Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH Gets Even More Suspicious

Posted by timothy on from the mother-may-i dept.

If you remotely administer any computers, or need to check your email over an untrusted network, odds are you're already familiar with the wonders of OpenSSH. Markus Friedl yesterday posted a release announcement for the newest version, OpenSSH 3.3. Privilege separation in OpenSSH is now enabled by default, another sign of the entire OpenBSD project's appropriate paranoia.

10 of 293 comments (clear)

  1. OpenSSH? by Anonymous Coward · · Score: -1, Troll

    Open misshapen asshole

  2. Ah, BSD! by Anonymous Coward · · Score: -1, Troll

    Making heap overflows as easy as possible in the default install!

    Great work there.

  3. No thanks by Anonymous Coward · · Score: -1, Troll
    I'll stick with trusty old telnet. OpenSSH just hasn't been around long enough to be trusted as the sole point of entry to any of my machines. Sure, it's been through a code audit, but let's talk about number of cpu years running. Telnet wins hands down. Just use a difficult password, and change it frequently. OpenSSH, with its occassion stack overruns and buffer overflows, is just a compromise waiting to happen.

    -Charles

  4. Hard Times for *BSD by Anonymous Coward · · Score: -1, Troll

    Sure, we all know that *BSD is a failure, but why? Why did *BSD fail? Once you get past the fact that *BSD is fragmented between a myriad of incompatible kernels, there is the historical record of failure and of failed operating systems. *BSD experienced moderate success about 15 years ago in academic circles. Since then it has been in steady decline. We all knw *BSD keeps losing market share but why? Is it the problematic personalities of many of the key players? Or is it larger than their troubled personalities?

    The record is clear on one thing: no operating system has ever come back from the grave. Efforts to resuscitate *BSD are one step away from spiritualists wishing to communicate with the dead. As the situation grows more desperate for the adherents of this doomed OS, the sorrow takes hold. An unremitting glom hangs like a death shroud over a once hopeful *BSD community. The hope is gone; a mournful nostalgia has settled in. Now is the end time for *BSD.

  5. Re:C: A Dead Language? by Anonymous Coward · · Score: -1, Troll

    Top 10 Reasons to Upgrade to Visual Basic .NET

    Microsoft Visual Basic® .NET, included in Microsoft Visual Studio .NET Professional, Enterprise Developer and Enterprise Architect editions, is the latest version of Visual Basic built specifically for existing Visual Basic developers who want to get the most out of the software development experience.

    In addition to more power, productivity, and application stability, Visual Basic .NET provides key enhancements that solve the most pressing challenges that Visual Basic developers face today. From the new integrated development environment (IDE) to a modern, streamlined Visual Basic language, Visual Basic .NET delivers the top requested features built for today's Visual Basic developer:
    Number 1

    Seamless Deployment
    Visual Basic .NET solves the most pressing issues around Windows-based application deployment and makes "DLL Hell" and component versioning issues a thing of the past. New XCOPY deployment enables developers to install a Windows-based application simply by copying files to a directory. With Visual Basic .NET and new auto-download deployment, Windows-based applications can be installed and executed simply by pointing a Web browser to a URL.

    Number 2

    More Robust Code
    Visual Basic .NET delivers the feature most requested by existing Visual Basic developers--fewer bugs in the code they write. Features in the new Visual Studio .NET IDE, such as the real-time background compiler and the task list, keep Visual Basic developers up-to-date on any coding errors as they occur, enabling quick and effective error resolution. Enhancements to the Visual Basic language, such as strict type checking and structured exception handling, enable developers to write code that is more robust, maintainable, and less prone to run-time errors.

    Number 3

    Powerful Windows-based Applications
    Visual Basic .NET is the most productive tool for constructing powerful Microsoft Windows®-based applications. The new Windows Forms Designer enables developers to get their desktop applications to market in less time. New features include control anchoring and docking to eliminate the need for complex resize code, the in-place menu editor to deliver WYSIWYG menu creation, and the tab order editor to provide rapid application development (RAD) organization of controls.

