no no no, I meant as you as in from your outbox, to your recipients. Even picking up replies from you.
Not the simple
EHLO form.me RCPT foo@barney-bignutts.com FROM whoever@Iwanttobe.com DATA
from the top of my head.
As far as I am concerned, 0 day threats are the most threatening, and the most damaging, and since they still happen Virus software ISN'T doing it's job.
SO what, it stops old viruses. I am more worried about newer ones.
How will the approach of filtering, and application sandboxing and education now going to stop a vbs file?
the filter caught it. worm, firewall trojan, firewall
internal maliscious hacking - auto sandboxing and admin alerts.
You don't need to do MD5 summing, you dissallow binary attachments. Then peope adapt. Except for the Microsoft jpeg parser *groan* it should be safe enough to handle non binary data.
And as in the openoffice example I gave, any script that is enabled in the future should have applicaiton controls to limit its ability to kill you.
If however you run a program that doesn't have that, you only risk that applications zone of trust, not your whole app. So your email might go down if using a non 'trust-zonerized' email app.
now social engineering is an argument in my court, how virus protection only gives you false sense of security.
My whole argument is to take out applications from the loop that dupe you into a false sense of security. someone with firewall and virus checking may feel safe from hackers, and stupidly be more easy about giving out access pwds.
right well, it isn't a perfect world, and a standard applcation sandboxing model and trust zoning at OS level is too much to ask for, even though the basic user permissions should keep things safe (you need user/application level permissions, so Bob/IE has diff access to Bob/FireFox and 'cetra.
these stats are for one site that claims to be 'tech heavy'
Internet Explorer 6.x 53% Firefox 18.16% Safari 11.25% Internet Explorer 5.x 4.07% Mozilla 3.18% Opera 2.50% Netscape 7.x 1.42%
In addition opera and mozilla and firefox have user agent string plugins, but even ie can be regedited to send
Mozilla compatible, sod Microsoft (Windows 3.11)
Of course, stats don't matter, as long as you use what you want. Out of interest,I noticed Yoper is using evolution as the mail client, I personally love thunderbird - any ditros thinking of using thunderbird and sunbird as thier mail/calender?
Actually, having used Mozilla a lot, the smaller size of FireFox has meant its adoption is easier. I have personally installed it:
At my dentists (removed two viruses, put zonealarm, slapped ie silly, put firefox, adaware, windows updates to auto (well, you can't be perfect!)
At all my friends, work mates
so I guess I am nearly 100% responsible for these stats:-)
It will become the top browser, because it is ace. All those cute extensions.
Why else?
Microsoft state no more development on IE
No more upgrade runs for people, and they always look for now things.
It is snazzy amd sexy, and has a cute fox, so animal rights activitsts will like it, unless they think the firey tale is cruel...
the only problem is the 0.9, 0.9.1, 0.9.2, 0.9.3 - even I got tired, but I bet they just want to get the bets stuff out the door as quickly as possible.
Don't worry, the net ain't going anywhere fast. How many converts have you claimed?:-)
I read about a True random number generator, then I half expected a doom 3 demo, than I saw the "I don't know about you, but I'd hate getting fragged by that plant over there while playing Doom 3"
I put 2 and 2 together and in true orwellian fashion thought that they had hooked a plant up to a doom 3 bot and had somehow got it learning the maps and killing people!
Where do you think the suspiscion stems from in my comment?:-) of course I know MS is behind it, which is why I state there are subtle nudges at linux, that are far more hurtful.
If msnbc said linux is crap, then noone would take it seriously.
Nudging at linux and using this language is very harmful to the image of linux.
Our email attachment rules - block all that content. f course people zip up some of that content, so maybe unzip and block, this is email attachment filtering.
Checking for knwon virus signatures, yes this is an application of virus detection that is not used as a security measure, but as a decision maker, or audit trail.
Outlook is causes 99.99999* of virus problems, allowing someone to send email as you, with viruses in it - embarrassing!
I still cannot believe people use that....
Knowing a file is a known virus is ok, and useful, but you are right in saying that mail attachment filters are better. Remove anythign remotely hazardous.
Send a link to a file if you want someone to d/l it, and then use the trust rule, and fallback on the behavioural checking.
