That's because Cisco doesn't really build equipment for the home market (even though they do name some products as 'SOHO').. their target is really business, and businesses expect to pay ongoing maintenance/support fees for products they own.
I would also point out that Cisco provide ISO updates to SOHO users free of charge for security fixes.
You have to respect someone who not only posts pictures of himself on the net, knowing that he doesn't have the best profile in the world, but then gets himself slashdotted too ?
He's got balls.. (and just look at the photos if you don't believe me)
Honestly... you people can't resit jumping to conclusions can you ? If you READ the f'ing article, you would see that this vulnerability exists in a Cisco *application* that runs on a *linux* platform that is used to *manage* their wireless aironet devices in bulk, and has NOTHING to do with their switching/routing/wireless hardware products whatsoever.
If you read further, you would note that Cisco has already released patches for the problem.
If you had ANY experience with cisco security vulnerabilty disclosures, you would realise that cisco's definition of "workaround" means "a way to avoid the problem without applying patches or updates", because many cisco customers aren't able to apply patches the second an exploit is announced due to down time / planning / change control measures.
Just because it says there is no workaround, it doesn't mean there isn't a fix. And there is, in this case, which is clearly linked to in the article.
And before someone replies with "you're new to slashdot aren't you", no, I'm not. I'm used to this sort of reaction from the slash community. Normally there are a few sane people that get modded up by correcting the knee jerkers, but this time it looks like everyone is preaching "every cisco switch and router has a built in username and password that can't be disabled"
While I'ld be the last to back the RIAA et al, when they claim people are stealing songs, they're talking about lost revenue, not a physically lost CD, so in that respect, there is something that is lost to them... it's weak, I know, but a bit better than claiming that they lost their songs.
Visit my site @ http://ndnet.hypermart.net/ [hypermart.net], or not...
I did.. and I think you need to update your.sig:)
This page is no longer available
Please note: You might not have permission to view this directory or page using the credentials you supplied.
Attention: HyperMart Free Hosting Customers
On March 1st, 2004, HyperMart discontinued free Web hosting plans. If you had a free hosting account and did not upgrade, your account has been taken offline.
To upgrade to a paid account and retrieve your account and associated Web files, please visit:
http://www.hypermart.net/hypermart/upgrade_plans2. bml
When a port is 'open', that means there's a process listening for connections on that port
When a process is listening for new connections, it doesn't block existing connections from carrying on sending and receving data
When a port is 'connected', it means that a process has an established connection to another host.
Therefore, no, just because a port is not listening/open, doesn't prevent an existing connection from sending and receiving data.
If that was the case, then the first person to telnet/ssh to your box would tie up that port and a second connection would be blocked until the first had freed up the port, however that is not what happens at all.
All they're saying is that when the portknocking daemon detected the correct knock sequence on closed ports, it starts a process to LISTEN for new connections, ideally from just the host that did the knocking, for a limited period of time (10 seconds). Once a TCP connection is established with the listening host, that host no longer needs to listen, and that's why it stops after 10 seconds.
Because then you move the problem from being having to find a screw that fits to having to find the strangely shaped piece of metal/plastic that is required to fit the cdrom/hardd rive/floppy drive into the screwless mounting bay.
Oh I agree. It should be that easy, but to achieve that, the companies writing the software must be responsible enough to protect their users from the things they shouldn't need to know about.
I had hoped that when palm sized devices started becomming popular that the change to start again on a new hardware platform would allow MS to get it right that time, but WinCE seems to be just as bug ridden and prone to lockups as Win95 was, and I believe there are viruses out for 'CE as well.
I see this time and time again when attending to computers in homes or small businesses - when a user clicks on a link, or the picture of an 'e', they know only that it makes a new window open and they can use the internet in it.
They don't usually know what a browser is, let alone that there is more than one browser out there, and when they read stories about viruses and how clicking on things can make your computer infected, they see microsoft as a victim.
As far as they are know, Microsoft is the company that makes the things on their computer, and they know that MS is a really clever company that makes really good programs and that if they find anything wrong with those programs, they don't think that microsoft should have fixed it, or designed it differently like we do, no, they just think that they shouldn't be doing whatever it was they wanted to do that way.
Honestly, I know so many people that don't know the difference between Windows and Office - they think that all computers come with the thing for writing letters and the thing for making spreadsheets and the thing for sending email and the thing for the internet, and any time a new virus comes out, they talk about how horrible those virus writers. I read a letter to pc world magazine just a few months ago where someone was praising microsoft for all the hard work they're doing to defeat the virus writers!
So asking for these sorts of people to 'use a different browser'.... you may as well tell them to please speak in a different language when they come back from lunch because there's a problem with English. Most people wouldn't know where to begin.
We choose to go the moon, to do this, that, and the other thing, not because it is easy, but because it is the only thing with any hope whatsoever of renewing any public support for him.
Seems to me that he's just trying to get on the bandwagon of 'ex-presidents that will be remembered for the great things they did', as opposed to the 'ex-presidents that will not be mentioned in polite company'.
With Mosaic, and the new Netscape so popular (used in libraries and educational institutes), I fail to see how any other initiatives (even those backed by Microsoft) can manage to eat into the radical marketshare of Netscape.
These days, you see Netscape taking the place of Mosaic for all HTML rendering. Microsoft's internet explorer doesn't even support forms properly!
Even if it is incorporated into the operating system, web developers will see no reason to switch to this new browser. Microsoft often reserves new initiatives for newer versions of Windows, and leaves older versions in the dust, forcing people to upgrade. With such a wide majority of users reluctant to upgrade from windows 95 and NT4.0, it'ld be kinda pointless for webmasters to code for internet explorer instead of netscape.