    Number 4

    Powerful, Flexible Data Access
    Visual Basic .NET provides developers with both the ActiveX Data Objects (ADO) data access programming model that they know and love, plus the new XML-based Microsoft ADO.NET. With ADO.NET, developers gain access to more powerful components, such as the DataSet control and a new, strongly typed programming model that provides Microsoft IntelliSense® statement completion within data access code.

    Number 5

    Simplified Component Creation
    Visual Basic .NET brings RAD to component development. Developers can use non-visual toolbox and server explorer components to easily incorporate resources such as message queues, event logs, and performance counters into their applications without writing a single line of code.

    Number 6

    Enhanced Control Creation
    Visual Basic .NET provides unprecedented flexibility in building customized user controls. Developers can easily extend preexisting user controls and Windows Forms controls as well as design their own controls that generate custom user interfaces.

    Number 7

    Complete, Direct Access to the Platform
    Visual Basic .NET provides complete, direct access to the Microsoft .NET Framework, enabling Visual Basic developers to quickly access the registry, event log, performance counters, and file system. Visual Basic .NET also eliminates the need for declares statements for access to the operating system. In addition, the new Windows service project template enables rapid application development of real Microsoft Windows NT® Services.

    Number 8

    Integrated Reporting with Crystal Reports
    Upgrading to Visual Studio .NET Professional Edition (or later) provides Visual Basic developers with the power of Crystal Reports directly within the IDE. Crystal Reports delivers the most productive, integrated, and RAD experience for creating highly graphical and interactive relational data reports. These reports can be generated for the entire array of Visual Basic .NET application types, including Windows, Web and mobile applications.

    Number 9

    Easy Web-based Application Development
    Visual Basic .NET delivers "Visual Basic for the Web." Using new Web Forms, you can easily build true thin-client Web-based applications that intelligently render on any browser and on any platform. Web Forms deliver the RAD programming experience of Microsoft Visual Basic® 6.0 forms with the full power of Visual Basic .NET rather than limited scripting capacity. The new HTML designer delivers IntelliSense statement completion for HTML tags and the separation of user interface (UI) and code enable more efficient team-based development.

    Number 10

    Existing Investments Carry Forward
    Visual Basic .NET enables developers to leverage their existing investments in code and skills. Windows Forms provides a robust container for Microsoft ActiveX® controls. Component Object Model (COM) Interoperability provides bi-directional communication between existing Visual Basic applications and those written with Visual Basic .NET. The upgrade wizard enables developers to seamlessly migrate up to 95 percent of existing code to Visual Basic .NET.

    Put these top 10 features to work in the applications you are building today with Visual Studio .NET and Visual Basic .NET.

  6. Re:Capitalism is dying by Anonymous Coward · · Score: -1, Troll
    Now US imperialism is also dead,
    its venality and corruption exposed by its own creation, radical
    Islam.


    You had it going pretty good for a while there. But the "turned over to yet another charnel house" bit really is the crux of the original BSD troll, taking it out just robs it of all of its life.

  7. DON'T LISTEN! TROJAN ADVICE! by Anonymous Coward · · Score: 0, Troll

    Blowfish is inherently insecure, ANY FILE LARGER THAN 1024KB YOU TRANSFER CAN BE DECRYPTED BY ANY 13 YEAR OLD WITH A POCKET CALCULATOR!

    Everyone should know better than to accept advice from random slashdot comments!

  8. Re:C: A Dead Language? by Anonymous Coward · · Score: -1, Troll

    GENtl3M3n, +HE tim3 H@S CoMe FoR a 5er1OUS di5cu$$I0n oN wHeTH3R 0R NOT To cOnT1NU3 Using C Ph0r s3R1Ou5 PrO9r4Mm1n9 pr0jec+$. @5 1 Will eXPlAiN, i f33l +hA+ c nEEDS +o 83 R3T1r3D, muCH +EH $4M3 wAY tH4+ PH0RTrAn, cO80l 4nD PERl H4v3 8E3n. Fur+H3RM0R3, aLLOW M3 +o BE $0 boLd 4$ t0 sU9G35+ @ $upER1oR REPl@C3meN+ t0 tH15 0u+d4T3D L@ngU49e.

