I have a big stack of 3.5" floppies originally used on an Amiga, and most of them still work... They've been stored in a loft which sees highly variable temperatures.
I have an iphone, and several other phones (blackberry, android etc)... And correct me if i'm wrong, but when i power on the devices they boot up, and then automatically start talking to the network and retrieving email etc...
Surely then, even if the data stored on the phones built in flash is encrypted, the key to that encryption must also be on the phone somewhere in order for it to boot on its own, otherwise it would require the key be entered in order to boot at all.
Surely then, given that the encryption key must be stored somewhere on the device, its only a matter of having the necessary skills (or easy to follow instructions) in order to work out where that key is stored and how to use it to unlock the data.
The key lock on the screen is irrelevant, as the phone has already booted and is working in the background.
So you basically have security through obscurity.. And you can bet that there are nefarious groups out there who have already worked out how to extract unencrypted data from all of the major phones.
They can dictate anything they want, as you said the acquisition is not complete and could be cancelled... Skype will do pretty much anything MS wants in order to ensure the deal doesn't fall through. It's highly likely that during negotiations, MS provided a list of demands that skype must comply with before the buyout happens - otherwise its off.
Similarly a webapp level bug would yield user level access just the same on OSX as Linux or any other platform (and probably give you instant root equivalent on windows, since apache runs as SYSTEM by default there).
I am in no doubt that hackers would try to root OSX machines if they found vulnerable webapps running on one.
Many of the people who buy games and then trade them in a couple of days later probably wouldn't have bought them at all were it not for the trade in ability (which significantly reduces the risk of making the initial purchase)... So then the person who would have bought the used copy, may instead buy a new copy, but that's still only one new copy sold at best.
Why shouldn't a game have to compete with itself? Publishers want to spew out absolute crap and rely on people buying it, and some people are more willing to take a risk on such things if they know they can get 90% of their money back by trading it in... If you take away that safety net, people will become far more careful about what new games they buy... And the fact that so many people want to get rid of a game they bought only a few days ago says a lot about those games...
I'm all for developers making games which people actually want to continue playing, but i'm completely against them doing anything damaging to consumers in order to kill the used market.
Because WinCE or Windows/ARM based laptops won't run the applications they want either... In fact they will be worse, because they're marketed as windows machines which implies they *can* run windows applications. Linux machines make no such claims.
And the key point is my statement about correctly marketed... Many of the Linux based netbooks had extremely poor distributions installed, some were even preinstalled with distributions which were not configured to support all of the hardware they were installed on, and most did not have working package managers for installing additional software.
FX!32 allowed software to *run*, but it didn't run very fast which negated the performance advantage of the Alpha. If your apps weren't Alpha native, then you might as well buy cheaper x86 hardware to achieve a similar performance level.
Itanium failed due to closed source binary software...
Only the original vendor can produce a port to a new architecture.
10 Original vendor, being a for-profit business sees no profit in porting to a new architecture that has no users. 20 Users see no reason to buy an architecture that has no software available for it. 30 goto 10
Any new architecture is pretty much doomed to failure in the general purpose market, even one backed by someone as big as Intel.
How would zone-h know what exploits were used? All they see is the defaced site, it's unlikely most victims of defacement are going to go around telling defacement mirrors how they were hacked, and its unlikely most of the hackers will talk about what it is they used.
Also you can't use a local privilege escalation exploit until *AFTER* you have obtained user level access. How was this level of access obtained?
And on balance, Sony produce far more hardware than they do software. MS is the other way round, with the vast majority of their revenue coming from software.
Yes, this capability can be disabled. But this privilege escalation is enabled by default. Do you know how to disable it? (Without looking it up; be honest now.;-) I've found that hardly any linux or OSX users can answer this when I ask them.
Sure, just run things as a user who isn't in the sudoers file (by default on most distros sudoers has a group added, with anyone in that group allowed to sudo rather than adding individual users to sudoers)...
Note that you still need a valid password in order to elevate privileges, and just exploiting a userland application such as a browser will not give you that password.
The windows (NT) kernel is not really the problem anyway, the problems lie further up the stack because of all the extra complexity, much of which has been inherited from the win9x series.
1, no currently available OS is actually suitable for end users...