Slashdot Mirror
I would also point out that Cisco provide ISO updates to SOHO users free of charge for security fixes.
http://pestpatrol.com/pestinfo/w/w32sup.asp
Yup.. peril sensitive sunglasses.
My eyes! the goggles.. they do nothing!
He's got balls.. (and just look at the photos if you don't believe me)
At least someone's posting a sane response to this.. even if you do work for Cisco.
If you read further, you would note that Cisco has already released patches for the problem.
If you had ANY experience with cisco security vulnerabilty disclosures, you would realise that cisco's definition of "workaround" means "a way to avoid the problem without applying patches or updates", because many cisco customers aren't able to apply patches the second an exploit is announced due to down time / planning / change control measures.
Just because it says there is no workaround, it doesn't mean there isn't a fix. And there is, in this case, which is clearly linked to in the article.
And before someone replies with "you're new to slashdot aren't you", no, I'm not. I'm used to this sort of reaction from the slash community. Normally there are a few sane people that get modded up by correcting the knee jerkers, but this time it looks like everyone is preaching "every cisco switch and router has a built in username and password that can't be disabled"
While I'ld be the last to back the RIAA et al, when they claim people are stealing songs, they're talking about lost revenue, not a physically lost CD, so in that respect, there is something that is lost to them... it's weak, I know, but a bit better than claiming that they lost their songs.
I did.. and I think you need to update your .sig :)
This page is no longer available Please note: You might not have permission to view this directory or page using the credentials you supplied.
Attention: HyperMart Free Hosting Customers
On March 1st, 2004, HyperMart discontinued free Web hosting plans. If you had a free hosting account and did not upgrade, your account has been taken offline.
To upgrade to a paid account and retrieve your account and associated Web files, please visit: http://www.hypermart.net/hypermart/upgrade_plans2. bml
HTTP 403 - File not found
Yeah.. uh, I'm gonna go ahead and make sure you get a copy of that memo.
Maybe they just wanted to see what the geek reaction on slashdot would be, and use that to improve the desgin.
not to mention that with the buttons placed as they are, it will only be usable on your left wrist.
Hmm.. that's interesting... the "by at least one" part. I've never met a device that will decrease it by any value other than exactly one.
Could you provide some evidence to back that statement ?
When a process is listening for new connections, it doesn't block existing connections from carrying on sending and receving data
When a port is 'connected', it means that a process has an established connection to another host.
Therefore, no, just because a port is not listening/open, doesn't prevent an existing connection from sending and receiving data.
If that was the case, then the first person to telnet/ssh to your box would tie up that port and a second connection would be blocked until the first had freed up the port, however that is not what happens at all.
All they're saying is that when the portknocking daemon detected the correct knock sequence on closed ports, it starts a process to LISTEN for new connections, ideally from just the host that did the knocking, for a limited period of time (10 seconds). Once a TCP connection is established with the listening host, that host no longer needs to listen, and that's why it stops after 10 seconds.
and belive me, finding the screw is much easier.
I had hoped that when palm sized devices started becomming popular that the change to start again on a new hardware platform would allow MS to get it right that time, but WinCE seems to be just as bug ridden and prone to lockups as Win95 was, and I believe there are viruses out for 'CE as well.
They don't usually know what a browser is, let alone that there is more than one browser out there, and when they read stories about viruses and how clicking on things can make your computer infected, they see microsoft as a victim.
As far as they are know, Microsoft is the company that makes the things on their computer, and they know that MS is a really clever company that makes really good programs and that if they find anything wrong with those programs, they don't think that microsoft should have fixed it, or designed it differently like we do, no, they just think that they shouldn't be doing whatever it was they wanted to do that way.
Honestly, I know so many people that don't know the difference between Windows and Office - they think that all computers come with the thing for writing letters and the thing for making spreadsheets and the thing for sending email and the thing for the internet, and any time a new virus comes out, they talk about how horrible those virus writers. I read a letter to pc world magazine just a few months ago where someone was praising microsoft for all the hard work they're doing to defeat the virus writers!
So asking for these sorts of people to 'use a different browser'.... you may as well tell them to please speak in a different language when they come back from lunch because there's a problem with English. Most people wouldn't know where to begin.
But where in china is from, though ? HK ?
and what the hell am I doing here reading your comments not a cloud in the sky and only 50% humidity too
Seems to me that he's just trying to get on the bandwagon of 'ex-presidents that will be remembered for the great things they did', as opposed to the 'ex-presidents that will not be mentioned in polite company'.
Give me Jed Bartlett any day.
Bugzilla bug 122445
Everyone seems to have their own idea about what should be done about it, and nobody is actually doing anything.
um.. so you complain that the reseacher didn't inform ms first before posting it, but somehow it's okay for you to post a link to it on slashdot ?
Isn't that a bit like calling the kettle black ?
With Mosaic, and the new Netscape so popular (used in libraries and educational institutes), I fail to see how any other initiatives (even those backed by Microsoft) can manage to eat into the radical marketshare of Netscape.
These days, you see Netscape taking the place of Mosaic for all HTML rendering. Microsoft's internet explorer doesn't even support forms properly!
Even if it is incorporated into the operating system, web developers will see no reason to switch to this new browser. Microsoft often reserves new initiatives for newer versions of Windows, and leaves older versions in the dust, forcing people to upgrade. With such a wide majority of users reluctant to upgrade from windows 95 and NT4.0, it'ld be kinda pointless for webmasters to code for internet explorer instead of netscape.
<tongue>
Well that's how things were about 5 years ago.
Well I've never heard of an "ensurance company", so dictionary.com must be wrong.