[Intel Boss Paul Ottelini] said that Intel had to adapt as smaller, smarter gadgets become popular with consumers.
Quite an astute observation. Intel had better adapt soon, since their current specialty is big, dumb things (such as the clock-speed on the Pentium 4).
Ok. I've thought about this, and here's what I think:
Agreed, that the general behavior of "Swen" is that of a virus.
However, I still stand by my statement that using a vulnerability in Outlook to auto-execute is like the behavior of a worm. So is running in the background and sending out e-mails of itself (as defined here).
The SirCam worm also behaved like Swen, in that it arrived as an attachment or was copied to a network share, played with the registry, etc.
And I didn't mean to say it required Outlook. I meant that "all it takes is for some guy to open Outlook," meaning that the minimum user interaction level would be if you open Outlook, and the worm is the topmost message, bam, it gets previewed and executed if you're not all patched up.
In addition, Symantec is classifying it as a worm. So you'd better go try to explain to them why they're wrong, too.
----
On a lighter note, WTFA (Wrote The FA) could be a humorous comeback to "RTFA".
Someone:/makes a comment
Slashdotter: RTFA!
Someone: WTFA! And I'm right!
The other day it looked like Comcast had blocked SiteFinder. Today, though, I had it come up once, and I knew it was time to add it to my router's block list. So far on the list (which blocks any URL containing these strings):
Of course, I'm running MacOS X, so I don't have to worry about those cheesy spyware apps, I have to protect my bandwidth, and save my clueless Windoze roommates from themselves.:-) </off-topic>
From invalid.museum:
----
[MuseDoma logo] invalid.museum is not in use
All names in.museum can be seen at http://index.museum
More information about.museum is available at http://about.museum
----
This is not really squatting in my definition because there is really no effort being made by MuseDoma (a nonprofit) to profit from invalid domains.
If VeriSign had implemented a page that just said, "invaliddomain123.com is not in use," it would be different. True, it would be rather pointless (which is why such a technique is not in widespread use in the.com,.net, and.org domains). However, the techies would just be saying it's dumb because it breaks error detection, instead of declaring that Verisign is more evil than Satan himself.
The "Swen" worm arrives in an official-looking e-mail message that appears to be from Microsoft. Users whose PCs are not patched against the Microsoft flaw this worm exploits will be infected just by viewing the message, as will protected users who click on the e-mail attachment.
clearly requires some dumb schmoe to click on the executable file
No. "Requires some dumb schmoe to open up Outlook."
And maybe if you weren't stupid you would realize they're talking about the parent, which shows a photo of a WinNT-ish desktop with several icons, including MSIE.
Yeah. according to the link in the submission (at NANOG), "Today VeriSign is adding a wildcard A record to the.com and.net
zones. The wildcard record in the.net zone was activated from
10:45AM EDT to 13:30PM EDT. The wildcard record in the.com zone is
being added now." as of 9/15. So this should mean this is going on at the moment. However, on Comcast, I've got normal behavior.
Qwest seems to have merged with long distance carrier LCI back before they had merged with US West. Before that, they weren't really in the "telco" business at all. They were "a multimedia communications company building a high-capacity, fiber optic network for the 21st century."
non-professional computer users never know what to do with a second mouse button
On the other side of the map, in a sick irony, there's my father (lost to Windows because of its apparent cheapness). I swear, it seems like he never uses his left mouse button. He just found the right-button one day and now he has no grasp of what the term "default action" means. I'm always like, "Open that!" And he's like, "Ok, Hmmm, let's see, Open, Edit, Play, Add to Archive, Scan for Viruses, Send to:, Delete, Cut, Paste, Properties..."
And I'm like, "Damn it, LEFT BUTTON! LEFT BUTTON!"
As someone who never used to have any significant amount of respect for SBC (my "local" telco), this decision gives me much more respect for them. This will give them an advantage next time I change my broadband, local, local toll, and long distance service. (Currently I only get my $10 worth of local service from SBC.)
