Whether this involves somebody calling the number or not is subject to interpretation. Having seen others' reponses I now see the interpretation that most hold, and I more or less agree. However, the article doesn't actually say that the phone number is called.
You can only multiply them together like you have done if the two variables are independent.
Here this is clearly not the case; if the networks are identical and one fails, it is more likely that the second will fail because the cause might be identical.
I've heard stories about NASA having competely different teams of programmers in different cities being given the same specs. Of multiple computers running different programs independently controlling separate hydraulics, to the point when if one decides to move something one way, the others can physically force it correct. Now that's redundancy.
I'll bet that people designing new computerized air traffic control systems have never even heard of a real-time system, never mind know what one is.
You seem to have forgotten to explain why they were worse.
If they are running thick ethernet and VAX machines, it is probably because nobody has looked at the system recently, presumably because it hasn't failed. This is how things should be.
...truly terrified me...
What terrifies me is that places like hospitals (where things really need to keep working) run systems which have only been around for a few years, and in that time proved themselves to be extremely unreliable, in general.
New features should not be added at the cost of stability, and this is what people seem to be doing all the time. People are perfectly capable of carrying on using paper, and should be trained and have a procedure to do so at a moment's notice. If the job is so complex that paper is simply not an option (this seems unlikely; even air traffic controllers can manage without computers), then computers should have a ridiculous amount of redundancy built in to them, something I've only heard of NASA even approaching.
The names of the files can be rather incriminating, since it isn't likely that a file named "U2-Sunday Bloody Sunday.mp3" is anything but that song, by that artist.
Probably, yes. But if the prosecuters are the same people who are trying to exasperate filesharing attempts by putting fake files out in the wild (correct name and size), then a defendant might have a good point demanding evidence that the file actually does contain the song.
The most obvious answer is to stop pirating...must be obtained through a legitimate sale in an illegal manner. Pay up.
Just because something is illegal does not mean that it's wrong. Not that I'm making any comment on any particular case or law, but it isn't as straightforward as that. Yes, said defendant will end up with a court order to pay up, but he is perfectly entitled to whine about it being unfair (this depends on his opinion about the law, of course; being a hypocrite is no excuse).
I'd happily make donations to the EFF if I knew that they'd act for issues I'm faced with too (I live in England).
The last time I checked, I couldn't find any information about whether they would do this (please correct me if I'm wrong).
Of course, the rest of the world (Europe especially) do seem intent on matching American laws, so making American law sane would indirectly affect me, but that seems a very roundabout way to make my money effective.
Desktop access != Physical access (ever heard of Windows Terminal Services?)
Your solution isn't really the answer. You're doing something that shouldn't be necessary. Everyone generally accepts that local unprivileged user->any more privileged user is a bug (and yes, I'm not trying to prove that it is an MS bug, but it's still a bug).
What about where multiple people who need to keep seperate use the same machine via Terminal Services? What are you saying, buy a machine for each? Doesn't that defeat the point (of course, then you don't run anything that runs as LocalSystem on their desktops)? If that is what is required then what exactly are Microsoft selling?
Sorry, I meant the Windows security problem this article is about by this. I was wondering how you protect yourself from it since according to you a competent sysadmin can do so.
Of which software? Something that comes with Windows, other Microsoft software or third parties?
I haven't seen this mentioned anywhere. Yes, it's a serious bug in Windows because it lets you do that. But if Microsoft are doing it themselves then they can hardly yell vendor-issue, so if this is the case then it's far easier to claim that it's a serious Windows bug.
How long have MIT-MAGIC-COOKIES been around? People care about what security is about now, not however many years ago. That's why networks are sniffable; people considered the issues and decided it wasn't worth the effort at that time. Now that it is worth the effort, we have IPsec (and VPNs) and ssh.
As for xhost authentication, that was by design. The people who designed it knew perfectly well what it didn't do. And X11 being intercepted? All along it is generally accepted that the network is sniffable unless you take additional measures. And that is by design, and that is the purpose of ssh (which admittedly came along later when security became more of an issue).
I don't know how true this Windows bug is, but this issue certainly isn't there by design.
Ultimately, it comes down to the skill of the sysadmin to secure any OS.
I secure myself from X issues by using X tunnelling. How do you secure yourself from this problem then?
I don't think complaining about the fact that I just upgraded my box to a version that was vulnerable (and largely untested) when it was fine in the first place is particularly selfish. YMMV.
Not quite. Our machines boot down a 64k ISDN link. I could get away with upgrading ssh manually, but then it won't stay after a reboot. To do that, I have to integrate it into our existing system for upgrades, which involves a reboot (for us, a scheduled reboot outside business hours isn't a big deal, so our internal system doesn't bother to cope otherwise as it's extra unnecessary effort).
There's nothing to say that this isn't a vulnerability in ssh, nor that is isn't exploitable. I'm complaining about the way it was handled, not the fact that it doesn't exist!