2, windows in 2007 implemented normal user accounts by default, something apple implemented in 2001 (or whenever the first version of osx came out) and other unixes implemented much much earlier.
Amusing also that you add ".exe" to the end of every malware filename you quote, since its only windows that determines if a file can be executed based on something so arbitrary as the file name. On linux at least, you would have an additional step of marking the file executable first.
Also, while windows is finally getting users used to normal user accounts, apple is moving towards an app store model... Such a model is, for the average user, an answer to the social engineering problem. Educate users that software only comes from the app store or trusted repositories, and prevent (or preferably just make it very difficult) them from executing arbitrary binaries. This would virtually eliminate the attacks you describe, and it seems as usual that apple and linux are years ahead of microsoft.
Compare the level of malware for ipad and iphones, the only malware i'm aware of was only applicable to jailbroken devices, and relied upon the user not changing the default password... I'm not aware of any social engineering attacks which result in execution of arbitrary code.
A firewall is a crutch to protect an otherwise insecure machine against the big bad network... The fact that OSX systems ship with it off by default, and yet do not get remotely rooted is a testament to that. It's far better to have no services running, than to have services running and then hiding behind a firewall... If you actually needed to offer services remotely then you'd have to open up a firewall rule to allow them, if you don't need to offer them then they have no business running at all.
If a service is inaccessible due to a firewall, then just what purpose does that service serve? The answer obviously is "none", so why then should it be running at all? It's wasting resources, and sitting there just waiting for a firewall failure to occur so the service can be exploited.
I have encountered many windows users who have become infected with all sorts, often repeatedly despite paying significant amounts of money both to have infections removed and for ineffective "protection"...
Most of them don't realise that anything other than windows exists, and simply accept the risk and cost of malware as an inherent part of using a computer...
There is nothing to say the servers defaced were rooted, just that they were defaced... It's quite possible to deface a website with only access to the user account that owns or runs that site.
It also goes on to say that most of those defacements were due to bugs in web applications like remote file includes, now if you write buggy code and put it on a public facing webserver it will be vulnerable regardless what type of webserver you deploy it on.
Also, what type of sites are being defaced? Are they important corporate sites with a significant budget behind them for security hardening, or are they small single person blogs etc?
Similarly, with poorly configured shared hosting exploiting one user's site may get you an increased level of access to another site, for instance in many shared hosting environments the web server process runs as the same userid for all sites, meaning if you exploit one you will have the ability to read files and possibly write to some areas. Then of course, if you do root the system you instantly gain the capability to deface all the sites hosted on it. It seems mass defacements are not uncommon, and will naturally skew the stats towards linux as its far more common to host a larger number of sites on a single linux box. Such hosting is also generally the cheapest kind available, and therefore more likely to be used by less savvy users and operated by less competent sysadmins.
Also if you look at the stats, it's only in 2010 that linux defacements have become proportional to market share... In previous years, windows has accounted for a far higher proportion of defacements than its overall webserver marketshare would dictate, especially in 2000-2002 where windows defacements actually outnumbered linux despite having a minority market share.
A properly configured linux server simply won't have a browser installed for stupid users to do that with... Windows does by default which is difficult to remove, and sooner or later it ends up being used, either by accident in an rdesktop session or to perform some troubleshooting. It's quite a common vector for exploitation really. You quite often get cases where people use the default browser on a windows "server" in a corporate dmz to bypass the web filtering policy of that company...
If the Apache server was meant to be public facing, how would a firewall have helped? It would have had rules to allow access to the Apache server, so it would still have been exploited... Infact, if they'd been using a firewall then an attack like that would have got you a foothold behind it, where there would probably be far more easily exploitable holes hidden behind the firewall.
PPC, MIPS, Alpha, IA64 and i860 i believe... What do all these have in common? Noone used them.
At the time, these architectures offered vastly superior performance to x86, but couldn't run legacy windows apps or legacy apps designed for other OS that typically ran on the hardware. Since there were so few users, virtually no commercial software was ever ported to non x86 windows and very few people ever even bothered to port open source code to them.
MS' biggest strength - proprietary lockin, is also their biggest weakness... If your going to move to an incompatible hardware platform, and lose access to your legacy software in the process then you'd be a fool to run windows... Linux already runs on ARM, will not lock you in like windows is designed to, costs nothing, and already runs 99% of the same software the x86 version does.
