I'm running Linux (2.4.7-10, yes, RedHat 7.2) Mozilla 0.9.6 and using the email client primarily. Last week I received an email from an Australian client and selected it for preview -- up poped the "Save As or Open" dialog box. This was BadTrans. I didn't open the email - just preview. It would have been easy for me to mistakenly press a key (I wasn't expecting a dialog box, afterall). If this same email with the corrupted MIME header had a destructive ELF executable, everything accessible to my user id would have been threatened (assuming I choose to Open the self-initiating download file either purposefully or accidentally). Of course, since I'm not running as root on my Laptop (an aside: I love how SuSE shows skulls and stuff when a user runs X11 and Gnome/KDE as root), the impact would be minimized, but potentially disasterous nonetheless.
I've not heard others complain about Mozilla getting tricked by the MIME header...and, yes, this behavior is reproducible.
This week, a remote root exploit was discovered in wu-ftpd. Have ALL of you patched your servers? Also last week, another windows worm surfaced. Looking at the two, which is more serious? Obviously the remote root exploit is far worse, chalk one up for windows.
First, yes, my servers are patched (if they're running wu-ftpd at all). I'm a RedHat Network subscriber and recieved the update automatically.
Second, Windows XP Home/9x don't have a true "root" versus user distinction meaning the user has complete root access on their machine so when a virm (virus/worm) attacks through the wide-wide hole that is Windows, the attacker has complete control. This is how a local judge in Orange County was found dealing in child porn -- a exploiting hacker rummaged through the guy's hard drive and planted, er, found a ton of indecent sexually explicit photos of young boys (*shudder*).
Or at least firewall all Windows computers away from the Internet and outlaw Outlook (except, maybe, crippled Outlook 97 running on a WinNT 3.51 server -- no chance for MIME-header virms there).
It'll b interesting to see what he does.
Segway Human Transport (SHT)
on
This is IT?
·
· Score: 2
The unfortunately named SHT...you provide the vowel [aeiouy] for pronunciation -- not matter which one(s) you choose, it won't be complimentary...
Remember last years claim that IT was "bigger than the Internet"? In retrospect, it very well may be, but so were the hula hoop and the Pet Rock, and the clip on tie...
Revolutionary? Sure not evolutionary...
on
This is IT?
·
· Score: 2
Reading the Internet's version of Walter Cronkite I've thought a lot about Ginger/IT/Segway as the stories have come out this weekend (and, yes, Ginger was a reference to Fred Astair's more graceful partner)...it seems pretty neat but will do nothing to ease traffic congestion in large cities, especially Southern California. If any place in the US could be a candidate for a dry-weather transportation vehicle, it'd be LA (not SanFran, Seattle, Chicago, NY...). But even LA has enough bad weather that there'd still be the need for a closed-environment vehicle. That being the case, it's much more likely that the car would be used even on clear days.
But, it's not just due to the need to be dry that I dismiss the "revolutionary" hype surrounding this toy -- it's the fact that people already arrange their lives around the automobile. In LA the average commute is 30 mins (which must be grossly skewed by people working from home, because it is nigh-impossible to go anywhere in LA in 30 minutes). People work in central areas but live in increasingly-remote housing areas. As a matter of fact, the fasest growing region in the country is the Inland Empire, a smog-filled, hot-as-hell snake pit (lovely place) east of LA. But the house prices are very low compared to the "beach cities". It's the automobile that makes this commute possible. So, tell me how many people are going to forgo an automobile, with it's creature comforts and potential for travelling a fast speeds, for an 8 mile-an-hour gyroscoping pogo-stick? You'd have to not merely redesign cities but reverse the suburbanization of America to make this a widely-used device. Too many people have invested the next 30 years of income into their home in the (hellish as they may be) suburbs.
And Alan would point out man solved the balance problem long before the gyroscope by adding another wheel. Low tech, but effective.
< s/b >... I'm always transposing them...not my fault...Mom was left handed (naturally) and taught me the difference between right and left -- backwards.
Well and fine. I'm trying to get a reason __beyond__ format considerations for subscribing. Content differences? Perks? I have plenty o' reading material for the throne room library -- any more and hemrhoids are a real possibility. Also, as far as supporting the community -- wouldn't sending $20 do better?
