I think attack ads simply cater to that "49%" - that being the people that are of below average intelligence. I don't know about others, but I don't pay much attention to smear ads. I realize that if a candidate votes against a bill that would have funded health care for poor kids, it doesn't necessarily mean that candidate wants poor kids to die; It most likely means that the bill had a bunch of other non-related bullshit attached to it that would have wasted my money, or simply didn't belong in the bill in the first place.
A lot of people lack to intelligence or knowledge to see through these smear ads, and I'm pretty sure that's why they work.
Excellent. Obviously if the user was executing the attachment, they would click yes on that prompt, but any other binaries that the malware downloaded and tried to run might invoke suspicion since the user wouldn't expect it.
Vista has this functionlaity built in and it can be added to previous versions of Windows.
"2. Ignore the warning about an "unsafe application" given by Safari or Mail.app.
Every Windows mail client I've seen in the past five years gives users the same types of warning. I fail to see the significance of this step.
"3. Mount the DMG file or unzip the ZIP file."
Uhh huh. Again, 99.9% of Windows email worms also require this step, as most email server blacklist executable extensions.
"4. Still not realize that the dearchived file is not a document despite looking exactly like an application.
That's not a step. Your throwing in extra crap to try and bolster your argument.
"5. Run the application."
Boom. Infected.
"Okay, so now the user has infected their system. Sort of. Their documents may be infected, but those are useless to the virus. They can't be executed, and the user isn't likely to pack up his.APP folders and share them with all his friends. Effectively, the virus has stopped spreading. So what is a virus to do?
So what *is* the virus to do? How about download some more executable code via the interweb, stick it in the users home directory and run it?
"Under a Windows system, it would get ahold of the Outlook address book and mail itself to everyone. Alternatively, it would want to stay resident after reboots and/or collect information about the user's activities. Under a Mac, these things need elevated privileges to do. So the virus would have to:"
And under an OSX system, it would get a hold of the users address book (OSX comes with grep, right?) insert itself int he user's crontab so that it starts at bootup, and use the cli SMTP mailer it downloaded from the interweb to mail itself out to everyone. Lather, rinse, repeat.
"So the virus would have to:
6. Invoke the SUDO app to request elevated privledges. 7. User would need to fill their password into the prompt. 8. Virus would infect the necessary files to do its dirty work of spreading.
Nope. Sorry, but no root access is required.
"Some people may believe that Mac users are really that dumb, but if that were the case then viruses would already run rampant. Instead, we get an impotent "proof of concept" that can't actually spread itself. All it can do is damage your files. For a proof of concept, that's pretty pathetic.
Actually there are simply not enough potential hosts for most malware to spread on OSX. I know it's not a very sexy reason, but that's the way it is. I give Apple kudos for shipping a system with no running deamons though (this mitigates the one type of malware that *doesn't* care about marketshare), and breaking backward compatibility with OS9 to make it so people don't have to run with elevated privs by default.
"As I've mentioned twice now, that's blatently incorrect. It can "infect" your documents, but system files require elevated privileges. "Infecting" your documents does nothing more than damage your files, and the virus can't even stay resident (or stop the user from killing it on the Dock!) without a password. So it's effective impotent and contained unless it can trick the user into giving it his/her password.
And as I've said once, system files need not be touched at all, and processes can stay resident without elevated privileges via the good old cron daemon. What you think is "blatently incorrect" is actually quite correct.
I'm assume because the system would be completely hosed (I envison a kernel panic and subsequently un-bootable system) after running the first command?
All you need to do is convince the user to save an archive attachment. extract it and run the contents. Millions upon millions of Windows users fall for this every damn day. if you think OSX users wouldn't fall for it too then you're delusional.
From there the worm can easily spread on OSX, and no, root would not be required to do so.
"I don't know about Linux or other insecure operating systems, but OS X can be properly secured with a simple: "sudo schg -R/"
I'm sorry to burst your bubble regarding the super-duper security of OSX, those files can unlocked just as easily with this command...
"sudo chflags nouchg -R/"
But I have good news for you. You really can keep root from touching certain files. All you have to do is install an "insecure operating system" like Linux and use SELinux.
"A second domain controller can replicate AD fine, offload authentication, etc., but if your original DC goes up in flames, the reinstallation process must create a new domain;"
Forgive me as I've only ever worked with "real" Windows domains and I'm ignorant in regards to SBS. Does SBS even allow a second DC?
"and there's tons of qualified people out there. "
I think your definition of qualified might be different from mine, because in my experience there is definitely not a surplus of qualified people out there.
"In any case how can they prove "YOU" clicked it."
