As I also posted elsewhere, Bacula 2.0.0 has just been released with full (director, stored, filed) support for Windows. At a guess, i'd say that running it on Windows directly would be preferable to running it on Linux on VMWare on Windows. Running it on Linux directly would be better still though, if you had the hardware.
2.0.0 has just been released, with pretty much full support for Windows. It doesn't have a pretty GUI, but it should be able to do what you want. It does support VSS so it can back up Exchange and SQL for you, and i'm working on an agent to do proper backups of SQL too, and hope to add Exchange support after that.
I suspect that distributing 'rejected' food to employees with a note attached reading 'Best wishes from SomeBigCompany' could put the company in a tricky legal position if someone got sick. If the note read 'Best wishes from SomeTightBitch' then it might be a little different.
This will change when the government starts running low on money and has to start funding the surveillance with enterprises like: "Nose pickers caught on tape" "2006's funniest muggings" "Drinking is bad for you because..." "London's top 100 bum scratchers"
People won't feel so happy once you take away their freedom to pick their nose once in a while without it being recorded onto their permanent record.
Restoring the default firmware for hardware would be one of the first things done when a rootkit is suspected.
Assuming a sufficiently sophisticated VM based rootkit, it couldn't be done. Any attempt to write back to the firmware would be subverted. Any attempt to verify what was already there would pass as the rootkit would tell the verification utility exactly what it wanted to hear.
The only way to do it would be to physically remove the flash chip from the system and wipe it out of the box.
Generating collisions is not that trivial. The only viable way to generate a MD5 collision involves creating both files involved. You cannot generate a same-size collision for a file that you did not specially craft for the purpose. In any realistic setup you don't have the luxery of being both the official distributer of the binaries a company or individual uses, and being the person implementing the rootkit. If you were both then you may as well just infect the official binaries and not worry about rootkits.
The only way to leave a 'hook' on any common setup is to modify the storage medium of the OS or modify the firmware of a piece of hardware. Both can be detected, and there's no way to prevent that.
But you can prevent it from being easily detected. Especially the theoretical BIOS VM kit I mentioned. If you can place the whole operating system inside a virtual machine, then it is virtually impossible to detect without taking the BIOS chip out and reading it offline. Any attempt to detect the compromise would be emulated by the VM and could tell the detection code that everything is fine. A long running timing attack could possibly detect it, but even that could be subverted in theory...
There is no known computationally viable way any decent hash can be 'subverted' in the manner you are implying. Changing a single bit will completely change the hash of a binary with any decent hashing algorithm. You're not going to be able to find a hash collision that provides you with a binary that is the same size as the one you are replacing and does everything you want.
Under MD5 there are some single bits that do not affect the outcome of the MD5 hash. The hack I was referring to was that you release a binary with your hook code already in there but sleeping, and then can activate it later by modifying a single bit in the binary that activates the hook. Kind of a long way of doing it, but possible and documented
Also, plug "MD5" and "Collision" into google and see what comes up. I think you might be surprised. I don't think MD5 is really recommended anymore though for exactly this reason, and other hashes are, as you are saying, a lot harder to subvert.
Impractical, because it requires you to dedicate a drive to the stuff that can be mounted RO. Just mount the PARTITION read-only, instead.
Any rootkit that can get root could easily remount it rw.
You could also built a monolithic kernel and not allow modules at all. Kind of hard to insert a corrupt module if the kernel isn't modular!
This sounds like a good idea, but is it possible to build everything in these days? Last time I checked I think there were some things that could only be built as modules...
Never underestimate the ingenuity of a hacker... consider the following (theoretical) possibilities:
. The system could be almost completely restored on an orderly shutdown, leaving nothing detectable but a single hook (hide everything else in swap or unused sectors in filesystem)
. Even without an orderly shutdown, a rootkit could keep stuff in the unused parts of the harddisk all the time, the rootkit would take care of not overwriting it.
. MD5 hashes can be subverted, which means the above mentioned initial hook could hide (I believe this is only really useful if the hook was in the original package and you are turning it on by changing a single bit)
. The machine BIOS (or any other flash that is involved in the boot sequence) could be compromised with a VM based rootkit, meaning that anything booted by the BIOS could be undetectable (you'd need to take the disk out to find it)
. The harddisk firmware could be compromised, hiding the rootkit even if it was running in another machine (eg return zeros on read of the hidden rootkit sectors unless activated)
The solution to this of course is a hardware based 'trusted computing' environment. That way only the manufacturers and governments could install rootkits, and I'm sure we can all trust them! If the 'trusted' model itself was ever compromised though (and it would be), then we'd really be screwed.
