Slashdot Mirror


User: mlts

mlts's activity in the archive.

Stories
0
Comments
5,534
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,534

  1. Re:"legitimate?" on 100 Email Bouncebacks - Welcome to Backscattering · · Score: 2, Informative

    Agreed. Microsoft Exchange 2007, out of the box, does not bounce messages it gets. It either gives an error code and refuses to process the message, or it accepts it. An Exchange admin can configure rules for messages to bounce (say someone is trying to carbon copy multiple internal company distribution lists), but its nowhere near the default settings.

    I wonder if backscatter has been used as a threat for extortion sometimes. A few years back, I was seeing spammers E-mail people who owned domains threatening to use their email address as the From: header for subsequent spam if they didn't pay some thousands of dollars, then later on (days/weeks), backscatter would start hitting that username. One of my addresses that I used to use for years got hit by so much backscatter that I eventually just added a whitelist, added in a ruleset with password that would autoforward anything that had that word in the subject or body, and had procmail just dump everything else.

  2. This may be a good thing in the long run on MS Beta Software To Manage Unix/Linux Systems · · Score: 4, Insightful

    Devil's advocate here:

    Long term, this might be a help for Linux and other UNIX variants. A lot of companies are required, either due to regulations, contract or their own corporate policies to perform audits on computer systems. Having a "one stop shop" by MS where someone can punch a button and generate a report on vital machine statistics for every single thing hooked up to the corporate network, down to the USB powered urinals, regardless of OS being run, will allow IT shops more freedom in choosing operating systems.

    Having OS independence for this tool would allow a shop to use Linux for a number of servers, but when audit time comes around, it will be as easy to print out a report about the machine's and how it adheres to corporate policy as the Windows machines. Audits of machine and network infrastructure security are a critical part of a lot of businesses and any tool that allows this to be made easier is definitely a help.

    Using a tool like this, a business can not just say to a prospective client that "all our network connected computers have antivirus, antispyware, and firewall software installed that are kept updated", but actually show it, by showing a report that even the Solaris boxes have Mcafee installed [1] with current vdef files.

    [1]: Yes, we all know about UNIX boxes and viruses, but there are lots of times when virus scanning software has to be present on all machines due to contract or legal reasons, even if the installed program just takes up space in /usr/local and the only thing it does is fire up a cron job to update the virus definitions and occasionally run a filesystem scan.

  3. Removing malware == DMCA violation, the next step? on EULAs For Malware · · Score: 1

    I wonder if these guys will start trying to press DMCA lawsuits for people in the US who remove their software next.

    Call me cynical, but I can see some judge hearing some well dressed attornies representing the Zeus guys saying that the user deliberately made the decision to dosable a protection mechanism against an "agreed upon" contract (and pointing out that what the software does is irrelevant), and said judge not knowing any better convicts.

  4. Re:It Would be Microsoft Doing This on Microsoft "Albany" Offers Office and Security as Subscription · · Score: 1

    I don't see why the TPM chip is so evil. Its just a cryptographic token similar to an aladdin eToken that is present on the motherboard. All TPM implementations I know of offer the ability to completely and totally disable them.

    TPM has a great benefit for home use, especially laptops. In case of a laptop theft, the encryption makes the theft "just" a loss of hardware rather than a loss of hardware and information that can be potentially used for ID theft. Microsoft with BitLocker, PGP with their whole disk encryption, and I think Ubuntu offers use of the TPM as well as an emergency passphrase as well.

    If a company demanded something run only on .net 3.5 (for example), they could always ship a hardware dongle that did the same thing as the TPM... and in 24 hours, someone would have a patch out to have the dongle completely emulated.

  5. Re:Bicker today, shake hands tomorrow on Some 12% of Consumers 'Borrow' Unsecured Wi-Fi · · Score: 1

    It would be good if one rebel ISP to do that, but who gives this ISP peering to the rest of the Internet? The other ISPs who would be making money hand over fist demanding cash from all sides, both from websites for premium tiering, and users would just not connect to the ISP that doesn't play in this ballgame. One monopoly owns the phone lines. One owns cable, 1-2 own the wireless spectrum. Having them cooperate and make a system like this would not be farfetched.