    +o 9iv3 J00 4 liT+lE b4ckGrOUnd 0n +h15 5UBJEC+, I w@S r3cEN+lY @sKed to D3v3LOP @ CLIent/5erv3r PROjECt 0N 4 uNIX Pl4tpH0Rm PH0R @ ph0rtUn3 500 COMP4NY. wH1le I'Ve nEveR cOdEd iN c bepHor3 1 h@vE c0DeD iN vb FOr phIPH+3en y34r$, 4Nd in J@V4 ph0r oV3r Ten, I w45 5TunNED +0 $3E h0w P0ORly C f4REd cOMP@r3D TO the5e +wo, M0R3 LoW-L3v3l l@ngU4G35.

    c'5 B1gg35t diPhF1cUl+y, 4$ We @ll kn0w, I$ +hE f4c+ +H4+ 1t 1$ bY F4R ON3 oPh +he 5lOw3ST L4N9U4gE$ 1N 3x1s+4nc3, 35pec1ALly wh3N CoMP4r3d To moRE moDERn l4N9U49E5 5UcH 45 J4V@ @Nd C#. AlTH0UGh Th3 R3@5oN$ pH0R tH1$ @RE V4R13D, THE m4IN r3@SONS $3em$ +0 83 +3h W@y c R3KW1R35 a PR09R4mM3R +0 l4Bor1OU5LY work W1+h cHuNk5 0f MemoRY.

    R3kw1rin9 4 prOGR4mMEr T0 m@niPulAte bl0cK$ Oph m3mOrY 1$ A +EdI0u5 waY +O pRogr@M. thi$ W@5 s@ti5F4ct0Ry BACK 1n +eH 34RlY D4y$ Of COD1ng, Bu+ Th3n 49aIn, 5O W3r3 PUNcHcArd5. BY U5In9 wH4+ @re C@lLeD "P01nt3r$" @ C pRO9r4Mmer i$ b4$1c@LLy R3KWIrIN9 TH3 c0MPU+3R To D0 +Hr33 53T$ of W0rK R4+Her TH4N 0ne. TEH F1r$+ t1ME ReKW1R3S +h3 c0mpU+3r t0 dUplIC4t3 WH@t3VEr I5 s+0r3d in T3h mEMORY $paC3 "pOiNt3D TO" 8Y tHE p0intEr. +He 53C0nD +1ME REKwiRE$ 1t +o P3RF0rm th3 n33dED Op3RaTiOn on +H1$ 5P4c3. phIN4LlY th3 comPut3r mU5t DeL3+E +h3 duPlIC@t3 5ET @nD $e+ t3h v4LUE5 0f T3h 0R191N@L 4cc0RDIN9lY.

    CL34rlY +H1$ 15 4 H0rreNdoU5 u$E 0f r3$0UrcE5 4Nd +H3 cHieF r34S0N wHY c I5 $0 5l0W. wH3N On3 L00k5 @t @ MOrE MOdeRn (And @ m0r3 53RIOU5) PR0Gr@MMing l@n9U@G3 l1KE J4v4, c# OR - eVEn B3t+3R - vISu4l 8a51C tH4+ L4CK$ 5Uch ARCh41c codin9 5+YLeS, One w1LL 4L50 n0T3 4 53r10u5 5pEED InCREA$e ov3r c.

