Prevention would be better than a cure. Credit companies on receipt of a credit/loan application should write to the employer asking for confirmation the person is employed there. The letter should ask the employer to pass on to the employee an attached letter that tells the employee he/she has applied for credit and how to contact the credit company if he/she hasn't made the application.
Only when employer confirms and employee doesn't complain is it safe to advance any money.
Current practice of lending money without properly verifying the identity of the applicant is the real crime here.
GOBBLES is a team of 17 (at the last count) people. Their advisory makes a very important point that foundstone and microsoft miss. There are already known buffer overflows in winamp, m$ media player, and other players, but the respective advisories talk of receiving a media file either from a web page or email attachment. Most users I suspect get more media files via p2p sharing than from web pages or email.
This is an infection vector that security "experts" are not taking sufficiently seriously.
Investigators discovered the passport of Satam al Suqami, one of the terrorists aboard American Airlines Flight 11, the first plane to hit the World Trade Center.
Are passports needed for internal US flights?
Could a passport really survive from the plane?
If it had would it not be buried under a lot of rubble?
Would the FBI forge a passport?
Would they forge emails?
Not sure if anyone really has a case against Microsoft itself. They did release a patch and advise not installing IIS unless you want to run a webserver, and disable the index server unless you need it.
Maybe all the home users who bought a "Personal" computer with IIS preinstalled and enabled by the supplier have a case against their supplier. Is it reasonable to describe a computer running IIS as "Personal"?
Re:Warhol Worm proposed: 15 minutes to total infec
on
Code Red: the Aftermath
·
· Score: 2, Insightful
This is spot on. Changeover to IPv6 (with its larger address space) would have stopped Code Red before it even started. A worm would take years on IPv6 to find another host to infect. IPv6 would put an end to random port scanning too.
Slashdot Mirror
Prevention would be better than a cure. Credit companies on receipt of a credit/loan application should write to the employer asking for confirmation the person is employed there. The letter should ask the employer to pass on to the employee an attached letter that tells the employee he/she has applied for credit and how to contact the credit company if he/she hasn't made the application.
Only when employer confirms and employee doesn't complain is it safe to advance any money.
Current practice of lending money without properly verifying the identity of the applicant is the real crime here.
This is an infection vector that security "experts" are not taking sufficiently seriously.
Investigators discovered the passport of Satam al Suqami, one of the terrorists aboard American Airlines Flight 11, the first plane to hit the World Trade Center.
Are passports needed for internal US flights?
Could a passport really survive from the plane?
If it had would it not be buried under a lot of rubble?
Would the FBI forge a passport?
Would they forge emails?
Now that's scary!
Because all the pages of their website are in C:\InetPub, so they will back that up first and restore it after the re-install.
Now where was that root.exe file? ....
Maybe all the home users who bought a "Personal" computer with IIS preinstalled and enabled by the supplier have a case against their supplier. Is it reasonable to describe a computer running IIS as "Personal"?
This is spot on. Changeover to IPv6 (with its larger address space) would have stopped Code Red before it even started. A worm would take years on IPv6 to find another host to infect. IPv6 would put an end to random port scanning too.