Another workaround is to not let anyone touch your computer (unless you trust them) because you need to have access before doing anything. This is a ridiculous bug, but it's not easy to exploit remotely.
ethical and illegal are two very different things. An ethical person will do illegal things, if they are the right thing (like Snowden. Super illegal).
Don't let the illegality of it confuse you. What they are doing is dangerous, but finding mistakes and letting the world know is the ethical thing to do.
The unethical ones in this situation are the companies who released their code without a security review. Those managers didn't give the programmers (or QA) extra time in the sprint to test for security bugs.
After heartbleed, security researchers realized you could give a vuln a catchy name and a cute logo and it would get a lot more attention.
Since being a security company is more a matter of marketing than skill (in a great many cases: look at the most popular anti-viruses), once the white hats realized that, they did it more.
If some hacker finds an exploit, doesn't tell Microsoft, uses it for his own purposes but fails to keep it secure so other hackers get hold of it and use it to install ransomware, would you still blame Microsoft,
Yes, yes I would.
You might as well criticize the Linux devs too because of all the unpatched security holes in Linux.
Do you mean that dialogue and not violence is a better way to solve problems?
It depends on the problem, right? Imagine you want to kill me, and I want to kill you. There's no way to solve that problem equitably. Now realize this is a problem that people in the real world face. Erdogan had a coup attempt against him, and Assad has half his country wanting to kill him. His solution is to kill them first, which thus far has been effective. Then of course ISIS just wants to kill nearly everyone. In fact, they believe it is the will of God, and he is on their side.
Dialogue is not always an option, and even when it is, sometimes lawsuits work better which carries the implied threat of violence (from the state).
It's older than that, mate, read history. "Barbaric" outsiders have been invading "civilized" areas for as long as cities have existed. And the 'civilized' folks have always talked about it in terms similar to yours, with nothing but disdain up until they are destroyed.
What makes you think we care about his death? He's just as ephemeral as the rest of us.
But if you do care, one of the two Swedish victims was an 11-year-old girl on her way home from school. The other was a 31-year-old Belgian woman, visiting Stockholm as a tourist. The other Swedish victim isn't described in the article.
If you care about the perpetrator, since he is a human too, he is a 39-year-old Uzbek man. In 2014, he had applied for a residence permit in Sweden, but last summer the application was rejected and he faced expulsion. In February, police were instructed to carry out the deportation. But he had disappeared.
Anonymity was crucial to the founding of our democracy, and people should be allowed to protest without being recognized. Giving the government a huge new surveillance tool is not the right answer to stopping swatting.
The problem is antivirusmakes your systemless secure. You're giving up control of your system, making it less secure, and not getting much in return. Microsoft Security Essentials is enough.
Why do you think the problem is Uber? Why don't you blame ridiculously high rents? If you've ever taken action to 'keep property values up' then you are part of the problem. If you've ever opposed new apartment buildings in your town, then you are a huge part of the problem. If there were enough houses for everyone, then rent would go down and these drivers would be able to afford a place to live.
Slashdot Mirror
Another workaround is to not let anyone touch your computer (unless you trust them) because you need to have access before doing anything. This is a ridiculous bug, but it's not easy to exploit remotely.
It's a strong indication that the code they are using to manage login is too complex and needs to be simplified.
Let's pray for a drought in California.
How much do you want to bet within five years people will be wishing for Flash back, because it was so much better than what we end up with?
The tech community knews this was going on for sometime since power companies (for some crazy reason) are internet accessible.
IF they truly are internet accessible, then I've mapped them myself. zmap is great.
Blackhats do research, too.
Researchers are sometimes unethical.
ethical and illegal are two very different things. An ethical person will do illegal things, if they are the right thing (like Snowden. Super illegal). Don't let the illegality of it confuse you. What they are doing is dangerous, but finding mistakes and letting the world know is the ethical thing to do.
The unethical ones in this situation are the companies who released their code without a security review. Those managers didn't give the programmers (or QA) extra time in the sprint to test for security bugs.
If you want a good ISP you need to use DSL, where there are plenty of competitors.
This is strong evidence that lack of competition is the worst thing right now in the cable ISP world.
After heartbleed, security researchers realized you could give a vuln a catchy name and a cute logo and it would get a lot more attention.
Since being a security company is more a matter of marketing than skill (in a great many cases: look at the most popular anti-viruses), once the white hats realized that, they did it more.
If some hacker finds an exploit, doesn't tell Microsoft, uses it for his own purposes but fails to keep it secure so other hackers get hold of it and use it to install ransomware, would you still blame Microsoft,
Yes, yes I would.
You might as well criticize the Linux devs too because of all the unpatched security holes in Linux.
Also yes.
The only thing you should be concerned about is watching the content you love.
We have entered the era of the glorification of the consumer. All you should do is consume, and feel happy about it.
Not because they care about you. Because the consumer can be monetized.
Sorry I don't have better answers right now.
Easy. Companies should be liable for gross negligence. Things like default passwords haven't been best-practice for a decade now.
Leaving the telnet port open has been a bad idea for a long time.
Yes. Sometimes the bug is hard to stop, but sometimes it's a clear case of negligence. The manufacturer just doesn't care.
Do you mean that dialogue and not violence is a better way to solve problems?
It depends on the problem, right? Imagine you want to kill me, and I want to kill you. There's no way to solve that problem equitably. Now realize this is a problem that people in the real world face. Erdogan had a coup attempt against him, and Assad has half his country wanting to kill him. His solution is to kill them first, which thus far has been effective. Then of course ISIS just wants to kill nearly everyone. In fact, they believe it is the will of God, and he is on their side.
Dialogue is not always an option, and even when it is, sometimes lawsuits work better which carries the implied threat of violence (from the state).
It's older than that, mate, read history. "Barbaric" outsiders have been invading "civilized" areas for as long as cities have existed. And the 'civilized' folks have always talked about it in terms similar to yours, with nothing but disdain up until they are destroyed.
It's an old cycle.
You did, "getting stoned" means crack rocks of course
What makes you think we care about his death? He's just as ephemeral as the rest of us.
But if you do care, one of the two Swedish victims was an 11-year-old girl on her way home from school. The other was a 31-year-old Belgian woman, visiting Stockholm as a tourist. The other Swedish victim isn't described in the article.
If you care about the perpetrator, since he is a human too, he is a 39-year-old Uzbek man. In 2014, he had applied for a residence permit in Sweden, but last summer the application was rejected and he faced expulsion. In February, police were instructed to carry out the deportation. But he had disappeared.
There are manufacturers still leaving telnet ports open. It's not secure, and iOS is not secure.
How long will it take until manufacturers take security seriously?
Friends don't let friends use wordpress. Give your friends cocaine, it's better for them.
Anonymity was crucial to the founding of our democracy, and people should be allowed to protest without being recognized. Giving the government a huge new surveillance tool is not the right answer to stopping swatting.
At least this time they left their own systems vulnerable, instead of all their customers' like last time.
betting on the future of hostile internet - and users actually giving a shit about security.
The first is certain, the second is doubtful.
The problem is antivirus makes your system less secure. You're giving up control of your system, making it less secure, and not getting much in return. Microsoft Security Essentials is enough.
Why do you think the problem is Uber? Why don't you blame ridiculously high rents? If you've ever taken action to 'keep property values up' then you are part of the problem. If you've ever opposed new apartment buildings in your town, then you are a huge part of the problem. If there were enough houses for everyone, then rent would go down and these drivers would be able to afford a place to live.