anyone who uses the services of those companies uses and relies on linux." - by mSparks43 (757109) on Tuesday December 27, @03:33PM (#38506592) Homepage
Oh, really? Ok, per my subject-line:
---
London Stock Exchange Web Site Served Malicious Ads:
http://www.securityweek.com/london-stock-exchange-web-site-serving-malware
And, yes - they run Linux to do it -> http://uptime.netcraft.com/up/graph?site=www.londonstockexchange.com
(So much for "caring for security" because they didn't do a good job... hell, Linux ALSO FELL FLAT ON ITS FACE ONLY MINUTES INTO THE JOB RUNNING LSE THE 1st DAY ON THE JOB:
LINUX WENT DOWN 2x in LESS THAN 1 YEAR @ London Stock Exchange:2011 -> http://linux.slashdot.org/comments.pl?sid=1999478&cid=35231358
Whereas, by way of comparison, the Accenture developed system that used Windows Server 2003 before it ran for 7++ yrs. before being replaced!)
---
AND OF COURSE, this much VERY CURRENTLY THIS YEAR IN 2011:
---
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
APK
P.S.=> Continuing the trend on ANDROID malware as well as I have been doing? Up to 56++ evidences now by this point with these 8 new ones to list:
-
Answer YES or NO (pretty simple)
Were these systems breached in 2011 running Linux? Yes or No will do as your answer:
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
APK
P.S.=> Linux Security Blunders DOMINATE in 2011, despite all
... apk
-
Answer this question then, troll... lol! apk
Were systems breached here running Windows in 2011?
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
APK
P.S.=> Linux Security Blunders DOMINATE in 2011, despite all
... apk
-
Re:Wow, what a stupid post
When was the last time you heard of a company getting fined
Yesterday. I JUST picked up a new client who needed to get her brokerage firm under compliance. FAST.
This one has me under an NDA, but If you want references...February.
$43 MILLION Fine.or giving data to a competitor as a result of a data leak from a lost piece of computer equipment?
Last month, I got a call from a company with the following story.
A laptop with remote access to a client database got "Misplaced" in a taxi.
The laptop had the company logo, phone number, etc embossed on the bottom. The cab driver apparently sold it to their largest competitor, as this unit was used to copy the entire client database. Within 48 hours, their 15 most profitable clients had been contacted by the competitor.I run into this type of thing on a weekly basis. Literally.
-
Linux is doing "so well" lately (lol, NOT)
Security-wise (NOT): Proof of that statement's from 2011, this yr., w/ THIS LIST of current info. next in that regard (& note - WaterFox's team doesn't EVEN BOTHER w/ Linux, the "3rd class citizen of OS", lol):
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
APK
P.S.=> Linux Security Blunders DOMINATE in 2011, despite all
... apk (yes, a Linux since it uses a Linux kernel)
-
Electronics's "fine security in 2011" (lol, NOT!)
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Electronics showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that WERE MADE OF ELECTRONIC COMPONENTS (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, an electronic device since it uses electronics) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM ELECTRONIC DEVICES, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
APK
P.S.=> Electronics Security Blunders DOMINATE in 2011, despite all
:-) this little game is becoming funnier by the day... (not) apk
-
Linux's "fine security in 2011" (lol, NOT!)
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
APK
P.S.=> Linux Security Blunders DOMINATE in 2011, despite all
-
Thought PC = Awesome, Mac Haters... apk
Funny part is, it's NOT SHOWING THAT, especially on CA's this year! To wit/e.g.:
---
PC's showing in CA's that utilize it that have been breached recently:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
All of what was breached WERE PC
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
* Per my subject-line above, & all the YEARS here of hearing "PC = Good & Mac = Evil" b.s. just seems to be falling apart @ the seams for the outright "FUD" it truly was, eh?
(NOW - IF anyone reading doesn't LIKE that? Keep this in mind: IT"S FACTS, documented facts, from reputable sources!)
Yes, I also have more & from VERY recent history on PC's security failings (but you can start with the above Mac Haters, & "Read 'em & WEEP"...)