    The only way to break this type of system would be IP over power lines, or a low power mesh network. However, a low power mesh requires connections to the rest of the Internet, and can be easily kept from connecting. Similar with IP over power lines. Don't play by the ballgame of charging by the site status, no peering will be permitted.

  6. Re:Bicker today, shake hands tomorrow on Some 12% of Consumers 'Borrow' Unsecured Wi-Fi · · Score: 1

    It may head that way.

    I see Internet billing heading one of two directions. The first is that it becomes standard just like what billcopc stated, where using a mesh that is open to all comers.

    The other is the opposite. I can see Internet access going back to the Dark Ages by ISPs both directly charging their customers and using deep packet inspection, not just charging for the bits over the wire, but which bits go where. For example, if someone is using an ISP approved website, the cost would be free. Using the competition? $1.00 per connection with the ISP using the basic SYN packet as a gauge. Logging into a non-approved (which means the E-mail service didn't pay the ISP for a non "bus lane" tier), the customer gets 28.8k speed, and pays $1.00 to the ISP for a "connection fee" to that service.

    For the MMO or online game players, the ISP would just charge a fee to "main a reliable connection", say $1-2 an hour connected to the services.

    End result, ISPs would not mind a bit someone having an open wireless connection... it just means the person with it will have a $1000 "long distance Internet" bill.

    Yep... the days of Compuserve and AOL all over again.

  7. Re:Can you spell "Hacker"? on Software to Randomize Police Operations at LAX · · Score: 2, Interesting

    That is an interesting modification. All it would take is substituting their existing (hopefully cryptographically secure RNG) with a random seeming PRNG that is very predictable, such as AES-ing output from /dev/zero with an all zero 128-bit cypher key. The output looks random to the people being assigned to the sweep teams, but for the attacker, he or she will know exactly where they are... and are not.

    I just hope the ARMOR system is (excuse the pun) well ARMORed against attacks, both local and remote.

  8. Re:anti net neutrality for spammers on New Spam Site Found Every Three Seconds · · Score: 1

    This can be slowed down on the ISP's end by doing two things:

    1: Blocking outgoing port 25, unless the customer explicitly asks for it to be unblocked and will take the consequences of his or her actions if spam results.

    2: Offering a properly configured SMTP server which is up to date on SPF records, DomainKeys, and other configurations, so people who have dynamic IPs and E-mail servers can use that server as a smart host, while their dynamic IP can reside on a dial up blackhole list. Of course, the SMTP server would throttle E-mail sent through it when it got to a certain threshold of messages per time period.

    Doing both these things would keep spam zombie bots from spewing (unless they use ports 587 or 465, but that is more of the receiving end's problem similar to allowing an open relay), and it would allow users to be able to send E-mail out without issue.

  9. Re:ASSP is the answer on New Spam Site Found Every Three Seconds · · Score: 1

    Remarkably, I have found Exchange 2007 good at stopping spam, once you enable the anti-spam rulesets at your mail gateway or edge server by running the .\install-AntispamAgents.ps1 script then restarting the Exchange transport service.

    To boot, on supported installations, Microsoft is very good at updating anti-spam heuristics either weekly or more often when needed.

    So far, just the default rulesets have dropped almost all incoming spam before it reaches my mailbox, and the few that do get through will be dropped into my junk E-mail folder when I run MailWasher Pro.

  10. Re:Windows Server rocks on Microsoft's Savvy Open Source Move · · Score: 1

    Windows Server 2008 offers a 60 day grace period, but you can rearm it three times:

    http://support.microsoft.com/kb/948472

    As a student, there are ways to obtain permanently activated copies for less than the $999 or so retail. Most universities have MSDNAA access where you can log on and download a CD key for free. If that doesn't work, there is a deal if you log onto your MSDNAA account to obtain a one year Technet subscription for $99. This is for evaluation only licenses, but removes any time limitation not just on Server 2008, but any commercial MS product. Of course, as a student, you can buy a fully licensed copy for $500 each, and some universities even offer fully licensed copies for $10 or so.

