Oooh praise time.
Yeah, the Code Red virus event. I got extremely irritated by the news media on this one. Promising the 'downfall of the internet' etc etc. Fact is, the majority of the internet runs on UNIX, which has evolved from a network environment to an internet environment steadily and sensibly over 25 years. MicroSoft windows NT has not done this, it's 'evolved' in the space of a couple of years, and is affected by every virus under the sun because it uses the Win32/DOS MZ executable format that everyone is so fond of coding virii for. Hopefully this will convince people to stop paying extortionate amounts for crappy MicroSoft webservers and get a sensible OpenBSD server with FP2000 extensions (if you must have them) instead. Keep the GUI on the desktop, servers do not need a rediculous GUI stopping you from properly managing processes etc.
Anyway. The weird thing about the Media is that it has concentrated on the malicious people who created the virus. I have not seen anyone comment on why it is always Microsoft servers that seem to appear in the news; only a few months ago there was the great MS Administrator Password fiasco. Then there was I Love You and so on.
It'd be nice if someone created some software to check for dDoS worms on servers. All you need is a packet sniffer to track incoming and outgoing packets and hunt for millions of outgoing packets that werent originally to an IP that hasn't requested anything.
The idea of an 'immune system' mentioned at the start of that article intrigued me. It would be very nice if someone like McAfee created a system that automatically pushes upgrades to registered antivirus software running on servers as soon as an outbreak is detected, so that the software could instantly do a quick search for that one virus and deal with the problem each hour for several days or something (although several days is a bit of a wishfull uptime for microsoft servers, Ho Ho Ho Ho etc:P...).
Well thats what I think. Bubbye.
Weevil
It appears to me that most viruses nowadays revolve around microsoft and it's incessant need to script everything, and make everything they make 'better' than everything anyone else comes up with. Microsoft could indeed be charged with Aiding and Abetting this crime, since they are the ones that provided the means of infiltration. If you don't want your house broken into, you don't leave the front door open.
One (much debated) problem is that Microsoft are leaving the door open by closing all the doors to their source code. It wouldnt be surprising if they had a genuine reason for not letting ANYONE other than Microsoft see their sources -- there are many many free pieces of software out there written for unices that have free, uncompiled source available...
Anyway this strays from the point. I am pretty much in favour of viruses like Code Red if they get rid of this rediculous Microsoft server craze that's going around. Microsoft has not naturally evolved into a server user/group based architecture and this is its main downfall. Unix is, of course, free. Free to host websites etc and many people who wish to set up servers obviously feel that if it's free it must have something wrong with it...
The point Gibson is making about XP (I think) is that it comes without the crappy sockets implementation that was in 95 and 98, meaning that it is now possible for anyone using XP to spoof their IP as easily as they can in UNIX. Previously it was quite easy to detect Windows based l33t h4x0rs because they used little cracking applications that did the work for them and could not spoof the IP. In the bright new world of XP, even the hackers win out, because they can now make hack-attempts by software much more untreaceable than before.
And I think I speak for most of us when I predict that what Cringely calles TCP/MS would be a terrible implementation and, naturally, hugely popular (as with all Microsoft products). Microsoft currently has an utterly terrible server record, being the most hacked and attacked system I've heard of (possibly with the exception of RedHat Linux;) and the fact that it's resorting to changing the protocol really says something about the way Microsoft works -- if the walls keep falling down, make the ground rubbery so they bounce up again. The UNIX way is to have teams of people building decent walls in the first place.
Microsoft currently has a great desktop system, and it should stick to it. Microsoft is a CLIENT, it should never have been a server.
One of the most interesting problems nowadays is that, after following MacOS for so long, Windows has finally found itself in the driving seat, only problem is it's never taken a lesson in it's life and keeps crashing. The recent panic by microsoft that has resulted in it spewing out about 4,000 new OS's in the past year is evidence of this.
I have never paid any money for linux, or any UNIX system, barring phone bills. I have obtained it all by FTP.
I have probably paid up to $200 on Windows 98 and 95 in total (excluding other microsoft 'products' i have purchased).
Matrox have made a good decision if they're leaving the 3D graphics market. Their cards were often released at just the wrong time, and would be made obsolete when the likes of nVidia or 3DFX released a new card. Most matrox cards, while offering fabulous 2D performance that you would expect from a company that's been making broadcast-quality graphics hardware for years (despite the infamous matrox little green line syndrome, which I think has been wiped out now), have lagged behind in the 3D market and their cards always seemed to be running to catch up with the bigger players. Their use of PowerVR, for example, was a huge mistake and that was one of their first credible 3D accelerators.