Folks...I'm asking for something inherent with the print media that I'm missing online -- besides portability and community support. There's got to be something, right?
Actually, one respondant gave me one reason: archivability. It's true I could archive the web pages or rely on Google cache...but there's something to be said for looking thru old copies of early Byte or PC Magazine (when there was actual competition in the DOS world)...However, is that the only reason? If so, why could I not get a CD-Rom subscription for a more permanent (?), less-volumnious archive?
Thanks for the usefull response. Fortunately, anonymous ftp access had been disabled long ago (that was one "service" I argued we didn't need). Is there a slashbox for BugTraq? I'll check again...
Sounds like Byte in the early days when the PC market was (well before the PC market, actually) young, small, and the articles were strangely juxtaposed. One question: any ads with naked people in a hottub?
Someone please take a lesson from Thurgood Marshall who passed up hundreds of chances to challenge civil rights laws until he finally got a case with facts that were clear cut, and prejudice was obvious (Brown v Board of Education for those interested).
So they should stop trying to defend people and concentrate on their political agenda?
I just found one of our servers (which I did not have primary responsibility over) was running the latest version of wu-ftpd... so, what does one of these latest attacks look like (don't say "liuxtoday.com")? How could I spot an attempt in/var/log/messages?
As a RHN subscriber, I received the notification on Nov 27 with instructions on receiving a patch. Subscriptions are free for one machine per email address (*ahem*), without any other requirement (you don't have to buy a distro from them to sign up; yes, I bought a box of 7.2).
Here's the alert (minus my system info and edited to avoid the LAME lameness filter):
---
Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered with the Software Manager
service:
Security Advisory - RHSA-2001:157-06
Summary:
Updated wu-ftpd packages are available
Description:
An overflowable buffer exists in earlier versions of wu-ftpd.
An attacker could gain access to the machine by sending malicious
commands.
It is recommended that all users of wu-ftpd upgrade to the lastest
version.
--
Taking Action
--
You may address the issues outlined in this advisory in two ways:
- log in to Red Hat Network at https://rhn.redhat.com and from the
listing showing under 'Your RHN' select the affected servers and
download or schedule a package update for that system.
- run the Update Agent on the affected machine.
--
Changing Notification Preferences
--
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.
You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.
--
Affected Systems List
--
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.
There is 1 affected system registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).
Release Arch Profile Name
7.1 i686 localhost
The Red Hat Network Team
This message is being sent by Red Hat Network Alert to:
RHN user login: localhost
Email address on file:
Listen, pal, very, very few commuters run on electricty. Oh, yeah, you'll see a few GM EV1's or Honda Insights (which is only a hybrid, anyway) during your morning commute, but the vast majority of drivers still rely on the internal combustion engine.
Ok - you who get paper Linux journals (including Linux Journal, har har) tell me what you get (besides a toliet-friendly reading format) that you don't or can't online? Since 1999 I've cancelled all my paper journals and only read things online. Am I missing anything? (Since I got my 802.11b-enhanced laptop, I've solved the "formatting" problem...)
Slashdot Mirror
I've not heard others complain about Mozilla getting tricked by the MIME header...and, yes, this behavior is reproducible.
First, yes, my servers are patched (if they're running wu-ftpd at all). I'm a RedHat Network subscriber and recieved the update automatically.
Second, Windows XP Home/9x don't have a true "root" versus user distinction meaning the user has complete root access on their machine so when a virm (virus/worm) attacks through the wide-wide hole that is Windows, the attacker has complete control. This is how a local judge in Orange County was found dealing in child porn -- a exploiting hacker rummaged through the guy's hard drive and planted, er, found a ton of indecent sexually explicit photos of young boys (*shudder*).
Hmmmm...maybe I like Windows after all...
It'll b interesting to see what he does.
Remember last years claim that IT was "bigger than the Internet"? In retrospect, it very well may be, but so were the hula hoop and the Pet Rock, and the clip on tie...