Never be in a position to run code that you have been assured by a virus checker that it is not a virus.
Of course, my approach would stop trojans, worms, scripts, anything that has this efect (each application can extend the security layer into its own realm, so openoffice could have a protect sandbox that would test scripts and if it crosses a line, like tries to embedd itself, or open a new document, or search or something,notify the user.
"hippie-esque programmers who disdained revenue and profit, advocating a "peace, love and software" vision of Linux"
Wow, what a great tribute to those who worked hard to establish GPL and protect everyone from massive setbacks in technology and growing costs because of proprietary and dynfunctional software.
"And though some Linux zealots still consider themselves part of a quasi-religious movement,"
Zealot, quasi-religious? No really, how subtle are you trying to be? As a linux user even I felt mildly embarrassed at using linux now...
Very interesting:
"these days Linux is looking a lot like any other technology product, even those made by Microsoft"
So here they are saying, linux is nothing special, and now look just like the things Microsoft churns out. Talk about downplaying.
"the company Linux wonks hate most."
Wonk: One who studies an issue or a topic excessively.
But most people see 'wonk' as a crazy word, so therefore it is rather insulting.
"The rise of the middleman"
Try: A whole new powerful economy built around opensource that proves its viability in promoting growth in a market that lost 400k jobs in the US since 2001.
"Big companies pick up the tab for Linux development"
Big companies have seen the light of linux and invest heavily to ensure they do not die out.
Thank you MSNBC. I hope to see more of you articled/. in the future. not.
Apologies for abhorrent spelling in my posts. THey are typos, honest gov.
Using VMWare with virtual networking and memory and file system woudl be great to sandbox exe's. This could be done on the fly - or even as you run it, the executions get fed through a filter, that would allow any program to run normally until it hit an alarm in the FS, net, reg, or mem allocation.
even internal hackers would have to get thier code past this system, and therefore alert an admin.
internal firewall every resource, but allow the program to run UNTIL it hits this point of alarm.
In case Microsoft needs help filling in 3000 patent forms:
I copyright all ideas, related to, pertaining to, based on, genetically similar or even sounding like the above, and release it under GPL / copyleft / erm... yeah, opensource.
I personally believe anti-virus it a waste of time.
1: Trusted sites should be trusted. 2: It is new viruses that are more prevalent, and the ones you are less likely to be protected against. 3: Behavioural systems (i.e. secure systems) shoudl be in place to stop NEW code doing things, like an internal firewall - would you like xyz.exe whihc has been on your system for 30 minutes / 3 days or whatever to acces ABC resource / network, reg setting etc. 4: Signed content can lead to more trust. 5: this would stop dialers, toolbars, spyware, fuckware, malware, shitware, pancreasware and all other forms of binary information that belongs in/dev/null
I think anti-virus has gone far enough. I use google when I download a funny file, I google the filename, I google the filesize. If I am still not happy, I don't run it.
I mean who would run whoah_funny_check_this_shit_out.exe ??
setup.exe's - again, d/l from a trusted source. Run as a low priv user if need be, test it on a sandbox to be sure... but don't fsskin virus scan it - and then run it on your prized system, because anyone can right a rm -rf ~ and cause simple havoc, and this file will not be picked up by any antivirus software.
Don't reply on virus software, I'd say it gives a false sense of security at the best of times.
Educate users is important, and I would love to see an 'untrusted file' idea, where a custom made trojan would find itself in a pretty lame sandbox if someone runs it the first time, this behaviour gets recorded, then judged if it may be harmful, and above certain levels (tried to access a network resource, tried to remove a file, tried to access existing registry tree, tries to send emails to your entire address book) it quarantines, and alerts an admin.
Any linux developers like that idea? temporal / quantitative security measures for automated sandbox maintenance and binary acceptance program.
China Tech News has great articles about the hotbed of activity there.
And Kylin is supposed to be a windows, linux, unix and *BSD and MacOS beater ! Interesting stuff!
After the 2008 Olympics people will wake up to a reality, how advanced China is! I think it is great! Lets hope China becomes a huge adopter of linux!:-)
I will admit that the article left redundant import statements in the code though, but again, I wasn't going for line count, otherwise I would loose all sense of identity and... and...