APK
P.S.=> NOW, as I stated above? IF you don't like it, I have PLENTY MORE from recent history (very recent in fact & ongoing for years now, especially THIS year no less) on how "secure" PC is showing itself to TRULY be (not!)...
However, the REAL trouble is, PC is JUST STARTING THAT CYCLE!
By comparison, Mac has been fixing itself vs. that for years-to-decades now by comparison...
I'm definitely buying a Mac next week and throwing away my PC
... apk
-
News @ 11: Multiple security blunders 4 Linux
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
APK
P.S.=> Linux Security Blunders DOMINATE the "new NEWS/NewsFlash" bulletin here today (lol)... apk
-
Answer a simple question then... apk
Ahem: Did the 5 breached CA's run Linux? Yes or No will do, especially in regard to this statement from you:
"Linux has nothing to do whatsoever with the current topic" - by Anonymous Coward on Friday December 09, @09:10AM (#38314022)
This clearly shows otherwise:
---
Linux's showing in CA's breached recently too? Ok:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The majority (5/6) of what was breached RAN LINUX (StartCom, GlobalSign, DigiCert, & Comodo)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
* Fact is, each of those CA servers run Linux, and were breached - period.
(OR, are you going to TRY TO TELL US THEY RUN WINDOWS and WERE BREACHED?)
APK
P.S.=> Next, you can attempt to put your "spinmaster b.s." onto these further documented facts AND CURRENT INFORMATION ON LINUX SECURITY BREACHES, once again from reputable sources, only to FAIL again on your part. This all puts your bullshit to rest easily with CURRENT information:
---
KERNEL.ORG COMPROMISED:
http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised
---
Linux.com pwned in fresh round of cyber break-ins:
http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/
---
Mysql.com Hacked, Made To Serve Malware:
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware
---
Well, well: Once again, we have a set of servers that run Linux being breached (very, Very, VERY BAD security breaches too, regarding Linux's own sourcecode repository too, no less!)
Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?
You get the picture...
* TOP THAT ALL OFF W/ DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS, PER THIS ARTICLE (very recent):
http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers
ALL OF THAT IS VERY RECENT INFORMATION FROM THE PAST FEW MONTHS NOW, no less...
... apk/b
-
Thought Linux = Secure, Penguins... apk
Funny part is, it's NOT SHOWING THAT, especially on CA's this year! To wit/e.g.:
---
Linux's showing in CA's that utilize it that have been breached recently:
http://uptime.netcraft.com/up/graph?site=StartCom.com
http://uptime.netcraft.com/up/graph?site=GlobalSign.com
http://uptime.netcraft.com/up/graph?site=Comodo.com
http://uptime.netcraft.com/up/graph?site=DigiCert.com
http://uptime.netcraft.com/up/graph?site=www.gemnet.nl
The majority (5/6) of what was breached RAN LINUX (StartCom, GlobalSign, DigiCert, Gemnet, & Comodo)... per these articles verifying that:
http://itproafrica.com/technology/security/cas-hacked/
&
http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811
---
* Per my subject-line above, & all the YEARS here of hearing "Linux = Good/Secure & Windows = Bad/Insecure" b.s. just seems to be falling apart @ the seams for the outright "FUD" it truly was, eh?
(NOW - IF anyone reading doesn't LIKE that? Keep this in mind: IT"S FACTS, documented facts, from reputable sources!)
Yes, I also have more & from VERY recent history on Linux's security failings (but you can start with the above Penguins, & "Read 'em & WEEP"...)
APK
P.S.=> NOW, as I stated above? IF you don't like it, I have PLENTY MORE from recent history (very recent in fact & ongoing for years now, especially THIS year no less) on how "secure" Linux is showing itself to TRULY be (not!)...
(Especially now that it's being used more, especially on ANDROID bearing smartphones, where it's turning up as bad as, or worse than, Windows is on PC's (due to widespread usage? Any OS can be "shredded" on security & have its weakness' exposed)
However, the REAL trouble is, Linux is JUST STARTING THAT CYCLE!
By comparison, Windows has been fixing itself vs. that for years-to-decades now by comparison due to widespread marketshare/mindshare (nearly 95% in fact)...
