Yeah, or someone who has just turned 18 and their still 17 year old partner... Technically that's breaking the law, but since they're so close in age (likely in the same school year) there's nothing morally wrong about it.
Well the phrasing "come to an agreement" says it all.. For any normal person you don't come to an agreement with the government, they state how much tax you owe and you have to pay it or you go to jail, there's no negotiation.
Such a thing is far less likely to happen in europe, where employment law is much stronger and prevents them from firing you without valid justification and/or a pay off.
That said, you should get him to provide those instructions in writing, you also reply in writing indicating why you believe it to be a bad idea and if he still wants to go ahead it's on him as you've done your due diligence in providing the warning. Such situations happen all the time, perhaps not to the same degree but often technical people lower down in an organisation get instructed to do something that is highly detrimental to the organisation as a whole. It's certainly happened to me more than once.
V8 is already cross platform and open source, what is the need to have alternative engines? And if support for multiple engines is the goal, what about firefox or the safari javascript engine?
Seems to me like it would be a more worthwhile use of resources to improve V8 rather than integrating support for multiple different engines and the headaches that will come from doing so.
That's a bug tracker, and it makes no mention of the ekoms trojan (which i'm sure someone would have filed as a severe bug if they had found it)... I can also find no mention of the default ubuntu or mint packages shipping with this trojan.
Although obviously you are right in refuting the parent posts's notion that there is no way for the trojan to get onto the system, it may be far less likely for malware to make its way onto a linux host but it's obviously not impossible. Linux has (and has for many years) far more presence in the server market, and linux servers do get compromised in various ways such as user incompetence (weak passwords, ssh brute force scans) or buggy code (poorly written webapps being a favorite these days). It's just that the most common infection routes are different to those prevalent on windows.
I've done a few, usually on an exotic architecture with a patched shell and kernel to log commands to syslog on another host...
What you saw was probably just the scanner, it will log in and just take note of your ip and password for later use. Sometime later you'll usually get someone log in and take a look around... I found that while the scans often come from asia, the actual logins usually come from european countries like romania or italy.
They will usually try uname to see what os is running, and often if it's not linux they will give up right away and not come back. If it is linux, they will usually try to download some tools using wget - copies of their ssh scanner, local root exploits, irc bots etc... Most of them tried to download precompiled x86 binaries, even when the system in question was something else, and they usually gave up when the binaries failed to run.
It's not uncommon to see embedded devices with poor passwords that have been logged into thousands of times, but because of how restricted or nonstandard the environment is nothing was ever done with them.
Those are just from the dictionary fed to the ssh brute forcing tool, it doesn't mean any of them ever actually got a hit on a live system... I have exactly the same, continuous SSH brute force attempts, often the same ip will come back later and try the exact same passwords for no apparent reason.
There is however a lot to be said for saving money and buying cheap weaponry... One of the primary design goals of WW2 aircraft was to be as simple and cheap to build as possible. The cheaper a plane is the more you can build, and the less costly it is when the enemy shoots one down. And the simpler a plane is, the easier you can repair it once it gets damaged.
For drones the above makes even more sense, it's perfectly viable to have a huge fleet of cheap drones because a shot down drone doesn't result in a captured or killed pilot and training competent pilots is also very expensive. A cheap drone that gets shot down isn't a huge loss.
Modern weaponry however is far too expensive, far to complex and far too fragile...
Linux rootkits have been around for many years, and there is already standard functionality for taking screenshots and recording audio built in to most linux distros.. You can just dd data from/dev/audio to a file, and you can take screenshots using xwd or import. The only difference is that most linux systems are servers or embedded so they usually don't have X11 running or any audio hardware attached.
Key point being "went down", rather than pose any risk to their users they decided to shut everything down until they could properly investigate the breach. Any commercial business would want to be back up and running again as soon as possible, even if that meant cutting corners.
Well if windows doesn't work without the recovery image, whats the problem with linux? The recovery image contains a specially tuned version of windows for the specific hardware, your complaining that you cant install a generic version of linux and have everything work immediately while also complaining that a generic version of windows doesn't work immediately? If you had a specially tuned version of linux for the hardware then it would run without problems too.
Apple don't do that, if you buy an Apple product in the US (where they tend to be cheapest) and then export it elsewhere they will still repair it under the default 1 year warranty or applecare if you've bought it, and they will even repair it in their local service centres without requiring you to send it back to the US.
