Whenever my parents told me crap like this, it inspired me to lie about pretty much everything. Including activities which would probably not get me in trouble. But, when you create an environment of distrust, you're more likely to breed distrustful actions....
While we're on the subject of mail.app annoyances, does anybody know how to get mail to permanently accept SSL certificates in 10.3? I looked around macosxhints.com, but none of those suggestions seemed to work.
Actually, I think/. is a much better candidate for a terrorist website. Just wait till the next Joe Blow posts his cool case mod pics up on the web. =)
I posted this on another web forum, but I figured I'd re-post it here, too. I admit that I wasn't 100% open minded to this presentation, but I was willing to give the MS guy a break. However, I walked away from this presentation being very disenchanted, and I feel very uneasy about the whole MS-Security-Drumbeating festival that is going on these days.
Anayways, enjoy:
Thought I would pass on this story, as I found it a bit amusing. Today I went to a presentation at my school called "Security: Just Plain Good For You", sponsored by none other than Microsoft. The guy that was presenting it was a "Microsoft Product Evagelist" (yes, that was his actual job title), meaning that he was not paid to do any actual software development; his job was to give powerpoint presentations around the country. To be fair, this guy said he did have 14 years of background experience as an applications software developer. At any rate, the presentation opened by the speaker admitting it had been a "rough month" for Microsoft. He acknowledged that MS security had been a bit lacking, but excused this by saying that even though Microsoft was spending more time and money on security, they were unable to keep up with the volume of attacks against MS boxes. Then, he presented 2 types of "major" security vulnerabilities, and gave working examples of each. Although he -mentioned- buffer overflows in the beginning of his presentation, he chose instead to focus on the areas of SQL injection and cross-site scripting (XSS). So, we sat there for about 30 minutes while he demonstrated how you could make a web-based form display a java popup window and other such things. When his presentation ended, he welcomed questions from the audience. I asked him that if MS touted the use of firewalls to protect a machine (a point he made several times in the presentation), then why wasn't XP's firewall enabled by default? He basically told me in so many words that XP's firewall is connection based, and isn't adequate for this task. I also asked him if most of the MS security research centered around XSS and SQL injection exploitations, rather than core application or OS security. He said that security vulnerabilities like those he had discussed accounted for a good portion of research, but they were "also concentrating on OS security". Additionally, we asked him why IIS runs in kernel space in Win2003 server, given that he not only bragged about 2003's security, but also noted that Microsoft's new security paradigm is to "put security before features". He acknowledged that having IIS running in kernel space was somewhat risky, but he assured us that "it was done very securely".
I have to admit that I went into this lecture a bit biased, but I came out of it far more fearful about Microsoft's approach to security. The MS rep seemed to justify Microsoft's lack of security by stating that "there are more Microsoft-installed computers on the internet than any other OS" (fair point), and that "put any other default install of an OS on the internet, and it'll be compromised in 30 minutes or less." (In case you were wondering, he specifically referred to only linux and freebsd here. No mention of Plan9 or OpenBSD or any others, and nobody brought it up in the Q&A session, either). Regardless of Microsoft's past track record, I have to say that this lecture made me slightly uneasy about MS's approach to secure software development. It seemed to me that more than anything else, they seem to be repeating the mantra "if we tell people it's secure, then it will be secure".
I list and buy all my textbooks on half.com. You can find pretty much any book you need, and make a ton of money by selling your books back at reasonable prices.
there's talk of it all over the campus....and we all know how reliable campus rumors are! C'mon guys, don't forget to say hi to the Olson twins when you see them on campus next year!