... apk
-
Re:Adobe used to mean something....
Nation-State Attackers Are Adobe's Biggest Worry: [A]dobe has contacts in the big defense contractors, government agencies and other organizations that are most often the targets of state-sponsored attacks. So when a new attack begins, the company typically hears about it within hours as customers begin to call and report a new threat involving an Adobe product. Now, says Brad Arkin, the senior director of product security and privacy at Adobe, it's at a point where the company's main adversaries are state-sponsored actors. Arkin said that when a new attack involving a zero-day bug in one of Adobe's products starts, it typically will begin with attacks against a select group of high-profile organizations. That usually means defense contractors, government agencies or large financial services companies. [HSEC-1.2; Date: 20 September 2011; Source: http://threatpost.com/en_us/blogs/nation-state-attackers-are-adobes-biggest-worry-092011%5D
-
Re:Confusing
No need to worry. Reports around the web are contradictory to this article, all say it's extremely unlikely that an attacker could gain access to your machine using this vulnerability. You're more likely to get blue-screened.
http://blogs.technet.com/b/srd/archive/2011/07/12/ms11-053-vulnerability-in-the-bluetooth-stack-could-allow-remote-code-execution.aspx
https://threatpost.com/en_us/blogs/microsoft-fixes-critical-windows-bluetooth-bug-july-patch-tuesday-071211
What's more, you'd have to be sharing your bluetooth id AND the attacker would have to be within range of your signal. -
Re:opibaipastbi
[snip] People make typos. You do too. I'll bet you a 100 dollars, euro's or whatever currency you use on that. And with spelling correction these days valid words in a wrong context are even easier to miss...
[snip][SPOILER]Not everyone on the internet is a native English speaker. The 'INTER-' part might be a subtle hint for that.[/SPOILER]
According to the website on which TFA was posted:
Paul Roberts
Editor, Threatpost
Security Evangelist, Kaspersky Lab
Paul Roberts is an industry-known editor with close to a decade of experience as a technology reporter and analyst. Before joining Threatpost, Paul was a Senior Analyst covering enterprise security for The 451 Group. As a reporter and editor, he has written for leading technology publications including InfoWorld, eWeek, The IDG News Service, and TechTarget where he has focused on breaking security and enterprise-focused technology news and analysis. He has written for The Boston Globe, Salon.com and Fortune Small Business.
Mr. Roberts (taking the website at its word) is an editor of an English language website and a journalist with almost a decade of experience writing for English language publications. If he is unable to successfully proofread (or have it done for him) his work or, worse yet, doesn't know the difference between 'affect' and 'effect' then, (as I said) IMNSHO, I don't feel that his prose should be assigned much value.
Does that mean he's stupid? Maybe not. I admit that statement was rather hyperbolic. However, if you'd bothered to check (no need now, I did it for you -- you're welcome!) Mr. Roberts' Bona Fides, you'd know that your suggestion that there was an ESL component was spurious. What is more, since he's a "journalist" he should be able to use the primary language in which he is communicating correctly.
Yes. I make typos. But I'm not (not that you would know it, so I'm telling you) paid to write articles for public consumption. I can say that if I were, I'd make damn sure that what I wrote was grammatically correct, concise and cohesive.
I hope I've clarified my comments. You are, of course, free to disagree. Perhaps I am an inconsiderate prick for pointing out that I don't think much of the author of TFA. Then again, what's it to you? Is Mr. Roberts a personal friend? A family member? Please tell me why I should pay one whit of attention to someone who purports to be an expert in using the English language but is either too lazy or unskilled to do the job properly?
-
Re:Honest question about security of unix systems
The guy who won said it was because Apple does not secure as well as MS. http://threatpost.com/en_us/blogs/transcript-charlie-miller-mac-os-x-pwn2own-and-writing-exploits-031810
-
Re:Honest question about security of unix systems
As a final note, Mac OS X is routinely the first system to be defeated at pwn2own; some say this is because it is less secure, others say it is because the participants want Mac OS X systems more than Windows systems.
