Slashdot Mirror


User: gmuslera

gmuslera's activity in the archive.

Stories
0
Comments
4,966
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,966

  1. Re:Server-side filters? on Microsoft Mail Worms Gang War? · · Score: 1
    I use Anomy Sanitizer for meta-processing the mail (cleaning up dangerous html, renaming dangerous extensions, etc) and a virus scanner (f-prot, avp, clamav) for checking files.

    The detected as virus or disabled extensions goes to a quarantined area (avoiding losing desired attachments because false positives from antivirus or that a someone really wanted to send a .pif/.scr/etc) and the executable extensions that passed are renamed to avoid exploiting browsers/mailclients/stupidusers vulnerabilities (well, at least users should take extra work to save and rename then to have an opportunity to think) and to prevent new virus that are not yet detected by the antivirus.

  2. Morphing on MS Word File Reveals Changes to SCO's Plans · · Score: 1

    SCO seems to be morphing into IGOR. Yes, like the old horror movies character, evil, ugly and (leaving hidden plans in public as metadata?) obviously dumb.

  3. Re:Not the first with 2.6... on Mandrakelinux 10.0 Community is Available · · Score: 1
    SuSE 9 beated Gentoo by a few months :) Was 2.6 ready, its default kernel had backported some of the main 2.6 new features, and had included an optional (er, to be installed manually, but included anyway) 2.6pre-something kernel.

    Anyway, probably SuSE 9 cannot be called properly a 2.6 kernel distribution (but the line is very thin, the argument could go a bit further to say that debian woody cannot be called a 2.4 kernel distribution).

  4. Re:outlook 2k3 on Next Generation Mail Clients Reviewed · · Score: 1
    May be enough for you that exploit the underlying IE rendering engine, that at the very least is not disabled by default? because you can find examples from a few months ago (and not make me start counting spams, scams, trojans et al that do that exploits also). In case of doubt about facts, google is your friend (or your friend microsoft, its information about last year's swen seems to talk something about exploiting vulnerabilities)

    But i agree that with some customization and deleting messages without even reading what they contains and other things that obviously any windows user do, you are maybe safe running any recent version of outlook :-)

    Ok, i understand why my previous post was marked as a flamebait, just a bit sensible on those topics because all the virus per day that are reaching my email and the troubles that gives me at work, just thinking how those numbers if all were using safer plataforms with safer email clients/browsers instead of Windows/Outlook/IE.

  5. Killer app? on Next Generation Mail Clients Reviewed · · Score: 1
    No email client comparision is complete without the spam filtering comparision. In that topic Mozilla/Thunderbird goes ahead with his integrated bayesian spam detection probably by far. And virus/worm vulnerability is another "killer" thing of email clients (i.e. after receiving 200 virus/day anyone want to kill outlook authors)

    Ok, I can "plug" external spam/virus detection (I use popfile with evolution, 99.8% accuracy with 1500 mails in a week) and protection (where outlook have a big hole in every possible score, even windows versions of the other mail clients don't executes attachments as easily as outlook, nor hides critical details on them) but that will be evaluation of addons (and if we start to put in the mix from sendmail milters to procmail recipes things will be interesting)

  6. Re:outlook 2k3 on Next Generation Mail Clients Reviewed · · Score: 0, Flamebait

    The best description I read for evolution is "is just like Outlook, but without virus/worms". I suppose that the thing that puts ahead Outlook is just that, Evolution still don't have support for executing virus/worms and this newer Outlook version does it, and maybe even better now :)

  7. Counterexamples? on MS Security Chief: Windows Never Exploited Until Patch Available · · Score: 4, Insightful
    So never was an exploit before a patch available? I remember last year when there was a lot of exploited IIS with the WebDAV enabled by default like 2 or 3 days before Microsoft releases the patch.

    Maybe they knew about the vulnerability for a week at that moment, maybe they were testing the patch, but the patch was not yet available, existing systems were being actively exploited, and site owners had no clue about that vulnerability because the "will be no exploit till we release this patch" policy.

    I'm not sure if that is the best example, but at least is one that is enough to show how much bullshit they used to tell in public.

  8. Rational behaviour... on In (Sort Of) Defense of Spammers · · Score: 1

    Stealing is another activity that with a little investment i could get a lot of economics benefits. Killing for money is another, usually they get from that activity a lot more money than i.e. the cost of the bullets.

    Of course, the hidden cost of those activities, more than the social and moral problems, is to been caught, thing that is not so trivial with spam (at least, not the people that actually do it) nor there is no legal risk doing it, at least not yet, not worldwide.

    At least with scams (i.e. nigeria ones) could be some kind of legislation that put some risk on doing that, but for now spam is a free lunch, no risk and with highly probable economic return. Wonder how the balance will be change and would be real legal risks in doing spam anywhere.

  9. Re:Live CD for older machine? on Giant List Of Linux-based Live CDs · · Score: 1

    There are a lot with low hardware requeriments. Of the few I tried, Damn Small Linux should work with fewer resources even, and Morphix Light should work also, and is more comfortable for end users.

  10. Re:cant deny msoft does good things also on Microsoft, Monocultures, Security FUD & Other Fun · · Score: 1

    Sorry, not checked what companies started those technologies, only put ones that had good/top products on that category before Microsoft dreamed entering in those markets. Lotus was strong in spreadsheets, I could had put wordperfect or wordstar, and Borland had good programming languages/quattro pro/paradox.

  11. Re:cant deny msoft does good things also on Microsoft, Monocultures, Security FUD & Other Fun · · Score: 2, Insightful
    Perhaps MS developed some business apps, but I suspect that eveything in the Office suite was developed by some one else first.

