Slashdot Mirror
New Botnet Dwarfs Storm
ancientribe writes "Storm is no longer the world's largest botnet: Researchers at Damballa have discovered Kraken, a botnet of 400,000 zombies — twice the size of Storm. But even more disturbing is that it has infected machines at 50 of the Fortune 500, and is undetectable in over 80 percent of machines running antivirus software. Kraken appears to be evading detection by a combination of clever obfuscation techniques that hinder its detection and analysis by researchers."
Forbid Windows OSs from running in the USA because it's a defacto tool for terrorism.
... the botnet detects you!
How many of those zombies are Linux platforms?
Seven Days with Ubuntu Unity
A few years ago, you saw you were infected by all the popups that apperared out of nowhere. But now, there is no way to tell for sure, is there? Every time my computer does something strange, I'm worried that I might be infected.
"It's too bad that stupidity isn't painful." - Anton LaVey
With an "80%" miss rate by AV tools, It would be very helpful to know what software anti-virus programs do detect Storm and Kraken? So that responsible users can check their PC's.
Just how Kraken is infecting machines is still unclear, but Royal says the malware seems to appear as an image file to the victim. When the victim tries to view the image, the malware is loaded onto his or her machine. "We know the picture... ends in an .exe, which is not shown" to the user, Royal says.
I hear a Macbook Air was cracked at a security circus....are we even now?
There are still Fortune 500 companies that allow unimpeded outbound SMTP traffic from their general userbase?
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
Maybe if people stopped relying on antivirus and malware detectors alone, and started educating their users and locking down their systems (instead of giving everyone root / local admin rights), we wouldn't have this problem...
Security isn't a technology problem, it's a people problem.
Wonder if Leviathan will be next one. Better phone the Ultramarines IT department.
"The firm has seen single Kraken bots sending out up to 500,000 pieces of spam in a day."
So that's why I have been getting so much spam lately.
The biggest one is the one that hasn't been found yet.
All the emails it's sending are to names like sarah_conner@, sconner@, sarahc@, etc.
Can we ban Windows PCs from connecting to the internet yet?
Does anyone else find it absolutely aggravating that these stories
1. Never tell you how you know if you're infected, and
2. Never tell you how to clean up your shit if you are.
However, they always give massively generalized statistics on how vulnerable you are!
Thanks, asshats.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
And right after Kraken, will come Leviathan!
The biggest botnet: Predictable Slashdot posters.
There just aren't enough words.
I assume a lot of those are Macs? Because I read on /. that Macs are as insecure as Windows machines and that Apple even takes longer to fix bugs ...
Yeah, go and mod me flamebait or troll ... but I really would like an answer from all those MS apologists.
how do we pronounce this? Is it Kraaken, Krocken or Krayken?
When your "security" is based entirely on reactive methods and file signatures (like standard AV products), obscurity is extremely effective.
.exe files (oh, and changing the settings to actually show the extension is helpful too), obscurity doesn't work so well.
When your security is based on not giving every user local admin rights, and educating them not to run random
I mean really, this thing would never have started if people could learn to not run Image.exe.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
This is old news. We knew about this back in 1830:
Below the thunders of the upper deep;
Far far beneath in the abysmal sea,
His ancient, dreamless, uninvaded sleep
The Kraken sleepeth: faintest sunlights flee
About his shadowy sides; above him swell
Huge sponges of millennial growth and height;
And far away into the sickly light,
From many a wondrous grot and secret cell
Unnumber'd and enormous polypi
Winnow with giant arms the slumbering green.
There hath he lain for ages, and will lie
Battening upon huge seaworms in his sleep,
Until the latter fire shall heat the deep;
Then once by man and angels to be seen,
In roaring he shall rise and on the surface die.
This is not security through obscurity.
This is hiding in obscurity.
The program is not secure, it is simply good at hiding itself.
Someone who doesn't notice a 10x or more increase in outbound traffic?
Or, more likely, someone who just does not check the logs.
""We know the picture... ends in an .exe, which is not shown" to the user, Royal says."
.exe it isn't a picture, you shouldn't keep calling it one.
If it ends in
I should apologize, I read a scroll of genocide but had no idea it was cursed - now the moat is full of krakens and evidently they seem to be spreading...
Also, have you seen how much spam they are sending out? "Its bots are prolific, too: The firm has seen single Kraken bots sending out up to 500,000 pieces of spam in a day." - if all 400000 bots did that that'd be 200 billion a day. That has to represent a pretty large (albeit distributed) cost to ISPs
*''I can't believe it's not a hyperlink.''
Comment removed based on user account deletion
Comment removed based on user account deletion
They can have firewalls, but if they don't monitor them they're not very effective.
The same with intrusion detection systems.
Being a network administrator requires some effort, every day. Not much effort. Particularly if you have some scripting skill. But it still requires some effort.
They shriek of a problem, they offer no solution.
What the hell good is that?
Chicken Little did better.
Toad-san
Last I heard, they were arguing the exact opposite - non-Windows systems are too hard for the government to break into.
And who knows, perhaps Kraken is sending your data to HLS on the side? If I made a government spy virus, I'd disguise it as a spambot too... the signal is lost in the noise.
This, needless to say, could also explain the surprisingly low discovery rate on standard AV tools.
[/tinfoil hat]
Honestly, I blame Microsoft. It was they who decided that a file having a name AND a type was too complicated for users. Yes even I find the extension vs mime type confusing at times, but at least I've never run an executable that I thought to be an image.
Live today, because you never know what tomorrow brings
Should be shot.
I've kept count, and it takes exactly seven clicks to get Windows to show file extensions, not counting the button that closes the settings window.
AntiVirus software has been relatively useless for the past few years. They charge extra just to detect basic "non virus malware" and they still dont detect the REAL threats!
AV vendors ought to be ashamed of themselves. Even more so, the customers should be ashamed of themselves for continuing to pay for a program that doesnt REALLY protect them.
We MUST move away from definition-based "protection" and move to behavioral-based protection. Unfortunately there's only one major player who's trying to do that. That is Microsoft, with Vista's User Account Control. Unfortunately, that is also the feature that people dislike about Vista, and way too many people turn it off.
It's funny how badly people hate the tools need to protect a PC.
I agree with you there. If the extensions were on by default still, its something we can educate against. "Don't run anything that ends in .exe and comes by email" is fairly easy to understand.
Without them, its a lot harder to tell just what you're clicking on. Turning it back on is the first thing I do whenever I install Windows.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
You're not right. There's nothing preventing any user from setting up executables directly in his home directory; hell, back in my shell account days, I must have had the equivalent of a pretty good-sized unix system in ~/bin, ~/usr and ~/var.
Your solution simply does not address the dancing bunnies problem.
I have not been infected while running XP now in some time. It all amounts to a bit of healthy paranoia.