OSX is the first system to be defeated at pwn2own because its less secure, not because the OSX system is a more wanted prize. Charles Miller (the man who takes down OSX at pwn2own) has answered this before in a interview.
Many pundits have made a lot of the fact that the Mac was the first to be exploited in the Pwn2Own contest. Was the choice of the Mac as the first target because the hardware/operating system combo was more desirable as a prize than the commodity Windows laptops of the other competitors? Or was it just because Macintosh exploits occur with much less frequency than Windows exploits and would therefore be more newsworthy?
So until this year, applications on Apple were way easier to exploit than Windows. This is because Apple had weak ASLR and no DEP while Windows had full ASLR and DEP. This year, Snow Leopard has DEP, so its no longer trivial to exploit. In fact, I have lots of bugs in Safari that I easily could have exploited on Leopard but will be very difficult on Snow Leopard. So it used to be that that it was much worse, but now its mostly comparable (although still slightly behind)
-
Re:Home users don't want to do even that much work
Link1
Link2
Link3
Do you even read tech/science news?
Put a billion dollars on a Macbook and people will fuck it up beyond recognition. At the moment, the popular virus toolkits and script kiddies all focus on MS, but that is slowly changing.
**I spent 10 seconds googling 'mac vulnerabilities'. I probably could have found some better links, but I don't want to waste any more time on someone so misinformed. -
They don't NEED to conspire...
It's not unstoppable. I'd mod you up for informative, but you mention that it is so good that it is unstoppable. It is not unstoppable or undelete-able on all browsers. In fact, it can be removed from Chrome. It is therefore, not a limitation of the browser. They don't NEED conspire. Regular cookies rarely get deleted by most users.
If you are wiping out your cookies and using ad blocking and script blocking software, they already know you are the least likely user to click an ad if you saw one. The only good reason for them to track you is to figure out how to sell you something. If you won't click an ad, you're not likely to buy anything they have to sell, and pretty much ignore you as a consequence of doing business on the Internet.
If they were conspiring, they'd refuse to allow you to use their sites if you block content, including cookies. They could very simply say, "If no cookie, set cookie. If you still don't have cookie, no content."
-
Re:dumb summary again
B. No it doesn't "look like they are planning to store that location data with the phone's MobileMe account". Where did you get that idea from - not from what you quoted. Note how it says "storing the network information", not "storing over a network connection".
In part, from: http://threatpost.com/en_us/blogs/secret-iphone-feature-tracks-owners-whereabouts-042011
"While that information isn't shared with Apple, it is retained even when iPhone users update their hardware, suggesting that Apple had plans to use the data at a later time."
Pure conjecture - "we can't think of anything they can use this data for now, so obviously they don't use it for anything now, so they obviously plan on using it for later". The fact that all data on an iPhone that Apple thinks is useful for the operation of the device is backed up, and that this means it carries over to other devices synced to the same machine was obviously alien to them - because hey, telling your new device all the things your old device knew about is half of the fun of buying new stuff, right?
Anyway. what does this have to do with MobileMe?
As for your question what the data can be used for: guesstimation of position without having to access a database over the net (wich BTW would prevent evil Apple from knowing where you are right now), for use as the starting point for Assisted GPS. I wouldn't be surprised you cold use it for this even when you couldn't get any internet access if just one of the closed WiFi access points around was in the cache.
But ask yourself the question: if the data can only be used later, why does Android store basically the same data (only limited to a smaller number of data points).
-
Re:dumb summary again
B. No it doesn't "look like they are planning to store that location data with the phone's MobileMe account". Where did you get that idea from - not from what you quoted. Note how it says "storing the network information", not "storing over a network connection".
In part, from: http://threatpost.com/en_us/blogs/secret-iphone-feature-tracks-owners-whereabouts-042011
"While that information isn't shared with Apple, it is retained even when iPhone users update their hardware, suggesting that Apple had plans to use the data at a later time."
They are keeping that data. Why? Just to fill memory and they needed some data and location data just happened to be handy?
Cloud storage just seems the next logical step for the addition of such things as better parental controls and, of course, data mining. With that data, If a user searched for a place, the results could be ordered by search term relevance and not only by how close they are to the user's current position but also to how close they are to the places the user most frequents.
