Believable? Definately. Predictable? Difficult. Not this one, or the next one. But they keep coming.
You can draw some inferences from the progression since Melissa. (Remember Milissa? Melissa was nice.)
This is what you get with "Security by Obscurity". The only thing that would actually help would be to keep the anti-virus software completely out of the hands of the crackers.
As for risk, a shipping clerk puts a bad character, or too many characters and really messes things up. I'd feel a lot safer if the exploits were published and explained before the patches. Some secretive "security" patch seems like an excellent way to exploit the gullible. At this point, I'd consider "anti-virus" software to be a security risk. At best it protects against yesterday's viruses, which are really not all that bad. At worst it is an active agent of something deadly. Generally, it just gives a false sense of security. My users know they will get them. It's just a good idea not to run them. Don't trust unexpected executables from anyone, especially people you know.
Seems like one of the basic rules of security is to never download directly to the victim computer. Use a different computer, preferably a different OS. Also, no "internal" server should ever be connected to the internet. (Just kill the gateway address). I had an IIS server running, unpatched and uninfected. Finally killed it. Can't trust the worms to stay that dumb.
Remember the time-bomb in RedHat 7.0? Did anybody get burned? I think most people found the update and killed it. Any that didn't would have got the updated update rpm in plenty of time. (Contrast the 90-some day time-bomb in Windows 95/98? which probably came to light only under y2k testing).
No, he's right. This is the first network-based, remote compromise that he is aware of. The others are Outlook-based, IIS-based, IE-based. If he is not aware that Outlook, IIS and IE are pretty much useless without the internet,...
Remember, these are the guys bringing you.NET, Passport, Hailstorm, etc. Is your data safe today? Tomorrow?
Disable scripting. Tell it you do not want to run scripts. Keep telling it you do not want to run scripts. Tell it you do not want do debug errors in the script you told it not to run.
With patience and persistence you can actually read the thing.
"This program requires Internet Explorer 6.0 to be installed.". I'm running IE6 on Windows NT Server 4 in vmware. You're running NT4 Server in vmware? Why? Test. Development. Also a good way to see what it does do as opposed to what it claims to do. My guess is that it attempts to do something (that it shouldn't), can't, and claims that it needs IE6 rather than showing the real reason for not installing. Probably Microsoft's usual ineptness, but should give conspiracy theorists some food for thought. Remember, these are the guys bringing you.NET
There have got to be more than a few OpenBSD users who just smirked at the announcement. Their Solaris systems haven't been vulnerable for the last few years. (as in OpenSSH ported from OpenBSD to Solaris etc.)
Did you ever think of putting certain sites in your Trusted Sites list and enabling Active Scripting for just certain sites??? I have. I do. I just don't trust Microsoft.
I trust internal sites, external sites that I control, Slashdot and TheRegister. I don't even "trust" RedHat, which is a damn sight safer than Microsoft.
There should be a fair amount of prior art from the 60's and 70's (Multics et al), although the idea of just shutting down until the trusted application has finished just might be a Microsoft innovation.
"the digital rights management operating system refuses to load an untrusted program into memory while the trusted application is executing or removes the data from memory before loading the untrusted program." It will be interesting to see how this interacts with Microsoft worms, Outlook popups, etc.
There may be some prior art in MTS (Michigan Terminal System) which allowed user access to vendor controlled programs and files.
If you have that much faith in firewalls, good luck with the next Microsoft worm du jour. Between MSN and Microsoft Update there have got to be plenty of holes not yet "discovered". For the conspiracy minded, consider why DOJ is trying to be so nice to Microsoft. Considering that Microsoft if living with Code Red and Nimda, something minor like helping out our war effort should be easy, very easy to spin.
Anything that looks like it came from Microsoft, by any of Microsoft's certificates, will be blindly accepted. Personally, I never trust anything from Microsoft. "Always trust content from Microsoft Corporation" sounds too much like "Always trust the fox in the chickencoop".
As I expect anyone who has messed with serial communications knows, you split the download from the update. Granted, the all at once is convenient, but many things can and do go wrong, without much of an indication of problems. Secondly, you will want to update several systems (or reinstall and re-update). Thirdly, you download to a system other that the target (victim), preferably running a different os.
Forget the signatures. Did you check the file sizes?;)
Current crop of worms and viruses seems proof enough.
All software (especially microsoft software) is componentised. So is PC hardware. That's why I can plug a SCSI disk into an IDE controller and it just works. NOT.
You can easily replace IE as the shell with something else like KDE, Gnome or File Manager. Now that would be interesting to see. KDE running on Windows.
Konqueror seems to run just fine on RH 7.2 without Gnome. If Gnome's help browser doesn't work there are alternatives that do.
