A zero-day exploit is one that hasn't been reported to the vendor or was reported the same day. This gives sysadmins practically no time to respond to the threat.
Obviously, it would be easier to find an unknown exploit if you have the source code.
The assholes that wrote the exploit are one step above talentless script-kiddies. The hole is just a buffer overrun and the patch gives away exactly where it is. All they had to do was write code that stuffs the buffer, pushing executable code into another memory area.
It's funny that you mention that it would be easier to hack the OS with the source code available. That's exactly why the chances of a zero-day exploit are higher on open source software than closed source. *OUCH*
In asymmetrical encryption, one key complements the other. You only need one key to encrypt data, but you need the second one to decrypt it. Digital signatures work because the signer uses the private key to "sign" the data. The person looking at the signature uses the public key to view the signature and because it was able to be read, the reader can rest assured that the file wasn't tampered with because only the owner of the private key could have written the signature. When encrypting data, you get the public, shared key of the person you want to send a file to. Once encrypted with that key, only the person holding the private key of the pair can decrypt it.
The virus could carry one key and the author of the virus could hold the second one ransom *grin*.
Virus companies can't possibly know every trojan that can be posted to a random web page and downloaded by the worm.
I encourage you to subscribe to some SecurityFocus mailing lists. We (White hats) analyze traffic trends and would notice any odd activity. We would analyze the data passing in the packets and see what exploit it's implementing. We'd then set up a honeypot so we could analyze an infected box, disassemble the virus, etc. and there would be updated virus defs as a result. All within one or two days.
A computer virus could wait several weeks before it nuked the hard drive.
A virus/worm that did this wouldn't make as big of a splash when the payload executes. Anti-virus companies would have updated virus defs out there within a day or two of distribution and a lot of people would become disinfected before the symptoms kicked in. Plus, the more damaging the payload, the wider the news will reach and people without anti-virus software would use free removal tools.
I don't have a picture handy, but a girl I knew online and ended up staying with for a few weeks when I first moved out at 16 (I'm 22 now) should definitely be mentioned. She's a total Macintosh nerd/hacker and is dating a well known white-hat hacker. When I first got to know her and was staying with her, she was a stripper and had a few features on the covers of biker magazines. She's half German, half Japanese.
Believe it or not, I'm very close friends with one. We worked together doing NT Server support for Microsoft and ended up hanging out like we were joined at the hip. She has a Dell PowerEdge server as a workstation with two LCD displays set up with multimon. When she gets a new techie toy, she gets all excited and has me come over to check it out. She's actually the person who introduced me to Halo on the Xbox!
Unfortunately, she's not longer single. When she was, I was still in a relationship. Despite the obvious sexual tension, we've both been faithful to our significant others. In the end, it all worked out though. Her boyfriend is now my boss and good friend!
How much do you pay per month for your internet access? ~30% of that is because of spammers.
There's a huge question mark over my head. How the heck did you come up with that 30 percent figure? I'd imagine the number to be closer to just a half a percent.
I built a high-traffic file server with the SX6000 and six 120GB SE Caviars configured for RAID 5. It's installed in an Abit motherboard and running NT4 Server with the latest firmware, BIOS, and drivers. Every once in a while, I get lost delayed write errors. I call support and they claim that it shouldn't be doing that with the latest firmware. After that, they would start having me troubleshoot the drives and do other "shotgun troubleshooting". To this day, we still get one or two of those errors a week which causes all the computers writing to or reading from the array to give an error.
Also, I recently set up a new SQL server. I used an Abit KD7 motherboard with a Promise SATA RAID card. The four channel one. The drives were four 10,000 RPM Raptors set up for RAID 10 (0+1). After much troubleshooting, I found that the card conflicted with either the motherboard or drives. The card would have difficulty reading the array during POST 4 out of 5 reboots. Even when it did read it, the array would become corrupt and unbootable after so many uses. I tried calling their support a few times a day for over a week, but the poor English speaking receptionist dude always responded that they're not available. I replaced it with an equivelant Highpoint card and problem solved.
After reading the comments on 3ware cards, I think I'll try one of them next. I know I'll never buy a Promise product again.
What's with the modding down and the defensive responses??? My post wasn't a dig at Apple, it was a response to the parent post. The one that made rediculous claims about soaring sales due to a new CPU model and a native Quark Xpress.