As bad as this sounds, my policy on the net is 'trust no one'. If I get an email with an attachment from a friend or family member and I wasn't expecting it, I write back and ask them what it is. If I was expecting it, I give it a scan before I open it. If I'm talking with someone and they send me a link (doesn't matter the chat program and NONE of mine will auto open a link) I ask where it goes and what it is. If I don't get an answer or a straight answer, I just ignore it. Once a week I give my desktop and laptop machine a good once over with the virus scanner (I use Kaspersky), two spybot scanners (Spybot S&D and Ad-Aware by Lavasoft), then do a general PC health routine of defrag and scandisking. This usually takes place on Saturday morning when I'm too busy watching cartoo..errr..cleaning the house.
It's not that I think my friends and family are out to infect me, they have good intentions. However their machines intentions are only dictated by the person in control. People don't want to know about security on their machine. For most people it just gives them email and porn and as long as either keeps popping out when they push the button, they really don't care. My mom got infected once when out browsing the net (she likes looking for odd stuff, like blown glass bird feeders and stuff) and got hit when looking over one site. I cleaned off her PC and she asked me what she could do to stop it from happening again. I hated giving my mom the 'common sense speech' but I did, and then showed her what I do to keep myself clean. Her schedule isn't as anal as mine, but once a month she goes through, full scans and now she is more careful about where she goes. Yet to be reinfected, but we shall see.
"Quote me as saying I was mis-quoted." -Groucho Marx
I've always said, "Kray-Ken". I think that's because that's how my mother used to say it. She knew cool things, but I suspect the word is old enough and spread widely enough that there's probably not an actual 'right way'. I haven't honestly wondered since seventh grade when I was reading John Wyndham. "Wake the Kraken".
I was thinking about how words evolve just yesterday when I was unable to look up the pronunciation of something online or anywhere. Can't recall the word or name or whatever, but while thinking about it, I thought about Newfoundland in Canada's Atlantic provinces. Pronounced variously as "New-Found-Land", "Nooh-Fund-Land" and my personal preference because it seems the most honest and salt-of-the-earthy, "Noohfun-Lan", home of the affable "Noofie". Dear me, and all silly national pride nonsense aside, but I do love this country to bits! The whole place is teaming with hobbits and wizards.
Anyway, I think what I'm saying is that words move and we shouldn't try to stop them.
-FL
Beware the Botnet Dwarfs!
So did the idiots who were up for buying a new computer. Laptops are for faggots.
Users need no special permissions to run executables, and for most people, rm -rf $HOME would be as disastrous as rm -rf /. If we're talking about malware, it's trivial to get a user program to run on login without administrative privileges.
The only viable long-term solution is to put email clients, web browsers, and other sensitive programs each in their own separated, limited environments to contain any damage. The approach works for network servers; why not for clients?
They also offer services to help companies deal with exactly this sort of problem. Convenient, no?
This guy's the limit!
Ok so obviously the only way to tell if you or someone you know is apart of a botnot these days is to monitor the traffic at the firewall / router. For business this is easy, but does someone have a recommendation for home use? Something I could install at my parents place and view the logs of all network connections going to and from the router. I know I could setup a BSD box, but I would rather have something that uses as little power as possible... could a hacked Linksys router running something like Sveasoft firmware work?
The only alternative I can see is to plug in a box running Snort or Wireshark between the Router and the Cable Modem / DSL Box from time to time. Which leads to my next question, whats a good place to go to to get the signatures for this sort of traffic? Been ages since I've looked into anything like this.
FTA: "The primary C&C servers are hosted in France, Russia, and the U.S., according to Damballa."
The new Axis of Evil?
Amazing. I never thought of how intelligent it would be to only report on problems that have solutions. Why bother with things that we haven't solved yet?
Was I the only one that read that topic and thought that the news was that they replaced the zombies in the botnets by dwarves?
It would make sense too since Dwarves are smaller and stronger and also don't hunger for brains...
alias possession='chmod 666 satan && ls
Way to post what the seven clicks are...
Seems like a forty minute mandatory, "How to not screw up" tour could fix a lot of these bot problems.
-FL
serious question:
most folks don't send more than 50 mails a day (number pulled out of a** and is for illustration only)
so how about this ISP anti-spam approach:
1) if a user sends more than 350 emails in a week, or more than 100 emails in a day, the ISP emails the user with a 'do you have a zombie' email.
this would list the subjects & initial contents of emails sent.
user could either reply 'yup, I send a lot of email please bump me up to a higher trigger level' or 'please help me fix this - I'm not really a viagra salesman'
x days/emails after the warning, the ISP could start blocking stuff if there was no response to their warning mail.
This would give people a chance to know if their machine was infected (I think mine is clean - but I certainly don't monitor outgoing smtp traffic) and generally provide a service to all at little inconvenence.
Would this be bad ??? Is it really hard to spot a zombie PC that is sending spam out through your network?
VLC Remote for iPhone and Android
Or, maybe, countries trying to move forward too fast and without watching their step. How many people here know/work in a company where IT doesn't get the budget it needs for proper network defense?
You are in a maze of little twisting passages, all different.
Once upon a time, there was a city where most people lived in tents. Most were made of ripstop nylon, but there were some made of canvas, blue tarps, and some were basically old garbage bags.
Obviously, tents aren't that secure. Most people didn't bother to even try to secure the flaps on their tents, some bought and installed luggage padlocks to secure the zippers, but even those were only a slight hinderance in this city that relied mostly upon trust and goodwill. All an intruder needed was a knife to slash a hole in the fabric or a stitch-puller to intrude on others' tents, for the purpose of mischief, hiding radios that only broadcast advertisements, stealing information, and the like. Some even set-up shop in other folks' tents, posting advertising and selling goods and services, simply not caring about the actual owners' wishes.
There weren't only tents in the city. Some people did live in wooden or stone shacks, and a few of the tent-dwellers even modified their tents into reinforced shanties with sheets of metal and plywood. They were largely ignored by the criminal element, simply because the time and effort it took to break into one reinforced tent or shack, they could break-into several tents and accomplish the same ends. Given that the overwhelming number of ne'er-do-wells in this city only possessed pocketknives, they lacked the means to break into the stronger structures, and typically had to resort to tricking the residents of those structures into leaving the doors ajar.
Windows has two critical traits that cause it to be such a problem on the internet: it's easily compromised and extremely popular. If either factor wasn't in its favor, the problem probably wouldn't be quite as serious, but Windows just hasn't developed appropriately for use in a multiuser, networked computing environment. The same rules that apply when you're camping in the wilderness when you're isolated become absurd when you're building a shelter when there are other people, including criminal elements, in close proximity.