Realize that IE is insecure and start moving everything that matters out of reach. It's not like the patch for this this will fix all the yet to be discovered holes. Cheap trick is Find all the *script* thingees and delete/change their names. Changing names is probably better just in case someone really needs the function.
Yeah, you can use a bug or a hole to do good, but it will tend to be sensitive to exactly what version is being used. Taking advantage of bugs may be necessary or expedient, but expect something to break in the near future.
Microsoft gets confused easily. For fun, try out various nonsense headers when sending an AutoDesk.dwf file back to the browser.
Poo.
IE will have a number of hooks and backdoors into the system, even if what is visible only runs as the user.
As for bash or Gnome being an integral part of Redhat 7, either can be replaced even by nincompoops like me.
The code for the asking and the running were done by different departments, which don't really have much to do with each other. BTW, "ask permission to open some file with notepad" is NOT what it is asking. It is asking if you want to open the file, with a non-definitive icon that might relate to the file type.
I think Linux can (or at least could).
It has to do with how you number hard drives.
hda, hdb are master, slave on primary ide.
hdc, hdd are master, slave on secondary ide.
hde, hdf are master, slave on Promise ATA primary.
hdg, hdh are master, slave on Promise ATA secondary.
This works as long as nothing "slides over" to fill in the gaps.
Beware of "user-friendly";-)
Looks like closed source has more than the heel unprotected.There are no magic bullets, but with open source there is maybe a better fighting chance. Somebody, somewhere, sometime can. Will is a different matter, but at least lets not make it impossible.
There is the classic programmer's bank fraud that rounds down interest payments and siphons the errors to his own account.
Everybody's micropayments concentrated in one place seems like an open invitation to abuse.
Must be the ones targeted by a brochure I just got from Microsoft.
Titled: big thinkers don't sweat the tech stuff
Special offer inside for small business owners who prefer to think big.
Inside: Save 69%
Ordinarily you could purchase these items separately for a total cost of over $3,100. But with this gread deal from *** you can save over $960. That's 69% off -- ideal for the...
Well... 69% as $960/$3100 is thinking big, especially if you don't sweat tech stuff like the difference between price and savings.
Slashdot Mirror
You've got the kindergarten block icons for Office 2000.
Question. Is Bill Gates regressing into childhood?
Believable? Definately. Predictable? Difficult. Not this one, or the next one. But they keep coming.
You can draw some inferences from the progression since Melissa. (Remember Milissa? Melissa was nice.)
This is what you get with "Security by Obscurity". The only thing that would actually help would be to keep the anti-virus software completely out of the hands of the crackers.
As for risk, a shipping clerk puts a bad character, or too many characters and really messes things up. I'd feel a lot safer if the exploits were published and explained before the patches. Some secretive "security" patch seems like an excellent way to exploit the gullible. At this point, I'd consider "anti-virus" software to be a security risk. At best it protects against yesterday's viruses, which are really not all that bad. At worst it is an active agent of something deadly. Generally, it just gives a false sense of security. My users know they will get them. It's just a good idea not to run them. Don't trust unexpected executables from anyone, especially people you know.
Seems like one of the basic rules of security is to never download directly to the victim computer. Use a different computer, preferably a different OS. Also, no "internal" server should ever be connected to the internet. (Just kill the gateway address). I had an IIS server running, unpatched and uninfected. Finally killed it. Can't trust the worms to stay that dumb.
Remember the time-bomb in RedHat 7.0? Did anybody get burned? I think most people found the update and killed it. Any that didn't would have got the updated update rpm in plenty of time. (Contrast the 90-some day time-bomb in Windows 95/98? which probably came to light only under y2k testing).
No, he's right. This is the first network-based, remote compromise that he is aware of. The others are Outlook-based, IIS-based, IE-based. If he is not aware that Outlook, IIS and IE are pretty much useless without the internet, ...
.NET, Passport, Hailstorm, etc. Is your data safe today? Tomorrow?
Remember, these are the guys bringing you
Disable scripting. Tell it you do not want to run scripts. Keep telling it you do not want to run scripts. Tell it you do not want do debug errors in the script you told it not to run.
;)
With patience and persistence you can actually read the thing.
Gives a bit of new meaning to plug and pray
"This program requires Internet Explorer 6.0 to be installed.". I'm running IE6 on Windows NT Server 4 in vmware. .NET
You're running NT4 Server in vmware? Why?
Test. Development. Also a good way to see what it does do as opposed to what it claims to do. My guess is that it attempts to do something (that it shouldn't), can't, and claims that it needs IE6 rather than showing the real reason for not installing. Probably Microsoft's usual ineptness, but should give conspiracy theorists some food for thought. Remember, these are the guys bringing you
Leaky, that is.