  11. Re:And? on VeriSign Jacks Up .com, .net Prices To the Max · · Score: 4, Insightful

    Hate to be a devil's advocate here, and but Verisign in some ways has to, because publically traded companies like VRSN have to show their shareholders they are earning as much money as the traffic can bear, and if not, why not.

    If they don't, shareholders will become former shareholders, and/or try to find reasons to sue. This is true about any company, if any company cuts prices on a flagship product, they need to have a good reason (such as a new model, competition is forcing their hand, or perhaps going for higher volume sales) to explain why to shareholders why they did so and why they chose to get less income.

    Verisign isn't perfect, but the real culprits are ICANN, and the short range thinking of stockholders in the US who only care about what is coming next quarter, rather than being with a company long term. I'd rather invest in a company who has multiple subsequent quarterly charges against their income for R&D than one which always makes the numbers (even barely) each quarter, but really has no real direction to expand.

  12. I wish OOo would sign (PGP or authenticode) on OpenOffice.org 2.4 Released · · Score: 4, Interesting

    I wish the OpenOffice.org project maintainers would PGP/gpg sign their MD5 sum files at the least, or if they can get a code signing key, Authenticode sign their installer on Windows.

    PGP/gpg is available at no cost, and having the key available from keyservers (and signed by a good number of people) would provide basic software assurance.

    I know this is a relatively small gripe, but just for integrity reasons it would be nice that they did so, so I knew a copy I have was not corrupted (or even worse, tampered with.) OOo does such a major role in day to day use for a lot of organizations that if a compromised version made its way around the Internet, it could mean a major disaster.

    Last, and I know I'm boring with this, a number of companies won't install anything on their machines unless the files are cryptographically signed in some way. This is more of a legal CYA policy, but it would be nice to be able to use OOo in places like this and have validated, signed executables.

  13. Re:What spooks me on What Spooks Microsoft's Chief Security Advisor · · Score: 2, Insightful

    Actually, those times are upon us, and its not a bad thing. Any professional software developer will sign their install code, .MSI files, .CAB files, and executables before it ships. Its not uncommon for a company to have a domain policy of refusing to execute any executables on a production network that are not Authenticode signed.

    Why is this not a bad thing? Simple due diligence/CYA. If I install a signed executable from a company and it causes a malware breach, then the damage done can be explained away as not my fault, but the publisher, and should I be in a publically traded company, the shareholders would go and sue that company for losses and not the place I work. With signed executables, I can point fingers, which is quite important in a corporate environment where what matters is who is at fault, not fixing what went wrong.

    Code signatures are not 100% security. To use an analogy, a signature is just like the seal on a bottle of aspirin -- it doesn't ensure that the aspirin is of a quality level, but it does show that the stuff hasn't been tampered with.

  14. Re:Stupid Is as Stupid Does on Windows 7 Likely Going Modular, Subscription-based · · Score: 1

    Windows up to ME will ask for the CD if installing a new driver because almost always, there would be a related driver needed. Windows 2000, 2003, and XP use a driver.cab file which contained most of the main drivers the OS needed, and would only need the CD if you are installing additional functionality such as the mentioned web server. Windows Vista and Server 2008 are image based and don't need the OS media at all after install (unless doing a repair) when adding additional features.

    As part of installing the OS, if its an OS earlier than Vista or 2008, I just make a directory in the \WINDOWS subdir, then xcopy the CD to there. Then, if prompted for the CD, I can just point it to the .inf files it wants there.

  15. Re:GPS on Cubicle Security For Laptops, Electronics? · · Score: 2, Informative

    That is a good suggestion. A lot of laptops (Dell and HP definitely) of recent make have BIOS level hooks for Computrace's LoJack software, so even if the drive is wiped, the machine will still be able to phone home and check if its flagged stolen as soon as its booted.

    LoJack also offers a facility for remote deletion of data so if a really sensitive laptop is stolen, it can be securely erased by remote, similar to how one can wipe Blackberries and Windows Mobile devices if lost or stolen.

  16. Physical and logical security on Cubicle Security For Laptops, Electronics? · · Score: 5, Informative

    To the OP: How bad is the thievery rate? Is it a place where anybody can enter to possibly steal, or is it a place where you need locks to keep honest people honest?

