Ban Microsoft OS from your network. Easier said than done-- especially when the central administration at your workplace goes about replacing the universally accessible mainframe (via terminal interface) with a snazzy new website that only IE 5+ on Windows with JavaScript and ActiveX enabled can use.
How many people factor the expense of mandatory anti-virus software into their calculations when choosing Outlook?
What if IT says "hell no" but management forces the Microsoft solution on them. Do you still blame IT?
What about schools and ISP's where clients just start using the bundled Outlook Express because it came with the computer, forcing the overworked sysadmins to divert time and money to installing centralized anti-virus software on the mail hosts, because there's no way in hell that anti-virus software is going to be installed properly configured on all the client machines?
I say boycott Microsoft until they fix the negligent product design that brought us the anti-virus market.
A recent Washington Post article talks about government's efforts and issues with telecomuting.
I like the idea of telecommuting, and as a sysadmin do a fair amount of work from home; however, there are security concerns with extending trust out to Joe Average's machine at home that need to be dealt with before rolling out telecommuting for everyone.
All this means is foreign business will not buy American crypto, and secret plotting will be done (as it has been for thousands of years) in a hidden cave somewhere.
Until a malicious being hacks a site through your network or uploads defametory/DMCA-bait material and suddenly your ISP has pulled your access or some friendly folks are asking you to tone down on the death threats to the president.
I suspect such malicious folks are of similar bent to those who leave beer cans littered around senic parks, personally.
Re:Perl Software Pet Peeve: not using warn and str
on
Software Aesthetics
·
· Score: 1
{ local $^W = 0; Third::Party::crap("foo"); }
Or use the newer "no warnings" statement, and you can selectively silence the poorly written stuff.
map in perl is used to apply an expression (in this case ucfirst) to each element of a list (the one supplied by the split function), returning either the modified list or a count of modifications done, depending on context (list context in this case, due to the join function).
obtaining said function documentation is easy, via 'perldoc -f functionname' from the command line.
The problem here is that in Microsoft Office "opening a document" actually means "running an application," which is evil, twisted, and just plain wrong.
UNIX would be rife with similar holes to Mirosoft products if it used a wacky binary file format that random shell commands would be run from if you attempted to cat(1) the file...
Quite naturally, holders of power wish to suppress wild research.
Unrestricted questing after knowledge has a long history of producing
unwanted competition. The powerful want a "safe line of
investigations," which will develop only those products and ideas that
can be controlled and, most important, that will allow the larger part
of the benefits to be captured by inside investors. Unfortunately, a
random universe full of relative variables does not insure such a
"safe line of investigations."
My ancedotal and personal evidence indicates that all OS and technological solutions have flaws, except I still bash Microsoft at every chance, as Microsoft leads the field in expensive, negligent software. People actually pay for Microsoft products, I wonder in amazement, each time a default.ida shows up in my logs, or laugh at yet another email virus rampaging across Windows computers.
It would be nice if they maybe shipped IIS turned off by default, given the sheer number of exploits that have come out for it. The Code Red exploit was just popular, there have been many, many more holes in IIS.
Or maybe they could replace their document format with something that doesn't spread so many virus, and save unix mail admins from wasting time treating the symptoms of a deficient OS.
TeX or DVI with a clicky enough captive GUI might do the trick, though, provided said front-end was available on the same platforms as Acrobat, and offers similar if not better features. A lot of work, and PDF is well entrenched, though...
Instead of password auth, use something like s/key, so it really won't matter if the evil cracker gets:
SEWN LULU PIN HOUR PRY YEAR
OpenBSD supports s/key right out of the box, which is spiffy. Or use Public Key authentication, expensive crypto cards, or any of the other alternative authentication techniques out there.
Sure, Microsoft has security fixes. A ton of them, in fact, according to the securityfocus.com vulnerabilities database. You would think they would learn something from this (like the folks at RedHat Linux did) and maybe ship IIS turned off by default, or maybe give their MSCE security training, or maybe focus more of their massive income on writing secure software in the first place.
By spware plugins, I meant the availablity of such for IE, not that Microsoft is shipping them by default.
And I have as yet to see them patch the bug known as the word document format. That's the only reason I install anti-virus software on the Macs of users who insist on using Microsoft Office. With Windows, anti-virus software is a must, auto-definitions updates and all as virus writers always seem to have the upper hand, as the latest Windows malware makes the rounds and makes life hell for sysadmins.
It is a waste of time and money to install anti-virus software everywhere to deal with problems Microsoft has yet to fix. Treat the problem, not the symptom. The problem is Microsoft.
It has those spyware plugins that are nearly impossible to disable (recent/. articles), frequent and alarming security holes in Outlook and IE (see Bugtraq), and a steady stream of increasingly dangerous worms and other malware (Code Red? Sircam?).