Ok, "force" is really quite an overstatement. I admit that I exaggerate things sometimes.;) A more accurate assesment of the events went something like this:
- Rose wants to reduce number of supported operating systems on campus from 3 (Novell, Windows, Solaris) to 2 (so long, Novell!). Novell is eradicated from campus, and the crowds rejoyced. This was 3+ years ago. I was in the last class that had a novell preloaded laptop. - The next year's freshmen (currently juniors) laptops come preloaded with 98 and a number of tools to access unix-style networks (openafs + krb5). - As of last year, Windows 98 becomes unsupported by Microsoft, and a new solution is needed. The freshman laptops (erm, that is, last year's freshmen, now sophomores) will be preloaded with XP. - Because XP is now the only "officially" supported flavor of windows on campus, a big push is made to migrate older laptops from 98 to XP, which is probably due in part to campus negociations with good old Microsoft. Spring quarter, they set up tables where you could sign up for them to reinstall the laptop for you, to make things as hassle-free as possible, and they encouraged students and faculty to go on down and lobotomize their laptops free of charge. So, they never exactly "forced" anyone to upgrade (after all, I own the laptop, not them), but they made a big effort to get as much of the campus to use XP as possible (primarily by threatening to deny support to non-XP users). - Blaster hits and pwns the campus. Network admins start shutting down ports without prior notification in order to stop the worm's spread. - As more and more students with XP laptops start coming back to campus, the rate of infection does not slow down. Rose announces unregistration of all cards in DHCP database (see linked announcement in parent post), but incoming freshmen (who have yet to receive their laptops, actually) are spared this difficulty, since their machines are pre-patched. - Sometime last year, the school changed the DHCP servers to do a few things. If a card was unregistered, it would be given special DNS and routing information that routed all IP addresses to a single machine, which had a webserver running the frontend for their DHCP registration tool. So, on an unregistered box, every webpage would point towards the registration page until the card is registered. Also, non-registered cards cannot access the outside world. - I only have 1 machine on campus now, which is currently pending re-registration. It is a headless sparcstation 5 running openbsd, which makes it, needless to say, somewhat difficult to access the automated registration webpage. There is another page (the one linked in the article) where you can manually register cards. I do not know what specifically is done to "check" machines during the re-registration process, so I should warn you that this information is based just on rumors I've heard around campus; I am not sure what the actual process involves. From my understanding, a brief portscan is done to verify that blaster has not infected the target machine (iirc, blaster opened up port tcp 707). I heard from another source that some type of java program is run via a web browser to actually check for the presence of blaster/sobig on the target system. I can't verify this, but knowing how much time remains until the 1st day of classes, I would suspect that only the former of these two checks is in place. - Rose doesn't necessarily support non-windows machines (if you take it to the helpdesk with a hardware problem, they'll fix it, but won't be able to do much in the way of diagnostics), but they don't discourage their use. I haven't run windows on my laptop since about midway through sophomore year, and now I use a mac laptop, so between the two, I haven't had an "officially supported" OS in about 2 years.
I hope this answers your question. Rose students like to trash talk the school a lot, but really, its not always that bad. I was a bit miffed that I had to reregiste
I know the parent was meant to be funny, but believe it or not, that's what my school did. They unregistered all cards from their DHCP database and are requiring everyone to re-register on condition of passing a brief virus scan to get back on the network. Our network is set up to disallow external routing for any not-registered machines.
I guess that's what they get for forcing everyone to migrate to XP last year...
Not to rain on the parade here, but I thought there were a number of more interesting papers from sigcomm this year. Namely:
- Peer-to-Peer Information Retrieval Using Self-Organizing Semantic Overlay Networks - Quantum Cryptography in Practice - Making Gnutella-like P2P Systems Scalable
better yet, take the next part of the virus payload and base64 it, then fetch it from the google cache. its unlikely that google would get taken out from the volume of the traffic, but they might purge the documents from the cache when the next variant is reverse engineered.
Slashdot Mirror
must... resist... urge... to make.... hot grits... joke!
Don't ever lie to us about what you're doing.
Whenever my parents told me crap like this, it inspired me to lie about pretty much everything. Including activities which would probably not get me in trouble. But, when you create an environment of distrust, you're more likely to breed distrustful actions....
While we're on the subject of mail.app annoyances, does anybody know how to get mail to permanently accept SSL certificates in 10.3? I looked around macosxhints.com, but none of those suggestions seemed to work.
Thanks.....
Actually, the plural of "radius" is "radii" or "radiuses". Either form is acceptable.