But theory aside, you are correct. Almost all of the above would require an attack specifically targeted to you. And if someone wants to 0wn you that badly then they will, by network or by shotgun.
An offline validation would certainly be enough to satisfy me.
It's a little more complicated than that. If you post anti-microsoft FUD, you'll probably be modded up by a lot of people who can't/won't see through the FUD. If you post anti-linux FUD, you'll almost certainly be modded down (flamebait etc), or at least not modded up. So... if you want to boost your karma, what are you going to do?
Microsoft are big enough and old enough to have done a huge amount of good and bad in their past, so it's very easy to filter out anything that doesn't support your point of view and be left with a mountain of evidence of all the evil (or good, if you want) that they've done.
If you want an honest, thought out, and rational answer to your question, the last people i'd ask are the zealots. If you want to see a troll fight though... go right ahead. They're always fun to watch:)
Do post a link to your report when it's done though. I'd like to see if there exists a more insightful answer to your question than "because it's cool to hate Microsoft".
To businesses, call centers are "cost centers", and accordingly should be as cheap as possible. If they can make the same amount of money with cheaper call centers, they will. If customers don't care, they won't care.
That bit about customers not caring is so true. But as soon as you start spending money outside of your community (village/city/stage/country), it's gone.
People go and buy imported goods (and services now it seems) because they save a few dollars, and then bitch and moan because another factory has closed down and they're out of work. It's your own f*cking fault people!!! If you're lucky enough to live in a country that protects working conditions, then ffs don't go and buy stuff from a country that doesn't. You're only ripping yourselves off.
In any case, I think that a 100% solar earth is unlikely
I know i'm being pedantic, but strictly speaking pretty much all of the power sources used on Earth are solar in one way or another. Think of coal and oil as a huge battery that has been charging up for millions of years. Wind is generated by solar energy too, as is the rain that ultimately generates hydroelectricity.
Even more strictly speaking, given that the sun is a gigantic nuclear furnace (thanks TMBG:), we could say that almost all the energy we consume was ultimately created from a nuclear reaction (fusion or fission). Geothermal and tidal energy are two non-nuclear energy sources that spring to mind.
I'd point you to the wikipedia article with the same name, but it just tells you about the case.
Possibly the school is embarrassed that one of their pupils could come up with something so stupid? I know I would be if it was one of my kids. I wonder if 'public display of stupidity' is against the school rules... whether it was on school property or not, someone should punish this person for such stupidity. If the parents won't, then it's up to the school.
As for free speech... I'm not a US citizen, but surely there are restrictions to what counts as 'free', anything that would incite hate or violence seems like it would be exempt from this freedom. The banner was stupid enough to leave a lot of doubt (perhaps the teacher was remembering "the shocker" incident), and if the case has been through 2 or 3 courts and _they_ still can't make up there minds, what hope did the teacher have?
Just this morning I was attaching some caster wheels to some furniture, and realised a needed a longer screw attachment for my drill. I went and bought one and sure enough it was sealed up good. Took me a bit of hacking to open, and that was with my toolbox right next to me. Again, opening items like this is easy enough, opening them without damaging them is another matter.
Another one that pisses me off is when they print the instructions on the cardboard which is sandwiched between the layers of packaging, so just cutting through it with scissors means cutting through the instructions. Not that I ever read instructions. *cough*
Then there is the whole environmental thing... where does all this packaging go once the item has been unpacked!!!
A big 'me too' to that! I have had to turn greylisting down to everything with a spamassassin score >= 0.0 though. I tried 5.0 and too much got through, then 2.0 and I was still getting 10 or so a day. Now, nothing!
Greylisting works for two main reasons:
1. A lot of spam is sent by very dumb automated mailers. A short time ago they could be fooled because they didn't even wait for server prompts, so you could just reject anything that sent a HELO before you'd identified yourself. Now they are smart enough to get around that, but if you send a 'busy, try again later' message they don't bother trying again.
2. The 1 hour or so that you greylist senders for is enough time for them to get onto blacklists, so by the time that you'd let them through they've been blacklisted.
greylist stats on my primary email server are that 98.4% of email that was greylisted never made it to the whilelist (eg gave up or was rejected before it cleared), and on the secondary it's 99.9% (if the primary is up, then anything that hits the secondary is spam anyway).
so, until the spammers find a decent way around it (and I can't think of one, when used in conjunction with blacklists!), this seems like a pretty bulletproof solution.