I have seen few "crap" advisories. Most bugtraq postings refer to real vulnerabilities, and the ones that don't are quickly pointed out.
It is important to keep up; the results from those who didn't are well known.
...because 99% of advisories are crap
Then at the very least listen to (hopefully digitally signed) advisories from your own vendor.
Apart from the lack of social grace that he's famous for, I'd say Theo handled this about as securely as he could.
Yes, he did.
Moreover, he did so by folloing the procedure widely accepted in the security community.
No, I don't think he did. Normally the exploit is announced at the same time as the fix or workaround. Instead of this, he told everyone to upgrade (which is an unnecessary inconvenience for at least some people, who could just use the workaround). He has basically forced us to (unnecessarily) upgrade to a version which has known problems.
I don't think this is standard practice, but clearly it isn't a standard situation (ssh is the one thing that locked-down boxes still may have open, and the upgrade conveniently stopped the exploit without giving it away). I'll admit that whether or not he did the right thing isn't clear cut, but I don't think he did.
With every other exploit/fix that's announced there's a "Window of Exposure" during which you are vulnerable, and that was still the case here. The only difference is that there was a chance that fewer people knew about it. But given that the exploit was found, there's no reason that it hasn't already been actively exploited for a while by black-hats.
It's generally accepted that there's always going to be a "Window of Exposure", and that the way to keep this to a minimum is to coordinate the announcement of the exploit with the announcement of the fix. I don't see why that couldn't have been the case here.
While I accept the advantages of his approach, in my particular case the disadvantages far outweigh them (if I had decided to upgrade all the boxes I'm responsible for, this would have taken me maybe about 36 hours and many remote reboots. Had I messed up then entire businesses would have gone without functional computers). My problem is that he made the decision for us, and this is exactly what full disclosure is not supposed to do.
Slashdot Mirror
Checking manually that the number matches the one shown in the photo.
Yes, I did RTFA.
The numbers are also checked manually...
Whether this involves somebody calling the number or not is subject to interpretation. Having seen others' reponses I now see the interpretation that most hold, and I more or less agree. However, the article doesn't actually say that the phone number is called.
So, if I don't like someone, all I have to do is make up a few ads with his number on and stick them up places, and the state will spam him for me?
Are you sure? It seems like something broke your shift key...
You've got all you need. Just clone the men, but while you're at it throw away the Y chromosome and provide an X from one of the other clones.
Of course, sustaining a pregnancy in a glass jar may pose a bit of a problem...
kind of a next evolution of the yellow pages
Really? I swear my dead-tree yellow pages does the same thing...
include the cost of working out the TCO?
I don't know about military operations, but in the UK, AIUI, they don't use computer systems in the first place.
They're busy putting one in, but AFAIK it isn't operational yet, and has been plagued with problems.
No.
You can only multiply them together like you have done if the two variables are independent.
Here this is clearly not the case; if the networks are identical and one fails, it is more likely that the second will fail because the cause might be identical.
That wasn't a manned flight :-)
I've heard stories about NASA having competely different teams of programmers in different cities being given the same specs. Of multiple computers running different programs independently controlling separate hydraulics, to the point when if one decides to move something one way, the others can physically force it correct. Now that's redundancy.
I'll bet that people designing new computerized air traffic control systems have never even heard of a real-time system, never mind know what one is.
To be fair, they have gotten much better...
You seem to have forgotten to explain why they were worse.
If they are running thick ethernet and VAX machines, it is probably because nobody has looked at the system recently, presumably because it hasn't failed. This is how things should be.
What terrifies me is that places like hospitals (where things really need to keep working) run systems which have only been around for a few years, and in that time proved themselves to be extremely unreliable, in general.
New features should not be added at the cost of stability, and this is what people seem to be doing all the time. People are perfectly capable of carrying on using paper, and should be trained and have a procedure to do so at a moment's notice. If the job is so complex that paper is simply not an option (this seems unlikely; even air traffic controllers can manage without computers), then computers should have a ridiculous amount of redundancy built in to them, something I've only heard of NASA even approaching.
The fee cannot possibly be a fine. The most it can be is an out-of-court settlement.
The names of the files can be rather incriminating, since it isn't likely that a file named "U2-Sunday Bloody Sunday.mp3" is anything but that song, by that artist.
Probably, yes. But if the prosecuters are the same people who are trying to exasperate filesharing attempts by putting fake files out in the wild (correct name and size), then a defendant might have a good point demanding evidence that the file actually does contain the song.
The most obvious answer is to stop pirating...must be obtained through a legitimate sale in an illegal manner. Pay up.
Just because something is illegal does not mean that it's wrong. Not that I'm making any comment on any particular case or law, but it isn't as straightforward as that. Yes, said defendant will end up with a court order to pay up, but he is perfectly entitled to whine about it being unfair (this depends on his opinion about the law, of course; being a hypocrite is no excuse).