    You can get some decent cable locks that are Bic Pen resistant. I use these:

    http://us.kensington.com/html/11208.html
    on all my equipment, be it desktop or laptop. Of course, they can be cut, but it would be a dedicated effort to do so.

    First, the locking cabinet is an idea, but of course if someone is desperate enough to cut cable locks, they likely will try for the cabinet if its not bolted down. You could go with a motion detecting alarm, or a locking cable that has an alarm that will sound if cut, but co-workers will get really annoyed if the system makes false alarms often.

    Kensington's alarmed lock: http://us.kensington.com/html/6311.html

    Second, have you considered a dock for your laptop, if one is available? Almost all docks have some way of locking the laptop to the dock either via a lever and a padlock or something using a Kensington lock slot. Then, you can hook all your monitors and items to the dock and just do a simple eject to hit the road with your laptop.

    Third, have you considered logical security? If you are worried about data theft as opposed to physical, consider something like TrueCrypt that can encrypt your Windows boot/system drive, and also encrypt data on external drives. If you use keyfiles, after you type in your preboot passphrase, the external drives can automount while still providing security from thieves. For further protection, you can use TrueCrypt on external drives, and use PGP's whole disk encryption with a cryptographic hardware token. Then, you can use cable locks for your devices and if someone does steal one, it will be "merely" a hardware theft rather than hardware and sensitive data.

    Last, if you can't find a metal box, have you considered hitting a metal shop with the dimensions of what you want for a cage, and having them weld you up one? I have had this done (and the cage bolted down solidly) when I wanted to make sure some file servers, switch, and a router would not be stolen. Even though I did not know who other than myself had the key to the room the equipment was in, only I had the key to that cage, so I knew that the equipment might be powered off or perhaps vandalized, it wouldn't be stolen without some major effort. A welder can use pinless hinges and tabs so someone attempting to break into the cage by a crowbar wouldn't be successful.

  17. Re:The purpose of anti-piracy actions should be... on Game Developers Should Ignore Software Pirates · · Score: 1

    Perhaps, if there has to be any protection, the best would be to have a multiplayer network, but only one of the same CD serial number can be on at a time. This would encourage people to purchase the game.

    For example, Neverwinter Nights 1 and Warcraft 3 as of now has the CD protection patched out, but people definitely still buy the game to access multiplayer features such as server lists.

  18. Public companies can't -- or shareholders will sue on Game Developers Should Ignore Software Pirates · · Score: 4, Insightful

    Devil's advocate here:

    Public game companies can't just ignore pirates because shareholders will be all over them for not doing anything about such a big "loss of revenue".

    Yes, to us, CD-ROM protection and such is worthless and only encourages cracks, but a lot of companies use it as CYA, mainly to fill out the "due diligence" checkbox for the blank of "stopping IP loss", so when the copy protection stuff does get cracked, the company can shed crocodile tears, tell their shareholders at the next quarterly meeting that they did their best, but the old evil pirates beat them again.

    Private companies, or those not shackled to having to keep their quarterly profits up, to heck with anything else, its different In the long run, not having some form of copy protection brings in more revenue because more people see the game and will at least pick it up, especially if it has expansions.

  19. Re:Comcast on Comcast Says FCC Powerless to Stop P2P Blocking · · Score: 1

    If we can get IP over power lines in more areas, perhaps the biggest competition to the usual ISPs would be the good old utility companies.

    Of course, WiMax, 4G, and other fast wireless protocols have been promised, but nothing real has come of them yet in the US for the most part. Hopefully, cellular operators like T-Mobile and Sprint can move into this market. Sprint already has decent bandwidth (though not sure how good/bad their latency is).

    Maybe instead of two companies (cable and DSL), we can get the number of options to five in most areas (cable, DSL, WiMax, IP over power lines, and 4G/EV-DO.)

  20. Re:Free implementations exist on Microsoft Accepts Flash For Windows Mobile · · Score: 1

    Maybe this is just me, but I'd like to see a totally independent open standard, similar to how Ogg Vorbis is an independent standard with compressed audio, or PNG is an independent format for displaying pictures.