When you have zero clue how to write the language, I suggest you shut up.
*waves* hello, you must be new around here, *points at article* If you would like to read that while you wait, we call it reading the article.
I copy and pasted that code out of the article - I didn't make it up.
hint The article was about JRuby.
And it wasn't a penis measuring contest, but a legibility contest. Now I can read java easier than JRuby because I read it daily. But looking at the redundant entropy in the bytes (I won't huff it for you) I can tell that this code looks more complicated.
I think we found our expert!:-) I once called a phone sex line, out of the back of FHM.
My phone provider fsksked up an install (for someone else!) and I lost my line, I complained, and it was reconnected, with the wrong line... so I call, and I say casually to the guy (no this bit isn't the phone sex bit!) so am I liable for any calls I make on this line? he says, well no, because our billing system won't, oh I see.
So I had a chat with this chilean bird who was studying some shit, we spoke about everythign except sex. *feels the whole of slashdot looking at me with a concerned expression* yeah, that is it. She had a brother.
What I meant was, a hardware solution could provide very high fidelity vocals, including breathing rates, minor deviations, emotion, etc.
If speech recognition goes well.
Oh, the line was a 1 quid an hour line, I called it 3 times, each time I spoke for 20 minutes before the auto cut off.:-) that is 60 quid those bastards won't see again! muahah *cough*
I agree, purchasing these companies is what gave cisco the position where it is today.
I would argue that it is precarious - although I have no idea of thier existing market share, only that they seem (from my observations) to be priced on the border of the market. If they price themselves out of the market, it will be filled by other companies.
1. Building a necessity to be informed because of failuires in thier software
2. Making these failuires so deadly that quick action must be taken to save money
3. Screw up all thier patching, and take time to patch vunerabilities they do patch
So, the more they do the above, the more money they can take from those companies now learning the meaning of being 'tied to a large metamorphic rock plunging happily down into the Mariana trench'.
Microsoft - a monopoly in profiting from failiure, fear, and fraud.
There isn't much overlap, but there is some. Singal processing, the breaking down of the naunces of speach.
I figure a hardware speech processor and hardware speech synthesis (very very accurate and believable) would have a great use for mankind.
Imagine how much cheaper sex chat lines owuld be for instance!
They owuld only need a limited vocabulary, so perhaps the OS IBM stuff would work for now?
Of course, I bet a patent will come out of this... voice technology that is very realible and very easy will remove a whole interface. Talk back to your sat nav...
My linksys must be pre-cisco - no sign on there, but this shows that they are scared of competition, buying out competitors that are small enough perhaps....
I am only associated with our network equiptment through modest inquisitiveness, and I even know cisco are only a brand.
3com, level1, and linksys are out there. As customer awareness for these products grow (i.e. they know WHAT they do) they can actually shop around, rather than think, oh, erm, I need a cisco.
I can see these lovely ladies being applied to some serious film fx... I wonder what kind of advantages these systems would give to rendering houses, or is the cost of these for farming cpu power too high, and there is more bang for using Durons?
I guess this differs based on each application and resource requirements.
Slashdot Mirror
OK, where does it say that firefox mascot dude is a red panda though?
Cute lil' fella. (him not you...)
Woah, hold the presses, since when did firefox have RSS support? I was just fffin around on the thunderbird site sniffing for it...
Mention of FireFox RSS
no no no, I meant as you as in from your outbox, to your recipients. Even picking up replies from you.
Not the simple
EHLO form.me
RCPT foo@barney-bignutts.com
FROM whoever@Iwanttobe.com
DATA
from the top of my head.
As far as I am concerned, 0 day threats are the most threatening, and the most damaging, and since they still happen Virus software ISN'T doing it's job.
SO what, it stops old viruses. I am more worried about newer ones.
How will the approach of filtering, and application sandboxing and education now going to stop a vbs file?
the filter caught it.
worm, firewall
trojan, firewall
internal maliscious hacking - auto sandboxing and admin alerts.
You don't need to do MD5 summing, you dissallow binary attachments. Then peope adapt. Except for the Microsoft jpeg parser *groan* it should be safe enough to handle non binary data.
And as in the openoffice example I gave, any script that is enabled in the future should have applicaiton controls to limit its ability to kill you.