To the question you pose, I think the answer is probably going to turn out to be, "Actually, yes". The overwhelming majority of current exploits are against pathetic Windows security, where there is little separation between the outside vs. inside, and no compartmentalization on the inside to limit the damage. There will still be some level of crime and confidence games in communities that have greater individual security, but the casual and inexperienced criminals wouldn't have the sort of free reign they enjoy when it takes little skill or knowledge to accomplish their goals. Would an internet dominated by Linux and OS X still have machines compromised into zombies on botnets? Of course, they're still maintained by humans who don't all care about security and fall for tricks. But it wouldn't be anywhere near on this magnitude.
... and God just builds a better idiot.
A great deal of the problem here isn't necessarily Windows, it's the people who use it. In an attempt to make its operating system easier for the idiot to use, Microsoft has added "features" that increase the vulnerability as well, particularly the "I'm-ok-you're-ok-can't-we-all-just-get-along-and- share-our-deepest-darkest-secrets" design philosophy that's behind so much of the Windows experience.
But the vast majority of Unwashed Humanity shouldn't even be using a *light switch*, nevermind a computer! Even otherwise very intelligent people are so completely clueless when it comes to things that come to them in email and on web sites. I swear, if I sent out an email asking people to cut out their large intestine and email me a scan of its contents, most of them would happily do it, and thank me for the privilege.
I tell my family to follow two rules:
1. Everything you read on the internet and in email is a complete and utter lie from someone you do not know, which will steal all your money, rot your brain, and leave you (male or female) with an unwanted love child. You should completely delete all email before reading.
2. See Rule #1.
Microsoft advocates Trustworthy Computing. I recommend Paranoid Computing instead, because *nobody* can be trusted!
"My country, right or wrong; if right, to be kept right; and if wrong, to be set right." --Senator Carl Schurz (1872)
I find it easier to believe that that antivirus tools just suck.
I read the internet for the articles.
You could forbid Macs, you would get less complaints!
Instead of filtering torrents, your local ISP should be redirecting their deep packet inspection efforts on thwarting spambots. Regardless how deep it is buried in your OS, at some point it is going to have to announce its presence when it starts spewing spam. With >90% of the internet being choked up with spam, shouldn't ISPs worry about spambots rather than P2P? If spam is detected, a friendly email could be sent back to the source indicating that your PC is likely infected with malware.
Also, if more people ( not everybody ) switched to alternative operating systems such as Macs and Linux, (preferrably different distros) it would be much harder for malware to propogate, as they would have to split their efforts at hiding in many different targets and spreading between incompatible systems.
My rights don't need management.
Every time a story like this pops up, the Linux fanboys start spewing about how everyone should use Linux. Well, let me give you a dose of reality.
You say: Everyone should use Linux!
Reply: Make it easier for average users to use and they will.
You say: It is easy enough for me to use!
Reply: You are not an average user.
You say: They should learn to use it.
Reply: Why should they when the probably already know how to use Windows and if they don't, it is very intutive to use?
You say: Linux is better!
Reply: Really? Do tell.
You say: Linux comes with all the drivers for the hardware.
Reply: As long as one isnâ(TM)t using hardware that isnâ(TM)t support under Linux because it is too new, not popular with driver hackers, etc.
You say: No zombies, no viruses, etc.
Reply: It takes less time to buy and install AV software than to learn Linux enough to install, use, and secure it. The cost (opportunity and otherwise) of Linux is greater than that of Windows + AV software.
You say: Linux comes with all kinds of free software and there is a lot more available.
Reply: Most of which is any number of the following:
You say: Linux can use WINE to run most Windows application.
Reply: But, Windows runs all Windows applications and doesn't need to be installed. Also, it has the advantage of installing and running those apps right out of the box without having to go to the command line and configure anything.
Statement: Most Linux applications suck, have crappy inconsistent interfaces, and are often missing functionality of the Windows applications to which the supposedly compare.
You say: But, the users can pay for improvements and to have whatever functionality added!
Reply: Or, they can buy what they want outright for less.
Statement: There is better user support for Windows than Linux.
You say: There is tons of support. They can go to forums and websites and get free support.
Reply: Have you done a search for an answer lately? I see tons of forums posts with simple questions that generally don't get replies. And when they do get a reply, more often than not the reply is either "RTFM!" or someone taunting the "noob". Of course, there are the replies that read âoeGo to the app website and download the latest snapshot. Compile and install it, then go into the config file and set [undocumented option] to [insert undocumented mystery value]â. Or worse, âoeUpdate your kernel to [latest unstable RVL] and use the patch from [hackerâ(TM)s website].â
Pay attention:
As long as FLOSS is written by developers for themselves and other geeks, Linux will not gain traction with the average desktop users. What makes Windows and its associated software so popular among the masses is that it is written with the masses in mind and developers are paid to finish it.
Now, please, either address these issues or STFU.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
And _I_ consider the existence of antivirus tools to imply an OS that just sucks.
Let us not become the evil that we deplore.
This will never stop with the current security model. Attacks like this work just as well on the other major operating systems. Let's move away from reactive security and fix the root cause.
BitFrost (see http://wiki.laptop.org/go/OLPC_Bitfrost [laptop.org]) is the set of security mechanisms present in the OLPC.
Though I certainly wouldn't care to summarize the entire thing, here's what it comes down to.
User programs don't automatically get the running user's full rights. A calculator has no reason to delete your documents, so why should it be able to? And without your knowledge to boot. On the OLPCs, documents are kept in a special storage area. It isn't a matter of owner read access. In general, for a program to get a user's file poofed in to its chroot sandbox, it has to ask the document service (which presents a consistent dialog). Further, a text editor doesn't need to access the network. The user can access the network, but his or her programs can only do so if explicitly allowed to (various such rights are set at install time, configurable later). Certain combinations of program rights are disallowed at install time (such as both network access and webcam access) but can be enabled later. Plus a lot more.
Sudo/UAC sound nice and all until you realize that programs and users are separate entities.
Yes, there's a lot to learn from the OLPC project. It's designed to be used (safely) by computer-illiterate children who can't (or can scarcely) read. If you think that sounds like a good description of computer users in general, then you're absolutely right. Security as seen in *nix and Windows makes perfect sense for protecting users from each other. That was the goal back in the day. The people with access to a server were supposed to have a general idea of what they were doing (entirely on them if they didn't), and in that case *nix security works well. But computers have gotten more personal, and that assumption is now blatantly false. Anyone thinkng that Windows security problems stop at buffer overflows, or that Linux on the desktop will change anything, is a fool.
"Strangers have the best candy" -Me
If it's truly undetectable, how would you know what percentage of cases were undetectable? Surely, be definition, you couldn't tell?
In other news, most women think I'm damn sexy. It's just undetectable in 99% of cases. But I'm sure they do!
Creating a file in Notepad, then pasting it into Outlook as an attachment:
testabcdefghijk.txt = displays as itself
testabcdefghijklmnopqrst.txt = displays as itself
testttttttdddddd ddfffffff.jpg.txt = "testttttttdddddd ddfffffff.jpg..."