    5O wH@T D03$ tH1$ mE4N FoR tHE Pro9Ramm1nG cOMmunity? I th1nk ClE4RlY THa+ c NE3d5 +o 83 @8@ND0nD3d. +heR3 4r3 +W0 C@nd1d4+e5 +HA+ W0UlD 83 a $u1+@bl3 r3PL@ceMENT For I+. THO5e @rE J@v4 4ND v1Su@l B@$1C.

    h4V1n9 Pr09r@MMed IN 80+H F0r m@ny y34r5, 1 83l13VE THaT V8 h45 TH3 3DG3. no+ only 15 it 5L19htLy F45+3R th4N J4v4 1+$ @l$o mUCH e@5I3r +o C0DE in. i PH0uNd c to B3 COnfu51Ng, PHrI9H+3n1nG aNd IN+iMIDA+1NG wi+h 1+5 Non-Gu1-8@$eD cOdiNG $+yLe. Fur+heRmOrE, 1 l1KE T0 53E +3h $0URC3 c0d3 OPH +eh PRoJ3Ct5 1 W0rK W1+h. J4vA's 50UrcE $e3m5 +O B3 unDER +EH M0N0P0Li5T1c thuM8 Of 5UN MUcH THE w@Y Th@T gCc is 085cUrEd frOm u5 8y +hE M4RK3+1Ng PE0pl3 4+ +hE f$F. miCRo50F+'5 "$H4red S0URCE" UndeR whicH v15u4l Ba$1c I5 REL34$eD dEPH1Na+3LY s33m$ +O 8e t3h m0$+ Ph41r @ND REAson4bl3 0ph @LL t3H lIc3N5e$ 1N 3Xi$+ANC3, W1+h N0ne 0Ph +Eh h4r5h R35+RIcT10n5 oF THE bSd l1C3n5E. 1+ 4l50 L4ck5 THe 9PL5 rekWiremENT +Hat 4NYtH1NG Cod3D w1+H I+$ +o0L$ 8eCOME5 pROPEr+y Of +EH pH5Ph.

    1 HOp3 +0 s3E 4 5WitCH +0 vb VeRY $oon. i'V3 ALre4dy 5p0Ken W1+H V@rIou5 LUmIN4ri3$ 1N THE *n1x Cod1N9 WOrlD and m05+ @re 34G3R t0 BeG1n +o +R4N$iTiON. H@V1n9 JU5+ 9O+TeN 0FPH t3H phON3 W1th mR. @L4n c0x, I c@n 5aY Th4t hE I5 Kw1+E +hRiLLED wI+h +eH 5p3eD 1NCr3a$35 tH@+ w1Ll OCcUR wh3n TH3 L1NUx K3rnel i$ C0mplE+elY REWritt3n in V1$u4l B4sIc. r1CH4rd $T4Llm4N pL@n5 T0 SupPORT THI5, @nD H0pe5 th4+ TEH GrEat 5w3d3 H1M53lPH, l1nuX T0Rv@Ld15, woN'+ oBJ3cT t0 Ren4miNg L1nUX t0 V8/L1nux. 4l+H0UGh N0+ @ C C0D3R h1MseLPH, 1'm +0LD +h4T 5L45HD0+'$ V3ry 0WNzoR 4dM1R4L T4c0 w1LL $uPpORt tH15 0N H1$ w38 5i+3. pHIN4LLY, d3NN15 ri+cH13 I$ 3xc1t3D AbOut Th3 $wI+cH!

    +H@NK j00 F0r yOUR +iMe. H@PPy C0D1Ng.

    3gG Tr0ll

  9. What is that smell? by Anonymous Coward · · Score: -1, Troll
    Did something die?

    It smells like something is dead.

  10. Hard Times for *BSD by Anonymous Coward · · Score: -1, Troll
    Sowhy now? Why did *BSD fail? Once you get past the fact that *BSD is fragmented between a myriad of incompatible kernels, there is the historical record of failure and of failed operating systems. *BSD experienced moderate success about 15 years ago in academic circles. Since then it has been in steady decline. We all know *BSD keeps losing market share but why? Is it the problematic personalities of many of the key players? Or is it larger than their troubled personalities?

    The record is clear on one thing: no operating system has ever come back from the grave. Efforts to resuscitate *BSD are one step away from spiritualists wishing to communicate with the dead. As the situation grows more desperate for the adherents of this doomed OS, the srrow takes hold. An unremitting gloom hangs like a death shroud over a once hpeful *BSD community. The hope is gone; a mournful nostalgia has settled in. Now is the end time for *BSD.