If however you run a program that doesn't have that, you only risk that applications zone of trust, not your whole app. So your email might go down if using a non 'trust-zonerized' email app.
now social engineering is an argument in my court, how virus protection only gives you false sense of security.
My whole argument is to take out applications from the loop that dupe you into a false sense of security. someone with firewall and virus checking may feel safe from hackers, and stupidly be more easy about giving out access pwds.
right well, it isn't a perfect world, and a standard applcation sandboxing model and trust zoning at OS level is too much to ask for, even though the basic user permissions should keep things safe (you need user/application level permissions, so Bob/IE has diff access to Bob/FireFox and 'cetra.
simple. says simon.
these stats are for one site that claims to be 'tech heavy'
Internet Explorer 6.x 53%
Firefox 18.16%
Safari 11.25%
Internet Explorer 5.x 4.07%
Mozilla 3.18%
Opera 2.50%
Netscape 7.x 1.42%
In addition opera and mozilla and firefox have user agent string plugins, but even ie can be regedited to send
Mozilla compatible, sod Microsoft (Windows 3.11)
Of course, stats don't matter, as long as you use what you want. Out of interest,I noticed Yoper is using evolution as the mail client, I personally love thunderbird - any ditros thinking of using thunderbird and sunbird as thier mail/calender?
should it be thunderfox and sunfox?
But I am using FireFox a lot more!
:-)
:-)
Actually, having used Mozilla a lot, the smaller size of FireFox has meant its adoption is easier. I have personally installed it:
At my dentists (removed two viruses, put zonealarm, slapped ie silly, put firefox, adaware, windows updates to auto (well, you can't be perfect!)
At all my friends, work mates
so I guess I am nearly 100% responsible for these stats
It will become the top browser, because it is ace. All those cute extensions.
Why else?
Microsoft state no more development on IE
No more upgrade runs for people, and they always look for now things.
It is snazzy amd sexy, and has a cute fox, so animal rights activitsts will like it, unless they think the firey tale is cruel...
the only problem is the 0.9, 0.9.1, 0.9.2, 0.9.3 - even I got tired, but I bet they just want to get the bets stuff out the door as quickly as possible.
Don't worry, the net ain't going anywhere fast. How many converts have you claimed?
I read about a True random number generator, then I half expected a doom 3 demo, than I saw the "I don't know about you, but I'd hate getting fragged by that plant over there while playing Doom 3"
I put 2 and 2 together and in true orwellian fashion thought that they had hooked a plant up to a doom 3 bot and had somehow got it learning the maps and killing people!
madness.
Where do you think the suspiscion stems from in my comment? :-) of course I know MS is behind it, which is why I state there are subtle nudges at linux, that are far more hurtful.
If msnbc said linux is crap, then noone would take it seriously.
Nudging at linux and using this language is very harmful to the image of linux.
That is why I disected it quite heavily.
This is a report, but not of the same article. You can mention things more than once! :-)
"Later this month, you'll be able to carry on a telephone conversation with a flower with a planned speaker phone model."
So this is indeed new! I would love that. Now I just read Light Fantastic - where Rincewind is convinced the trees aren't talking to him!
Little did he know it was all Ka-on (flower sound) and twoflower could have told him that!
lol zomg rolflmao etc etc.
I have to say I half agree with you.
,notify the user.
Our email attachment rules - block all that content. f course people zip up some of that content, so maybe unzip and block, this is email attachment filtering.
Checking for knwon virus signatures, yes this is an application of virus detection that is not used as a security measure, but as a decision maker, or audit trail.
Outlook is causes 99.99999* of virus problems, allowing someone to send email as you, with viruses in it - embarrassing!
I still cannot believe people use that....
Knowing a file is a known virus is ok, and useful, but you are right in saying that mail attachment filters are better. Remove anythign remotely hazardous.
Send a link to a file if you want someone to d/l it, and then use the trust rule, and fallback on the behavioural checking.
Never be in a position to run code that you have been assured by a virus checker that it is not a virus.
Of course, my approach would stop trojans, worms, scripts, anything that has this efect (each application can extend the security layer into its own realm, so openoffice could have a protect sandbox that would test scripts and if it crosses a line, like tries to embedd itself, or open a new document, or search or something
"hippie-esque programmers who disdained revenue and profit, advocating a "peace, love and software" vision of Linux"
/. in the future. not.