What they won't do is let you claim under consumer rights legislation (eg in europe the warranty period is 2 years by law) which seems fair enough since you didn't buy the product in a country that has such laws.
Ofcourse it depends *where* you bought an item, if you buy it from a country with strong consumer rights legislation you can demand they abide by the law of that country, although they might demand that you send it back to the country of purchase at your own expense for any warranty claims.
Having manuals only available in certain languages is an actual barrier rather than an artificially created one, as it actually costs extra to translate the manual.
That said, products sold in the US will have english and possibly sometimes spanish language manuals, there is no reason these products couldn't be sold in any of the english speaking countries around the world. And even in other countries, many people speak english as a second language if not their first.
People who know anything are more expensive, the problem is that there are many people who claim to know windows but in reality know very little about it, and these people are the ones who have a constant struggle.. A lot of this is also down to MS' traditional marketing which claimed you didn't need expensive and well trained staff to run windows. That simply isn't true, incompetent staff can struggle along but they could with modern linux too if they wanted to, but the end result will never be any good...
When people claim to know linux, that usually means that they actually do - and this is why such people cost more.
Most people don't actually use any applications other than the browser these days, chromeos is actually an ideal choice for a significant proportion of users. There's also a lot of people who regularly use the internet but have never heard of windows, fixed lines are rare in a lot of developing countries so most users are on mobile and are generally using android devices.
That may well be the physical reality of terrestrial broadcast TV, but the same does not apply to Satellite which has a much larger footprint (many european sats can be picked up anywhere from ireland to turkey) and it certainly doesn't apply to internet distribution. Technology has advanced, the world has changed, its time to drop these obsolete business models.
Physical products are an entirely different beast, as you pointed out not having facilities to produce or import a product is not the same as intentionally withholding it from a particular location. There is nothing stopping a third party from importing the products into another country, and in any country with a significant immigrant population there are companies specialising in importing products from the countries where those immigrants came from because there is a market for their products although it might be too small to interest the original manufacturer.
You don't know this for ANY device you buy.. Even if you buy direct from the manufacturer it could have backdoors (see juniper recently). All you can do is take steps to reduce the risk like inspecting the firmware (or replacing it with open source firmware that you can inspect more closely), isolating devices from other things etc.
My CCTV cameras are not on routable ips, and don't have direct internet access or access to anything else on my network here - i can connect to a vpn and view the video feed. Aside from me not trusting the cameras, the cables for them run outside so someone could easily unplug them and attach malicious devices to the cables although hopefully that would be noticed in the last few seconds of video before the camera went offline.
A lot of the cheap chinese cameras seem to be based on the same linux distro (hilinux?) with the same crummy ui on top.. I'm not sure how the frontend actually talks to the camera hardware but it's probably not through the standard linux video apis.
A lot of them run telnet by default (and you cant turn it off through the standard ui), and have a hard coded password although the password tends to vary by manufacturer. I hooked up mine to a TTL console and changed the passwords at least, but i'd love to be able to put a sensible open source firmware on them.
Cars require shipping, distribution, and various safety certifications. There's nothing to stop you buying a car from another country and importing it, providing you are willing to pay the cost of doing so and handle any legal issues like registering the car and certifying it to comply with local road laws. And no care makers will refuse to sell to you just because you plan to export the car.
Anything distributed on the internet is available globally by default, it actually requires additional effort to deny access to specific areas. The idea that they would go out of their way to do something which is entirely detrimental to customers is extremely insulting.
Shipping physical goods to foreign countries costs money and incurs additional overhead to implement... It's less effort to not ship to foreign countries, and if your product is already selling out in its native country the extra effort won't result in any more sales. And companies don't try to prevent the re-shippers from operating.
Intentionally restricting access via the internet is the opposite, adding arbitrary restrictions requires considerable effort.
I'm perfectly ok with someone who doesn't make the extra effort required to ship goods to me, but i am totally against anyone who goes out of their way to discriminate against me.
And prices in sub saharan africa (and asia etc) are not lower because people there can't afford more, they're lower because there is a lot more competition from pirate copies in those locations and charging the same as other countries would result in zero sales. If there was no piracy, they would charge the same price.
Slashdot Mirror
Yeah, or someone who has just turned 18 and their still 17 year old partner... Technically that's breaking the law, but since they're so close in age (likely in the same school year) there's nothing morally wrong about it.