And ofcourse if everyone is running open source code, the architecture becomes irrelevant and we can switch again very easily if something better than ARM comes along. It's also possible to have a range of architectures for different purposes, ARM or MIPS for low power devices, perhaps x86, IA64 or Alpha for high performance devices where power usage isn't a concern.
The trouble with Intel is that they are tying themselves to x86, which carries with it a lot of legacy cruft that ARM doesn't have to deal with... The end result is that, in order to remain competitive with ARM Intel have to keep a step ahead on fabrication technology, since an ARM fabbed on the same process will always have an advantage.
The problem with those cheap wince based laptops, is they're advertised as running windows, which means people buying them often expect that they run the same windows they may already have on a desktop, or have at work etc... Once they get it, they are usually severely disappointed and this usually results in a very high return rate. Another ARM version of windows is likely to do the same thing, disappoint users, fragment the brand and end up with lots of returns...
An ARM based version of linux on the other hand could sell very well, if its properly marketed... Users would have no preconceptions about it, and take the devices for what they are. Just make sure there is a proper linux distro, not the crippled versions that came with the first round of x86 netbooks... And make sure the benefits of linux are well advertised to users, especially the package manager.
A used copy can only exist if someone has already bought a new copy and then chosen to sell it on. The supply of such copies very shortly after a new game is released is likely to have a very close relationship to how poor and overhyped that game is... Very few people are going to buy a game for $70 by choice and then sell it for a fraction of the price a day later. If someone does that, then they were effectively tricked into making that purchase in the first place. If anything, the purchaser should have a window in which they can return the game for a full refund, especially if they bought something which didn't live up to its advertising.
Retailers should be able to resell used copies of games as soon as they have used copies to sell, to place an arbitrary delay hurts end users and hurts retailers.
I have a big stack of 3.5" floppies originally used on an Amiga, and most of them still work... They've been stored in a loft which sees highly variable temperatures.
Well, he certainly did work at MS when Windows 1.0 was written, which is what this story is about... So perhaps the icon is actually appropriate?
I have an iphone, and several other phones (blackberry, android etc)...
And correct me if i'm wrong, but when i power on the devices they boot up, and then automatically start talking to the network and retrieving email etc...
Surely then, even if the data stored on the phones built in flash is encrypted, the key to that encryption must also be on the phone somewhere in order for it to boot on its own, otherwise it would require the key be entered in order to boot at all.
Surely then, given that the encryption key must be stored somewhere on the device, its only a matter of having the necessary skills (or easy to follow instructions) in order to work out where that key is stored and how to use it to unlock the data.
The key lock on the screen is irrelevant, as the phone has already booted and is working in the background.
So you basically have security through obscurity.. And you can bet that there are nefarious groups out there who have already worked out how to extract unencrypted data from all of the major phones.
They can dictate anything they want, as you said the acquisition is not complete and could be cancelled... Skype will do pretty much anything MS wants in order to ensure the deal doesn't fall through.
It's highly likely that during negotiations, MS provided a list of demands that skype must comply with before the buyout happens - otherwise its off.
Actually, i am a regular user of both Mac and Linux (and other unixes, but less so these days)... Using a macbook pro to type this.
OSX is not immune to local privilege escalation vulnerabilities, take for example http://www.digit-labs.org/files/exploits/xnu-hfs-fcntl-v2.c and there are
Similarly a webapp level bug would yield user level access just the same on OSX as Linux or any other platform (and probably give you instant root equivalent on windows, since apache runs as SYSTEM by default there).
I am in no doubt that hackers would try to root OSX machines if they found vulnerable webapps running on one.
Many of the people who buy games and then trade them in a couple of days later probably wouldn't have bought them at all were it not for the trade in ability (which significantly reduces the risk of making the initial purchase)... So then the person who would have bought the used copy, may instead buy a new copy, but that's still only one new copy sold at best.
Why shouldn't a game have to compete with itself? Publishers want to spew out absolute crap and rely on people buying it, and some people are more willing to take a risk on such things if they know they can get 90% of their money back by trading it in... If you take away that safety net, people will become far more careful about what new games they buy...
And the fact that so many people want to get rid of a game they bought only a few days ago says a lot about those games...
