As I know from first hand experience (broadpwn), Samsung SGS8 will get its update in one and a half month after stock android received its patch. Samsung SGS7, SGS6 will get it in 3 months. And SGS5 (which was still for sale just a year ago) will go unpatched for so long that the few users that had one, switched to a brand new iphone. Yup, no more samsung in my company.
I'd like to remember you of this piece of Lenovo crapware that survives reinstallation. https://tech.slashdot.org/stor... Just don't buy Lenovo if you care about privacy or security.
Nope, switching to mysqli will not magically fix sql injections. The functions mysqli_query, mysqli::query and even mysqli::prepare allow for idiots to create broken code. Only if programmers are forced to separate the query from the data, it will be fixed. But that will never happen.
I think the 404 doesn't necessarily mean something is wrong with the WP 404 handler. It could have been generated by the malware itself with <?php header("HTTP/1.1 404 Not Found"); ?> Seeing a 404 in the logs will probably make a lot of victims believe that line was not related to the intrusion.
While you should not use NAT in 99,999% of all situations, there are still very good reasons to use NAT anyway.
For instance, hotspots usually redirect traffic to a login page, NAT is great for this. NAT can be used for transparent proxying to a regular squid proxy or a http/mail virusscanner. I've also used it to temporarily redirect traffic to work around server issues.
Therefore any serious operating system should have NAT capabilities.
You'll need a means of knowing that 10.20.20.x is client x and 10.20.20.y is client y. Of course OpenVPN allows you to do this but maintaining that table by hand could be a bit of a pain.
You mean like the common name of the ssl certificate used to connect in the first place? Combine this with a client-connect script to update dns and/or the ifconfig-pool-persist option and you've got a great solution.
And there is a few lines of code to convert the byte array to a mp3 file: #!/usr/bin/python import binascii,re,sys try:
s = re.sub('0x','',re.sub('[,\n]','',open(sys.argv[1], 'r').read()))
open(sys.argv[1]+'.mp3','w').write(binascii.unhexlify(s)) except:
print "Usage: "+sys.argv[0]+" trkNdata.h"
Maybe, but not in this case. Dutch news sites report that the cops bought XTC, MDMA and cocaïne from the owners of utopia, and got the sellers to meet the cops in real life.
You mean that great thing that requires you to walk through the rain for ten minutes, then is 2 minutes early so you miss it and have to wait 30 minutes for the next one? That wondrous device that requires a driver that goes on strike several times a year, leaving you without options? That doesn't ride when you really need to get to your crashed server at 3am? And that never goes from A to B in straight line but takes 1:06 from my home to my work, while I can drive in 20 minutes myself.
Actually we have solved that problem. It's called S/MIME and getting your keys from a Certificate Authority such as VeriSign.
VeriSign... Under the direct control of the NSA. Or any other CA in the ca-bundle.crt, such as DigiNotar - iranian govt had direct or indirect access to those certificates. Or what about türktrüst, a CA under control of another totalitarian regime.
S/MIME is only secure when the dozens of CAs can be fully trusted. And they've shown they can't.
I'm not so sure about that. The kernel module uploaded to the full discosure list happened to be a amd64 module targetting debian kernel 2.6.32-5. But when it's not php, most malware I've seen was distributed as source code, compiled at the target machine to match the targets specifications.
Yes, they do. About 95% of people out there would answer "yes" when internet explorer asks "Are you sure you want to install this virus?". And you expect those people to install custom firmware?
Why not 6km/10km? I'm not sure, but I guess it's because the village where she was found is only 500meters long and surrounded by meadows. 5km radius = 10km diameter. This means all nearby villages are included as well. Any further is a lot less likely: most crimes are commited within a certain distance of the criminals home. Because the infrastructure at the site doesn't allow to travel very fast, this distance decreases I think.
The Marianne Vaatstra case will probably never be solved. There was a lot of evidence pointing towards a center of asylum seekers nearby. The most likely suspects fled the country within a few days.
In fact, in another Dutch case, the very same promise was made... and broken. The guys who fell for it are now stored in the central DNA database. Forever.
If only I remembered what case that was, I would post a link.
Depends on what you call decent. From my home to the office takes 15-20 minutes by car (or motorcycle:-) ), but 1:30-1:45 when I first take the bus, then the subway and finally the train to get there.
Indeed, most attackers are. But even then, you can report them to the IP block owner, so they can fix the problem.
Unfortunately, most providers are part of the problem instead of part of the solution: they do nothing with abuse reports. At least the ones i've contacted.
Run OpenVPN on any udp port using the tls-auth option to drop unsigned packages. Use iptables to drop all other 65534 ports. Good luck finding out which port is the VPN server.
Gas will hit $10/gal and the problem will take care of itself.
In The Netherlands we are paying € 1,871 per liter = € 7.08 = $ 8.89 with the current exchange rates. Nevertheless, the number of cars on the roads has only increased in the past few decades.
The only effect it that i absolutely hate to drive my fscking car that takes up to a minute to get from 0 to 100kmh/62mph, and that I have less money to spend on things I actually like. But I'm definitely not driving any less, because if I don't go to work, I don't get paid.
Slashdot Mirror
As I know from first hand experience (broadpwn), Samsung SGS8 will get its update in one and a half month after stock android received its patch. Samsung SGS7, SGS6 will get it in 3 months. And SGS5 (which was still for sale just a year ago) will go unpatched for so long that the few users that had one, switched to a brand new iphone.
Yup, no more samsung in my company.
