this is no wonder, when companies like linksys actually manages to ship a switch with a stripped ssh interface, and a web interface that only work in IE (and IE6 too). My jaw literally dropped when I saw it. No more linksys until they get their act together on the webview side, or better yet - proper ssh control.
what about spoofing an adress of another known bot ? then use a distributed network of probes as suggested earlier in this thread to pick more and more nodes for spoofing. That would either do some serious harm to their botnet, or even better, make them reconsider the retalitory ddos and make it a bit easier to analyze the botnet.
hence the line about patching asap - preferably with a wire cutter, just for dramatic effect:) seriously, these computers should never be connected to the a public network. If this must be done, possibly for remote monitoring, it could be done with hardware such as this: Network diode. It's not infallible, but it's an extra layer of security on top of firewalls and such.
because the automation system controlling the infrastructure is not connected to a public network, like say, the internet - right ? If it is, then someone should probably do some quick patching asap.
This seems pretty similar to the way google builds their racks, with just mb's and no cabinets. What would have been really cool was if someone made som e kind of network driver for a pci express slot, with them being able to use external cables, is it possible to use a dedicated pci express slot as a interface to another computer, skipping the network bottleneck ?
Here in norway they already refined the technic a bit; they sent out a letter template to all their valued partners, where they recommend the voting board to vote yes, with a list of reasons why they want openXML. 37 companies sent this letter to standards norway, some not even bothering to fill out their own name or company name in the template;)
all true, except the line about photoshop: not to flame about gimp - but it's no photoshop. It's great and all, but (at the moment) it's not even close. Some day I hope they get there, but that day is not today.
Will dell, when they see that the sale of linux is not to great, check to see the sales of those exact models - since there is no actual reason to buy a linux pc from dell right now, I expect people to buy the windows version and wipe and install themselves. At the time being there is no point in buying a linux dell, since it's the same price, and if you buy the windows one you get more; a windows license and a computer you know you can run linux on. What's the point of buying the linux one ? (I know, I will probably buy the linux one, since I have no use for the windows, but it actually makes no sense to the average person to buy the linux one, since you get more for less/same price with the windows one)
They were set in the future, following the rag-tag human resistance as they tried to survive and fight back, dealing with the creeping paranoia that some of their number are secretly Terminators out to destroy them from within. I'd appreciate bringing the series back to its creepier roots. we've already got that one, it's called battlestar galactica - and its good.
TFA says he was running this program for seven months, and was planning on alerting cisco "this summer", and he also spread the program to his friends. Doesn't really sound like security research to me, more like bypassing the security for your own convenience. You really don't "research" a security flaw for seven months, and even spread it to other people.
http://freenigma.com/ - the freenigma plugin for firefox offers encryption and signing of mail with gmail, I think they are planning support for yahoo mail also.
Just as a counterpost to the very negative summary: I am currently running feisty with beryl enabled on a dual screen, running nvidia drivers. I made a complete switch from windows about a month ago, while feisty was still in beta, but I haven't looked back since. No way am i letting go of my scale plugin for beryl:) (That feature is worth the whole switch just by itself.)
Well,, the large Norwegian ISPs already have the infrastructure in place to do this: The norwegian child porn filter. This is implemented at the largest ISPs in Norway. Allthough I must say that this proposal in particular is in no way going to happen, It's my belief that there is enough sensible people in this country, making an uproar if this ever comes to pass.
I don't know about a portable vi (perhaps a small cygwin install on your flashdrive ?) but I can really recommend truecrypt as encryption for your pen drive. It's both for windows and linux. It really helped me from a paranoia attack the other day, when I lost my keychain with my USB drive attached to it. (found it a day later, hapilly)
It would seem to me that these drives if they were used might be present an issue with data security. Are there any plans to protect the hard drives from being read by unauthorized access? Hopefully the design is such that all data is protected but being new, I couldn't get enough details to make a determination.
I would assume that the people that already is knowledgeable enough to wipe their drive before throwing away/selling/whatever, would manage to wipe these drives too. If it's not presented as a standalone drive, it will no doubt be some sort of tools out for doing this in a pretty short time. The people that actually worries about this will find a way to deal with it. It's the people that wouldn't have thought about it in the first place that gets in trouble over these kinds of things.