As a sysadmin, I have less patience for Windows daily, as I see it making the lives of other admins in Windows-centric enviroments living hell, as they struggle against the latest malware.
They did that with some test Windows 2000 box, which nobody broke into as I recall. (Golly, Windows 2000 must be secure!) However, Windows 2000 started getting cracked once Microsoft started shipping the negligent bloatware (yup, still have not fixed that virus-bearing document format). This is due to crackers getting to sit a Windows 2000 box down, rip it apart, and otherwise get their hands on it, rather than poking sticks at an ivory tower somewhere.
Plus, with the recent SMDI thingy, I think some folks would be wary to take up a corporations offer "hack this, please, we won't beat you up with the DMCA. honest."
No, Microsoft will pour money onto lawyers to reach and agreeable settlement, as rich corporations can fork out lawyers as FreeBSD can spawn new jobs.
One of the (many) problems with the DMCA is that 99% of the consumers out there do not have the legal resources to defend themselves from the chilling effects of this twisted law.
$ host -t mx jud.ca.gov
jud.ca.gov mail is handled (pri=10) by mx.jud.ca.gov
jud.ca.gov mail is handled (pri=20) by mx2.jud.ca.gov
jud.ca.gov mail is handled (pri=100) by mail.uu.net
$ telnet mx.jud.ca.gov 25
Trying 208.239.204.222...
Connected to mx.jud.ca.gov.
Escape character is '^]'.
HELO nurse
220 mx.jud.ca.gov ESMTP Sendmail 8.11.3/8.10.0.Beta12; Wed, 8 Aug 2001 09:38:50 -0700 (PDT)
Look, even more Open Source software! Somebody should see about
setting them up with some stable, reliable, secure, all-American
software, instead of that evil pirate software they are running.
Slashdot Mirror
You left out feet, hands, elbows, knees, and whatever else someone trained in an art-of-killing-people-with-own-body could use to take over a plane.
Try banning those from getting on an airplane.
Bruce Schneier has all sorts of stuff to say about crypto in "Applied Cryptology."
See also his webpage search thingy, which links to a bunch of articles specific to escrow.
Funny, the CERT advisory posted to BugTraq showed up right next to a message about a new IIS 4/5 vulnerability in my mailbox.
The old handing the torch off to the new flaws, I guess.
Ban Microsoft OS from your network. Easier said than done-- especially when the central administration at your workplace goes about replacing the universally accessible mainframe (via terminal interface) with a snazzy new website that only IE 5+ on Windows with JavaScript and ActiveX enabled can use.
Not that I'm bitter, mind you.
Safe - Compile and execute code in restricted compartments
perldoc Safe for more information on the module-- probably does some of what you outlined above, though I've never used the module personally.
Google lists a few. Looks pretty insecure to me.
Not convinced? How about doing a search for Outlook Express at Security Focus?
Or browse a few Crypto-Gram by Bruce Schneier. Good reading, IMHO.
How many people factor the expense of mandatory anti-virus software into their calculations when choosing Outlook?
What if IT says "hell no" but management forces the Microsoft solution on them. Do you still blame IT?
What about schools and ISP's where clients just start using the bundled Outlook Express because it came with the computer, forcing the overworked sysadmins to divert time and money to installing centralized anti-virus software on the mail hosts, because there's no way in hell that anti-virus software is going to be installed properly configured on all the client machines?
I say boycott Microsoft until they fix the negligent product design that brought us the anti-virus market.
A recent Washington Post article talks about government's efforts and issues with telecomuting.
I like the idea of telecommuting, and as a sysadmin do a fair amount of work from home; however, there are security concerns with extending trust out to Joe Average's machine at home that need to be dealt with before rolling out telecommuting for everyone.
All this means is foreign business will not buy American crypto, and secret plotting will be done (as it has been for thousands of years) in a hidden cave somewhere.
Until a malicious being hacks a site through your network or uploads defametory/DMCA-bait material and suddenly your ISP has pulled your access or some friendly folks are asking you to tone down on the death threats to the president.
I suspect such malicious folks are of similar bent to those who leave beer cans littered around senic parks, personally.
{ local $^W = 0; Third::Party::crap("foo"); }
Or use the newer "no warnings" statement, and you can selectively silence the poorly written stuff.
ucfirst dead on, map you kinda got right.
map in perl is used to apply an expression (in this case ucfirst) to each element of a list (the one supplied by the split function), returning either the modified list or a count of modifications done, depending on context (list context in this case, due to the join function).
obtaining said function documentation is easy, via 'perldoc -f functionname' from the command line.
The problem here is that in Microsoft Office "opening a document" actually means "running an application," which is evil, twisted, and just plain wrong.
UNIX would be rife with similar holes to Mirosoft products if it used a wacky binary file format that random shell commands would be run from if you attempted to cat(1) the file...
