Here. Yes there was a worm for the Mac. Actually six if you figure in varients A-F. Yes. I've seen it. Yes, work got it again when we accidently installed two anti-virus packages onto the Macs which caused both to stop working.
Geez. I make one comment that Macs did have worms and viruses then muse on why they seemed to die out and I get more comments telling me I'm wrong about that than the point of my original post. Go fig.
Sorry, my experiences haven't been the same as yours. For us the autostart worms were a problem. And I agree, it sounds like Virex7 is a POS. We're still running OS9 here at work and I believe we'll finally upgrade next year. Don't know. This year I moved to a new shift at a new facility and there are no and will be no Mac installs here. The environment where I work just doesn't sound comparable to yours.
Oh and you're wrong. It's 99.99999% of Mac users who hate command lines.
It's still a decision that affects the security of the product which is what is actually important. And, yes, they can change the install but what do you do with all the installs that have already been deployed? Lock down tools and patches. Yea. Been there, done that, PITA.
Seriously, MS should have just done a basic install by default and then provided good documentation/wizards on how to enable all the goodies for the 5-10 percent of their userbase that actually needed Internet printing and its ilk. XP Home edition users shouldn't have port 135 open by default. Outlook should have never been able to run executable content without the user's direct intervention. The list goes on and on and on with the only hope of resolution being that A) users will upgrade to the new software which now address those issues or B) the user will consistently patch and admin the older insecure installs.
Either option is not preferable to the feature shouldn't have been on in the first place - especially now that the real juicy targets are home PCs hooked up to broadband connections.
Yep. I know you don't see it with OSX. I used to do Mac support 5 years ago at a newspaper so, iirc, that was OS 7.5 to OS 8. OS 9 was just starting to be deployed when I got out of supporting Macs. I do remember cleaning up more than a few autostart worm outbreaks thus reference to worms instead of viruses.
Sorry, I should have put in a disclaimer that used to meant a heck of a long time ago in computer years.
MS chose to enable features as default that did not need to be on most installs. That is an insecure design. To be fair, earlier versions of RH did the same stupid thing and got burned by it. Macs also used to suffer from worms though I don't know why things got better - sorry used to keep up with Macs but not anymore.
Anyway, as for your requirement for "INTENT." Back when the CodeRed came out, work gave me the responsibility of locking down our IIS servers. Back then I didn't have any experience with IIS so I did the smartest thing I could come up with - started reading and convinced work to send me to a one day SANS seminar. Well, the instructor told a story from an MS employee of how MS figured it was cheaper enable crap like Internet Printing and the like by default than it was to eat the cost of projected support calls they would get from people who wanted the feature but couldn't figure out how to enable it.
IOW, enabling everything in IIS was done because it saved MS a few bucks. That is a design decision. It was intentional and most importantly it was insecure.
With SCO's recent attitude change on the merits of the GPL and current allegations that it was Caldera/SCO developers who actually "tainted" the kernel I don't understand why management hasn't pulled him from contributing or at least instructed him to discontinue contributing under his SCO identity.
Cisco and NetApp don't have monopolies; their competitors should be able to out-compete them on this point.
I wanna see which competitors to Cisco out-compete them on support. I've had experiences using CCO and worked with their TAC. First-class, A number 1, ichiban support that I have yet to see rivaled. There is definately a reason why people don't get fired for buying Cisco.
And, at least for the mid-sized company I work for, add to the fact that you can get extremely deep discounts on purchases and it then becomes obvious why those resale issues get pushed to the way-side. Who cares about them?
Not quite. Before your code is placed in a production environment I would expect that there would be a peer review of said code or some other form of audit before it was commited (and not by you.) Especially if the level of access you say you have is true. You might be able to insert it in an emergency change to the system but those changes should be logged and inspected to death by internel and external auditors. Not saying that what I proposed is the real world where you work but it is a best practice that an auditor would probably want to see in place.
Would you still be able to get your malware into the production system? Yes. But it would be much harder because you would have to rely on others assisting you to get the code into the production system ala Office Space.
Lax security probably required. Security is a process and not exclusively focused on software controls.