Long live their development of fabulous GFX hardware, though.
We're always hearing about how some fool decides to fill an exhibition center or university with crackers/hackers and do rediculous stuff with them like explain internet security or talk about IPv6. The very fact that they are hackers/crackers means they already know about this sort of thing. In fact, it's already been mentioned that no genuine crackers would ever be dumb enough to turn up to such an event.
So what we have here is a few lectures to a group of people who deem themselves "hackers" about stuff they most likely already understand.
This is almost as bad as the events where lecturers attempt to explain the Web And Its Possibilities to business executives who can't even use MS Word, let alone an interface that changes for every website they visit.
The web is not a secure place to be and it will never be "secure". The very nature of network communication relies on data being spread all over various subnets by switches and hubs, so anyone with a packet sniffer and a brain can break in. Decryption of cyphers is another matter, but I've yet to see a truly uncrackable cypher used on the web. If it can be decrypted at the other end, it can be decrypted along the way by a cracker.
Just to note; the word 'cracker' was put around by true hackers after undue media attention by dumb journalists who decided to adopt the word "hacker" to mean "someone who breaks into computer systems illegally". Therefore there is no true word for what is currently known as a cracker (other than perhaps "b*stard"), and no dictionary definition of the term. So there.
this may sound weird, but I like to be able to hear my HD working. While being quiet is a nice thing to show off to your mates ("look it doesnt make any noise, wowww!") it isnt practical in my opinion. My drive rattling is the only way i know that Windows hasnt died. Increased rattling means I should defrag etc etc. With a drive I cant hear I'd have to look at a damn LED all the time =)
Marvelous accheivement though, but surely we should have moved on from magnetic discs by now?
Slashdot Mirror
Oooh praise time. Yeah, the Code Red virus event. I got extremely irritated by the news media on this one. Promising the 'downfall of the internet' etc etc. Fact is, the majority of the internet runs on UNIX, which has evolved from a network environment to an internet environment steadily and sensibly over 25 years. MicroSoft windows NT has not done this, it's 'evolved' in the space of a couple of years, and is affected by every virus under the sun because it uses the Win32/DOS MZ executable format that everyone is so fond of coding virii for. Hopefully this will convince people to stop paying extortionate amounts for crappy MicroSoft webservers and get a sensible OpenBSD server with FP2000 extensions (if you must have them) instead. Keep the GUI on the desktop, servers do not need a rediculous GUI stopping you from properly managing processes etc.
:P...).
Well thats what I think. Bubbye.
Weevil
Anyway. The weird thing about the Media is that it has concentrated on the malicious people who created the virus. I have not seen anyone comment on why it is always Microsoft servers that seem to appear in the news; only a few months ago there was the great MS Administrator Password fiasco. Then there was I Love You and so on.
It'd be nice if someone created some software to check for dDoS worms on servers. All you need is a packet sniffer to track incoming and outgoing packets and hunt for millions of outgoing packets that werent originally to an IP that hasn't requested anything.
The idea of an 'immune system' mentioned at the start of that article intrigued me. It would be very nice if someone like McAfee created a system that automatically pushes upgrades to registered antivirus software running on servers as soon as an outbreak is detected, so that the software could instantly do a quick search for that one virus and deal with the problem each hour for several days or something (although several days is a bit of a wishfull uptime for microsoft servers, Ho Ho Ho Ho etc
It appears to me that most viruses nowadays revolve around microsoft and it's incessant need to script everything, and make everything they make 'better' than everything anyone else comes up with. Microsoft could indeed be charged with Aiding and Abetting this crime, since they are the ones that provided the means of infiltration. If you don't want your house broken into, you don't leave the front door open.
;) and the fact that it's resorting to changing the protocol really says something about the way Microsoft works -- if the walls keep falling down, make the ground rubbery so they bounce up again. The UNIX way is to have teams of people building decent walls in the first place.
One (much debated) problem is that Microsoft are leaving the door open by closing all the doors to their source code. It wouldnt be surprising if they had a genuine reason for not letting ANYONE other than Microsoft see their sources -- there are many many free pieces of software out there written for unices that have free, uncompiled source available...