Hm, and they just called me today to try to sell me LT and LD service.
Where's the right place for lightning to strike a plane?
Newscaster: "Fortunately, Dennis, flight 242 was struck in just the right place, giving a pleasing massage-like sensation to all aboard, and making the plane arrive in SFO a half-hour ahead of schedule. I'm Leslie Griffith. Back to you in the studio."
yep. Same here.
Even after I read the footnote, I thought, "Oh, right, so this is to indicate one particular possible Allah in the array that approves of terrorism, while Allah[1] and Allah[2] probably don't.
Dude, simple solution. If you get VoIP at home and thus are able to cut off Verizon/SBC/BellSouth completely, then you still have a mobile phone (unless you just crawled out of a time machine), so if you need 911, use your freakin' mobile phone! VoIP isn't threatening mobile phones, until (a) WiFi is everywhere and (b) people don't mind hauling around a computer, monitor, microphone, and speakers.
VoIP for calls at home.
Mobile phones for calls while not at home, and for 911.
If you're working on penetrating a company, then this is a stop on the highway.
Not bloody likely.
Every time I've thought, the WHOIS database might be a good way to get a contact phone number that wasn't some cheesy phone-menu support number, I've discovered, big surprise, it's the same cheesy support number. Most companies probably changed it already because people started calling it and getting real people and wasting their time with our foolish concerns.
As for our (private individuals') personal information, the answer is simple. If you're worried, fake it. It's not like they send a guy around to check out your address. Just use the address of the nearest Starbucks or something. All you'll be missing out on is "renewal" (transfer) offers from VeriSign.
I'm not sure how to interpret that "ahem." I can see that you have a LiveJournal by your website link. I have a paid account with LJ as well. But are you trying to indicate disdain for that service?
Maybe it's that it's too late and I'm not thinking very well.
I totally agree with your "shareware" comment, though. I pay $30/year for Salon.com, $25/year for LiveJournal, $2/month for afraid.org FreeDNS, $9/month for SuicideGirls.com (so sue me, punk girls are hot)... anyway, I don't have to pay for most of these things to get the functionality I want, but I pay anyway because I want to support these particular content providers especially, and also the "free" Internet in general.
According to an ad I read today, "SBC Yahoo!* DSL" comes with unlimited dial-up access.
(Not that I endorse the idea of a content provider trying to pass itself off as part of the ISP.)
You can bet Apple will be early in this game... It's kind of like Serial ATA, FireWire, and the death of the floppy. It's the future, in other words. Apple typically is among the very first to bring ideas like this to the mainstream.
Deep linking seems to be a totally different issue here. Your average AOL user who wants to place a link on their LiveJournal to "members.aol.com/aoluser" would derive little value from a link to "www.aol.com" or even "members.aol.com"!
This is webspace that AOL gives its users as part of their paid service. When you pay for webspace, the general idea is that it supports these things called hyperlinks. It stands to reason that you or anyone else should be allowed to link to your website from any other website. Any deviation from this traditional behavior should be documented in their terms of service, and is very shortsighted and/or stupid, as it threatens the very nature of the WWW, much like restrictions/penalties on linking to sites that are deemed undesirable.
If you just need to change the NTP server, but don't need it to be added as one of the "given" servers in the list, you can just edit the combo box in the "Date/Time" Control Panel. You don't have to edit the registry in this case if you don't want to.
Not sure if you overlooked that, or if you were just pointing out the (useful to know) Registry location for adding default time servers. Probably the second one, but I just wanted to put that out there.
I agree that it would be fraught with problems, and I, as a poor programmer, wouldn't attempt it.
While any problems caused by installation of MS patches aren't really the fault of the writer of the worm, they are another reason why I'm glad my idea is only theoretical.
You are right, I admit, that it would be virtually impossible to create a "white hat" worm that didn't screw up approximately as much as it would fix.
Well, I'm not a programmer (I guess I should have said "IANAP"); I was simply suggesting a theoretical way to patch this vulnerability. If you're right that w32.Blaster spoofs source IP's, then I rescind the idea that a counter-worm is a good idea, since the only way, then, to do it would be way the current counter-worm is, and it's generating far too much traffic. Good observation.