There isn't much to go on in the article but let's start with just some crazy ideas. If the perp was let go under less than optimal circumstances and he had access to passwords then why weren't the passwords changed? Why, when using ftp as a transfer method, wasn't the data being transfered encrypted? Why were they using ftp?
When they hired this person did they perform a background check against him which included a credit check? Should his position have been bonded?
What checks and balances does the company used to verify and authorize transactions? Was the transactions in question done at an unusual time? Were there unusual circumstances behind them? Were they logged, flagged, investigated?
This is just off the top of my head after reading the article. Oh and hiring and monitoring processes are part of security.
Actually, I thought the trend started earlier in Diamond v. Chakrabarty when the SCOTUS uttered the most stupid phrase "Anything under the sun made by man" is patentable. And the way it's looking, imho, is being useful or promoting the arts and sciences has nothing to do with obtaining a patent anymore.
You have no clue as to what constitutes a monopoly. A company attains monopoly status when it becomes effectively immune to market forces. What that boils down to is there can be other products out there but the monopoly need not be concerned about them because the majority is going to continue to use buy from the monopoly. In effect there is no competition. Microsoft is in that position - a point I am not will to argue or concede since the courts have found them to be a monopoly.
Now as to what you said. It is a false and poor assumption. MS was not "hindered" by the government because it was a monopoly. It was "hindered" because it actively abused its monopoly position to repress competition. Again, I'm not willing to concede this point.
So, if I'm reading you right, you think competition is good but when a company gets to a point where it can and does abuse its market position then there should be no mitigating force to rectify those misdeeds? It's alright for to have no competition for a few decades and hope that something will come along someday to correct the inequity in the market. And during all that time, with the abuses continuing, you really think that the consumer is not being harmed and in need of relief?
Sorry, but we're going to have to agree to disagree on this one.
They are stating hundreds, probably thousands of lines of code have been misappropriated - all of it critical in creating an enterprise capable linux kernel. So in essence, yes, they are claiming that the whole linux kernel, at least the part that means anything to a business, was ripped from their code base.
Don't worry. Given time they'll come after you too. Or did you not notice that one quip outta SCO insinuating that the BSDs haven't been living up to the settlement agreement?
Your new example would get funded anyway just to get an edge over the competition. What would then happen is everything would then become a trade secret which imsho is a better deal than a patent. I'd rather see the investment of four or five years REing a trade secret than wait 20 years for the patent to expire.
Yeah, but the beer goggle effect leads to the Wolf Date phenomenon and if you're married might end with the Bobbet scenerio. I think I'll stick with regular exercise and meditation.
Slashdot Mirror
There is no reason why you should be given a patent for software.
Here. Yes there was a worm for the Mac. Actually six if you figure in varients A-F. Yes. I've seen it. Yes, work got it again when we accidently installed two anti-virus packages onto the Macs which caused both to stop working.
Geez. I make one comment that Macs did have worms and viruses then muse on why they seemed to die out and I get more comments telling me I'm wrong about that than the point of my original post. Go fig.
Oh and you're wrong. It's 99.99999% of Mac users who hate command lines.
Seriously, MS should have just done a basic install by default and then provided good documentation/wizards on how to enable all the goodies for the 5-10 percent of their userbase that actually needed Internet printing and its ilk. XP Home edition users shouldn't have port 135 open by default. Outlook should have never been able to run executable content without the user's direct intervention. The list goes on and on and on with the only hope of resolution being that A) users will upgrade to the new software which now address those issues or B) the user will consistently patch and admin the older insecure installs.
Either option is not preferable to the feature shouldn't have been on in the first place - especially now that the real juicy targets are home PCs hooked up to broadband connections.
Sorry, I should have put in a disclaimer that used to meant a heck of a long time ago in computer years.
Anyway, as for your requirement for "INTENT." Back when the CodeRed came out, work gave me the responsibility of locking down our IIS servers. Back then I didn't have any experience with IIS so I did the smartest thing I could come up with - started reading and convinced work to send me to a one day SANS seminar. Well, the instructor told a story from an MS employee of how MS figured it was cheaper enable crap like Internet Printing and the like by default than it was to eat the cost of projected support calls they would get from people who wanted the feature but couldn't figure out how to enable it.