Well the phrasing "come to an agreement" says it all..
For any normal person you don't come to an agreement with the government, they state how much tax you owe and you have to pay it or you go to jail, there's no negotiation.
Such a thing is far less likely to happen in europe, where employment law is much stronger and prevents them from firing you without valid justification and/or a pay off.
That said, you should get him to provide those instructions in writing, you also reply in writing indicating why you believe it to be a bad idea and if he still wants to go ahead it's on him as you've done your due diligence in providing the warning.
Such situations happen all the time, perhaps not to the same degree but often technical people lower down in an organisation get instructed to do something that is highly detrimental to the organisation as a whole. It's certainly happened to me more than once.
V8 is already cross platform and open source, what is the need to have alternative engines?
And if support for multiple engines is the goal, what about firefox or the safari javascript engine?
Seems to me like it would be a more worthwhile use of resources to improve V8 rather than integrating support for multiple different engines and the headaches that will come from doing so.
That's a bug tracker, and it makes no mention of the ekoms trojan (which i'm sure someone would have filed as a severe bug if they had found it)...
I can also find no mention of the default ubuntu or mint packages shipping with this trojan.
Although obviously you are right in refuting the parent posts's notion that there is no way for the trojan to get onto the system, it may be far less likely for malware to make its way onto a linux host but it's obviously not impossible. Linux has (and has for many years) far more presence in the server market, and linux servers do get compromised in various ways such as user incompetence (weak passwords, ssh brute force scans) or buggy code (poorly written webapps being a favorite these days). It's just that the most common infection routes are different to those prevalent on windows.
I've done a few, usually on an exotic architecture with a patched shell and kernel to log commands to syslog on another host...
What you saw was probably just the scanner, it will log in and just take note of your ip and password for later use. Sometime later you'll usually get someone log in and take a look around... I found that while the scans often come from asia, the actual logins usually come from european countries like romania or italy.
They will usually try uname to see what os is running, and often if it's not linux they will give up right away and not come back. If it is linux, they will usually try to download some tools using wget - copies of their ssh scanner, local root exploits, irc bots etc... Most of them tried to download precompiled x86 binaries, even when the system in question was something else, and they usually gave up when the binaries failed to run.
It's not uncommon to see embedded devices with poor passwords that have been logged into thousands of times, but because of how restricted or nonstandard the environment is nothing was ever done with them.
Those are just from the dictionary fed to the ssh brute forcing tool, it doesn't mean any of them ever actually got a hit on a live system...
I have exactly the same, continuous SSH brute force attempts, often the same ip will come back later and try the exact same passwords for no apparent reason.
There is however a lot to be said for saving money and buying cheap weaponry...
One of the primary design goals of WW2 aircraft was to be as simple and cheap to build as possible.
The cheaper a plane is the more you can build, and the less costly it is when the enemy shoots one down.
And the simpler a plane is, the easier you can repair it once it gets damaged.
For drones the above makes even more sense, it's perfectly viable to have a huge fleet of cheap drones because a shot down drone doesn't result in a captured or killed pilot and training competent pilots is also very expensive. A cheap drone that gets shot down isn't a huge loss.
Modern weaponry however is far too expensive, far to complex and far too fragile...
Linux rootkits have been around for many years, and there is already standard functionality for taking screenshots and recording audio built in to most linux distros.. You can just dd data from /dev/audio to a file, and you can take screenshots using xwd or import. The only difference is that most linux systems are servers or embedded so they usually don't have X11 running or any audio hardware attached.
Key point being "went down", rather than pose any risk to their users they decided to shut everything down until they could properly investigate the breach.
Any commercial business would want to be back up and running again as soon as possible, even if that meant cutting corners.
Well if windows doesn't work without the recovery image, whats the problem with linux?
The recovery image contains a specially tuned version of windows for the specific hardware, your complaining that you cant install a generic version of linux and have everything work immediately while also complaining that a generic version of windows doesn't work immediately? If you had a specially tuned version of linux for the hardware then it would run without problems too.
You can already do it on Linux
ifconfig wlan0 hw ether 00:11:22:33:44:55
The default MAC is tied to the interface, but there's no reason it can't be changed in software...
Apple don't do that, if you buy an Apple product in the US (where they tend to be cheapest) and then export it elsewhere they will still repair it under the default 1 year warranty or applecare if you've bought it, and they will even repair it in their local service centres without requiring you to send it back to the US.