Wow, what a great tribute to those who worked hard to establish GPL and protect everyone from massive setbacks in technology and growing costs because of proprietary and dynfunctional software.
"And though some Linux zealots still consider themselves part of a quasi-religious movement,"
Zealot, quasi-religious? No really, how subtle are you trying to be? As a linux user even I felt mildly embarrassed at using linux now...
Very interesting:
"these days Linux is looking a lot like any other technology product, even those made by Microsoft"
So here they are saying, linux is nothing special, and now look just like the things Microsoft churns out. Talk about downplaying.
"the company Linux wonks hate most."
Wonk: One who studies an issue or a topic excessively.
But most people see 'wonk' as a crazy word, so therefore it is rather insulting.
"The rise of the middleman"
Try: A whole new powerful economy built around opensource that proves its viability in promoting growth in a market that lost 400k jobs in the US since 2001.
"Big companies pick up the tab for Linux development"
Big companies have seen the light of linux and invest heavily to ensure they do not die out.
Thank you MSNBC. I hope to see more of you articled
both can be subjective.
....translating....
:-)
special warmth and atmosphere
fuzzy noise, crackles and scratchings
I just had an image of an ipod with built in turntable and mini 3" high resolution records
Apologies for abhorrent spelling in my posts. THey are typos, honest gov.
Using VMWare with virtual networking and memory and file system woudl be great to sandbox exe's. This could be done on the fly - or even as you run it, the executions get fed through a filter, that would allow any program to run normally until it hit an alarm in the FS, net, reg, or mem allocation.
even internal hackers would have to get thier code past this system, and therefore alert an admin.
internal firewall every resource, but allow the program to run UNTIL it hits this point of alarm.
In case Microsoft needs help filling in 3000 patent forms:
I copyright all ideas, related to, pertaining to, based on, genetically similar or even sounding like the above, and release it under GPL / copyleft / erm... yeah, opensource.
I personally believe anti-virus it a waste of time.
/dev/null
1: Trusted sites should be trusted.
2: It is new viruses that are more prevalent, and the ones you are less likely to be protected against.
3: Behavioural systems (i.e. secure systems) shoudl be in place to stop NEW code doing things, like an internal firewall - would you like xyz.exe whihc has been on your system for 30 minutes / 3 days or whatever to acces ABC resource / network, reg setting etc.
4: Signed content can lead to more trust.
5: this would stop dialers, toolbars, spyware, fuckware, malware, shitware, pancreasware and all other forms of binary information that belongs in
I think anti-virus has gone far enough. I use google when I download a funny file, I google the filename, I google the filesize. If I am still not happy, I don't run it.
I mean who would run whoah_funny_check_this_shit_out.exe ??
setup.exe's - again, d/l from a trusted source. Run as a low priv user if need be, test it on a sandbox to be sure... but don't fsskin virus scan it - and then run it on your prized system, because anyone can right a rm -rf ~ and cause simple havoc, and this file will not be picked up by any antivirus software.
Don't reply on virus software, I'd say it gives a false sense of security at the best of times.
Educate users is important, and I would love to see an 'untrusted file' idea, where a custom made trojan would find itself in a pretty lame sandbox if someone runs it the first time, this behaviour gets recorded, then judged if it may be harmful, and above certain levels (tried to access a network resource, tried to remove a file, tried to access existing registry tree, tries to send emails to your entire address book) it quarantines, and alerts an admin.
Any linux developers like that idea? temporal / quantitative security measures for automated sandbox maintenance and binary acceptance program.
or gnutqsmasmbap.
I guess that answered my question! Thanks :-)
I wonder if we will see a film using this kind of firepower any time soon...
Thanks again
China Tech News has great articles about the hotbed of activity there.
:-)
/. do we have? To keep up, I suggest we all Learn chinese characters!
And Kylin is supposed to be a windows, linux, unix and *BSD and MacOS beater ! Interesting stuff!
After the 2008 Olympics people will wake up to a reality, how advanced China is! I think it is great! Lets hope China becomes a huge adopter of linux!
