I think I see whats happening here. strace shows that reading past the end of/dev/mem errors with EPERM. Both cat and strings get the same EPERM but they behave differently to response to it.
cat dies and gives you the error. When it dies it also kills its process group. That's everything you pipe its output though.
strings just ignores the error. It doesn't tell you about it and doesn't kill its process group.
Note that EPERM means you asked for something invalid and isn't the same as EACCES which means you asked for something you don't have permission for.
That's a common argument. However there are around the same number of Nokia phones on at any one time as there are Windows OS's running. It fails to explain why Nokia viruses are not everywhere.
I avoided saying that. I also didn't mention security in general, the discussion was about viruses in particular.
Forget Linux and Unix for a moment. What about VMS, OS/390, or Nokia OS ? You can't tell me there are not a very large number of devices running Nokia OS that run all day every day. How come these devices are not crawling with viruses? They are general purpose computing devices too, all the weird and wonderful software these things can run proves that.
LOL. Go preach that junk to a college kid. They might buy it. Outside of not running by admin as default (which has been on MS OS's for like 5 years now so get with the times) is the user based is culled by default.
If your typical dumbass uncle was running Linux and installing crap, their computer would be infested too. Well, except for the crap that nothing he wants to install actually runs on Linux.
Who ever said running as admin was the problem here? Running a web browser or email client as a non-admin user doesn't make the virus problem go away.
You should look at the software packages that come with ubuntu, there is software for everything. Just about anything my uncle would want to do can be catered for by software that can be downloaded by ubuntu's tools without messing around manually downloading stuff and without having to get out a credit card.
Windows security is certainly improving (fuck off if you think otherwise), but it's really a case of educating dumbass users. Linux is only 'more secure' because it's not generally used by dumbasses.
So... do you have a more practical solution? Didn't think so.
You can't get good security by improving something that's not designed to be secure. You can't educate users away from design problems, you have to replace the bad design.
And why hasn't the "security industry" started to validate hashes and signatures and checksums on KNOWN GOOD FILES yet?
It's a good question but a better one would be 'Why do virus scanners have to exist at all?'
It's deeply sick to have to check all files against a huge list of checksums of magic incantations. It's better, but still not good to keep a list of checksums of files that don't contain magic windows-trashing incantations. The real solution is to not use a OS that is so easy to subvert.
Management: IT is expensive - we can save money by OUTsourcing. 5 years later...
Management: IT is expensive - we can save money by INsourcing. 5 years later, Go to line 1...
Those of us who've been in IT for a while have seen this cycle through a few times. After much reflection, I conclude that there is no such thing as competent management.
Exactly so. Middle management in big companies is a dumping ground for the inept, burnt out, and jaded. They fly around the world constantly to escape the work they should be dedicating themselves to. Their ignorance of the departments and technologies they manage is often shocking.
Employees are more loyal, and generally care more about the work they are doing than outside contractors.
I'm not saying you are wrong because we both work with different groups of people most likely in different countries. However what you describe is the exact opposite of my experience. I find permanent staff just want to make it to the end of the day and go home. Few really care about what they do and the ones that do get drawn into political battles with those that don't. The bad ones can't be fired unless they really screw up big. The only exceptions are in companies that are still small enough to tell good from bad.
You may have been seeing bad contractors, There are plenty of them about too.
So now you're comparing using Windows to killing people indiscriminately? That ought to help you not look like a zealot....
I'm comparing irresponsible behavior to irresponsible behavior. If you want to call that being a zealot you should go look up zealot in the dictionary. Most likely in your dictionary it says 'Does not love Microsoft with all his heart.'
Wow, way to wish doom on 90% of the computer using populace. That doesn't make you sound like a crazed zealot at all. That kind of talk is sure to gain support to your ideology.
If 90% of the world's population drove home from the pub pissed once a week would that somehow make drink driving OK?
Would I be a crazed zealot for telling these people to get taxis?
Whenever I hear a story about a person\firm reporting security risks, I am reminded of the story of my coworker, and I have heard too many similiar stories. It has trained to me keep my mouth shut about these problems.
That's really bad. I know it's all too easy to tell someone to change job but that company is dysfunctional and You will do better elsewhere.
Slashdot Mirror
It's not true until netcraft confirms it.
I think I see whats happening here. strace shows that reading past the end of /dev/mem errors with EPERM. Both cat and strings get the same EPERM but they behave differently to response to it.
cat dies and gives you the error. When it dies it also kills its process group. That's everything you pipe its output though.
strings just ignores the error. It doesn't tell you about it and doesn't kill its process group.
Note that EPERM means you asked for something invalid and isn't the same as EACCES which means you asked for something you don't have permission for.
Thanks for the interesting puzzle.
I think he is with the Popular Front...
At least he is not with the Judean Popular People's Front.
SPLITTERS!
# cat /dev/mem | strings | grep -i llama
Cat abuse, you want: strings /dev/mem | grep -i llama
cat: /dev/mem: Operation not permitted
Yes, I did log in as root, no I don't understand what the fuck is going on
Interesting, that should work. What OS are you on?
It's simply a matter of a number of targets.
That's a common argument. However there are around the same number of Nokia phones on at any one time as there are Windows OS's running. It fails to explain why Nokia viruses are not everywhere.