That's up next in 'Windows Panorama' 2009. By then every machine will have a TPM module inside and (by law) come equipped with a thumb-print/retina scanner. And instead of "clicking", you'll be "submitting" when the EULA comes up.
Polygraph results have never been admissible in court, the reason being that there has never been a scientific study that has shown them to be in any way reliable. Polygraph tests are basically nothing more than a tool of intimidation used by law enforcement to get stupid criminals to confess to things.
My old gateway with two 3com 3c905 and FreeBSD laughs at the measly bit torrent connections I throw at it. Before I set that up a few years ago, I had similar experiences with consumer grade networking gear.
We bought five Area 51m 766 laptops from Alienware in Early 2004. ALL FIVE have had to go back for repair - ALL with different hardware issues. Three of them have had to go back twice. Their turnaround on laptop repairs is three weeks.
As for for price, I remember them being similarly priced to high-end laptops from HP. With their desktop version of the P4 3Ghz, 7200RPM hard drive and fast memory, they are very fast machines, but other components are cheap - like the damn NIC. The chipset and NIC was a SiS based and I've had intermittent problems with it ever since getting it.
While my Alienware is fast, and it's been decent since the last time I sent it in, I'm counting the days (only a few months to go!) until the warrantee expires so I can at least be eligible to get a new one.
One more small note - which is rather on-topic. They have a forum on their website in which you have to be a customer to post in, and I visited it to see if I could find an answer to a screen blanking issue we (and about 1000 others) were having. In my short time there I noticed that threads that were in any way critical of Alienware or showed any amount of frustration with Alienware were simply deleted by the moderators.
We have a user who insisted on using word perfect 5.1 for DOS up through the time everyone was using Windows 2000/Office 2000. We didn't mind because it was no big strain on us. She understood the issue of file compatibility and dealt with it on her own. We just kept moving the program folder to each new machine she got and she was happy.
Slashdot Mirror
I think attack ads simply cater to that "49%" - that being the people that are of below average intelligence. I don't know about others, but I don't pay much attention to smear ads. I realize that if a candidate votes against a bill that would have funded health care for poor kids, it doesn't necessarily mean that candidate wants poor kids to die; It most likely means that the bill had a bunch of other non-related bullshit attached to it that would have wasted my money, or simply didn't belong in the bill in the first place.
A lot of people lack to intelligence or knowledge to see through these smear ads, and I'm pretty sure that's why they work.
Excellent. Obviously if the user was executing the attachment, they would click yes on that prompt, but any other binaries that the malware downloaded and tried to run might invoke suspicion since the user wouldn't expect it.
Vista has this functionlaity built in and it can be added to previous versions of Windows.
What version of OSX added this feature?
"I'm keeping my fingers crossed that Apple is the first to bring SELinux's granularity of security to grandmother's everywhere in a usable way.
Unless Windows Vista is pushed back again, it should be first to bring these features to the masses.
"1. Save the archive attachment.
.APP folders and share them with all his friends. Effectively, the virus has stopped spreading. So what is a virus to do?
Yeah. And....?
"2. Ignore the warning about an "unsafe application" given by Safari or Mail.app.
Every Windows mail client I've seen in the past five years gives users the same types of warning. I fail to see the significance of this step.
"3. Mount the DMG file or unzip the ZIP file."
Uhh huh. Again, 99.9% of Windows email worms also require this step, as most email server blacklist executable extensions.
"4. Still not realize that the dearchived file is not a document despite looking exactly like an application.
That's not a step. Your throwing in extra crap to try and bolster your argument.
"5. Run the application."
Boom. Infected.
"Okay, so now the user has infected their system. Sort of. Their documents may be infected, but those are useless to the virus. They can't be executed, and the user isn't likely to pack up his
So what *is* the virus to do? How about download some more executable code via the interweb, stick it in the users home directory and run it?
"Under a Windows system, it would get ahold of the Outlook address book and mail itself to everyone. Alternatively, it would want to stay resident after reboots and/or collect information about the user's activities. Under a Mac, these things need elevated privileges to do. So the virus would have to:"
And under an OSX system, it would get a hold of the users address book (OSX comes with grep, right?) insert itself int he user's crontab so that it starts at bootup, and use the cli SMTP mailer it downloaded from the interweb to mail itself out to everyone. Lather, rinse, repeat.
"So the virus would have to:
6. Invoke the SUDO app to request elevated privledges.
7. User would need to fill their password into the prompt.
8. Virus would infect the necessary files to do its dirty work of spreading.
Nope. Sorry, but no root access is required.
"Some people may believe that Mac users are really that dumb, but if that were the case then viruses would already run rampant. Instead, we get an impotent "proof of concept" that can't actually spread itself. All it can do is damage your files. For a proof of concept, that's pretty pathetic.