Mind you, I use Google Latitude so I'm in no position to bust on Apple for doing this. That convenience has a cost though and you'd have to be an idiot to not see what the plan is for this type of data.
-
Re:dumb summary again
Ah. Updated after a sync and the data retained elsewhere.
From: http://threatpost.com/en_us/blogs/secret-iphone-feature-tracks-owners-whereabouts-042011
While that information isn't shared with Apple, it is retained even when iPhone users update their hardware, suggesting that Apple had plans to use the data at a later time.
The notification & unencrypted part needs to be worked on but I'd actually use this I think. Find a great restaurant by accident. Swear you'll note the address, then don't. Now, you can remember when but not exactly where? Or simply wonder if you left your phone at work? Parental controls? Want to know where your kids are? ( Verizon already does this with some of their phones. )
-
Re:WTF?
It turns out to be all bogus
April fools came early this year, I suppose, and fooled Slashdot and others.
-
Re:Simple
In essence yes, but in practical terms it isn't since they have a more fragmented browser market, so for the common use for browser exploits today they have an smaller attack area an are of less interest for hackers outside security researchers. After all, despite all those Macs that Apple sells, you can't be sure that all of them will be running OS X and Safari. On the other hand, there are still more millions of machines running Windows Xp that are an even easier and larger target.
That said, Apple is being lucky of have gained a little bit of security thorough obscurity up to this time. But now that the guys at Vupen had developed the tool chain neccesary to develop exploits against OS X Apple will need to step up significantly their security efforts.
At Zdnet I found a link to this essay by Dennis Fisher that is very interesting and I agree completely with him:
https://threatpost.com/en_us/blogs/why-pwn2own-whats-right-security-030911 -
Re:Am I reading this correctly?
You mean, once the contest enters the phase where you can run a program remotely, people attack the Mac first, because they want to win the Mac, and Windows and Linux are successfully attacked minutes later.
No, he means exactly what he said. OSX is less secure then Windows. Charlie Miller (the guy who takes down the Macs first) has mentioned this in an interview here. While Apple has improved their security, they are still behind Windows.
Many pundits have made a lot of the fact that the Mac was the first to be exploited in the Pwn2Own contest. Was the choice of the Mac as the first target because the hardware/operating system combo was more desirable as a prize than the commodity Windows laptops of the other competitors? Or was it just because Macintosh exploits occur with much less frequency than Windows exploits and would therefore be more newsworthy?
So until this year, applications on Apple were way easier to exploit than Windows. This is because Apple had weak ASLR and no DEP while Windows had full ASLR and DEP. This year, Snow Leopard has DEP, so its no longer trivial to exploit. In fact, I have lots of bugs in Safari that I easily could have exploited on Leopard but will be very difficult on Snow Leopard. So it used to be that that it was much worse, but now its mostly comparable (although still slightly behind)
-
Re:Java?!?!?
Here is some background information:
http://threatpost.com/en_us/blogs/serious-new-java-flaw-affects-all-browsers-040910
Basically no user interaction is needed, besides loading a page with a malicious applet.
-
Umm, how about non-https article copy4u
-
This whole thing is completely absurd to me.
According to another article on Threat Post, it sounds like Sony is essentially saying that this is a problem because it allows for people to run pirated games to be run on a jailbroken PS3. I may not be a legal expert or have read the Digital Millenium Copyright Act cover to cover, but what's illegal about that? Jailbreaking and Pirating are two completely different things. Trying to nail someone for Jailbreaking on the grounds that it leads to Pirating sounds like more of a PR ploy than a legal action to me.
I understand why they don't like it. I just think its absurd that they're taking any action other than trying to make the system more secure.
And for the record, if you ask me, once you buy something, you should be able to do whatever you want with it so long as you're not directly infringing on copyrights (I know as I write this that that's a pretty muddy statement). But there's a clear difference between buying a car and using it to model, reproduce and sell the patented parts vs everything from giving the car a new paint job to installing a nitrus system and sliding into a smooth Tokyo drift. -
Some charts supporting this
(alphabetically)
SANS Internet Storm Center (I can't get the graph working, ymmv)
SenderBase
SpamCop (a feed to SenderBase)
Symantec
ThreatPost (TFA)
Websense Monthly reports (December not yet available, Websense is TFA's source)An observation: spammers celebrate holidays too; it's hard to recover from a series of shutdowns while dealing with family affairs. I hope their holidays were joyful and full of lasting distractions...