Oh so Linux is more secure?
I avoided saying that. I also didn't mention security in general, the discussion was about viruses in particular.
Forget Linux and Unix for a moment. What about VMS, OS/390, or Nokia OS ? You can't tell me there are not a very large number of devices running Nokia OS that run all day every day. How come these devices are not crawling with viruses? They are general purpose computing devices too, all the weird and wonderful software these things can run proves that.
LOL. Go preach that junk to a college kid. They might buy it. Outside of not running by admin as default (which has been on MS OS's for like 5 years now so get with the times) is the user based is culled by default.
If your typical dumbass uncle was running Linux and installing crap, their computer would be infested too. Well, except for the crap that nothing he wants to install actually runs on Linux.
Who ever said running as admin was the problem here? Running a web browser or email client as a non-admin user doesn't make the virus problem go away.
You should look at the software packages that come with ubuntu, there is software for everything. Just about anything my uncle would want to do can be catered for by software that can be downloaded by ubuntu's tools without messing around manually downloading stuff and without having to get out a credit card.
Windows security is certainly improving (fuck off if you think otherwise), but it's really a case of educating dumbass users. Linux is only 'more secure' because it's not generally used by dumbasses.
So... do you have a more practical solution? Didn't think so.
You can't get good security by improving something that's not designed to be secure. You can't educate users away from design problems, you have to replace the bad design.
Yes, but the abacus isn't a very practical computing device.
There are any number of other computing devices that don't get viruses and are not abacuses. Linux is just one of these.
Flash is a huge security nightmare. Maybe BitDefender was doing the right thing there.
The real irony here is, that you even NEED a 3rd party application to make your machine secure.
It doesn't even do that. The third party application takes time to react to new viruses so can never do more than reduce the insecurity.
And why hasn't the "security industry" started to validate hashes and signatures and checksums on KNOWN GOOD FILES yet?
It's a good question but a better one would be 'Why do virus scanners have to exist at all?'
It's deeply sick to have to check all files against a huge list of checksums of magic incantations. It's better, but still not good to keep a list of checksums of files that don't contain magic windows-trashing incantations. The real solution is to not use a OS that is so easy to subvert.
'This code is not intended for general use, and is known to be inefficient, difficult to work with, and riddled with bugs.'
If this is indeed a true statement this code is doomed and should be thrown away right now.
If they don't do it right from the start they will spend the rest of forever turd-polishing.
Two words....
Michael Jackson
nuff said...
Actually his nose is quite stable now. It's likely to remain in its current state long after the rest of his body has decayed to nothing.
Maybe in some future time someone or something will dig up his remains and wonder what all the extra parts were for.
Management: IT is expensive - we can save money by OUTsourcing.
5 years later...
Management: IT is expensive - we can save money by INsourcing. ...
5 years later, Go to line 1
Those of us who've been in IT for a while have seen this cycle through a few times. After much reflection, I conclude that there is no such thing as competent management.
Exactly so. Middle management in big companies is a dumping ground for the inept, burnt out, and jaded. They fly around the world constantly to escape the work they should be dedicating themselves to. Their ignorance of the departments and technologies they manage is often shocking.
There are all too few exceptions.
Employees are more loyal, and generally care more about the work they are doing than outside contractors.
I'm not saying you are wrong because we both work with different groups of people most likely in different countries. However what you describe is the exact opposite of my experience. I find permanent staff just want to make it to the end of the day and go home. Few really care about what they do and the ones that do get drawn into political battles with those that don't. The bad ones can't be fired unless they really screw up big. The only exceptions are in companies that are still small enough to tell good from bad.
You may have been seeing bad contractors, There are plenty of them about too.
What are you trolling slashdot for day after day? It's not like you ever said anything valid about anything.
Either you are a attention seeking moron or you are getting paid for it.
Are you seriously equating drunk driving with using Windows? You aren't helping your case at all.
I don't need to convince you. You are paid to spout your rubbish and will no doubt carry on spouting it.
The fact that Microsoft has resorted to paying people to troll slashdot proves they are desperate.
So now you're comparing using Windows to killing people indiscriminately? That ought to help you not look like a zealot....
I'm comparing irresponsible behavior to irresponsible behavior. If you want to call that being a zealot you should go look up zealot in the dictionary. Most likely in your dictionary it says 'Does not love Microsoft with all his heart.'
Wow, way to wish doom on 90% of the computer using populace. That doesn't make you sound like a crazed zealot at all. That kind of talk is sure to gain support to your ideology.
If 90% of the world's population drove home from the pub pissed once a week would that somehow make drink driving OK?
Would I be a crazed zealot for telling these people to get taxis?
Wow. That's exactly what I just posted.
No version for linux is a good thing.
Maybe the malware will run in wine. But why does it run anything? It doesn't need any form of software, it just needs to draw power from USB.
In my eyes, those who bought that thing, deserve what they got.
Those who brought windows deserve what they got.
Why bother with a big battery charger when you can buy batteries that plug into USB from http://usbcell.com/ ?
Whenever I hear a story about a person\firm reporting security risks, I am reminded of the story of my coworker, and I have heard too many similiar stories. It has trained to me keep my mouth shut about these problems.
That's really bad. I know it's all too easy to tell someone to change job but that company is dysfunctional and You will do better elsewhere.