The sad thing about a claim like this is that it's so easy to prove one way or another. If the 'unpleasant effects' can be made to appear and disappear by turning the wireless network off and on, then this guy is some freak of nature who is somehow able to detect radiation that the rest of us don't notice. If the 'unpleasant effects' continue despite the wireless network being off, then he needs to look somewhere else, like at the flickering of fluorescent lighting or computer monitors, or the mind control devices used to keep the students in line.
As I mentioned in another post, a black object (If I remember year 10 physics:) also radiates energy away more easily, which may work against it hiding successfully.
On the other side of the coin, back when there was an article about using lasers to take out missiles while they were in the air, someone suggested that they make them as shiny (in all spectrums) as possible to reflect rather than absorb the military laser. That would be incompatible with the idea of using the black metal for stealth.
So I guess you have to choose... you can be really hard to find but easy to laser a hole into, or really easy to find but really hard to laser a hole into.
One of the things I (barely:) remember from school is black body radiation. A dark object appears dark because it absorbs more light, but it also more freely radiates the energy away again. I wonder what effect that would have on the stealth ability
Which is the greater... the cost of designing them, building them, getting them to mars, or controlling them once there?
For a manufacturing run of two, I'm guessing that the design and build phase go hand in hand, but I suppose that if they used the same design then they could build quite a few for what it cost originally to build and design the two.
But then they have to get them to mars, which may well dwarfs the cost of everything else, and then they have to control them throughout their lifetime once they are there, which also probably isn't cheap.
I wonder how much more we'd learn if we sent another 10 or 20? If nothing else, we'd certainly learn a lot about sending rovers to mars:)
I wonder if the private sector would ever be interested? Maybe they could build one with some weaponry to defend territory, a hostile mars land rush! If a few rovers could do some prospecting and find some valuable ores then the race would be on!!!
In my experience, if you buy a $100 drive to have as a spare, by the time one of your existing drives failed, that $100 drive will be of a size so small you can't even purchase it anymore, and will certainly be smaller than you want. Also, if you are anything like me you'll need a spare SATA disk, a PATA disk, and a 2.5" disk. Now you are talking about $300 (more in my currency), and there are better things to buy for that kind of money.
My rules would be: . Run RAID such that you have 1 redundant drive per 1-4 other drives (eg a single RAID5 set of no more than 5 disks, or just RAID1 on two disks). Buy a laptop that does RAID1. . Back up your stuff. . Actually monitor your disks. Modern disks should indicate that there are problems long before getting the data off becomes a problem. Sometimes they go from working perfectly to completely dead (motor or head actuator burnout), but often it's a gradual thing. A client of ours had a computer running for months that would take 10 minutes or more to boot because there were some 'barely readable' sectors. Proper disk monitoring [sh/w]ould have picked it up much earlier.
Slashdot Mirror
As I also posted elsewhere, Bacula 2.0.0 has just been released with full (director, stored, filed) support for Windows. At a guess, i'd say that running it on Windows directly would be preferable to running it on Linux on VMWare on Windows. Running it on Linux directly would be better still though, if you had the hardware.
Bacula
2.0.0 has just been released, with pretty much full support for Windows. It doesn't have a pretty GUI, but it should be able to do what you want. It does support VSS so it can back up Exchange and SQL for you, and i'm working on an agent to do proper backups of SQL too, and hope to add Exchange support after that.
I suspect that distributing 'rejected' food to employees with a note attached reading 'Best wishes from SomeBigCompany' could put the company in a tricky legal position if someone got sick. If the note read 'Best wishes from SomeTightBitch' then it might be a little different.
true. It will result in a very polarised argument for and against the camera's though...
This will change when the government starts running low on money and has to start funding the surveillance with enterprises like:
"Nose pickers caught on tape"
"2006's funniest muggings"
"Drinking is bad for you because..."
"London's top 100 bum scratchers"
People won't feel so happy once you take away their freedom to pick their nose once in a while without it being recorded onto their permanent record.
Assuming a sufficiently sophisticated VM based rootkit, it couldn't be done. Any attempt to write back to the firmware would be subverted. Any attempt to verify what was already there would pass as the rootkit would tell the verification utility exactly what it wanted to hear.
The only way to do it would be to physically remove the flash chip from the system and wipe it out of the box.
True.
But you can prevent it from being easily detected. Especially the theoretical BIOS VM kit I mentioned. If you can place the whole operating system inside a virtual machine, then it is virtually impossible to detect without taking the BIOS chip out and reading it offline. Any attempt to detect the compromise would be emulated by the VM and could tell the detection code that everything is fine. A long running timing attack could possibly detect it, but even that could be subverted in theory...
