Slashdot Mirror


User: Bert64

Bert64's activity in the archive.

Stories
0
Comments
12,200
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,200

  1. Re:BTW on Microsoft Giving Rival Browsers a Lift · · Score: 1

    Why would a "server" os even have a web browser installed by default?

  2. Re:Note: Apache ON WINDOWS on Serious Apache Exploit Discovered · · Score: 2, Insightful

    Dedicated webservers are actually far more attractive targets to attackers, they are likely to have a lot more upstream bandwidth available to them than a typical end user making them ideal for spam, ddos, and scanning for other machines to infect, or they could merely reuse the existing webserver as a delivery mechanism for malware or phishing sites.

  3. Re:Been caught out with faked good from Amazon too on Some Newegg Customers Received Fake Intel Core i7s · · Score: 3, Interesting

    Sometimes they will even hack the FAT to make it look like a much larger drive, although obviously you will start getting errors if you try to write beyond its actual capacity... A lot of people get caught out by this because it takes them some time to fill the drive.

  4. Re:Guess what on A Public Funded "Microsoft Shop?" · · Score: 1

    Linux isn't really more difficult, it's just different... In many ways it's actually easier, to do anything complex it's a lot simpler for instance and most configuration is done in text files that often have very good comments.

    The problem is that people think windows can be run by any idiots (thanks to ms marketing it as such), which simply isn't the case... If you want a windows based network that's even remotely secure or stable you need to hire competent staff, and those people are generally not cheap... You also need a lot of third party software to keep a windows network running properly.

    If you've content to have a flakey windows network operated by the cheapest possible staff you *might* save money, especially if you don't consider the costs of security breaches. If you're willing to invest in decent staff and think long term, linux will almost always come out cheaper.

  5. Re:MS Wromtongues Infecting Your Corporate Overlor on A Public Funded "Microsoft Shop?" · · Score: 1

    You're right, people should use open source because they choose it...
    They should use *anything* because they choose it...

    Unfortunately, this is not the business model MS have chosen. They promote their products not by making people want to choose them, but by forcing them through various lockin schemes combined with heavy marketing and "training" schemes which encourage ignorance of the options available.
    Very few people do proper research and then choose MS based on the results of that research showing it to be technically or financially superior. They either do no research at all, or their selection criteria are corrupted because of lock-in.

  6. Re:hmm... on A Public Funded "Microsoft Shop?" · · Score: 1

    No, but what they do is charge you per machine rather than per machine that has their software installed, making it not cost effective to use anything else.

  7. Re:Ironic on North Korea's Own OS, Red Star · · Score: 1

    Yes, but the north korean government doesn't really fit with communist ideology at all...

  8. Re:So, not a new operating system, just YAGLD on North Korea's Own OS, Red Star · · Score: 1

    They aren't violating the GPL if they aren't distributing it (which i don't believe they are yet)...

  9. Re:Would you want to retrieve it? on Man Swallows USB Flash Drive Evidence · · Score: 2, Interesting

    They have special toilets, attached to sealed booths with attached rubber gloves you put your hands in, and a hose to wash the stuff down...
    Immigration officials use equipment like that all the time to retrieve drugs and other illegal items people try to import by swallowing.

  10. Re:Making copies shouldn't be a crime on Man Swallows USB Flash Drive Evidence · · Score: 1

    Your house and other goods you owned would still retain value (and its value in terms of the currency would actually increase since more of the devalued currency would be required to purchase a house), the only thing that would lose value is any cash you held.

    Obviously if you wanted to sell those goods, you wouldn't accept payment in a currency that was rapidly losing value. This is why people in countries with hyperinflation typically abandon the local currency and deal in dollars or euros.

  11. Re:Making copies shouldn't be a crime on Man Swallows USB Flash Drive Evidence · · Score: 1

    The dictator may be unable to export the goods himself, perhaps due to sanctions or similar... Or he may have to export them on the black market and accept an extremely poor price for them.

  12. Re:Making copies shouldn't be a crime on Man Swallows USB Flash Drive Evidence · · Score: 1

    Yes, like the government's quantitative easing policy...

    Did this friend of yours contribute to the laughable state of the zimbabwean economy? I bought a 100 trillion zimbabwe dollar bill a while ago just for fun, its worth about 3 cents.

  13. Re:Bolting On on Over Half of Software Fails First Security Tests · · Score: 1

    Bugs can be fixed without impacting operation/compatibility...
    A design flaw cannot.

  14. Re:Bolting On on Over Half of Software Fails First Security Tests · · Score: 4, Interesting

    For another encryption example, look at how windows and linux implement user password hashing...

    Linux takes the plaintext password via an input channel (ssh, telnet, gdm, local console etc), passes it to PAM which loads the corresponding password from the shadow file, encrypts the user input with the same algorithm and salt, and compares the output. The backend (pam, encryption cipher) can be changed without affecting how the frontend, making it easy to use a different encryption algorithm as increases in computing power, or discovery of cryptographic flaws, renders the old ones insecure.

    Windows, in a somewhat misguided attempt to prevent plain texts being sent over the network, effectively uses the encrypted hash (yes its more complicated than that, but the general idea is that only the hash ever gets used and the password isnt sent in the clear - unix solves this at a different layer by using encryption of the plaintext password such as ssh)... Because of this, the hashing algorithm is difficult to change. Older windows used lanman which is laughably weak, while modern windows uses ntlm by default which is somewhat stronger but not great... However, modern windows still has lanman support for compatibility reasons, and until vista/2008 it was still enabled by default. If they change the hashing algorithm, then they will still have to retain the old ones for quite some time in order to have compatibility, and also change the protocols to handle a third possible algorithm.
    The fact that you can use the hash without cracking it first is also a design flaw, this isn't possible on unix or anything else i'm aware of.