Because too long file names must be replaced by three dots. Just create an EXE file with a similarly long name and use the BMP image icon for it. Who pays attention to three dots?
If this is indeed ever a problem I suggest to Microsoft to force the "shorten long file names" function to always display the file extension and rather cut out some letters before the extension.
If obscurity means nobody knows who you are, it certainly does work. If you just mean you don't distribute the source code... well it doesn't work. Now that people know Kracken exists, it won't be long before common AV products can find and block it.
The *only* perfect security is making sure nobody knows what you're trying to protect exists. Hiding exactly how it works... is worthless, unless it's very poorly coded in which case it's worth a very little.
Well, at least you have an opinion. It's really the mark of users that plain suck. Give all those same users who click on everything and anything that sounds vaguely interesting a nice, shiny new Ubuntu machine - ALL of the users mind you - so replace most people's Windows machines. See how long it takes those same people to be rooted. Now what will you complain about? Their sucky OS? Or their lack of ability to treat their computing resources as carefully as they SHOULD be treating their government ID's such as SSN's in the US and bank info, etc.? It's the users - not the OS.
I think the last cracking contest established that it was far easier to compromise the OSX machine(at least at that moment in time).
My OSX friends are more likely to click on everything because they have this belief that just because they are running OSX they are safe from everything. No need for a firewall or antivirus either.
My Linux friends tend to be a bit more paranoid, they all run firewalls, but many don't use a antivirus product.
My Windows friends are all over the map, from security paranoid to "computing sluts" who click on anything that looks fun(needless to say it is impossible to convince those people that they are to blame for the PC needing reimaging every 6 months).
I use them all at least occasionally, but when I do online banking I use Knoppix. A bootable CD/DVD OS that runs for a short time is the only way to know you are not compromised short of disconnecting the ethernet port.
since antivirus is available for all major OS's that benchmark isn't so useful ;)
Those would be:
1) Left
2) Left
3) Left
4) Left
5) Left
6) Left
7) Left
8) Left (but not counted as this one closes the window.)
Have a nice day.
Actually while I don't totally buy this (Windows gets a lot of "drive by" infections) you do make a compelling point. Even a "secure OS" cannot help if the users is willing to type their admin password at anything that asks for it.
Of course, you could make code show what it will do upfront ("This program will create files in your home directory, but won't open any network ports, or modify any files it didn't create"). This is something that could be done (I think Microsoft's "managed code" is a valid template for this approach). But the UI is really hard to nail, and the user must still read and understand what's being proposed. Consider: "This program will modify system files and read any files on the system, and open network connections both on the local zone and the Internet", does the average user allow that to run? Perhaps not, but what if it's pron?! Seriously, though - can an OS be secure, if it's users don't make rational choices?
Still, I'm not running Windows here...
Actually you mean "fewer complaints". But they'd be much more rabid!
(Hey, I'm a Mac user too... but I can see the funny side)
The Cylon invasion has officially begun.
* Making waffles just so I have something to Twitter *
"The government" is a really nice abstract term, perfect for conspiracies.
...) the government itself is not above the law.
The "government", aka the FBI, the NSA, etc, do not randomly break into machines.
What they do do, they do with the permission of the majority of elected representatives and thus, by proxy, with your permission.
The basic fact of government in a democracy is that, unlike in every other system of government (islamic, communist, dictatorship,
If you have proof of your claim, take it to the courts and the government WILL modify it's behavior.
Now muslim governments, or china's government, or other foreign governments will have no qualms whatsoever using these networks, and you have no legal recourse. That's what sovereignty means. Or they may buy these networks from criminals like spammers do.
Also criminals do this, you *may* have legal recourse, but they ignore it (that's the definition of the word criminal). So unless your government can use violence against said criminals, you're out of luck. Now *that* is the function of the FBI.
Or both of these may buy from eachother (like e.g. afghani drug cartels buying immunity from Chinese provincial govt. or from the taliban, you see islamic justice *is* for sale (price for murder : 200 camels, or 1 (male) slave, or 2 female slaves, payable to the victim's family, and yes you'd think this was a joke, it's not))
- Choose "Explore"
- Select "Tools" -> "Folder Options"
- Choose the "View" tab
- Scroll down and uncheck "Hide extensions for known files types"
- Click "OK"
If you have a file masquradign as image, it must be shown as what its real extension is(and optionally hide any superfluos extensions from view).Granted, it won't solve stupidity,but will make anyone think twice before clicking an .exe file.
Really? I'm pretty sure that Bush has used signing statements to indicate that his administration is, in fact, above the law. I'm not sure what else a document that essentially reads "I don't like what Congress is telling me to do, and I'm not doing it" attached to laws that are being signed into effect can possibly mean.
Try not to take me more seriously than I take myself.
You obviously aren't from around the States, are you?
...and this is a highly popular piece of OSS on Windows... Thunderbird and getting SMTP logs.
.ini file, or even an XML file, using notepad - think again.
An SMTP server was giving me a vague error... I couldn't send mail because of it, but because I couldn't see any of the events leading up to it, just the last response, I was stuck.
So I figured I would turn on logging of commands sent/retrieved and check those out.
Best option: If you think it would be a configuration option in the UI - think again. It's how it should be, but it's not.
Next best option: If you think it would be a configuration option in Tools > Options... > |Advanced| > General > [config editor...] (hideous in its own right) - think again.
Next best option: If you think it would be a configuration option involving opening a
Next best option: If you think it was a command-line parameter (that you could, arguably, edit into a shortcut if you fear the command line) - think again.
Absolutely the worst option: If you think it's an environment variable - DING-dee-flipping-DING-DING, we have a winner.
http://www.mozilla.org/quality/mailnews/mail-troubleshoot.html
Now I'm plenty computer-savvy, but environment variables? Really now. I just want Thunderbird to be able to optionally log the traffic. That's not something that should be an environment variable that I'd have to set again and again (or create a separate batch file + shortcut for, etc.). That's something that should be in the config editor at worst or be a checkbox in Tools > Options... > |Advanced| > General / Network & Disk Space. It's not like the dialog doesn't have room for it - what, with 1/5th of the dialog being -blank- at the bottom.
That said, I'm not lumping -all- OSS in with this particular bad experience (there's plenty of others)... some is very well-written and well-supported.
Oh how I miss the OS8MT on the Z80 processor...
But OpenVMS will do as well...
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Comment removed based on user account deletion
Has one ball and one tit? Couldn't say the same about the average linux user tho.
Depends, are we talking the original series or the Red Alert spin-off?
Well, that comment aside, I'd say judging by the anti-Islam, anti-communism, anti-China rhetoric implies they are from around the States.
I'm not saying that this rhetoric is typical of the US, only that being American is typical of this rhetoric. (Also, I'm not implying that China is some shining beacon of fairness, but it's interesting to see the way the "evils" are listed.)