I'd like to remember you of this piece of Lenovo crapware that survives reinstallation.
https://tech.slashdot.org/stor...
Just don't buy Lenovo if you care about privacy or security.
Nope, switching to mysqli will not magically fix sql injections. The functions mysqli_query, mysqli::query and even mysqli::prepare allow for idiots to create broken code. Only if programmers are forced to separate the query from the data, it will be fixed. But that will never happen.
I think the 404 doesn't necessarily mean something is wrong with the WP 404 handler. It could have been generated by the malware itself with <?php header("HTTP/1.1 404 Not Found"); ?> Seeing a 404 in the logs will probably make a lot of victims believe that line was not related to the intrusion.
While you should not use NAT in 99,999% of all situations, there are still very good reasons to use NAT anyway.
For instance, hotspots usually redirect traffic to a login page, NAT is great for this. NAT can be used for transparent proxying to a regular squid proxy or a http/mail virusscanner. I've also used it to temporarily redirect traffic to work around server issues.
Therefore any serious operating system should have NAT capabilities.
And it includes me. Android is getting bloated more and more with every release. Also, every release is more Google-focused and less user-focused.
You'll need a means of knowing that 10.20.20.x is client x and 10.20.20.y is client y. Of course OpenVPN allows you to do this but maintaining that table by hand could be a bit of a pain.
You mean like the common name of the ssl certificate used to connect in the first place? Combine this with a client-connect script to update dns and/or the ifconfig-pool-persist option and you've got a great solution.
And there is a few lines of code to convert the byte array to a mp3 file:
#!/usr/bin/python
import binascii,re,sys
try:
s = re.sub('0x','',re.sub('[,\n]','',open(sys.argv[1], 'r').read()))
open(sys.argv[1]+'.mp3','w').write(binascii.unhexlify(s))
except:
print "Usage: "+sys.argv[0]+" trkNdata.h"
I think I found their lost band member: https://www.youtube.com/watch?...
Maybe, but not in this case. Dutch news sites report that the cops bought XTC, MDMA and cocaïne from the owners of utopia, and got the sellers to meet the cops in real life.
You mean that great thing that requires you to walk through the rain for ten minutes, then is 2 minutes early so you miss it and have to wait 30 minutes for the next one? That wondrous device that requires a driver that goes on strike several times a year, leaving you without options? That doesn't ride when you really need to get to your crashed server at 3am? And that never goes from A to B in straight line but takes 1:06 from my home to my work, while I can drive in 20 minutes myself.
No thanks.
Actually we have solved that problem. It's called S/MIME and getting your keys from a Certificate Authority such as VeriSign.
VeriSign... Under the direct control of the NSA. Or any other CA in the ca-bundle.crt, such as DigiNotar - iranian govt had direct or indirect access to those certificates. Or what about türktrüst, a CA under control of another totalitarian regime.
S/MIME is only secure when the dozens of CAs can be fully trusted. And they've shown they can't.
I switched to thunderbird as well. My favorite feature: no single company can cut my access to this reader.
NAT has proven to be a great benefit!
Indeed, it has. It even kept some attackers out.
Then came UPnP.
Publicly addressable does not always mean "reachable". Most routers will probably have a firewall by default to filter incoming connections.
I'm not so sure about that. The kernel module uploaded to the full discosure list happened to be a amd64 module targetting debian kernel 2.6.32-5. But when it's not php, most malware I've seen was distributed as source code, compiled at the target machine to match the targets specifications.
Yes, they do. About 95% of people out there would answer "yes" when internet explorer asks "Are you sure you want to install this virus?". And you expect those people to install custom firmware?
Nor the Netherlands. Seems politicians want to wipe every single smile of our faces.
Why not 6km/10km? I'm not sure, but I guess it's because the village where she was found is only 500meters long and surrounded by meadows. 5km radius = 10km diameter. This means all nearby villages are included as well.
Any further is a lot less likely: most crimes are commited within a certain distance of the criminals home. Because the infrastructure at the site doesn't allow to travel very fast, this distance decreases I think.
The Marianne Vaatstra case will probably never be solved. There was a lot of evidence pointing towards a center of asylum seekers nearby. The most likely suspects fled the country within a few days.
In fact, in another Dutch case, the very same promise was made... and broken. The guys who fell for it are now stored in the central DNA database. Forever.
If only I remembered what case that was, I would post a link.
Depends on what you call decent. :-) ), but 1:30-1:45 when I first take the bus, then the subway and finally the train to get there.
From my home to the office takes 15-20 minutes by car (or motorcycle
Indeed, most attackers are. But even then, you can report them to the IP block owner, so they can fix the problem.
Unfortunately, most providers are part of the problem instead of part of the solution: they do nothing with abuse reports. At least the ones i've contacted.
Run OpenVPN on any udp port using the tls-auth option to drop unsigned packages. Use iptables to drop all other 65534 ports. Good luck finding out which port is the VPN server.
Gas will hit $10/gal and the problem will take care of itself.
In The Netherlands we are paying € 1,871 per liter = € 7.08 = $ 8.89 with the current exchange rates. Nevertheless, the number of cars on the roads has only increased in the past few decades.
The only effect it that i absolutely hate to drive my fscking car that takes up to a minute to get from 0 to 100kmh/62mph, and that I have less money to spend on things I actually like. But I'm definitely not driving any less, because if I don't go to work, I don't get paid.
Any Linux distribution will boot in less than 30 seconds if [..]
Linux does. Too bad it takes the bios and raid array of a server up to minutes to do their checks...
And Antarctica is hosting zero phishing sites...