1) They would need a new machine to really make the most of OS X, and they wanted to wait until the successor to the G4 was available.
2) They didn't want to make the move to OS X until a native QuarkXPress was available for it.
I respond with an argument as to what affects sales and I get all these responses as if I were making crude remarks about Apple!
I was actually using the success of the iMac as an example of what drives sales. As to your opinion that the average Mac user is a bit more knowledgeable than the average Windows user...I agree, but I don't think the difference is that big.
It's Not That Complicated
on
G5s Start Shipping
·
· Score: 0, Insightful
95% of the users out there don't think about what OS versions are coming up or how soon the next CPU will be released. The only technical thing they look at is the clockspeed and the size of the hard drive because those are the numbers that get larger over time. Why do you think they still produce 3.5" 5400 RPM drives? Why do you think software driven modems became a success? Why do you think people assume LCDs have a better display?
Remember, we're talking about people that buy a computer because it's cute, inexpensive, and named after fruit that matches the color.
The current state of the economy and the marketing of a product are the biggest hurdles that the latest shiny product faces.
Slashdot Mirror
Obviously, it would be easier to find an unknown exploit if you have the source code.
-Lucas
It's funny that you mention that it would be easier to hack the OS with the source code available. That's exactly why the chances of a zero-day exploit are higher on open source software than closed source. *OUCH*
-Lucas
-Lucas
-Lucas
The virus could carry one key and the author of the virus could hold the second one ransom *grin*.
-Lucas
I encourage you to subscribe to some SecurityFocus mailing lists. We (White hats) analyze traffic trends and would notice any odd activity. We would analyze the data passing in the packets and see what exploit it's implementing. We'd then set up a honeypot so we could analyze an infected box, disassemble the virus, etc. and there would be updated virus defs as a result. All within one or two days.
-Lucas
-Lucas
A virus/worm that did this wouldn't make as big of a splash when the payload executes. Anti-virus companies would have updated virus defs out there within a day or two of distribution and a lot of people would become disinfected before the symptoms kicked in. Plus, the more damaging the payload, the wider the news will reach and people without anti-virus software would use free removal tools.
-Lucas
-Lucas
-Lucas
-Lucas
-Lucas
Smokers have become the serfs of the governments' feudal funding system.
-Lucas
The girl I'm talking about was a stripper, but is no longer.
-Lucas
lucas(at)lucas(dot)org
-Lucas
-Lucas
Here's her picture and mine.
Unfortunately, she's not longer single. When she was, I was still in a relationship. Despite the obvious sexual tension, we've both been faithful to our significant others. In the end, it all worked out though. Her boyfriend is now my boss and good friend!
-Lucas
There's a huge question mark over my head. How the heck did you come up with that 30 percent figure? I'd imagine the number to be closer to just a half a percent.
-Lucas
That's exactly why PC games will never be as popular as console games. The requirements for any Xbox game: Xbox.
-Lucas
-Lucas
Also, I recently set up a new SQL server. I used an Abit KD7 motherboard with a Promise SATA RAID card. The four channel one. The drives were four 10,000 RPM Raptors set up for RAID 10 (0+1). After much troubleshooting, I found that the card conflicted with either the motherboard or drives. The card would have difficulty reading the array during POST 4 out of 5 reboots. Even when it did read it, the array would become corrupt and unbootable after so many uses. I tried calling their support a few times a day for over a week, but the poor English speaking receptionist dude always responded that they're not available. I replaced it with an equivelant Highpoint card and problem solved.
After reading the comments on 3ware cards, I think I'll try one of them next. I know I'll never buy a Promise product again.
-Lucas
1) They would need a new machine to really make the most of OS X, and they wanted to wait until the successor to the G4 was available.
2) They didn't want to make the move to OS X until a native QuarkXPress was available for it.
I respond with an argument as to what affects sales and I get all these responses as if I were making crude remarks about Apple!
-Lucas
I was actually using the success of the iMac as an example of what drives sales. As to your opinion that the average Mac user is a bit more knowledgeable than the average Windows user...I agree, but I don't think the difference is that big.
Remember, we're talking about people that buy a computer because it's cute, inexpensive, and named after fruit that matches the color.
The current state of the economy and the marketing of a product are the biggest hurdles that the latest shiny product faces.
-Lucas
-Lucas