I swear we should be allowed to give mod points to sigs... "-1, Offtopic"
See, that's why Windows should come with extensions ENABLED. So you can see if your file is .exe or .jpg or .whatever. .jpg extension... "gee, that seems odd, let me click on it!"
:p
Someone can change the icon, so it can still look like an image (hoping you use the same image viewer as the icon, though!)
I mean, you see 20 icons on your desktop, all are just the name, but one has a
Idiots...
And that's another reason I like Total Commander. You have a column with the name, and a column with the extension. Not what they want you to see, not the one that comes before 80 empty spaces and the real extension. Explorer is TOO easy to "trick" into showing you what you think it is...
And then there's the fact that most people run as admin/root. That's just silly. Course, opening a hidden command prompt to launch an AT command at some point in the future as SYSTEM seems pretty trivial, so even if you are safe, you can still get hax0red.
Its almost come to the point where you need to run in a virtualized state, and then still run everything in a sandbox, and run everything off of a CD, with no attached hard drive, just to be sure you won't get infected!
Each of your Internet connections should have a firewall.
Each of those firewalls should be set to deny ANY outbound connections to email ports EXCEPT from your email servers.
There's no need for packet inspection. Nothing else should be connecting to those ports.
And those ports are 25, 465 and 587.
Then just monitor your email server to watch for any unexplained spikes in outbound messages.
How is an OS supposed to stop that? It's not always the OS. It's often the user that's the problem.
Yes, someone could delete the contents of their home directory by so doing. He or she could NOT affect anything beyond that by clicking on it. This also assumes they have made the script executable. And, strictly speaking, your script is not a virus. It does not self-propagate.
Let us not become the evil that we deplore.
Yes, it's true. There is AV software for Linux systems. It is for mail servers that serve Windows clients. Read the documentation, it's in there. Thanks for playing, though ;-)
Let us not become the evil that we deplore.
I agree with you that users are themselves a major security concern. I disagree that your scenario would produce the results you claim because I have been a system administrator for Windows and Linux (and the rare Mac) and I have seen the damage users can do to each kind of system. My Windows users needed far more help fixing things they had broken than my Linux users of all levels of skill (mostly novices, though).
With that said, I am becoming tired of people propagating the myth that it is all about the users or even about the market share. It is not. It is about openness and design.
Let us not become the evil that we deplore.
"Seriously, though - can an OS be secure, if it's users don't make rational choices?"
You can make system files immutable in Linux with chattr, an immutable file may not be overwritten by root unless chattr is first run, to remove the immutable flag.
furthermore, you can during install, use chattr to set files immutable, and then set user:owner of chattr to user chattr and set permissions to only allow user chattr to read or execute chattr as well as making chattr immutable so root can't replace it.
So yes, you can idiot proof a Linux system. Even if they still have sudo permissions so they can install new programs.
the basic point of this would be to have some type of chrontab based scanner, a remote administrator (eg: the guy who set it up for mr. i love porn and am stupid) and basically is mr idiot isntalls bad software mr remote admin can remove it, and make fake files in his owner/user group so that mr idiot can't install it again (although without access to chattr it might be hard to prevent mr idiot to find out how to use sudo to delete those files when he asks on a message board how to get around this 'error' when he tries to install software etc..)
although it's SO much easier to just not give Mr idiot sudo permissions and allow mr remote administrator approve any software Mr idiot wants on his system. the point was can linux be idiot proofed, and yes it can, in many functional ways.
https://www.gnu.org/philosophy/free-sw.html
Bullshit.
I've been to hacker conventions, and I've seen how heavily the government recruits the people there.
I've seen the laws that keep getting signed, saying that the executive branch is now above the law, and can search, spy and seize without consequence.
I've also seen the people who are running for office. I don't believe any of them will be any better. It doesn't matter who I vote for, or whether I vote at all.
"The cup is in turn designed for holding hot or cold liquids, and has an open rim and closed base." --US Patent #5425497
Let's review:
- All versions of Windows suck
- Almost all versions of Linux suck (most modern distros)
- All versions of OS-X suck
- Almost all versions of Symbian phones suck
- Several versions of Unix suck (but not all)
- Many versions of BSD suck (but not all)
I would guess that you are a Sun OS fanboy, as it's the only one I can think of that doesn't have anti-virus for it. I'm probably wrong, and that one sucks as well.
Wonder what OS doesn't have an anti-virus for it?
Well, at least you have an opinion. It's really the mark of users that plain suck.
I really wish this was the case, but OS vendors could do much much, much more to make their systems secure by default. As for the metric that users suck, sure they do. Last I read, however, compromises that had no user interaction were still responsible for more incidences than ones that have a user interaction component, There are a lot more trojans out there than worms that compromise machines silently, but the latter hit a lot more machines at a time and more often.
Give all those same users who click on everything and anything that sounds vaguely interesting a nice, shiny new Ubuntu machine - ALL of the users mind you - so replace most people's Windows machines. See how long it takes those same people to be rooted.
Actually, they would probably last a lot longer. The truth is, Linux is attacked less by automated worms so most users would fare better. It is not that Ubuntu is really much better for security than Windows (it is better in some ways, worse in others) but there is one big thing Ubuntu has going for it. Canonical does not have monopoly influence on the desktop OS market.
Ubuntu currently has security that is appropriate to the threat posed by malware attacking it. Regardless if that security is currently better or worse than Windows, there is no reason to think Ubuntu would not continue to provide whatever level of security is desired by users. You see, Canonical sells services based around Ubuntu. Most of the contributors to Linux are users (either on a large or small scale) or are hired by users. If Canonical does not provide them with the security they want, they can and will go elsewhere. There are lots of Linux distros and companies selling services based upon it. In a worst case, Linux can fork to provide users what they need. Basically, is comes down to motivation. If Ubuntu is not good enough, Canonical loses money; ergo, Canonical will invest in security improvements so they can make more money.
When Windows does not provide the appropriate level of security to make the average user happy, Microsoft does not lose significant money. In fact, in many cases machines are slowed down by malware such that the user does switch to a new vendor. The problem is, they switch computer vendors (from Dell to Lenovo for example) and Microsoft actually gets an extra sale out of it. Usually the influence MS wields in the desktop OS market makes switching to another OS vendor impractical or uneconomical, especially given MS's ability to break interoperability with other OS's and lock in user's via their data, applications, etc.
Now what will you complain about? Their sucky OS?
It is not even that Windows sucks on technical merits. They suck because they are the biggest target and they don't care. When I go down to the bar, I don't wear a bulletproof vest of any sort. When I browse the internet from a Mac or Linux machine I don't bother with sandboxing my browser or running it in a VM that resets every time I use it, or even running antivirus software scans. I don't need to. If, I take a business trip to Baghdad, I'll probably wear a vest. Most people would not think to do so. For someone at a tourist bureau in Baghdad to try to persuade people that Baghdad is a more secure place than Minneapolis is absurd. For them to argue that there are more troops protecting you in Baghdad than in Minneapolis is beside the point. For them to argue their are concrete emplacements and checkpoints to catch "bad guys" is likewise beside the point. The measures in place are insufficient to deal with the level of threat presented. This is true for Baghdad and Windows.