But, it's not just due to the need to be dry that I dismiss the "revolutionary" hype surrounding this toy -- it's the fact that people already arrange their lives around the automobile. In LA the average commute is 30 mins (which must be grossly skewed by people working from home, because it is nigh-impossible to go anywhere in LA in 30 minutes). People work in central areas but live in increasingly-remote housing areas. As a matter of fact, the fasest growing region in the country is the Inland Empire, a smog-filled, hot-as-hell snake pit (lovely place) east of LA. But the house prices are very low compared to the "beach cities". It's the automobile that makes this commute possible. So, tell me how many people are going to forgo an automobile, with it's creature comforts and potential for travelling a fast speeds, for an 8 mile-an-hour gyroscoping pogo-stick? You'd have to not merely redesign cities but reverse the suburbanization of America to make this a widely-used device. Too many people have invested the next 30 years of income into their home in the (hellish as they may be) suburbs.
And Alan would point out man solved the balance problem long before the gyroscope by adding another wheel. Low tech, but effective.
< s/b > ... I'm always transposing them...not my fault...Mom was left handed (naturally) and taught me the difference between right and left -- backwards.
This topic is very much about a "post on proper indentation". Read the story BEFORE moderating.
If it does get hot, will it self-repair the cracks and bubbles in the Cube's casing?
*grunt* Yes, *snort* I agree *squeal*
Pig Organs: squeal when you say that.
Anything else? I've got "archival" with the caveat that CD-ROM archival, if available is possibly better, but it is a valid benefit.
Is there any reason BESDIES format (or archival) for getting a paper journal covering Linux? Any?
Folks...I'm asking for something inherent with the print media that I'm missing online -- besides portability and community support. There's got to be something, right?
Actually, one respondant gave me one reason: archivability. It's true I could archive the web pages or rely on Google cache...but there's something to be said for looking thru old copies of early Byte or PC Magazine (when there was actual competition in the DOS world)...However, is that the only reason? If so, why could I not get a CD-Rom subscription for a more permanent (?), less-volumnious archive?
At least they're offering a fix...
Thanks for the usefull response. Fortunately, anonymous ftp access had been disabled long ago (that was one "service" I argued we didn't need). Is there a slashbox for BugTraq? I'll check again...
Sounds like Byte in the early days when the PC market was (well before the PC market, actually) young, small, and the articles were strangely juxtaposed. One question: any ads with naked people in a hottub?
(kidding! just kidding!)
The boiler-plate is supposed to CYA from the boiler, so, yeah...
Please give me a reason to get the paper version rather than just sending them $20 each year... But I still need an answer to this question:
What does any paper-based journal covering Linux offer that I'm missing online?
I just found one of our servers (which I did not have primary responsibility over) was running the latest version of wu-ftpd... so, what does one of these latest attacks look like (don't say "liuxtoday.com")? How could I spot an attempt in /var/log/messages?
(it's funny. laugh.)
As a RHN subscriber, I received the notification on Nov 27 with instructions on receiving a patch. Subscriptions are free for one machine per email address (*ahem*), without any other requirement (you don't have to buy a distro from them to sign up; yes, I bought a box of 7.2).
Here's the alert (minus my system info and edited to avoid the LAME lameness filter):
---
Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered with the Software Manager
service:
Security Advisory - RHSA-2001:157-06
Summary:
Updated wu-ftpd packages are available
Description:
An overflowable buffer exists in earlier versions of wu-ftpd.
An attacker could gain access to the machine by sending malicious
commands.
It is recommended that all users of wu-ftpd upgrade to the lastest
version.
--
Taking Action
--
You may address the issues outlined in this advisory in two ways:
- log in to Red Hat Network at https://rhn.redhat.com and from the
listing showing under 'Your RHN' select the affected servers and
download or schedule a package update for that system.
- run the Update Agent on the affected machine.
--
Changing Notification Preferences
--
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.
You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.
--
Affected Systems List
--
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.
There is 1 affected system registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).
Release Arch Profile Name
7.1 i686 localhost
The Red Hat Network Team
This message is being sent by Red Hat Network Alert to:
RHN user login: localhost
Email address on file:
Listen, pal, very, very few commuters run on electricty. Oh, yeah, you'll see a few GM EV1's or Honda Insights (which is only a hybrid, anyway) during your morning commute, but the vast majority of drivers still rely on the internal combustion engine.
Get your facts straight before you post, buddy!
Ok - you who get paper Linux journals (including Linux Journal, har har) tell me what you get (besides a toliet-friendly reading format) that you don't or can't online? Since 1999 I've cancelled all my paper journals and only read things online. Am I missing anything? (Since I got my 802.11b-enhanced laptop, I've solved the "formatting" problem...)