-
Violation of Payment Card Industry regulations?
Related story: Sightseeing Firm Overlooks Security, 110k Credit Card Numbers Stolen (emphasis added)
The database contained a variety of customer financial data, including the customer's name, address, e-mail address, credit card number, as well as the expiration date and card verification value (CVV2) data. If true, that would mean that Twin America was in violation of Payment Card Industry (PCI) regulations on data retention, which prohibit retailers from permanently storing the CVV2 data along with other card data, because it makes it far easier to generate fraudulent transactions when combined with the card data.
Twin America said it has filed a complaint with the FBI's Internet Crime Complaint Center and hired Kroll, Inc. to investigate the incident. It has also notified individuals affected by the breach and patch discovered vulnerabilities on its Web server, deployed an application layer firewall, limited access to its Web based administrative panel and changed and hardened administrative passwords throughout its organization.
-
Foxit was impacted by /Launch exploit
Foxit has it's own share of vulnerabilities, and was impacted worse than Adobe Reader by the launch exploit.
The problem isn't just the readers (all of which have various vulnerabilities), but the PDF spec itself which allows for shit like javascript embedding and external program execution.
The PDF spec needs to be revised to split off potentially malicious functionality into a seperate format that has a different name so basic reader functions can be kept (ie, layout, fonts, attachments, outlining) while the advanced files can be sandboxed or ignored by various readers.
-
Where do I click ..
Where do I click to get 'infected`, besides there is no authplay.dll on my computer.
"A critical vulnerability has been identified in Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris; Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component that ships with Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX" link
Shockwave Flash 10.1 on Ubuntu 10.10 -
Re:Put this on the list
That's not a knife.
This is a knife! -
Re:To quote Fark
I do prefer foxit, but it isn't exactly perfect either. In that particular case, Reader was actually safer.
-
And they never link to the original source...why?
Seriously, guys, why does nobody ever link to the original source? ThreatPost got it from M86 Security got it from TLLOD. Would it kill the submitters to link to the original, or the editors to fix it?
-
Re:Complimentary 7 point Slashdot troll guide...
-
Re:What operating system was used?
-
Re:Once again, kids
They claim that all the code is audited but the unrealIRCD trojan (only in the Loonix version but not the Windows LOL), debian OpenSSL fiasco and that huge Apache flaw that allowed administrator access, just to name a few, show that this is pure fantasy.
-
Rather unlikely scenario requiredFrom the actual article (linked from the FA):
In order for the exploit to work and jailbreak one of the devices, it first has to get control of the mobile browser on the device. The next step would be to somehow circumvent DEP (Data Execution Prevention), the memory protection on the browser. The exploit then needs to find a way to break out of the iPhone's sandbox environment and get root privileges on the phone. And finally, it would need to turn off the code-signing functionality that Apple uses to enforce its rules on official apps.
Quite a lot of things need to line up for this to occur. Not that it shouldn't be fixed but to make to big a deal out of this seems to be an overkill or "chicken-little-syndrome".
-
Realtek certificateThe most interesting aspect of this rootkit was the use of the Realtek private key to sign the drivers. According to Kapersky:
Microsoft malware researchers said on Friday that they had been working with VeriSign to revoke the Realtek certificate, a process that Realtek officials signed off on. The certificate in question actually expired in June. Microsoft oficials also said that they expect other attackers to begin using the techniques utilized by Stuxnet.