And to answer your second question, if Ubuntu were regularly compromised in daily use, yeah I'd argue its security sucks. There is a lot of work that can be done to make every OS more secure for users, but for the most part only Windows has a big problem for normal
Russia? Of course! See the evil government who doesn't agree with the USA! France? Of course! They didn't even want to enter an illegal war along the USA! U.S? This means there are terrorists operating inside the American borders, targeting the people of the USA! They must be stopped! Bush needs to be given emergency powers to stop this threat!
Ah! My buddy Anonymous! How are things at the Coward house? Anyway, let's consider those systems that have antivirus for their mail services only to be exempt, shall we? How does that change your list?
Let us not become the evil that we deplore.
But isn't xen a more mature FOSS solution than virtualbox? not to mention xen is true FOSS and not some half proprietary software that business have to pay for, vs a feature stripped 'gpled version...'
https://www.gnu.org/philosophy/free-sw.html
"It really is not difficult to keep a windows box secure. Granted, it requires more attention than a Linux box, but still...it's quite easy to set up and maintain." - by Pojut (1027544) on Monday April 07, @11:17AM (#22989030) Homepage -----
/. "F.U.D." to the contrary), & this post below shows you that much (proofs from Linux as an example no less).
You're correct, but even Linux &/or BSD variants like MacOS X (& BSD's themselves) can be FAR MORE SECURED then their defaults (despite
A user of a modern Windows OS (2000/XP/Server 2003 & even VISTA + its variants like Server 2008) can gain by this to secure themselves FAR above & beyond the std. security policies defaults (&, it works):
HOW TO SECURE Windows 2000/XP/Server 2003 & even VISTA + make it "fun to do", via CIS Tool Guidance & more:
http://www.xtremepccentral.com/forums/showthread.php?s=86d01764b4339ac5e967dc217db35c55&t=28430
APK
point. click. root.
Help stamp out iliturcy.
OK, I can see that. But this isn't really helpful without either:
An Admin
Reducing the OS functionality
Actually I can even imagine securing Windows if we're willing to use an admin to nurse every install. (More likely we have one boot image, and all users boot that, or some kind of WinTerm type solution)
I would agree that Unix (and Unix-a-likes) makes securing the OS simpler (well probably some Windows maven would find some similar wheeze on XP/Vista) but it's not really going to fly if Mr Idiot-And-I-Love-Pron owns (not pwns) the box.
Nothing will happen; the OS will stop it. How? By the trivial means of not allowing downloaded files to be executed unless I explicitly edit their permissions to turn on the execute bit.
Yes, this really would help. Mere double-clicking can be done reflexively. But more complex instructions like "save this to your filesystem, then open a terminal window and type 'chmod +x free_porn.sh', and then double-click it for free porn!" gives your victim just that little bit longer to realise that they're being conned. Is it 100% secure? No, of course it isn't. Is it more secure than an OS that will blindly execute anything that has a filename ending
It's Vinge's Mailman!!!
'sudo apt-get install kraken' doesn't do anything. can someone help please?
Anyone actually confirmed this? Checked it out at all?
It is meaningless in this situation. But I'm sure you enjoyed it.
Zombies send the email themselves. Why would they need to bound a message through a different zombie? All they would end up doing is spamming their own zombies.Only in your mind. Again, all that would accomplish is that the zombies would end up spamming their own zombies.No, they do not. Because if they used a port other than the three I have identified, the email would not be received by any legitimate email server. Again, all they would end up doing would be to spam their own zombies.You are confusing "command and control" of the zombies with the act of a zombie sending out spam.
They are not the same. Yet you have confused them.
Mice? Clicking? Sissies.
Windows+E
Alt, T, O
Ctrl+Tab
Tab, Tab, H, H, Space, Tab, Tab, Space
Alt+F4
Easily done in under 5 seconds.
This shit is like the Konami Code.
I just want to say that this is one of the most interesting comments I've seen on Slashdot. Not because it is well-written (it is), but because I learnt something from it, which is too rare on Slashdot. I'm not a Linux zealot (though I use it exclusively at home now) and am bracing myself for when it does become a popular target for widespread attack. This is an argument about Linux security that I've read that really addresses it which I hadn't heard before. The "thousand eyes" principle may provide another security advantage over Windows, but I don't know. This point however, is very well argued. Thank you.
H.
Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
Don't underestimate me.. I've performed WAY more complex operations than that in order to obtain free porn.
if ( OS_sucks || (users == idiot) )
antivirus_needed = true;
It also guarantees that no regular-Joe home users will ever use that OS because they don't want to have to change permissions on every shitty time-waster game they download from the internet.
btw, you can actually make a nice secure user 'chattr' who is not root and have a fairly secure password length for when the Mr remote admin needs to use chattr to install updates, etc. just make sure Mr Idiot is safely logged out when doing the updates.
thought if this after i posted, although technically Mr idiot can "sudo su chattr" if he's a sudoer unless, you require all user chattr logins to shhd. not sure off hand how to do that on Linux, more used to how to do that on BSD systems.
https://www.gnu.org/philosophy/free-sw.html
ah of course, the easiest way is to set su to user su or some such have it chattr and of course belonging and executable only by user su.
https://www.gnu.org/philosophy/free-sw.html
Your argument here is interesting because of two points. First, generally restricting new programs so that they cannot do anything they want. The second and more focused point is preventing installers from writing files here there and everywhere. I think default ACLs to restrict programs are going to be very important to the future of computing. Keeping programs contained within a given part of the filesystem is also useful and I'd argue an approach that does well in this regard is the application packages used on OS X. It is a win in that it removes the need for installers in most cases (drag and drop beats running random code) and provides a folder where all an applications files can be stored. It allows applications to write to specific other locations, but just config files, not binaries and there are advantages to storing the config files outside the package.
This is something that could be done (I think Microsoft's "managed code" is a valid template for this approach). But the UI is really hard to nail, and the user must still read and understand what's being proposed.I agree with this although I'd make a few points. MS's UI is a travesty. It is not just poor, but it makes the same UI mistake people have been complaining about for years. The "OK/Cancel flaw" has been well documented and explained by numerous experts. MS has little excuse for doing it all over again. Second, I think if you get to the point of asking users to authorize or deny specific activities it should only be as a last resort after several other passes that attempt to resolve the issue.