It'll protect you (as long as you do not use it)
Then how?
Explicitly.
There have got to be more than a few OpenBSD users who just smirked at the announcement. Their Solaris systems haven't been vulnerable for the last few years. (as in OpenSSH ported from OpenBSD to Solaris etc.)
Did you ever think of putting certain sites in your Trusted Sites list and enabling Active Scripting for just certain sites???
I have. I do. I just don't trust Microsoft.
I trust internal sites, external sites that I control, Slashdot and TheRegister. I don't even "trust" RedHat, which is a damn sight safer than Microsoft.
No help, but have you done anything to improve the security so that Magic Lantern would not be able to be installed?
There should be a fair amount of prior art from the 60's and 70's (Multics et al), although the idea of just shutting down until the trusted application has finished just might be a Microsoft innovation.
"the digital rights management operating system refuses to load an untrusted program into memory while the trusted application is executing or removes the data from memory before loading the untrusted program."
It will be interesting to see how this interacts with Microsoft worms, Outlook popups, etc.
There may be some prior art in MTS (Michigan Terminal System) which allowed user access to vendor controlled programs and files.
If you have that much faith in firewalls, good luck with the next Microsoft worm du jour. Between MSN and Microsoft Update there have got to be plenty of holes not yet "discovered". For the conspiracy minded, consider why DOJ is trying to be so nice to Microsoft. Considering that Microsoft if living with Code Red and Nimda, something minor like helping out our war effort should be easy, very easy to spin.
Anything that looks like it came from Microsoft, by any of Microsoft's certificates, will be blindly accepted. Personally, I never trust anything from Microsoft. "Always trust content from Microsoft Corporation" sounds too much like "Always trust the fox in the chickencoop".
As I expect anyone who has messed with serial communications knows, you split the download from the update. Granted, the all at once is convenient, but many things can and do go wrong, without much of an indication of problems. Secondly, you will want to update several systems (or reinstall and re-update). Thirdly, you download to a system other that the target (victim), preferably running a different os. ;)
Forget the signatures. Did you check the file sizes?
Current crop of worms and viruses seems proof enough.
All software (especially microsoft software) is componentised.
So is PC hardware. That's why I can plug a SCSI disk into an IDE controller and it just works. NOT.
You can easily replace IE as the shell with something else like KDE, Gnome or File Manager.
Now that would be interesting to see. KDE running on Windows.
Konqueror seems to run just fine on RH 7.2 without Gnome. If Gnome's help browser doesn't work there are alternatives that do.
Realize that IE is insecure and start moving everything that matters out of reach. It's not like the patch for this this will fix all the yet to be discovered holes. Cheap trick is Find all the *script* thingees and delete/change their names. Changing names is probably better just in case someone really needs the function.
Yeah, you can use a bug or a hole to do good, but it will tend to be sensitive to exactly what version is being used. Taking advantage of bugs may be necessary or expedient, but expect something to break in the near future. .dwf file back to the browser.
Microsoft gets confused easily. For fun, try out various nonsense headers when sending an AutoDesk
Poo.
IE will have a number of hooks and backdoors into the system, even if what is visible only runs as the user.
As for bash or Gnome being an integral part of Redhat 7, either can be replaced even by nincompoops like me.
The code for the asking and the running were done by different departments, which don't really have much to do with each other. BTW, "ask permission to open some file with notepad" is NOT what it is asking. It is asking if you want to open the file, with a non-definitive icon that might relate to the file type.
I think Linux can (or at least could). ;-)
It has to do with how you number hard drives.
hda, hdb are master, slave on primary ide.
hdc, hdd are master, slave on secondary ide.
hde, hdf are master, slave on Promise ATA primary.
hdg, hdh are master, slave on Promise ATA secondary.
This works as long as nothing "slides over" to fill in the gaps.
Beware of "user-friendly"
Looks like closed source has more than the heel unprotected.There are no magic bullets, but with open source there is maybe a better fighting chance. Somebody, somewhere, sometime can. Will is a different matter, but at least lets not make it impossible.
There is the classic programmer's bank fraud that rounds down interest payments and siphons the errors to his own account.
Everybody's micropayments concentrated in one place seems like an open invitation to abuse.
Must be the ones targeted by a brochure I just got from Microsoft.
...
Titled: big thinkers don't sweat the tech stuff
Special offer inside for small business owners who prefer to think big.
Inside: Save 69%
Ordinarily you could purchase these items separately for a total cost of over $3,100. But with this gread deal from *** you can save over $960. That's 69% off -- ideal for the
Well... 69% as $960/$3100 is thinking big, especially if you don't sweat tech stuff like the difference between price and savings.