Actually there are simply not enough potential hosts for most malware to spread on OSX. I know it's not a very sexy reason, but that's the way it is. I give Apple kudos for shipping a system with no running deamons though (this mitigates the one type of malware that *doesn't* care about marketshare), and breaking backward compatibility with OS9 to make it so people don't have to run with elevated privs by default.
"As I've mentioned twice now, that's blatently incorrect. It can "infect" your documents, but system files require elevated privileges. "Infecting" your documents does nothing more than damage your files, and the virus can't even stay resident (or stop the user from killing it on the Dock!) without a password. So it's effective impotent and contained unless it can trick the user into giving it his/her password.
And as I've said once, system files need not be touched at all, and processes can stay resident without elevated privileges via the good old cron daemon. What you think is "blatently incorrect" is actually quite correct.
"In this case, you're also wrong."
I'm assume because the system would be completely hosed (I envison a kernel panic and subsequently un-bootable system) after running the first command?
Bullshit.
All you need to do is convince the user to save an archive attachment. extract it and run the contents. Millions upon millions of Windows users fall for this every damn day. if you think OSX users wouldn't fall for it too then you're delusional.
From there the worm can easily spread on OSX, and no, root would not be required to do so.
Oops. Methinks something might have whooshed over my head a few minutes ago.
Sorry.
I'm sorry to burst your bubble regarding the super-duper security of OSX, those files can unlocked just as easily with this command...
"sudo chflags nouchg -R
But I have good news for you. You really can keep root from touching certain files. All you have to do is install an "insecure operating system" like Linux and use SELinux.
There is no need to run as root to become a spam spewing zombie.
This is exactly what I was thinking as I read the Novell announcement.
"A second domain controller can replicate AD fine, offload authentication, etc., but if your original DC goes up in flames, the reinstallation process must create a new domain;"
Forgive me as I've only ever worked with "real" Windows domains and I'm ignorant in regards to SBS. Does SBS even allow a second DC?
"and there's tons of qualified people out there. "
I think your definition of qualified might be different from mine, because in my experience there is definitely not a surplus of qualified people out there.
Major typo.
Remove the word "not" from my post above and it will say what I meant.
The parent's point was not that the Democrats are a better choice than the current Republicans' brand of conservatism.
"In any case how can they prove "YOU" clicked it."
That's up next in 'Windows Panorama' 2009. By then every machine will have a TPM module inside and (by law) come equipped with a thumb-print/retina scanner. And instead of "clicking", you'll be "submitting" when the EULA comes up.
Wow.
I just assumed they weren't admissible anywhere.
How sad.
Polygraph results have never been admissible in court, the reason being that there has never been a scientific study that has shown them to be in any way reliable. Polygraph tests are basically nothing more than a tool of intimidation used by law enforcement to get stupid criminals to confess to things.
Thanks for that link. From the description and screen shots it look promising. Now, if the download page would only load. I think you slashdotted it.
Do they sell a robot that will take care of you when you grow old and senile?
Yep.
My old gateway with two 3com 3c905 and FreeBSD laughs at the measly bit torrent connections I throw at it. Before I set that up a few years ago, I had similar experiences with consumer grade networking gear.
That wasn't very funny.
You might want to check to see of the warranty on your sense on humor has expired and try to get your money back.
Sounds just like Alienware. Every time we sent a laptop back in for repair and called to get the status of it, they has absolutely NO idea.
We bought five Area 51m 766 laptops from Alienware in Early 2004. ALL FIVE have had to go back for repair - ALL with different hardware issues. Three of them have had to go back twice. Their turnaround on laptop repairs is three weeks.
As for for price, I remember them being similarly priced to high-end laptops from HP. With their desktop version of the P4 3Ghz, 7200RPM hard drive and fast memory, they are very fast machines, but other components are cheap - like the damn NIC. The chipset and NIC was a SiS based and I've had intermittent problems with it ever since getting it.
While my Alienware is fast, and it's been decent since the last time I sent it in, I'm counting the days (only a few months to go!) until the warrantee expires so I can at least be eligible to get a new one.
One more small note - which is rather on-topic. They have a forum on their website in which you have to be a customer to post in, and I visited it to see if I could find an answer to a screen blanking issue we (and about 1000 others) were having. In my short time there I noticed that threads that were in any way critical of Alienware or showed any amount of frustration with Alienware were simply deleted by the moderators.
"Best for what?"
Perhaps this?
We have a user who insisted on using word perfect 5.1 for DOS up through the time everyone was using Windows 2000/Office 2000. We didn't mind because it was no big strain on us. She understood the issue of file compatibility and dealt with it on her own. We just kept moving the program folder to each new machine she got and she was happy.