Can I mod your sig -1 stupid? ;]
Actually, I think /. is a much better candidate for a terrorist website. Just wait till the next Joe Blow posts his cool case mod pics up on the web. =)
I posted this on another web forum, but I figured I'd re-post it here, too. I admit that I wasn't 100% open minded to this presentation, but I was willing to give the MS guy a break. However, I walked away from this presentation being very disenchanted, and I feel very uneasy about the whole MS-Security-Drumbeating festival that is going on these days.
Anayways, enjoy:
Thought I would pass on this story, as I found it a bit amusing. Today I went to a presentation at my school called "Security: Just Plain Good For You", sponsored by none other than Microsoft. The guy that was presenting it was a "Microsoft Product Evagelist" (yes, that was his actual job title), meaning that he was not paid to do any actual software development; his job was to give powerpoint presentations around the country. To be fair, this guy said he did have 14 years of background experience as an applications software developer.
At any rate, the presentation opened by the speaker admitting it had been a "rough month" for Microsoft. He acknowledged that MS security had been a bit lacking, but excused this by saying that even though Microsoft was spending more time and money on security, they were unable to keep up with the volume of attacks against MS boxes.
Then, he presented 2 types of "major" security vulnerabilities, and gave working examples of each. Although he -mentioned- buffer overflows in the beginning of his presentation, he chose instead to focus on the areas of SQL injection and cross-site scripting (XSS). So, we sat there for about 30 minutes while he demonstrated how you could make a web-based form display a java popup window and other such things.
When his presentation ended, he welcomed questions from the audience. I asked him that if MS touted the use of firewalls to protect a machine (a point he made several times in the presentation), then why wasn't XP's firewall enabled by default? He basically told me in so many words that XP's firewall is connection based, and isn't adequate for this task.
I also asked him if most of the MS security research centered around XSS and SQL injection exploitations, rather than core application or OS security. He said that security vulnerabilities like those he had discussed accounted for a good portion of research, but they were "also concentrating on OS security".
Additionally, we asked him why IIS runs in kernel space in Win2003 server, given that he not only bragged about 2003's security, but also noted that Microsoft's new security paradigm is to "put security before features". He acknowledged that having IIS running in kernel space was somewhat risky, but he assured us that "it was done very securely".
I have to admit that I went into this lecture a bit biased, but I came out of it far more fearful about Microsoft's approach to security. The MS rep seemed to justify Microsoft's lack of security by stating that "there are more Microsoft-installed computers on the internet than any other OS" (fair point), and that "put any other default install of an OS on the internet, and it'll be compromised in 30 minutes or less." (In case you were wondering, he specifically referred to only linux and freebsd here. No mention of Plan9 or OpenBSD or any others, and nobody brought it up in the Q&A session, either). Regardless of Microsoft's past track record, I have to say that this lecture made me slightly uneasy about MS's approach to secure software development. It seemed to me that more than anything else, they seem to be repeating the mantra "if we tell people it's secure, then it will be secure".
Same here. But I only plan to register .cx domains. ;P
Yaaay. Go rose. =)
"This laptop is tooooo hot!"
"This laptop is tooooo cold!"
"This laptop is juuuust right!"
-RAWR-
EOF from client.
So is THAT what they call it these days? You sicko!
Java vs .NET
Hrm, reminds me of when two fat ugly chicks in my high school started a cat fight in the hallway.
I list and buy all my textbooks on half.com. You can find pretty much any book you need, and make a ton of money by selling your books back at reasonable prices.
Wait a sec...you mean the thinksecret story, or the macrumors one? I think "real" is a bit of an overstatement here...
Are you buy any chance the guy emailing out these spams?
Also, on an unrelated sidenote, I checked out your homepage. Are you considering Rose for college?
there's talk of it all over the campus ....and we all know how reliable campus rumors are! C'mon guys, don't forget to say hi to the Olson twins when you see them on campus next year!