So, if someone pays the bills, he can then legally digitally own everything he got billed for! With no EULAs in sight, presumably.
I'd happily make donations to the EFF if I knew that they'd act for issues I'm faced with too (I live in England).
The last time I checked, I couldn't find any information about whether they would do this (please correct me if I'm wrong).
Of course, the rest of the world (Europe especially) do seem intent on matching American laws, so making American law sane would indirectly affect me, but that seems a very roundabout way to make my money effective.
Have you tried putting an ACL on your toilet roll holder? :-P
Desktop access != Physical access (ever heard of Windows Terminal Services?)
Your solution isn't really the answer. You're doing something that shouldn't be necessary. Everyone generally accepts that local unprivileged user->any more privileged user is a bug (and yes, I'm not trying to prove that it is an MS bug, but it's still a bug).
What about where multiple people who need to keep seperate use the same machine via Terminal Services? What are you saying, buy a machine for each? Doesn't that defeat the point (of course, then you don't run anything that runs as LocalSystem on their desktops)? If that is what is required then what exactly are Microsoft selling?
Sorry, I meant the Windows security problem this article is about by this. I was wondering how you protect yourself from it since according to you a competent sysadmin can do so.
Of which software? Something that comes with Windows, other Microsoft software or third parties?
I haven't seen this mentioned anywhere. Yes, it's a serious bug in Windows because it lets you do that. But if Microsoft are doing it themselves then they can hardly yell vendor-issue, so if this is the case then it's far easier to claim that it's a serious Windows bug.
Maybe I'm missing something.
How long have MIT-MAGIC-COOKIES been around? People care about what security is about now, not however many years ago. That's why networks are sniffable; people considered the issues and decided it wasn't worth the effort at that time. Now that it is worth the effort, we have IPsec (and VPNs) and ssh.
As for xhost authentication, that was by design. The people who designed it knew perfectly well what it didn't do. And X11 being intercepted? All along it is generally accepted that the network is sniffable unless you take additional measures. And that is by design, and that is the purpose of ssh (which admittedly came along later when security became more of an issue).
I don't know how true this Windows bug is, but this issue certainly isn't there by design.
Ultimately, it comes down to the skill of the sysadmin to secure any OS.
I secure myself from X issues by using X tunnelling. How do you secure yourself from this problem then?
I don't think complaining about the fact that I just upgraded my box to a version that was vulnerable (and largely untested) when it was fine in the first place is particularly selfish. YMMV.
Not quite. Our machines boot down a 64k ISDN link. I could get away with upgrading ssh manually, but then it won't stay after a reboot. To do that, I have to integrate it into our existing system for upgrades, which involves a reboot (for us, a scheduled reboot outside business hours isn't a big deal, so our internal system doesn't bother to cope otherwise as it's extra unnecessary effort).
Hold on a minute...
There's nothing to say that this isn't a vulnerability in ssh, nor that is isn't exploitable. I'm complaining about the way it was handled, not the fact that it doesn't exist!
I have seen few "crap" advisories. Most bugtraq postings refer to real vulnerabilities, and the ones that don't are quickly pointed out.
It is important to keep up; the results from those who didn't are well known.
Then at the very least listen to (hopefully digitally signed) advisories from your own vendor.
It's not exploitable on x86 linux.
IIRC Gobbles claims that is. That doesn't mean it is by any means, but I'm not ruling it out.
Apart from the lack of social grace that he's famous for, I'd say Theo handled this about as securely as he could.
Yes, he did.
Moreover, he did so by folloing the procedure widely accepted in the security community.
No, I don't think he did. Normally the exploit is announced at the same time as the fix or workaround. Instead of this, he told everyone to upgrade (which is an unnecessary inconvenience for at least some people, who could just use the workaround). He has basically forced us to (unnecessarily) upgrade to a version which has known problems.
I don't think this is standard practice, but clearly it isn't a standard situation (ssh is the one thing that locked-down boxes still may have open, and the upgrade conveniently stopped the exploit without giving it away). I'll admit that whether or not he did the right thing isn't clear cut, but I don't think he did.
With every other exploit/fix that's announced there's a "Window of Exposure" during which you are vulnerable, and that was still the case here. The only difference is that there was a chance that fewer people knew about it. But given that the exploit was found, there's no reason that it hasn't already been actively exploited for a while by black-hats.
It's generally accepted that there's always going to be a "Window of Exposure", and that the way to keep this to a minimum is to coordinate the announcement of the exploit with the announcement of the fix. I don't see why that couldn't have been the case here.
While I accept the advantages of his approach, in my particular case the disadvantages far outweigh them (if I had decided to upgrade all the boxes I'm responsible for, this would have taken me maybe about 36 hours and many remote reboots. Had I messed up then entire businesses would have gone without functional computers). My problem is that he made the decision for us, and this is exactly what full disclosure is not supposed to do.