IOW, enabling everything in IIS was done because it saved MS a few bucks. That is a design decision. It was intentional and most importantly it was insecure.
You still want to mince words on this?
Looks like Dennis' check from IBM finally cleared...
With SCO's recent attitude change on the merits of the GPL and current allegations that it was Caldera/SCO developers who actually "tainted" the kernel I don't understand why management hasn't pulled him from contributing or at least instructed him to discontinue contributing under his SCO identity.
Isn't it funny when the real world gets too complicated for simplistic answers?
I wanna see which competitors to Cisco out-compete them on support. I've had experiences using CCO and worked with their TAC. First-class, A number 1, ichiban support that I have yet to see rivaled. There is definately a reason why people don't get fired for buying Cisco.
And, at least for the mid-sized company I work for, add to the fact that you can get extremely deep discounts on purchases and it then becomes obvious why those resale issues get pushed to the way-side. Who cares about them?
Would you still be able to get your malware into the production system? Yes. But it would be much harder because you would have to rely on others assisting you to get the code into the production system ala Office Space.
There isn't much to go on in the article but let's start with just some crazy ideas. If the perp was let go under less than optimal circumstances and he had access to passwords then why weren't the passwords changed? Why, when using ftp as a transfer method, wasn't the data being transfered encrypted? Why were they using ftp?
When they hired this person did they perform a background check against him which included a credit check? Should his position have been bonded?
What checks and balances does the company used to verify and authorize transactions? Was the transactions in question done at an unusual time? Were there unusual circumstances behind them? Were they logged, flagged, investigated?
This is just off the top of my head after reading the article. Oh and hiring and monitoring processes are part of security.
You gotta buy their Unix license
For your Tivo and your home PC
Else SCO's gonna sue you
For using their vapor IP....
Ok, I don't like this much either but the rhyme jars less compare to the original song.
Thanks for the link. Made for some good reading while waiting for my 2 month old daughter to finally go to sleep. Luckily I'm a night owl too.
Sometimes I just crack myself up.
The letter from Novell is supposedly in the filing. I'm just waiting for the inevitable PDF link to see the actual counter-claims.
It's like Microsoft shoved a hand up McBride's ass and turned him into a sock puppet. Freaky.
Actually, I thought the trend started earlier in Diamond v. Chakrabarty when the SCOTUS uttered the most stupid phrase "Anything under the sun made by man" is patentable. And the way it's looking, imho, is being useful or promoting the arts and sciences has nothing to do with obtaining a patent anymore.
Now as to what you said. It is a false and poor assumption. MS was not "hindered" by the government because it was a monopoly. It was "hindered" because it actively abused its monopoly position to repress competition. Again, I'm not willing to concede this point.
So, if I'm reading you right, you think competition is good but when a company gets to a point where it can and does abuse its market position then there should be no mitigating force to rectify those misdeeds? It's alright for to have no competition for a few decades and hope that something will come along someday to correct the inequity in the market. And during all that time, with the abuses continuing, you really think that the consumer is not being harmed and in need of relief?
Sorry, but we're going to have to agree to disagree on this one.
They are stating hundreds, probably thousands of lines of code have been misappropriated - all of it critical in creating an enterprise capable linux kernel. So in essence, yes, they are claiming that the whole linux kernel, at least the part that means anything to a business, was ripped from their code base.
Don't worry. Given time they'll come after you too. Or did you not notice that one quip outta SCO insinuating that the BSDs haven't been living up to the settlement agreement?
I hope SuSE files a seperate suit. It would be interesting to see SCO drawn and quartered through massive litigation.
Hopefully he gets a year's supply of K-Y. Obviously, SCO isn't going to have the common courtesy to offer a reach-around.
Your new example would get funded anyway just to get an edge over the competition. What would then happen is everything would then become a trade secret which imsho is a better deal than a patent. I'd rather see the investment of four or five years REing a trade secret than wait 20 years for the patent to expire.
Yeah, but the beer goggle effect leads to the Wolf Date phenomenon and if you're married might end with the Bobbet scenerio. I think I'll stick with regular exercise and meditation.