I'm all for developers making games which people actually want to continue playing, but i'm completely against them doing anything damaging to consumers in order to kill the used market.
Because WinCE or Windows/ARM based laptops won't run the applications they want either... In fact they will be worse, because they're marketed as windows machines which implies they *can* run windows applications. Linux machines make no such claims.
And the key point is my statement about correctly marketed... Many of the Linux based netbooks had extremely poor distributions installed, some were even preinstalled with distributions which were not configured to support all of the hardware they were installed on, and most did not have working package managers for installing additional software.
FX!32 allowed software to *run*, but it didn't run very fast which negated the performance advantage of the Alpha. If your apps weren't Alpha native, then you might as well buy cheaper x86 hardware to achieve a similar performance level.
Itanium failed due to closed source binary software...
Only the original vendor can produce a port to a new architecture.
10 Original vendor, being a for-profit business sees no profit in porting to a new architecture that has no users.
20 Users see no reason to buy an architecture that has no software available for it.
30 goto 10
Any new architecture is pretty much doomed to failure in the general purpose market, even one backed by someone as big as Intel.
How would zone-h know what exploits were used? All they see is the defaced site, it's unlikely most victims of defacement are going to go around telling defacement mirrors how they were hacked, and its unlikely most of the hackers will talk about what it is they used.
Also you can't use a local privilege escalation exploit until *AFTER* you have obtained user level access. How was this level of access obtained?
And on balance, Sony produce far more hardware than they do software. MS is the other way round, with the vast majority of their revenue coming from software.
Revenue perhaps, but sony produce actual physical goods which have production costs... So their profit margins are a lot thinner.
Yes, this capability can be disabled. But this privilege escalation is enabled by default. Do you know how to disable it? (Without looking it up; be honest now. ;-) I've found that hardly any linux or OSX users can answer this when I ask them.
Sure, just run things as a user who isn't in the sudoers file (by default on most distros sudoers has a group added, with anyone in that group allowed to sudo rather than adding individual users to sudoers)...
Note that you still need a valid password in order to elevate privileges, and just exploiting a userland application such as a browser will not give you that password.
The windows (NT) kernel is not really the problem anyway, the problems lie further up the stack because of all the extra complexity, much of which has been inherited from the win9x series.
So what your basically saying is:
1, no currently available OS is actually suitable for end users...
2, windows in 2007 implemented normal user accounts by default, something apple implemented in 2001 (or whenever the first version of osx came out) and other unixes implemented much much earlier.
Amusing also that you add ".exe" to the end of every malware filename you quote, since its only windows that determines if a file can be executed based on something so arbitrary as the file name. On linux at least, you would have an additional step of marking the file executable first.
Also, while windows is finally getting users used to normal user accounts, apple is moving towards an app store model... Such a model is, for the average user, an answer to the social engineering problem. Educate users that software only comes from the app store or trusted repositories, and prevent (or preferably just make it very difficult) them from executing arbitrary binaries. This would virtually eliminate the attacks you describe, and it seems as usual that apple and linux are years ahead of microsoft.
Compare the level of malware for ipad and iphones, the only malware i'm aware of was only applicable to jailbroken devices, and relied upon the user not changing the default password... I'm not aware of any social engineering attacks which result in execution of arbitrary code.
A firewall is a crutch to protect an otherwise insecure machine against the big bad network...
The fact that OSX systems ship with it off by default, and yet do not get remotely rooted is a testament to that.
It's far better to have no services running, than to have services running and then hiding behind a firewall... If you actually needed to offer services remotely then you'd have to open up a firewall rule to allow them, if you don't need to offer them then they have no business running at all.
If a service is inaccessible due to a firewall, then just what purpose does that service serve? The answer obviously is "none", so why then should it be running at all? It's wasting resources, and sitting there just waiting for a firewall failure to occur so the service can be exploited.
I have encountered many windows users who have become infected with all sorts, often repeatedly despite paying significant amounts of money both to have infections removed and for ineffective "protection"...
Most of them don't realise that anything other than windows exists, and simply accept the risk and cost of malware as an inherent part of using a computer...
There is nothing to say the servers defaced were rooted, just that they were defaced... It's quite possible to deface a website with only access to the user account that owns or runs that site.