Slashdot Mirror
Ubuntu 7.10, latest generic kernel image (standard image) is affected
Linux kenshu 2.6.22-14-generic #1 SMP Fri Feb 1 04:59:50 UTC 2008 i686 GNU/Linux
OpenAFS is a distributed file system. It seems to fit your bill. No personal experience, so don't know how well it actually works.
this is no wonder, when companies like linksys actually manages to ship a switch with a stripped ssh interface, and a web interface that only work in IE (and IE6 too). My jaw literally dropped when I saw it. No more linksys until they get their act together on the webview side, or better yet - proper ssh control.
what about spoofing an adress of another known bot ?
then use a distributed network of probes as suggested earlier in this thread to pick more and more nodes for spoofing. That would either do some serious harm to their botnet, or even better, make them reconsider the retalitory ddos and make it a bit easier to analyze the botnet.
hence the line about patching asap - preferably with a wire cutter, just for dramatic effect :)
seriously, these computers should never be connected to the a public network. If this must be done, possibly for remote monitoring, it could be done with hardware such as this: Network diode. It's not infallible, but it's an extra layer of security on top of firewalls and such.
because the automation system controlling the infrastructure is not connected to a public network, like say, the internet - right ?
If it is, then someone should probably do some quick patching asap.
This seems pretty similar to the way google builds their racks, with just mb's and no cabinets. What would have been really cool was if someone made som e kind of network driver for a pci express slot, with them being able to use external cables, is it possible to use a dedicated pci express slot as a interface to another computer, skipping the network bottleneck ?
Here in norway they already refined the technic a bit; they sent out a letter template to all their valued partners, where they recommend the voting board to vote yes, with a list of reasons why they want openXML. 37 companies sent this letter to standards norway, some not even bothering to fill out their own name or company name in the template ;)
wouldn't that just be more expensive ? it must be a lot cheaper to have the least difference, hence a lot less complicated assembly.
I have tried neither.
all true, except the line about photoshop: not to flame about gimp - but it's no photoshop. It's great and all, but (at the moment) it's not even close.
Some day I hope they get there, but that day is not today.
Will dell, when they see that the sale of linux is not to great, check to see the sales of those exact models - since there is no actual reason to buy a linux pc from dell right now, I expect people to buy the windows version and wipe and install themselves.
At the time being there is no point in buying a linux dell, since it's the same price, and if you buy the windows one you get more; a windows license and a computer you know you can run linux on. What's the point of buying the linux one ?
(I know, I will probably buy the linux one, since I have no use for the windows, but it actually makes no sense to the average person to buy the linux one, since you get more for less/same price with the windows one)
yeah, it's only that the restore is such a bitch.
A fireman became him ?
TFA says he was running this program for seven months, and was planning on alerting cisco "this summer", and he also spread the program to his friends. Doesn't really sound like security research to me, more like bypassing the security for your own convenience. You really don't "research" a security flaw for seven months, and even spread it to other people.
http://freenigma.com/ - the freenigma plugin for firefox offers encryption and signing of mail with gmail, I think they are planning support for yahoo mail also.
Just as a counterpost to the very negative summary: I am currently running feisty with beryl enabled on a dual screen, running nvidia drivers. I made a complete switch from windows about a month ago, while feisty was still in beta, but I haven't looked back since. No way am i letting go of my scale plugin for beryl :) (That feature is worth the whole switch just by itself.)
or for the CLI impaired: install nvidia-settings from apt , a nice gui which makes multimonitor setup with feisty a breeze.
amen
+1 Tinfoil
and actually, Sweden has this child porn filter too. That one I did not expect, you live to learn :)
Well,, the large Norwegian ISPs already have the infrastructure in place to do this: The norwegian child porn filter.
This is implemented at the largest ISPs in Norway. Allthough I must say that this proposal in particular is in no way going to happen, It's my belief that there is enough sensible people in this country, making an uproar if this ever comes to pass.
I don't know about a portable vi (perhaps a small cygwin install on your flashdrive ?) but I can really recommend truecrypt as encryption for your pen drive. It's both for windows and linux. It really helped me from a paranoia attack the other day, when I lost my keychain with my USB drive attached to it. (found it a day later, hapilly)
It would seem to me that these drives if they were used might be present an issue with data security. Are there any plans to protect the hard drives from being read by unauthorized access? Hopefully the design is such that all data is protected but being new, I couldn't get enough details to make a determination.
I would assume that the people that already is knowledgeable enough to wipe their drive before throwing away/selling/whatever, would manage to wipe these drives too. If it's not presented as a standalone drive, it will no doubt be some sort of tools out for doing this in a pretty short time. The people that actually worries about this will find a way to deal with it. It's the people that wouldn't have thought about it in the first place that gets in trouble over these kinds of things.