Consider: "This program will modify system files and read any files on the system, and open network connections both on the local zone and the Internet", does the average user allow that to run? Perhaps not, but what if it's pron?!Has your OS certified this software is from a specific vendor? Has your antivirus provider certified this software as specifically safe or unsafe? Given that it is uncertified software from somewhere unknown I think it is very important to give the user good options. Don't give them buttons that say: (OK)(Cancel). Give them buttons that say: (Allow program_name to run, but restrict access)(Don't allow program_name to run)(Allow program_name to run and have complete control of the computer)(Advanced options). If they click the first option try running the software without letting it touch the network of system files and see what happens. If that fails automatically run it, but give it access to dummy files and network access. If that too fails, let it run in a clean VM with a bridge to the network (while watching that VM/network for potentially malicious behavior like running a mail server that sends a lot of traffic).
Seriously, though - can an OS be secure, if it's users don't make rational choices?I think the key is to give the users good choices and only as a last resort after automated work by the experts has failed. Never give users cryptic choices. You have to avoid training users into thinking allowing access to programs equates to programs working. Right now clicking "OK" for most users is a conditioned response that people do like putting gas in a car. You click "OK" all the time to keep your computer running stuff. That association needs to be broken. Granting access should be a separate issue to whether or not a program will run. A user can validly want to run a program so they can look at porn, but still not trust that program. A secure OS should let them run it, but still not trust it. Let it connect to he internet and access a dummy address book file and take control of a dummy Webcam and install a keystroke logger in the VM and send that useless data to some third party. Then, the user can look at their porn and still be secure as much as possible.
With .deb files you don't need to worry about the execute bit. But then the user would need root to install .deb files anyway.
Carbon based humanoid in training.
1. Machine gets infected and becomes a zombie.
2. Spammer tells that zombie what spam to send and to what email addresses.
3. Zombie sends spam to those addresses.
But that simple understanding eludes you. In your mind it work like this:
1. Machine gets infected and becomes a zombie. Zombie Alice. Inside a corporate network.
2. Spammer tells that zombie what spam to send, to what email addresses AND WHAT OTHER ZOMBIE TO BOUNCE IT THROUGH.
3. Zombie Alice sends 10,000 spam messages to Zombie Bob. Using odd ports and from INSIDE a corporate network.
4. Zombie Bob sends 10,000 spam messages from Zombie Alice to the addresses that Zombie Alice provided to Zombie Bob.
Yeah. You might want to brush up on your understanding of email and relays and spam.
In my world (the real world), the spammer would skip the stupid steps and just send the spam control info to Zombie Bob for direct dispersal. While Zombie Alice attempts to bounce through the corporate email server to send spam (after it is determined that Zombie Alice cannot directly connect to outside machines on the 3 ports I have identified for you).
Class is dismissed now.
New Slashdot meme:
"Wow.. cool.. Imagine a Botnet of these!"
To replace antiquated Beowulf Cluster reference.
Menus: Linux=function, Windows=vendor, OS X=as little as possible. Makes a statement, don't you think?
If the user thinks it's something they want, they'll do anything. Hell, if people search google for hours to find out how to play the codec du jour they downloaded their moviez in, they'll jump through *any* hoops the instructions include, even if it were a 20-step "guide".
Who is General Failure and why is he reading my hard disk?
We need an EOI link, exterminate operator, that'd get their attention.
I miss Rich Cook, he's sick and can't write anymore. Here's a couple of his books given freely.
http://www.baen.com/library/rcook.htm
I'd go on a Vegan diet but the delivery time from Vega is too long. --brownkitty
And the internetz is an instrument for spreading illegal copies of music. The internetz is so illegal..
Privacy is terrorism.
That's exactly the point I'm (unsuccessfully) trying to make. Making this easy to understand is hard. Anyone who thinks otherwise should then consider that the computer's owner is nine years old. (I pick nine as I was nine when I had my first computer)
We read this is as the application saying: "give me a blank cheque, and while you're at it, the keys to your car".
My sister installed Linux on her laptop (she lost the Windows key she had, and someone gave her a Linux CD, and she couldn't be bothered to go back to Windows after realising Firfox was the same on both). .tar.gz file, double clicked it (or right click) and extracted it, and then double clicked the binary. Nothing complicated needed.
She happily downloaded a game (no idea what), it was a
I find it par for the course that the commentator on zdnet says java and sun, but Macaulay, per theregister, says javascript.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
It has much less to do with popularity than with featuritis. More features means more cracks to (intentionally) fall through.
Well, the feature creep is part of what is driving the popularity, but that's reversing the causality.
ps: fanboys are a misfeature of any popular OS
pps: 10% is not exorbitant. Don't confuse lack of a stripped-down model for high prices. Complain about the lack of a stripped-down model, instead.
ppps: insane (sparse) memory usage is also a misfeature of any modern OS. Solve the hard computation problems with processor speed and sparse memory organization. Let the user upgrade to 512M+ (AppleMac) or 1G+ (MSVista), and depend on better memory management to avoid swapping.
This will be the year the AppleMac catches up with MSWindows in being vulnerable. Maybe.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
Comment removed based on user account deletion
That's something Microsoft has been notoriously lax on. Unless it makes them a little money, in which case they give the bare minimum required to make the money, then leave the user to fend for himself in a hostile environment that is oriented to discouraging him from thinking for himself.
Apple has been an order of magnitude better, but that is not enough. And they've been slowly backing off of that, and are not so now.
These days, seems like everyone wants you to pay them for thinking for you.
(Linux, of course, well, shoot, even Linux is getting its share of wizards. Visual access to the settings, human readable help, verification of the settings, and a human language explanation of the settings set, that's okay. But the current setup assistants try to think for the user, try to tell the user what he wants based on incomplete criteria. They give visual partial access, human readable partial help, partial constraints instead of verification, and precious little human readable explanation of the results.)
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
Well, we should say, don't use sudo except as an admin user that you never surf the web with.
The solution is to prompt the user to make, not one, but two non-root accounts when they start the system up the first time or install the OS. Spell it out like this:
"This one is for admin. It will have no general purpose web browsers, e-mail, etc., in the doc/start menu unless the user him/herself puts them there, only stuff useful for admin. DON'T USE IT FOR ORDINARY STUFF! Give it a really hard password that you write down and keep in the safe or whatever."
"And this next one is for ordinary, day-to-day use. DON'T USE IT TO INSTALL THINGS OR DO OTHER ADMIN STUFF. Give it a hard password that you can remember."
And you don't let the ordinary GUI agent for sudo to run for an ordinary user unless the admin goes into the user setup and selectively allows the ordinary user to run it. And there is a warning there, short and to the point: "Checking this box may allow evil things to happen while the user is surfing the web or reading e-mail or doing other work."
And the same warning should be prominently displayed in the GUI agent for sudo anytime it runs.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
Even live CDs will not be very effective if the malware writers find their way to the boot sectors (which is quite possible with a lot of unsupported but in-use previous versions of MSWindows).