I suscpect the virii varient is used by the same people who attempt to sling "whom" into the conversation, endeavoring to sound educated.
Quite naturally, holders of power wish to suppress wild research. Unrestricted questing after knowledge has a long history of producing unwanted competition. The powerful want a "safe line of investigations," which will develop only those products and ideas that can be controlled and, most important, that will allow the larger part of the benefits to be captured by inside investors. Unfortunately, a random universe full of relative variables does not insure such a "safe line of investigations."
My ancedotal and personal evidence indicates that all OS and technological solutions have flaws, except I still bash Microsoft at every chance, as Microsoft leads the field in expensive, negligent software. People actually pay for Microsoft products, I wonder in amazement, each time a default.ida shows up in my logs, or laugh at yet another email virus rampaging across Windows computers.
It would be nice if they maybe shipped IIS turned off by default, given the sheer number of exploits that have come out for it. The Code Red exploit was just popular, there have been many, many more holes in IIS.
Or maybe they could replace their document format with something that doesn't spread so many virus, and save unix mail admins from wasting time treating the symptoms of a deficient OS.
PostScript? Yeah, that's Adobe's, too.
TeX or DVI with a clicky enough captive GUI might do the trick, though, provided said front-end was available on the same platforms as Acrobat, and offers similar if not better features. A lot of work, and PDF is well entrenched, though...
SSH communications taking a stand and recognizing the issue is a far cry from them invoking the DMCA and getting the impudent hackers tossed in jail.
This might have something to do with SSH being an open standard, and not the good will of the company, though...
Instead of password auth, use something like s/key, so it really won't matter if the evil cracker gets:
SEWN LULU PIN HOUR PRY YEAROpenBSD supports s/key right out of the box, which is spiffy. Or use Public Key authentication, expensive crypto cards, or any of the other alternative authentication techniques out there.
Invalid, hah.
Sure, Microsoft has security fixes. A ton of them, in fact, according to the securityfocus.com vulnerabilities database. You would think they would learn something from this (like the folks at RedHat Linux did) and maybe ship IIS turned off by default, or maybe give their MSCE security training, or maybe focus more of their massive income on writing secure software in the first place.
By spware plugins, I meant the availablity of such for IE, not that Microsoft is shipping them by default.
And I have as yet to see them patch the bug known as the word document format. That's the only reason I install anti-virus software on the Macs of users who insist on using Microsoft Office. With Windows, anti-virus software is a must, auto-definitions updates and all as virus writers always seem to have the upper hand, as the latest Windows malware makes the rounds and makes life hell for sysadmins.
It is a waste of time and money to install anti-virus software everywhere to deal with problems Microsoft has yet to fix. Treat the problem, not the symptom. The problem is Microsoft.
Realistically, Microsoft Windows is bad news.
/. articles), frequent and alarming security holes in Outlook and IE (see Bugtraq), and a steady stream of increasingly dangerous worms and other malware (Code Red? Sircam?).
It has those spyware plugins that are nearly impossible to disable (recent
As a sysadmin, I have less patience for Windows daily, as I see it making the lives of other admins in Windows-centric enviroments living hell, as they struggle against the latest malware.
Not using Windows is a great solution.
They did that with some test Windows 2000 box, which nobody broke into as I recall. (Golly, Windows 2000 must be secure!) However, Windows 2000 started getting cracked once Microsoft started shipping the negligent bloatware (yup, still have not fixed that virus-bearing document format). This is due to crackers getting to sit a Windows 2000 box down, rip it apart, and otherwise get their hands on it, rather than poking sticks at an ivory tower somewhere.
Plus, with the recent SMDI thingy, I think some folks would be wary to take up a corporations offer "hack this, please, we won't beat you up with the DMCA. honest."
No, Microsoft will pour money onto lawyers to reach and agreeable settlement, as rich corporations can fork out lawyers as FreeBSD can spawn new jobs.
One of the (many) problems with the DMCA is that 99% of the consumers out there do not have the legal resources to defend themselves from the chilling effects of this twisted law.
It's also a way to ferret out local talent...
jud.ca.gov mail is handled (pri=10) by mx.jud.ca.gov
jud.ca.gov mail is handled (pri=20) by mx2.jud.ca.gov
jud.ca.gov mail is handled (pri=100) by mail.uu.net
$ telnet mx.jud.ca.gov 25
Trying 208.239.204.222...
Connected to mx.jud.ca.gov.
Escape character is '^]'.
HELO nurse
220 mx.jud.ca.gov ESMTP Sendmail 8.11.3/8.10.0.Beta12; Wed, 8 Aug 2001 09:38:50 -0700 (PDT)
Look, even more Open Source software! Somebody should see about setting them up with some stable, reliable, secure, all-American software, instead of that evil pirate software they are running.
Must... wash... hands...