Under MD5 there are some single bits that do not affect the outcome of the MD5 hash. The hack I was referring to was that you release a binary with your hook code already in there but sleeping, and then can activate it later by modifying a single bit in the binary that activates the hook. Kind of a long way of doing it, but possible and documented
Also, plug "MD5" and "Collision" into google and see what comes up. I think you might be surprised. I don't think MD5 is really recommended anymore though for exactly this reason, and other hashes are, as you are saying, a lot harder to subvert.
Any rootkit that can get root could easily remount it rw.
This sounds like a good idea, but is it possible to build everything in these days? Last time I checked I think there were some things that could only be built as modules...
Never underestimate the ingenuity of a hacker... consider the following (theoretical) possibilities:
. The system could be almost completely restored on an orderly shutdown, leaving nothing detectable but a single hook (hide everything else in swap or unused sectors in filesystem)
. Even without an orderly shutdown, a rootkit could keep stuff in the unused parts of the harddisk all the time, the rootkit would take care of not overwriting it.
. MD5 hashes can be subverted, which means the above mentioned initial hook could hide (I believe this is only really useful if the hook was in the original package and you are turning it on by changing a single bit)
. The machine BIOS (or any other flash that is involved in the boot sequence) could be compromised with a VM based rootkit, meaning that anything booted by the BIOS could be undetectable (you'd need to take the disk out to find it)
. The harddisk firmware could be compromised, hiding the rootkit even if it was running in another machine (eg return zeros on read of the hidden rootkit sectors unless activated)
The solution to this of course is a hardware based 'trusted computing' environment. That way only the manufacturers and governments could install rootkits, and I'm sure we can all trust them! If the 'trusted' model itself was ever compromised though (and it would be), then we'd really be screwed.
But theory aside, you are correct. Almost all of the above would require an attack specifically targeted to you. And if someone wants to 0wn you that badly then they will, by network or by shotgun.
An offline validation would certainly be enough to satisfy me.
It's a little more complicated than that. If you post anti-microsoft FUD, you'll probably be modded up by a lot of people who can't/won't see through the FUD. If you post anti-linux FUD, you'll almost certainly be modded down (flamebait etc), or at least not modded up. So... if you want to boost your karma, what are you going to do?
:)
Microsoft are big enough and old enough to have done a huge amount of good and bad in their past, so it's very easy to filter out anything that doesn't support your point of view and be left with a mountain of evidence of all the evil (or good, if you want) that they've done.
If you want an honest, thought out, and rational answer to your question, the last people i'd ask are the zealots. If you want to see a troll fight though... go right ahead. They're always fun to watch
Do post a link to your report when it's done though. I'd like to see if there exists a more insightful answer to your question than "because it's cool to hate Microsoft".
That bit about customers not caring is so true. But as soon as you start spending money outside of your community (village/city/stage/country), it's gone.
People go and buy imported goods (and services now it seems) because they save a few dollars, and then bitch and moan because another factory has closed down and they're out of work. It's your own f*cking fault people!!! If you're lucky enough to live in a country that protects working conditions, then ffs don't go and buy stuff from a country that doesn't. You're only ripping yourselves off.
I know i'm being pedantic, but strictly speaking pretty much all of the power sources used on Earth are solar in one way or another. Think of coal and oil as a huge battery that has been charging up for millions of years. Wind is generated by solar energy too, as is the rain that ultimately generates hydroelectricity.
Even more strictly speaking, given that the sun is a gigantic nuclear furnace (thanks TMBG
24a. Do you post to Slashdot?
:)
ultranova they're coming to get you for those threats of violence you made against me!
The system works!!!
I'd point you to the wikipedia article with the same name, but it just tells you about the case.
Possibly the school is embarrassed that one of their pupils could come up with something so stupid? I know I would be if it was one of my kids. I wonder if 'public display of stupidity' is against the school rules... whether it was on school property or not, someone should punish this person for such stupidity. If the parents won't, then it's up to the school.
As for free speech... I'm not a US citizen, but surely there are restrictions to what counts as 'free', anything that would incite hate or violence seems like it would be exempt from this freedom. The banner was stupid enough to leave a lot of doubt (perhaps the teacher was remembering "the shocker" incident), and if the case has been through 2 or 3 courts and _they_ still can't make up there minds, what hope did the teacher have?
I don't recall anyone insisting...