Yes, MSWindows is, in part, a victim of its own popularity. But Bill & Steve have been far too reluctant to give up the market share.
So, even though it seems unfair to say so, when no system could (in theory) prevent the stupidity of the user from causing the user pain, it is still Microsoft to blame for how bad things have become. Microsoft and us, because we drank the kool-aid. We bought their bill of goods.
If we lived in a world where people were surfing the web on Amigas, Macs, MSWhatever boxen, Ataris, Acorns, Apple ][32, TRS 80 level VIIs, Tandy Color Computer 32s, C64x64s, Sinclair128s, etc., the malware business would be a lot harder to make a profit in. There would, of course, be more platform-specific exploits, but not nearly the minefield we have now.
Okay, when I wake up from the fantasy, I'll admit that not all the cool kludges would/should have survived, but the current homogenized web is just way too easy to attack.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
Christ, the paranoia is so fucking rampant here. Is it the color scheme that attracts your type?
Nothing will happen; the OS will stop it. How? By the trivial means of not allowing downloaded files to be executed unless I explicitly edit their permissions to turn on the execute bit.
Yes, this really would help. Mere double-clicking can be done reflexively. But more complex instructions like "save this to your filesystem, then open a terminal window and type 'chmod +x free_porn.sh', and then double-click it for free porn!" gives your victim just that little bit longer to realise that they're being conned. Is it 100% secure? No, of course it isn't. Is it more secure than an OS that will blindly execute anything that has a filename ending
Why not check out ThreatFire? Get community based protection. You know, from all those botnets.
Download SteadyState for WinXP. It can protect your hard drive the same way.
It was similar but different in the shared computer toolkit 3 years ago.
It's a free download in 10 different languages.
Calling someone a "hater" only means you can not rationally rebut their argument.
Comment removed based on user account deletion
If you read carefully, Damballa makes a fool of itself in this article. Their analysts are so incompetent, they cannot find out the propagation method from an actual binary sample, nor can they break the malware encryption layer.
Analysts at traditional AV companies, like Kaspersky Lab solve these on a piece of napkin while eating breakfast (They have broken the 660-bit RSA cipher used by the "GPCode.AG" your-data-files-hostage-pay-ransom trojan in less than 3 days, even though the public record for RSA solving is 640 bits for a 5 months / 80 PC german distributed project.)
Damballa says Kraken is undetected by 80% of AV software, because this is not an exact statement that could be sued against them in court for fraudulent marketing, so they are safe. They are saying such excessive figures because they are desperate. A lot of venture capital funded start-ups in the access control and anti-botnet segment are now folding in the USA, so the survivors must up the ante.
Don't believe all the hype and think critically!
So, I guess it does work!
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
Sure it's the users! But in the case of windoze systems, the OS helps a lot ;-)
The situation and the cause will probably be different for each of these countries. As a french, I'd say that my country could ba good target for botnets because we have cheap and widely available fast broadband (half of the population has over 5Mb/s, the current edge being fiber 100Mb/s down, 50 up for 29E99/month, taxes included). As a consequence, we have millions of semi-literate computer users that have far more bandwich that they need and wouldn't notice if a few of their Mb/s were stolen. For a botnet manager, they are a far better prey than the average 1-2Mb/s american line.
Just make a variant of firefox thats 100% SAFE for porn, call it HotFOX.
.exe via a stupid user is immediately saved as a .zip converted file, with a simple password so it cannot be accidental.
.EXEs on the web idiots. Stop pandering to dumb prix. It just feeds the .exe is ok syndrome.
.exe download, IDIOTI!!
.exe downloads to .zip, oh and scan them first then do a permanent firewall block.
Safe JS, no java, sandboxed flash, no popups windows under any circumstances, (how hard is that really, come on firefox)
Any downloaded
Oh and thats a note to all software vendors, stop placing
That goes to many Sourceforge projects that make win32 builds with a
Infact go one step further, ISPs should transparently convert all
Fucked up govt pays millions to NSA to monitor users, but do they add any built in protection from virii traffic? no.
So if you work for the govt, or are an NSA agent or some big wig, the onus is on you, get a clue do something that benefits society, not your paypacket and your wifes hand bags.
Liberty freedom are no1, not dicks in suits.
You don't get rooted at Ubuntu by just clicking at things. You need to get out of your way and make your system vunerable.
I am not saying that no user will get virus at Ubuntu. A few will, but those few will have to work very hard toward it.
Rethinking email
Don't forget the file servers that host Windows files, and the web servers where Windows computers can upload stuff...
A antivirus has plenty of uses on Linux.
Rethinking email
Well, my computer will open it on a text editor.
Rethinking email
I'd go one step further - make all but signed apps use managed code, like
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Agreed. In fact I only meant to imply that the self contained "application is a folder" concept used by OS X and OpenStep provided a very easy way to quickly enforce such restrictions with very minor changes to the OS itself.
I'd also argue that it is useful for applications to have the ability to write their own XML config files to a special directory external to itself, and have read access to the XML config files from other user applications. This facilitates several areas of functionality including:
- - shared bookmarks for multiple browsers and version of the same browser and other such data
- - config files that can persist once an application is not available, so if a user runs an application from a CD/DVD, flash drive, or network drive the config can persist across sessions and have system specific characteristics
- - allow users to uninstall/reinstall applications via drag and drop without losing preferences
- - allow for user/group/universal preferences that can combine and which are not lost/overwritten when applications are installed just for one user or group
Apps would not be able to write binary data to files, only XML.This might be a step too far. I can see valid use cases for an application to need to generate binary data files for its own use. Rather, I'd allow the program to generate any files it likes so long as they are contained within its folder (and hence invisible to normal users) restricting them only based upon disk usage.
Things like access control and passwords/encryption would be handed by the OS, and the OS could prevent access to files created by other programs until the user allows it (so no harvesting users documents).Again, I agree this could be very useful, but at this point you're going to have to put in a lot more work and have a very polished UI. lot of users want to install a program to open or modify files they did not create. Think image viewers, editors, PDF tools, text editors, etc. Applying such restrictions by default is fine, but there needs to be a really easy way for users to grant access to all files of a given type within their home directory and network shares.
I saw this instead couchslug -> http://windowsitpro.com/articles/index.cfm?articleid=41095&cpage=216#feedbackAnchor where it seems your arstechnica friends had their behinds handed to them.
No we do not need user education, what we need are systems that are designed from the ground up to be secure, ie whitelisting. I want an OS where the only programs that can run are ones the root account has given explicit permission to. We'd still need administrator education but that's actually feasible unlike general user education (see better idiot).
There are 11 types of people, those who know unary and those who don't.
So instead of entering the root password, they have to enter the password of user chattr.
If the user does not have access to the chattr password since they are on a managed system with a savvy administrator - then why did they get access to root in the first place?
I can see this is convenient if the root is needed to do something other than change system files, but it still strikes me as strange.