Ok, "force" is really quite an overstatement. I admit that I exaggerate things sometimes. ;) A more accurate assesment of the events went something like this:
- Rose wants to reduce number of supported operating systems on campus from 3 (Novell, Windows, Solaris) to 2 (so long, Novell!). Novell is eradicated from campus, and the crowds rejoyced. This was 3+ years ago. I was in the last class that had a novell preloaded laptop.
- The next year's freshmen (currently juniors) laptops come preloaded with 98 and a number of tools to access unix-style networks (openafs + krb5).
- As of last year, Windows 98 becomes unsupported by Microsoft, and a new solution is needed. The freshman laptops (erm, that is, last year's freshmen, now sophomores) will be preloaded with XP.
- Because XP is now the only "officially" supported flavor of windows on campus, a big push is made to migrate older laptops from 98 to XP, which is probably due in part to campus negociations with good old Microsoft. Spring quarter, they set up tables where you could sign up for them to reinstall the laptop for you, to make things as hassle-free as possible, and they encouraged students and faculty to go on down and lobotomize their laptops free of charge. So, they never exactly "forced" anyone to upgrade (after all, I own the laptop, not them), but they made a big effort to get as much of the campus to use XP as possible (primarily by threatening to deny support to non-XP users).
- Blaster hits and pwns the campus. Network admins start shutting down ports without prior notification in order to stop the worm's spread.
- As more and more students with XP laptops start coming back to campus, the rate of infection does not slow down. Rose announces unregistration of all cards in DHCP database (see linked announcement in parent post), but incoming freshmen (who have yet to receive their laptops, actually) are spared this difficulty, since their machines are pre-patched.
- Sometime last year, the school changed the DHCP servers to do a few things. If a card was unregistered, it would be given special DNS and routing information that routed all IP addresses to a single machine, which had a webserver running the frontend for their DHCP registration tool. So, on an unregistered box, every webpage would point towards the registration page until the card is registered. Also, non-registered cards cannot access the outside world.
- I only have 1 machine on campus now, which is currently pending re-registration. It is a headless sparcstation 5 running openbsd, which makes it, needless to say, somewhat difficult to access the automated registration webpage. There is another page (the one linked in the article) where you can manually register cards. I do not know what specifically is done to "check" machines during the re-registration process, so I should warn you that this information is based just on rumors I've heard around campus; I am not sure what the actual process involves. From my understanding, a brief portscan is done to verify that blaster has not infected the target machine (iirc, blaster opened up port tcp 707). I heard from another source that some type of java program is run via a web browser to actually check for the presence of blaster/sobig on the target system. I can't verify this, but knowing how much time remains until the 1st day of classes, I would suspect that only the former of these two checks is in place.
- Rose doesn't necessarily support non-windows machines (if you take it to the helpdesk with a hardware problem, they'll fix it, but won't be able to do much in the way of diagnostics), but they don't discourage their use. I haven't run windows on my laptop since about midway through sophomore year, and now I use a mac laptop, so between the two, I haven't had an "officially supported" OS in about 2 years.
I hope this answers your question. Rose students like to trash talk the school a lot, but really, its not always that bad. I was a bit miffed that I had to reregiste
I know the parent was meant to be funny, but believe it or not, that's what my school did. They unregistered all cards from their DHCP database and are requiring everyone to re-register on condition of passing a brief virus scan to get back on the network. Our network is set up to disallow external routing for any not-registered machines.
I guess that's what they get for forcing everyone to migrate to XP last year...
Not to rain on the parade here, but I thought there were a number of more interesting papers from sigcomm this year. Namely:
- Peer-to-Peer Information Retrieval Using Self-Organizing Semantic Overlay Networks
- Quantum Cryptography in Practice
- Making Gnutella-like P2P Systems Scalable
Just some more food for thought....
I betcha the aliens that built them know what they're running...
-puts on tinfoil hat-
what irc channel is that, per se?
Are you sure that wasn't RMS begging for some handouts?
better yet, take the next part of the virus payload and base64 it, then fetch it from the google cache. its unlikely that google would get taken out from the volume of the traffic, but they might purge the documents from the cache when the next variant is reverse engineered.
I'm shocked. Simply flabbergasted. Someone brace me; I think I might faint.