    Maybe Lotus, Wordperfect and Borland? I remember an ad from Wordperfect that listed the "whats new" of Office 95 or 97, and on the side they put the year since WordPerfect had it, all several of years before, even a lot in the 80's.

    Most of their "innovations" were copying (good examples above), licensing (i.e. ms sql->sybase) or buying (vbasic, frontpage) technology from others.

    But of course, we can deny the hand of MS in all their derived products. Now we can be hacked/infected reading email, having a database accesible thru internet or opening a spreadsheet, things that before was calified as impossible or a joke.

  12. Re:Interesting spin ... on Microsoft, Monocultures, Security FUD & Other Fun · · Score: 4, Funny

    Antivirus could be considered an information related technology?. All a market that could been starving and barely advanced without the gentle Microsoft colaboration.

  13. Troubles ahead on Windows 2000 & Windows NT 4 Source Code Leaks · · Score: 1
    the problem with trusting in Security by Obscurity is when someone puts a bit of ligth there. With sources open whatever they trusted in "this is safe because nobody sees the source" will be seen and checked to see how much safe are (even worse, mainly by the ones they don't want to see it).

    The eventuality of code leaks should definately be put as one of the advantages of the security of open source software.

    I don't think there will be any difference for open source software on the availability of this things, for license problems should be a forbidden reading, but virus/trojan/exploits authors will not have this kind of moral/legal problems.

  14. Re:A day with SCO is like a day without sunshine on SCOoby Snacks · · Score: 1

    It should sound more like "Linux needs SCO like a fish needs a bicycle"

  15. Sounds familiar on What If Dark Matter Really Doesn't Exist? · · Score: 1
    Is like to find a black cat in a dark room, the worst thing that could happen is that its not even there.

    ...

    Well, no, is not the worst think it could happen, i.e. something bigger than a cat could find you there. And with this, if the dark matter is not what explains something, the real explanation could not be nice (you know, murphy rulez)

  16. Re:Right, that's his real name. on Author signs MyDoom virus · · Score: 1

    or "Darl"

  17. Re:How did this virus spread so easily? on SCO Offline · · Score: 1
    I think part of the sucess was the bounce effect. The virus is not only sent to you, but also it is sent to other address in your name, and the other address most (?) times is a fake one, with a for-try user and an existing domain. That message probably will bounce as the remote user don't exist, and will bounce to you.

    People could be suspicious about virus that sent someones else, but, what about files that supposedly sent yourself?

    The worst thing on this is that we see just the tip of the iceberg. Other kind of virus are spreading more now as internet as email addresses are very more distributed (received several "old" ones this last days) as more scams, and, of course, spam.

  18. Meaningful URLs on Microsoft Advises to Type in URLs Rather than Click · · Score: 1
    Nice suggestion from a URL that looks like http://support.microsoft.com/default.aspx?scid=kb; %5Bln%5D;833786 (ot it was 833782? or scid=xb?

    To have meaningful URLs is something useful is a good goal, specially when you can't simply click for a reason or another (i.e. printed url or in a media that dont enable that). But reccomending to not use the basis of the web in a web browser is a clear signal that something is wrong... or the web, or that web browser.

  19. Why cornered? on Linus Speaks Out, Calls SCO 'Cornered Rat' · · Score: 2, Funny

    Calling them just "rats" transmit the whole concept we all have about them.

  20. Acelerating windows on Boot Windows Faster, Using Linux · · Score: 4, Funny

    That is nothing new... with Linux I accelerated Windows to 9.8 m/s^2

  21. Re:Telling the boss on 'Just Sleep On It' Solves Tricky Problems? · · Score: 4, Funny

    If your boss agrees, then that would be a truly dream job.

  22. Size? on Lie Detector Glasses Coming Soon · · Score: 1

    if they are ugly big a good test on how they work could be asking how good you look with them to a polite person.

  23. Duke Nukem Forever... on 2003 Vaporware Awards · · Score: 1

    ...looks to be on schedule. The "Forever" in the name is how much you have to wait to see it (you know, a lot of games, like unreal tournament uses the same tactic in the name).

  24. Re:A Very easy solution on 'Bagle' Worm Heading For A Windows PC Near You · · Score: 1

    Well, there are a lot of scripts to handle virus and such for linux mail servers. The one i use (Anomy Sanitizer) not only enables to call an antivirus to check a file, but also enables you to rename extension or mangle completely the file name. The policy i take, for the executable files that are ok for the antivirus, is to rename them i.e. myfuturevirus.exe to myfuturevirus_exe.disabled so if the antivirus not detected it yet the user still have the choice to not run it or take a lot of troubles to run it.

  25. Choices on 'Bagle' Worm Heading For A Windows PC Near You · · Score: 1
    Yes, there are many choices.

    I.e. the user chooses to screw the disk under linux/unix, that means in most distributions to explicititely log as root and do something on pourpose or without knowing that breaks something. In most distributions root is not default, is not even listed between the users you can login, and even most administrative tasks have interfaces that can be accesed from normal user desktop asking the root password just to run them. If the user takes the trouble over all of this to log as root and try something that without any help of what his doing, break something, there are a lot of choices taken there.

    In the other hand, there are not a lot of choices running windows. It comes preinstalled, it practically forces you to run MS products (explorer, outlook, msn, msoffice), and those products from the start not were designed to be safe. Browsing sites you NOT have the choice by default to have installed backdoors, dialers, even virus, reading mail you are deprived of vital information (i.e. true extension of files, or even what extensions are "dangerous") and even reading headers of mail you are at risk, you have to know enough to avoid most of this dangers, or else the default use of most of those "forced" programs will put you in trouble.