Slashdot Mirror
Quite an astute observation. Intel had better adapt soon, since their current specialty is big, dumb things (such as the clock-speed on the Pentium 4).
I, for one, welcome our new 64-bit overlords!
I never had a problem with mine.
Agreed, that the general behavior of "Swen" is that of a virus.
However, I still stand by my statement that using a vulnerability in Outlook to auto-execute is like the behavior of a worm. So is running in the background and sending out e-mails of itself (as defined here).
The SirCam worm also behaved like Swen, in that it arrived as an attachment or was copied to a network share, played with the registry, etc.
And I didn't mean to say it required Outlook. I meant that "all it takes is for some guy to open Outlook," meaning that the minimum user interaction level would be if you open Outlook, and the worm is the topmost message, bam, it gets previewed and executed if you're not all patched up.
In addition, Symantec is classifying it as a worm. So you'd better go try to explain to them why they're wrong, too.
----
On a lighter note, WTFA (Wrote The FA) could be a humorous comeback to "RTFA".
Someone: /makes a comment
Slashdotter: RTFA!
Someone: WTFA! And I'm right!
sitefinder.verisign.com
<off-topic>gator.com
whenu
goatse
kazaa.com
ezula
toptext
cydoor
Of course, I'm running MacOS X, so I don't have to worry about those cheesy spyware apps, I have to protect my bandwidth, and save my clueless Windoze roommates from themselves. :-) </off-topic>
----
[MuseDoma logo] invalid.museum is not in use
All names in .museum can be seen at http://index.museum
More information about
----
This is not really squatting in my definition because there is really no effort being made by MuseDoma (a nonprofit) to profit from invalid domains.
If VeriSign had implemented a page that just said, "invaliddomain123.com is not in use," it would be different. True, it would be rather pointless (which is why such a technique is not in widespread use in the .com, .net, and .org domains). However, the techies would just be saying it's dumb because it breaks error detection, instead of declaring that Verisign is more evil than Satan himself.
The difference is the shameless profitteering.
The "Swen" worm arrives in an official-looking e-mail message that appears to be from Microsoft. Users whose PCs are not patched against the Microsoft flaw this worm exploits will be infected just by viewing the message, as will protected users who click on the e-mail attachment.
clearly requires some dumb schmoe to click on the executable file
No. "Requires some dumb schmoe to open up Outlook."
And maybe if you weren't stupid you would realize they're talking about the parent, which shows a photo of a WinNT-ish desktop with several icons, including MSIE.
Yeah. according to the link in the submission (at NANOG), "Today VeriSign is adding a wildcard A record to the .com and .net
zones. The wildcard record in the .net zone was activated from
10:45AM EDT to 13:30PM EDT. The wildcard record in the .com zone is
being added now." as of 9/15. So this should mean this is going on at the moment. However, on Comcast, I've got normal behavior.
GTE Mobilnet + Bell Atlantic Wireless + AirTouch Cellular + PrimeCo = Verizon Wireless
Qwest seems to have merged with long distance carrier LCI back before they had merged with US West. Before that, they weren't really in the "telco" business at all. They were "a multimedia communications company building a high-capacity, fiber optic network for the 21st century."
On the other side of the map, in a sick irony, there's my father (lost to Windows because of its apparent cheapness). I swear, it seems like he never uses his left mouse button. He just found the right-button one day and now he has no grasp of what the term "default action" means. I'm always like, "Open that!" And he's like, "Ok, Hmmm, let's see, Open, Edit, Play, Add to Archive, Scan for Viruses, Send to:, Delete, Cut, Paste, Properties..."
And I'm like, "Damn it, LEFT BUTTON! LEFT BUTTON!"