How many Chinese
Looking forward to 2008. See you there!
I will admit that the article left redundant import statements in the code though, but again, I wasn't going for line count, otherwise I would loose all sense of identity and... and...
write in perl! aaaaargh.
When you have zero clue how to write the language, I suggest you shut up.
*waves* hello, you must be new around here, *points at article* If you would like to read that while you wait, we call it reading the article.
I copy and pasted that code out of the article - I didn't make it up.
hint
The article was about JRuby.
And it wasn't a penis measuring contest, but a legibility contest. Now I can read java easier than JRuby because I read it daily. But looking at the redundant entropy in the bytes (I won't huff it for you) I can tell that this code looks more complicated.
So take that ruby out of your ass and RTFAYFT.
(readthefuckingarticleyoufuckingtwat)
end
Please enjoy.
I think we found our expert! :-) I once called a phone sex line, out of the back of FHM.
:-) that is 60 quid those bastards won't see again! muahah *cough*
My phone provider fsksked up an install (for someone else!) and I lost my line, I complained, and it was reconnected, with the wrong line... so I call, and I say casually to the guy (no this bit isn't the phone sex bit!) so am I liable for any calls I make on this line? he says, well no, because our billing system won't, oh I see.
So I had a chat with this chilean bird who was studying some shit, we spoke about everythign except sex. *feels the whole of slashdot looking at me with a concerned expression* yeah, that is it. She had a brother.
What I meant was, a hardware solution could provide very high fidelity vocals, including breathing rates, minor deviations, emotion, etc.
If speech recognition goes well.
Oh, the line was a 1 quid an hour line, I called it 3 times, each time I spoke for 20 minutes before the auto cut off.
I agree, purchasing these companies is what gave cisco the position where it is today.
I would argue that it is precarious - although I have no idea of thier existing market share, only that they seem (from my observations) to be priced on the border of the market. If they price themselves out of the market, it will be filled by other companies.
So Microsoft is profiting out of:
1. Building a necessity to be informed because of failuires in thier software
2. Making these failuires so deadly that quick action must be taken to save money
3. Screw up all thier patching, and take time to patch vunerabilities they do patch
So, the more they do the above, the more money they can take from those companies now learning the meaning of being 'tied to a large metamorphic rock plunging happily down into the Mariana trench'.
Microsoft - a monopoly in profiting from failiure, fear, and fraud.
There isn't much overlap, but there is some. Singal processing, the breaking down of the naunces of speach.
I figure a hardware speech processor and hardware speech synthesis (very very accurate and believable) would have a great use for mankind.
Imagine how much cheaper sex chat lines owuld be for instance!
They owuld only need a limited vocabulary, so perhaps the OS IBM stuff would work for now?
Of course, I bet a patent will come out of this... voice technology that is very realible and very easy will remove a whole interface. Talk back to your sat nav...
"turn left"
"I can't its bloody road works"
"Turn left"
"Damn you!"
"turn left, turn left, you will be assimilated"
"what did you say?"
"erm, nothing, I mean, turn left"
My linksys must be pre-cisco - no sign on there, but this shows that they are scared of competition, buying out competitors that are small enough perhaps....
These run office, email, and web.
They needs to upgrade them to run the new version of XP.
They see this.
They think, aaah, we can controll everything and make sweeping changes and upgrade in minutes.
*knock knock*
Who's there?
Microsoft!
Microsoft who?
Microsoft who just bought you a jag and a place in a university of your choice for your brat kids.
Oh, you'd better come in then.
Yes it is called Hit and Run, and it is actually base don the GTA engine, and it was quite rubbishy, even though I played it for a few days :-)
Gimme guns or gimme emacs^H^H^H^H^Heclipse.
I am only associated with our network equiptment through modest inquisitiveness, and I even know cisco are only a brand.
3com, level1, and linksys are out there. As customer awareness for these products grow (i.e. they know WHAT they do) they can actually shop around, rather than think, oh, erm, I need a cisco.
I can see these lovely ladies being applied to some serious film fx... I wonder what kind of advantages these systems would give to rendering houses, or is the cost of these for farming cpu power too high, and there is more bang for using Durons?
I guess this differs based on each application and resource requirements.
Still, nice.