It also goes on to say that most of those defacements were due to bugs in web applications like remote file includes, now if you write buggy code and put it on a public facing webserver it will be vulnerable regardless what type of webserver you deploy it on.
Also, what type of sites are being defaced? Are they important corporate sites with a significant budget behind them for security hardening, or are they small single person blogs etc?
Similarly, with poorly configured shared hosting exploiting one user's site may get you an increased level of access to another site, for instance in many shared hosting environments the web server process runs as the same userid for all sites, meaning if you exploit one you will have the ability to read files and possibly write to some areas.
Then of course, if you do root the system you instantly gain the capability to deface all the sites hosted on it.
It seems mass defacements are not uncommon, and will naturally skew the stats towards linux as its far more common to host a larger number of sites on a single linux box. Such hosting is also generally the cheapest kind available, and therefore more likely to be used by less savvy users and operated by less competent sysadmins.
Also if you look at the stats, it's only in 2010 that linux defacements have become proportional to market share... In previous years, windows has accounted for a far higher proportion of defacements than its overall webserver marketshare would dictate, especially in 2000-2002 where windows defacements actually outnumbered linux despite having a minority market share.
A properly configured linux server simply won't have a browser installed for stupid users to do that with...
Windows does by default which is difficult to remove, and sooner or later it ends up being used, either by accident in an rdesktop session or to perform some troubleshooting. It's quite a common vector for exploitation really.
You quite often get cases where people use the default browser on a windows "server" in a corporate dmz to bypass the web filtering policy of that company...
If the Apache server was meant to be public facing, how would a firewall have helped?
It would have had rules to allow access to the Apache server, so it would still have been exploited... Infact, if they'd been using a firewall then an attack like that would have got you a foothold behind it, where there would probably be far more easily exploitable holes hidden behind the firewall.
PPC, MIPS, Alpha, IA64 and i860 i believe...
What do all these have in common? Noone used them.
At the time, these architectures offered vastly superior performance to x86, but couldn't run legacy windows apps or legacy apps designed for other OS that typically ran on the hardware. Since there were so few users, virtually no commercial software was ever ported to non x86 windows and very few people ever even bothered to port open source code to them.
MS' biggest strength - proprietary lockin, is also their biggest weakness...
If your going to move to an incompatible hardware platform, and lose access to your legacy software in the process then you'd be a fool to run windows... Linux already runs on ARM, will not lock you in like windows is designed to, costs nothing, and already runs 99% of the same software the x86 version does.
And ofcourse if everyone is running open source code, the architecture becomes irrelevant and we can switch again very easily if something better than ARM comes along.
It's also possible to have a range of architectures for different purposes, ARM or MIPS for low power devices, perhaps x86, IA64 or Alpha for high performance devices where power usage isn't a concern.
The trouble with Intel is that they are tying themselves to x86, which carries with it a lot of legacy cruft that ARM doesn't have to deal with... The end result is that, in order to remain competitive with ARM Intel have to keep a step ahead on fabrication technology, since an ARM fabbed on the same process will always have an advantage.
The problem with those cheap wince based laptops, is they're advertised as running windows, which means people buying them often expect that they run the same windows they may already have on a desktop, or have at work etc... Once they get it, they are usually severely disappointed and this usually results in a very high return rate.
Another ARM version of windows is likely to do the same thing, disappoint users, fragment the brand and end up with lots of returns...
An ARM based version of linux on the other hand could sell very well, if its properly marketed... Users would have no preconceptions about it, and take the devices for what they are. Just make sure there is a proper linux distro, not the crippled versions that came with the first round of x86 netbooks... And make sure the benefits of linux are well advertised to users, especially the package manager.
Once the initial development costs are covered, selling a game for $5 is still a $4.99 profit for them...
A used copy can only exist if someone has already bought a new copy and then chosen to sell it on. The supply of such copies very shortly after a new game is released is likely to have a very close relationship to how poor and overhyped that game is...
Very few people are going to buy a game for $70 by choice and then sell it for a fraction of the price a day later. If someone does that, then they were effectively tricked into making that purchase in the first place.
If anything, the purchaser should have a window in which they can return the game for a full refund, especially if they bought something which didn't live up to its advertising.
Retailers should be able to resell used copies of games as soon as they have used copies to sell, to place an arbitrary delay hurts end users and hurts retailers.