Companies of SBC:
Pacific Bell + Nevada Bell = Pacific Telesis
Illinois Bell + Indiana Bell + Michigan Bell + Ohio Bell + Wisconsin Bell = Ameritech
Southern New England Telephone Company (SNET)
Southwestern Bell
Pacific Telesis + Ameritech + SNET + Southwestern Bell = SBC.
Sounds to me like SBC is more like a partial re-assembly of the original monopoly.
Not that I don't respect SBC big-time for this decision.
(Source of data: US FCC, http://www.fcc.gov/wcb/armis/carrier_filing_histor y/COSA_History/sbtr.htm)
Hm, and they just called me today to try to sell me LT and LD service.
Newscaster: "Fortunately, Dennis, flight 242 was struck in just the right place, giving a pleasing massage-like sensation to all aboard, and making the plane arrive in SFO a half-hour ahead of schedule. I'm Leslie Griffith. Back to you in the studio."
yep. Same here. Even after I read the footnote, I thought, "Oh, right, so this is to indicate one particular possible Allah in the array that approves of terrorism, while Allah[1] and Allah[2] probably don't.
VoIP for calls at home.
Mobile phones for calls while not at home, and for 911.
End of problem.
eh, that's okay. Everyone's entitled to their own opinions. They vary in cuteness IMO. Some are okay, a few are just plain adorable.
Not bloody likely.
Every time I've thought, the WHOIS database might be a good way to get a contact phone number that wasn't some cheesy phone-menu support number, I've discovered, big surprise, it's the same cheesy support number. Most companies probably changed it already because people started calling it and getting real people and wasting their time with our foolish concerns. As for our (private individuals') personal information, the answer is simple. If you're worried, fake it. It's not like they send a guy around to check out your address. Just use the address of the nearest Starbucks or something. All you'll be missing out on is "renewal" (transfer) offers from VeriSign.
-dan
http://www.starseven.net/
Maybe it's that it's too late and I'm not thinking very well.
I totally agree with your "shareware" comment, though. I pay $30/year for Salon.com, $25/year for LiveJournal, $2/month for afraid.org FreeDNS, $9/month for SuicideGirls.com (so sue me, punk girls are hot)... anyway, I don't have to pay for most of these things to get the functionality I want, but I pay anyway because I want to support these particular content providers especially, and also the "free" Internet in general.
According to an ad I read today, "SBC Yahoo!* DSL" comes with unlimited dial-up access. (Not that I endorse the idea of a content provider trying to pass itself off as part of the ISP.)
The PowerBooks' batteries are all different sizes, although I believe they all use the same technology. For the most up to date information on battery types for various PowerBook computers, refer to article 16168: "PowerBook: Battery, Recharger, & AC Adapter Identification".
This is webspace that AOL gives its users as part of their paid service. When you pay for webspace, the general idea is that it supports these things called hyperlinks. It stands to reason that you or anyone else should be allowed to link to your website from any other website. Any deviation from this traditional behavior should be documented in their terms of service, and is very shortsighted and/or stupid, as it threatens the very nature of the WWW, much like restrictions/penalties on linking to sites that are deemed undesirable.
If you just need to change the NTP server, but don't need it to be added as one of the "given" servers in the list, you can just edit the combo box in the "Date/Time" Control Panel. You don't have to edit the registry in this case if you don't want to.
Not sure if you overlooked that, or if you were just pointing out the (useful to know) Registry location for adding default time servers. Probably the second one, but I just wanted to put that out there.
I agree that it would be fraught with problems, and I, as a poor programmer, wouldn't attempt it.
While any problems caused by installation of MS patches aren't really the fault of the writer of the worm, they are another reason why I'm glad my idea is only theoretical.
You are right, I admit, that it would be virtually impossible to create a "white hat" worm that didn't screw up approximately as much as it would fix.
Well, I'm not a programmer (I guess I should have said "IANAP"); I was simply suggesting a theoretical way to patch this vulnerability. If you're right that w32.Blaster spoofs source IP's, then I rescind the idea that a counter-worm is a good idea, since the only way, then, to do it would be way the current counter-worm is, and it's generating far too much traffic. Good observation.