  15. Re:That's great. on Over Half of Software Fails First Security Tests · · Score: 1

    Compatibility (with their own lockin) is their biggest selling point, but because of design flaws (like the registry and countless others) also their biggest weakness...

  16. Re:That's great. on Over Half of Software Fails First Security Tests · · Score: 1

    Also, how did they come to be testing open source software... Was it submitted by the authors for testing? I suspect not, since the testing process will cost money... Or did they simply download it and decide to test it arbitrarily? If the latter, then the open source software in question doesn't fall under the "needed their software tested" category...

  17. Re:Chinese Patience on Aurora Attack — Resistance Is Futile, Pretty Much · · Score: 1

    I just shred with a generic desktop shredder, and then set fire to the resulting bundle of paper scraps.

  18. Re:Though I wish that MacOS were safer, on Aurora Attack — Resistance Is Futile, Pretty Much · · Score: 1

    You aren't worth the effort of exploiting...
    You probably don't use that machine as a workstation in a significantly sized company/government department... And if you do, then attacking you is a waste of time because any such company will have plenty of windows machines floating around which will be a lot easier to exploit and likely hold all the data an attacker might want anyway.

  19. Re:Number 5? on Aurora Attack — Resistance Is Futile, Pretty Much · · Score: 1

    And unless you installed some third party implementation, the password complexity option is crap.. Password1 or Password1! will get through just fine, and when you're forced to change your password then Password2 will work perfectly well.

  20. Re:So for this attack to work. on Aurora Attack — Resistance Is Futile, Pretty Much · · Score: 1

    2, or a vulnerable plugin, or socially engineer a user of a fully patched browser (also a security flaw because the user needs the ability to execute arbitrary binaries)...
    5/5a, active directory as a whole is vulnerable to these kind of attacks, due to design flaws rather than specific bugs that can easily be patched.
    6, cracking windows passwords is easy once you have the hashes due to the encryption being extremely weak, and it cannot easily be replaced because the encryption algorithm is required for the network authentication processes (see design flaw)... However, you don't even need to crack the hashes, you can use the hashes as they are without cracking them (another design flaw)

    aside from the various design flaws in windows, their marketing is the biggest flaw... windows is marketed as an "easy to use" server platform, where you don't need to hire expensive admins to run it. Now to keep a windows network barely functioning this is true, however to keep one as secure as possible (within the limits imposed by the various fundamental design flaws) you need a significant number of highly skilled staff and (often expensive) third party sotware.. MS would never admit this however, because that would be an admission that windows is about the most expensive platform to maintain across the board.
    Most companies seem to buy in to the marketing and hire insufficient staff with insufficient skills, as a result you get huge gaps in their setup which can be exploited.

    There is also the lockin issue, companies are often tied to old crufty proprietary apps that cannot be moved to more modern systems, for instance webapps tied to ie6. Had they done their research up front and understood the risks and the future pain it will cause, it's likely they never would have implemented such proprietary systems... However, most companies seem not to understand the risks of lockin and even today are implementing new proprietary applications that will tie them down again. Windows 7 may be "the most secure windows ever", but they said that about nt4 years ago too. In a few years time, windows 7 will be the insecure crufty legacy os thats a thorn in peoples side while ms is pushing everyone to upgrade to the new "more secure" version.

  21. Re:oh for the love of ____! on Aurora Attack — Resistance Is Futile, Pretty Much · · Score: 2, Interesting

    Fascism doesn't necessarily require a small government, just that the government be controlled by corproate interests... In fact, a large totalitarian government is beneficial to a fascist state because it becomes easier to create conditions more favorable to business.

  22. Re:Sounds like resistance is easy. on Aurora Attack — Resistance Is Futile, Pretty Much · · Score: 1

    Which is why a monoculture is so bad... Attackers don't need information on the systems being used, they can just assume that their victims are running windows.
    If they had to recon their target first to find out what they're running and devise attack methodologies for multiple platforms the attacks would be massively more difficult and less common.

  23. Re:Sounds like resistance is easy. on Aurora Attack — Resistance Is Futile, Pretty Much · · Score: 1

    However, due to basic design flaws (rather than implementation bugs that will get patched), a windows and active directory based network is much easier to crack than environments based on other platforms...

    Plenty of reading on the web, but start with http://www.crest-approved.org/Pages/conf/windowsauth.pdf (use google to convert it to html if you're concerned about pdf vulns).

  24. Re:uh silverlight works in linux on Google Enhances Street View With User Photos · · Score: 1

    Only, MS don't release the specs until they are ready to release code that implements it thus giving them a head start on any development.

  25. Re:Srsly? on UK Bill Would Outlaw Open Wi-Fi · · Score: 2, Insightful

    The large ISPs that can afford to implement the recording are more than happy... Economies of scale mean they can implement the recording far more cheaply than the smaller players, many of whom will simply go bust leaving the big players to soak up the extra customers.
    And when they charge extra for the recording, they don't have to spend all the extra revenue on actually implementing it... Much of that will go to profit.