Anyway this strays from the point. I am pretty much in favour of viruses like Code Red if they get rid of this rediculous Microsoft server craze that's going around. Microsoft has not naturally evolved into a server user/group based architecture and this is its main downfall. Unix is, of course, free. Free to host websites etc and many people who wish to set up servers obviously feel that if it's free it must have something wrong with it...
The point Gibson is making about XP (I think) is that it comes without the crappy sockets implementation that was in 95 and 98, meaning that it is now possible for anyone using XP to spoof their IP as easily as they can in UNIX. Previously it was quite easy to detect Windows based l33t h4x0rs because they used little cracking applications that did the work for them and could not spoof the IP. In the bright new world of XP, even the hackers win out, because they can now make hack-attempts by software much more untreaceable than before.
And I think I speak for most of us when I predict that what Cringely calles TCP/MS would be a terrible implementation and, naturally, hugely popular (as with all Microsoft products). Microsoft currently has an utterly terrible server record, being the most hacked and attacked system I've heard of (possibly with the exception of RedHat Linux
Microsoft currently has a great desktop system, and it should stick to it. Microsoft is a CLIENT, it should never have been a server.
One of the most interesting problems nowadays is that, after following MacOS for so long, Windows has finally found itself in the driving seat, only problem is it's never taken a lesson in it's life and keeps crashing. The recent panic by microsoft that has resulted in it spewing out about 4,000 new OS's in the past year is evidence of this.
Weevil
I have never paid any money for linux, or any UNIX system, barring phone bills. I have obtained it all by FTP. I have probably paid up to $200 on Windows 98 and 95 in total (excluding other microsoft 'products' i have purchased).
Hmm, are microsoft affiliated with VeriSign in any way?
Matrox have made a good decision if they're leaving the 3D graphics market. Their cards were often released at just the wrong time, and would be made obsolete when the likes of nVidia or 3DFX released a new card. Most matrox cards, while offering fabulous 2D performance that you would expect from a company that's been making broadcast-quality graphics hardware for years (despite the infamous matrox little green line syndrome, which I think has been wiped out now), have lagged behind in the 3D market and their cards always seemed to be running to catch up with the bigger players. Their use of PowerVR, for example, was a huge mistake and that was one of their first credible 3D accelerators.
Long live their development of fabulous GFX hardware, though.
Wow. That was dumb of me. Well, consider myself corrected. Baah. It happens to anyone who doesn't read stuff properly....
Err. "Port to Intel"?
I'm afraid OS X is, effectively, a port FROM intel. X windows. Unix. Ring any bells?
We're always hearing about how some fool decides to fill an exhibition center or university with crackers/hackers and do rediculous stuff with them like explain internet security or talk about IPv6. The very fact that they are hackers/crackers means they already know about this sort of thing. In fact, it's already been mentioned that no genuine crackers would ever be dumb enough to turn up to such an event.
So what we have here is a few lectures to a group of people who deem themselves "hackers" about stuff they most likely already understand.
This is almost as bad as the events where lecturers attempt to explain the Web And Its Possibilities to business executives who can't even use MS Word, let alone an interface that changes for every website they visit.
The web is not a secure place to be and it will never be "secure". The very nature of network communication relies on data being spread all over various subnets by switches and hubs, so anyone with a packet sniffer and a brain can break in. Decryption of cyphers is another matter, but I've yet to see a truly uncrackable cypher used on the web. If it can be decrypted at the other end, it can be decrypted along the way by a cracker.
Just to note; the word 'cracker' was put around by true hackers after undue media attention by dumb journalists who decided to adopt the word "hacker" to mean "someone who breaks into computer systems illegally". Therefore there is no true word for what is currently known as a cracker (other than perhaps "b*stard"), and no dictionary definition of the term. So there.
this may sound weird, but I like to be able to hear my HD working. While being quiet is a nice thing to show off to your mates ("look it doesnt make any noise, wowww!") it isnt practical in my opinion. My drive rattling is the only way i know that Windows hasnt died. Increased rattling means I should defrag etc etc. With a drive I cant hear I'd have to look at a damn LED all the time =) Marvelous accheivement though, but surely we should have moved on from magnetic discs by now?
If the network was constantly being slow and you had to keep fixing it they'd fire you and get someone else who could fix it better.
And miraculously, once they'd fired you the problem would vanish.
Then there'd be a lawsuit.
Then you'd go to jail.