    This would have to take a lot of thought because it would be hard to get developers on board yet another Web standard, and a lot of man months would have to be put in to check every line of code for potential exploits. It would help having the reader either set its UID to nobody in UNIX, or in Windows spawning a child process with a process token of an untrusted user before parsing the incoming file. In either case, should a buffer overrun or similar actually occur, there is not much bad the software could do, unless there is some OS kernel level flaw to get back to root or SYSTEM without being able to invoke a program.

    Another idea is to use an existing system that is widespread such as Java, and find some way of creating a mini JVM that would have a much abbreviated subset of classes, and would be optimized for use as a player. However, this would also take a lot of coding and adaptation of an existing standard, not to mention the time it would take to confirm there are no real glaring security weaknesses in both the framework and code.

  21. Running AV to tick off a checkbox. on Should Mac Users Run Antivirus Software? · · Score: 4, Interesting

    A lot of companies run antivirus software even on their high end Solaris and AIX machines. Not because there is a likelihood of a RTM worm repeating itself, but because of legal reasons. A lot of corporate clients require their vendors to "have antivirus protection on all computers", a very wide and sweeping statement.

    One reason I can see putting AV on a Mac is so people (and companies) can check this box, saying that all their machines that handle customer data have antivirus protection installed, even if the utility is just triggered from a cronjob that does a scan down the filesystem for infected Windows files every so often.

    Historically, before OS X, Macs did have some viruses, although relatively few of them were malicious. Before Word macro viruses became common, John Norstead's Disinfectant was one of the more used anti-virus utilities that offered not just scanning, but in memory protection.

  22. Re:Molasses for Mac on Should Mac Users Run Antivirus Software? · · Score: 1

    I was too lazy to write AppleScript back in the day. Instead, I wrote a simple C program that installed as a system extension that did one statement:

    ShutDownPower();

    The prank was fairly quickly found out by the target, because Mac users back then always had a utility to selectively disable extensions due to how often they crashed, so it was quickly found and yanked. I also named it something fairly obvious as well.

  23. Re:Internet-connection license? on Mass Website Hack Compromises 200,000 Sites · · Score: 1

    Licensing people would being its own can of worms. First, unless one handed out smartcards and passed legislation to have CAC or a similar smart card readers on every desktop and laptop, it would give identity thieves another easy target because most likely it would be implemented by requiring people to punch in an "Internet license number" for access to websites, similar to how Korea requires your residence registration number if you want to create an account on a website there. Of course, this info is easily obtained from compromised sites, sniffers, or keyloggers.

    This would allow someone you wouldn't want, be it your opposition in a civil lawsuit, some stalking ex or whatnot to find every single post you have done in your life on every single website with a query, just matching your Internet ID number. I would bet that a lot of school districts would have regular searches on student Internet ID numbers to monitor what they posted, and perhaps expel them if they posted something that wasn't accepted, such as Mrs. Crabtree being a hard grader.

    There are tradeoffs; I'll take the botnets over having to leave a permanent bread crumb trail of my real life information anywhere I go. At least with IP addresses, it requires a court order for ISPs to turn over username info in most cases.

  24. Re:Self limiting to a certain extent? on The Uncertain Future of Global Population Numbers · · Score: 2, Interesting

    What I'm worried about is a perfect storm for a disease to hit. First, people are moving into more densely packed areas where human contact with many others is a must for most of the day. Second, with the wide ranging of travel, a bug which started in Arizona can make it to Berlin in a matter of hours and start infecting people. Lastly, even existing bacteria and viruses seem to be giving us trouble, as they mutate into strains resistant to known antibiotics.

    Its theorized that diseases that hit a high population tend to mutate into more lethal forms because it helps them spread more easily.

    I just hope that modern science could defuse a pandemic before it turned into the next black plague.

  25. Flash drive longevity? on The Joy of the Flash Drive · · Score: 2, Informative

    With this shift to Flash drives for data storage, I wonder if this is good or bad for data archival. With magnetic media, if there is a head crash, at least some data can be recovered. With flash, even though it has no moving parts, if something happens to make a large amount of blocks unreadable, there isn't any real way to recover the lost data.