Slashdot Mirror


User: FireFury03

FireFury03's activity in the archive.

Stories
0
Comments
3,710
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,710

  1. Re:Who's fault? on Lawsuit Against Microsoft Over Insecure Software · · Score: 1

    If you leave your car parked at the side of the road with the door open and the key in the ignition I'm sure your insurance company would have problems when you asked them to pay out for the stolen car. Now imagine that there is a big car manufacturer who has a virtual monopoly on the market are making cars which don't have locks - who's fault is it when the car gets stolen?

    1. The owner for not fitting a lock to the car after they bought it?
    2. The owner for buying that brand of car in the first place rather than buying a minority brand which is known to be quite secure and comes with frequent free lock-upgrades when a falt is found with the lock, is cheaper and has a top speed of 150mph instead of the major brand which is limited to 30mph.
    3. The car manufacturer for not bothering to fit locks as a cost saving measure.
    4. The criminal who stole your car.

    Ok, so the criminal is certainly guilty, but criminals exist, you've got to live with that.

    It seems to me that the car manufacturer is equally guilty by cutting corners to save money by not fitting locks in the first place.

    Why should the owner have to fit their own locks after they have paid huge amounts of money for their car?

    And finally, customers are stupid - many don't know about the other brand of car. Most of the rest who have heard of it have been put off by the propaganda the major manufacturer has been publishing, and are so brainwashed by the idea that all cars have their indicator switches on the left side of the steering wheel that they can't comprehend using the minority brand which has it on the right.

    I know that MS are supposidly fixing their software, but standing up infront of the press and saying "it's not our fault for failing to fit the locks, it's the criminal's fault for opening the door" is no defense.

  2. Who's fault? on Lawsuit Against Microsoft Over Insecure Software · · Score: 1

    "This complaint misses the point. The problems caused by viruses are the result of criminal acts by people who write viruses," said Microsoft spokeswoman Stacy Drake

    So MS are saying that it is not their responsibility to write secure software, it's the virus-writer's responsibility not to take advantage of it?

  3. Re:Pish posh. on Earth Simulator Now Predicting Hurricanes? · · Score: 1

    Well a gale machine would certainly be handy for me - I've come to the conclusion that the wind god is a bastard. Every time I've tried to go out windsurfing over the past 3 months (at weekends, after work, even taking time off work) the wind has dropped off just as I've started driving to the beach. And then while I'm stuck in the office it's blowing a frickin' gale out there... Starting to get very frustrating.

  4. Re:"Unfair advantage"? on VeriSign Sued Over SiteFinder Service · · Score: 1

    Actually, if foo.com is registered and the authoratative servers say that internal.foo.com doesn't exist then lookups for internal.foo.com will still fail correctly, even with the horrible SiteFinder junk. The problem of course is if they use somefakedomain.com for their internal network (which is completely wrong anyway) then that will break... But then that would break if someone decided to register somefakedomain.com anyway.

    Don't get me wrong - the SiteFinder "service" is wrong, needs to be shut down and causes problems.

  5. Re:At MOST it should be optional... on Should ISPs Be The Little Man's Firewall? · · Score: 1

    Certainly, if a user is too clueless to know how to turn on a service they shouldn't be trusted to turn it off (please take note Microsoft).

    If ISPs filtered the commonly attacked services by default and provide a web based system for those of us with a clue to turn off the filtering then things would get much better. I am very definately against enforced firewalling though - there should be some way of turning it off.

    If you firewall ports off by default, the user has to find out how to turn off the firewall. If you leave the firewall turned off then the user has to find out how to turn it on - if they know enough to do that then they also know enough to realise that connecting an unpatched windows box directly to the internet without a firewall is a really stupid thing to do.

    Maybe another option is for ISPs to run IDS systems which detect if a machine is making scans consistent with a known worm and automagically firewalls the machine off. (And if you completely block the machine's internet access it forces the person to do something about it - redirect all their web queries at a site containing the patches).