What they won't do is let you claim under consumer rights legislation (eg in europe the warranty period is 2 years by law) which seems fair enough since you didn't buy the product in a country that has such laws.
Ofcourse it depends *where* you bought an item, if you buy it from a country with strong consumer rights legislation you can demand they abide by the law of that country, although they might demand that you send it back to the country of purchase at your own expense for any warranty claims.
Having manuals only available in certain languages is an actual barrier rather than an artificially created one, as it actually costs extra to translate the manual.
That said, products sold in the US will have english and possibly sometimes spanish language manuals, there is no reason these products couldn't be sold in any of the english speaking countries around the world. And even in other countries, many people speak english as a second language if not their first.
People who know anything are more expensive, the problem is that there are many people who claim to know windows but in reality know very little about it, and these people are the ones who have a constant struggle.. A lot of this is also down to MS' traditional marketing which claimed you didn't need expensive and well trained staff to run windows. That simply isn't true, incompetent staff can struggle along but they could with modern linux too if they wanted to, but the end result will never be any good...
When people claim to know linux, that usually means that they actually do - and this is why such people cost more.
Most people don't actually use any applications other than the browser these days, chromeos is actually an ideal choice for a significant proportion of users.
There's also a lot of people who regularly use the internet but have never heard of windows, fixed lines are rare in a lot of developing countries so most users are on mobile and are generally using android devices.
That may well be the physical reality of terrestrial broadcast TV, but the same does not apply to Satellite which has a much larger footprint (many european sats can be picked up anywhere from ireland to turkey) and it certainly doesn't apply to internet distribution.
Technology has advanced, the world has changed, its time to drop these obsolete business models.
Physical products are an entirely different beast, as you pointed out not having facilities to produce or import a product is not the same as intentionally withholding it from a particular location. There is nothing stopping a third party from importing the products into another country, and in any country with a significant immigrant population there are companies specialising in importing products from the countries where those immigrants came from because there is a market for their products although it might be too small to interest the original manufacturer.
Have you seen the latency over a mobile connection, even with 4g?
How about people in rural areas with satellite connections?
You don't know this for ANY device you buy..
Even if you buy direct from the manufacturer it could have backdoors (see juniper recently).
All you can do is take steps to reduce the risk like inspecting the firmware (or replacing it with open source firmware that you can inspect more closely), isolating devices from other things etc.
My CCTV cameras are not on routable ips, and don't have direct internet access or access to anything else on my network here - i can connect to a vpn and view the video feed. Aside from me not trusting the cameras, the cables for them run outside so someone could easily unplug them and attach malicious devices to the cables although hopefully that would be noticed in the last few seconds of video before the camera went offline.
A lot of the cheap chinese cameras seem to be based on the same linux distro (hilinux?) with the same crummy ui on top.. I'm not sure how the frontend actually talks to the camera hardware but it's probably not through the standard linux video apis.
A lot of them run telnet by default (and you cant turn it off through the standard ui), and have a hard coded password although the password tends to vary by manufacturer. I hooked up mine to a TTL console and changed the passwords at least, but i'd love to be able to put a sensible open source firmware on them.
Cars require shipping, distribution, and various safety certifications. There's nothing to stop you buying a car from another country and importing it, providing you are willing to pay the cost of doing so and handle any legal issues like registering the car and certifying it to comply with local road laws. And no care makers will refuse to sell to you just because you plan to export the car.
Anything distributed on the internet is available globally by default, it actually requires additional effort to deny access to specific areas. The idea that they would go out of their way to do something which is entirely detrimental to customers is extremely insulting.
Shipping physical goods to foreign countries costs money and incurs additional overhead to implement... It's less effort to not ship to foreign countries, and if your product is already selling out in its native country the extra effort won't result in any more sales.
And companies don't try to prevent the re-shippers from operating.
Intentionally restricting access via the internet is the opposite, adding arbitrary restrictions requires considerable effort.
I'm perfectly ok with someone who doesn't make the extra effort required to ship goods to me, but i am totally against anyone who goes out of their way to discriminate against me.
And prices in sub saharan africa (and asia etc) are not lower because people there can't afford more, they're lower because there is a lot more competition from pirate copies in those locations and charging the same as other countries would result in zero sales.
If there was no piracy, they would charge the same price.
Works fine if you also disable DNS and then only add hosts you actually want to access to the hosts file.