In hindsight the vendor certificate is a weakness in the entire process simply because access to the signing key bypasses the controls in place. Hardware vendors aren't likely to be as concious, at least until this incident, of the need to maintain proper security around their singing keys, nor are there requirements enforcing such security. In comparison keys used for financial transactions are generally held in HSMs with strong access controls around them to prevent the revealing of the private key. This particular rootkit was specifically confined to SCADA so the impact was always going to be small, but the malware could've easily been targetted to attack general windows installs
Luckily this specific certificate was going to expire soon so there was probably less resistance from the vendor in revoking it than there might've been, but if such revokation was going to invalidate significant numbers of drivers then that would've posed the problem of either leaving the certificate valid to be used for other types of malware or revoking it and invalidating however many drivers had already been signed by that key. Unfortunately it's not very likely that hardware manufacturers will ever submit to using HSM-type devices or the processes necessary to ensure key secrecy, so it looks like this will just have to be yet another potential attack vector that's caused by vendor negligence. -
Re:Elite
And also, it's contradictory to what google did earlier this year. They released a zero day for windows and gave microsoft hardly a week to patch it. And as a bonus, they made the disclosure public on a Sunday.
I am all for more industry standard accountability, but this looks very one sided and google choosing to pick the instances where it gets a good publicity.
-
Re:he got a response
Sorry, but did you read the article? He got an immediate response.
This guy is clearly trying to meet the 5 day minimum only. Who reports a bug on a Saturday, then goes public first thing the morning of the 5th day?
Does Google Have a Double Standard on Full Disclosure?
You know alot of business's use the 5 day rule.
You have 5 days to respond to this, etc.
Or like the electric companies, "7 day disconnect notice".
companies don't let you slide, why should be let companies slide?
-
he got a response
Sorry, but did you read the article? He got an immediate response.
This guy is clearly trying to meet the 5 day minimum only. Who reports a bug on a Saturday, then goes public first thing the morning of the 5th day?
-
Re:Both have problems
I always figured they hacked the prize they valued most and that's why Windows was on the bottom of the list.
Wrong. They always hacked the Mac because Apple is way easier to hack then Microsoft
From the links article:
This came in via e-mail: Many pundits have made a lot of the fact that the Mac was the first to be exploited in the Pwn2Own contest. Was the choice of the Mac as the first target because the hardware/operating system combo was more desirable as a prize than the commodity Windows laptops of the other competitors? Or was it just because Macintosh exploits occur with much less frequency than Windows exploits and would therefore be more newsworthy?
So until this year, applications on Apple were way easier to exploit than Windows. This is because Apple had weak ASLR and no DEP while Windows had full ASLR and DEP. This year, Snow Leopard has DEP, so its no longer trivial to exploit. In fact, I have lots of bugs in Safari that I easily could have exploited on Leopard but will be very difficult on Snow Leopard. So it used to be that that it was much worse, but now its mostly comparable (although still slightly behind)
And this is from Pwn2Own 2010.
Also from same source;
I use Safari on OSX with no special settings...... I like it. It's designed by Apple engineers to be easy to use and 'just work' and it does. The risk of malware is low... -
Re:Both have problems
I always figured they hacked the prize they valued most and that's why Windows was on the bottom of the list.
Wrong. They always hacked the Mac because Apple is way easier to hack then Microsoft
From the links article:
This came in via e-mail: Many pundits have made a lot of the fact that the Mac was the first to be exploited in the Pwn2Own contest. Was the choice of the Mac as the first target because the hardware/operating system combo was more desirable as a prize than the commodity Windows laptops of the other competitors? Or was it just because Macintosh exploits occur with much less frequency than Windows exploits and would therefore be more newsworthy?
So until this year, applications on Apple were way easier to exploit than Windows. This is because Apple had weak ASLR and no DEP while Windows had full ASLR and DEP. This year, Snow Leopard has DEP, so its no longer trivial to exploit. In fact, I have lots of bugs in Safari that I easily could have exploited on Leopard but will be very difficult on Snow Leopard. So it used to be that that it was much worse, but now its mostly comparable (although still slightly behind)
And this is from Pwn2Own 2010.
-
Re:MACS???!?!
-
Re:axfuzz
I was just referring to this technical document: http://www.cert.org/archive/pdf/dranzer.pdf [pdf]
referenced from: http://threatpost.com/archive/blogs/dranzer-fuzzing-activex-vulnerabilities which is linked to from TFA.