  6. Also reported... on Blaster Writer Caught · · Score: 4, Informative

    Also reported by the BBC

  7. Re:Worms are bad, but... on Worm vs. Worm Battle Slows Networks · · Score: 1

    Just great-- now I know if I spoof IP's and scan you I can have you attack whoever I wish. Defense is blackholing the box attacking you-- not attacking somebody else who may be innocent.

    Ok, a valid point. But for worms that are making TCP connections (and so can't spoof the addresses since a spoofed address wouldn't be able to establish a TCP connection), this seems like a good idea.

    Either way, I'm still convinced that since 90% of home users are clueless they need to be forced into fixing their compromised boxes, and the best way of doing that seems to be to pull it off the network. This has 2 advantages - 1. It can't do any more damage to other machines, 2. If someone can nolonger surf their Pr0n, maybe they'll fix their machine.

  8. My 7110 keeps getting drowned and still comes back on Where Has Your Cell Phone Been? · · Score: 1

    I take a cellphone out windsurfing (incase something breaks and I need to call for help). Of course the AquaPac split and drowned my Nokia 7110 - took it apart and dunked it in fresh water to wash the salt off it and it all worked again.

    Since then the phone has been drowned so many times by rain, etc and still won't die. :)

    Having said that, one of my colleagues put his Ericson phone and wallet on the deck of a ZapCat powerboat and then immediately helped to launch the thing. Only realised what he had done when he saw the crew waving his dripping phone and wallet at him (the phone never did survive that :)

    I think pretty much all of us here at work have drowned at least one phone in the sea at some point. :)

  9. Worms are bad, but... on Worm vs. Worm Battle Slows Networks · · Score: 3, Interesting

    Worms are bad. Period. Even if the worm is supposed to be good then the damage it can do in terms of network usage, etc causes problems.

    However, vulnerable boxes do cause a lot of problems, so IMHO a better solution is for those people who care about such things to install a system on their firewall that responds to scans - if a machine scans your firewall then you look to see if you recognise the signature of the scan (i.e. the likes of Code Red, ete, have quite distinctive patterns of scanning) and then your firewall launches an exploit against that machine that is scanning you. Once exploited the system would take some action to close the vulnerability and remove the worm (i.e. turn on the auto update stuff, install whatever patches are needed, etc). After it's done that the software that you installed through the exploit would delete itself.
    This is a defense - the machine in question attacked your network so your network responded by fixing the compromised machine - no other (innocent) machines are affected by the problem.

    ISPs also need to do something to help the situation IMHO - there is no sane reason to use Netbios over the internet so this should be blocked by every ISP (I know some do already, but the vast majority still allow it).

    And remembering that 90% of home windows uses are completely clueless when it comes to security, they need to be forced into fixing their systems. The best way I can see of doing that is for all ISPs to look for scans coming from their customers - if a machine is making a lot of scans to lots of hosts all over the internet that matches the signature of a known worm, the ISP should pull the customer's entire internet connection. Infact it wouldn't be too hard for the ISP to intercept all web requests and redirect them to a website with all the patches on it. This is damage limitation - if a machine is compromised and is attempting to compromise other machines then it is essential that machine is taken off the network ASAP. If all the ISPs followed these steps then the spread of worms would be severely reduced.

  10. Re:Tim Mullen on SecurityFocus On MS Security "Hole" · · Score: 1

    As with almost any system, if an untrusted person has physical access to the hardware then the system's security is compromised.

    If you do not physically secure the hardware then you are very stupid. The way around this of course is to encrypt all the data on the storage device, which would require either a hardware encryption device (expensive) or software encryption (performance hit). You can of course get such software to sit between the block device and the filesystem.

    Of course you also have to worry about either encrypting any swap device or eliminating swap completely.

    I cannot see how this could be considered a "huge security hole" since it is a simple matter to lock the hardware away. And I'm sure there would be many complaints if all systems encrypted their data since that way, when you trash the MBR on you're hard drive you've automatically lost everything with no chance of recovery.