Just this morning I was attaching some caster wheels to some furniture, and realised a needed a longer screw attachment for my drill. I went and bought one and sure enough it was sealed up good. Took me a bit of hacking to open, and that was with my toolbox right next to me. Again, opening items like this is easy enough, opening them without damaging them is another matter.
Another one that pisses me off is when they print the instructions on the cardboard which is sandwiched between the layers of packaging, so just cutting through it with scissors means cutting through the instructions. Not that I ever read instructions. *cough*
Then there is the whole environmental thing... where does all this packaging go once the item has been unpacked!!!
A big 'me too' to that! I have had to turn greylisting down to everything with a spamassassin score >= 0.0 though. I tried 5.0 and too much got through, then 2.0 and I was still getting 10 or so a day. Now, nothing!
Greylisting works for two main reasons:
1. A lot of spam is sent by very dumb automated mailers. A short time ago they could be fooled because they didn't even wait for server prompts, so you could just reject anything that sent a HELO before you'd identified yourself. Now they are smart enough to get around that, but if you send a 'busy, try again later' message they don't bother trying again.
2. The 1 hour or so that you greylist senders for is enough time for them to get onto blacklists, so by the time that you'd let them through they've been blacklisted.
greylist stats on my primary email server are that 98.4% of email that was greylisted never made it to the whilelist (eg gave up or was rejected before it cleared), and on the secondary it's 99.9% (if the primary is up, then anything that hits the secondary is spam anyway).
so, until the spammers find a decent way around it (and I can't think of one, when used in conjunction with blacklists!), this seems like a pretty bulletproof solution.
I don't watch House, but that story was definitely on Medical Investigators (or something with a title like that).
The sad thing about a claim like this is that it's so easy to prove one way or another. If the 'unpleasant effects' can be made to appear and disappear by turning the wireless network off and on, then this guy is some freak of nature who is somehow able to detect radiation that the rest of us don't notice. If the 'unpleasant effects' continue despite the wireless network being off, then he needs to look somewhere else, like at the flickering of fluorescent lighting or computer monitors, or the mind control devices used to keep the students in line.
oops... I've said too much...
As I mentioned in another post, a black object (If I remember year 10 physics :) also radiates energy away more easily, which may work against it hiding successfully.
On the other side of the coin, back when there was an article about using lasers to take out missiles while they were in the air, someone suggested that they make them as shiny (in all spectrums) as possible to reflect rather than absorb the military laser. That would be incompatible with the idea of using the black metal for stealth.
:) remember from school is black body radiation. A dark object appears dark because it absorbs more light, but it also more freely radiates the energy away again. I wonder what effect that would have on the stealth ability
So I guess you have to choose... you can be really hard to find but easy to laser a hole into, or really easy to find but really hard to laser a hole into.
One of the things I (barely
Which is the greater... the cost of designing them, building them, getting them to mars, or controlling them once there?
:)
For a manufacturing run of two, I'm guessing that the design and build phase go hand in hand, but I suppose that if they used the same design then they could build quite a few for what it cost originally to build and design the two.
But then they have to get them to mars, which may well dwarfs the cost of everything else, and then they have to control them throughout their lifetime once they are there, which also probably isn't cheap.
I wonder how much more we'd learn if we sent another 10 or 20? If nothing else, we'd certainly learn a lot about sending rovers to mars
I wonder if the private sector would ever be interested? Maybe they could build one with some weaponry to defend territory, a hostile mars land rush! If a few rovers could do some prospecting and find some valuable ores then the race would be on!!!
I think the correct order is:
IV, V, VI, Alien, Planet of the Apes, Spaceballs, I, II, III
(Alien and Planet of the Apes are necessary so that the other jokes in Spaceballs make sense)
In my experience, if you buy a $100 drive to have as a spare, by the time one of your existing drives failed, that $100 drive will be of a size so small you can't even purchase it anymore, and will certainly be smaller than you want. Also, if you are anything like me you'll need a spare SATA disk, a PATA disk, and a 2.5" disk. Now you are talking about $300 (more in my currency), and there are better things to buy for that kind of money.
My rules would be:
. Run RAID such that you have 1 redundant drive per 1-4 other drives (eg a single RAID5 set of no more than 5 disks, or just RAID1 on two disks). Buy a laptop that does RAID1.
. Back up your stuff.
. Actually monitor your disks. Modern disks should indicate that there are problems long before getting the data off becomes a problem. Sometimes they go from working perfectly to completely dead (motor or head actuator burnout), but often it's a gradual thing. A client of ours had a computer running for months that would take 10 minutes or more to boot because there were some 'barely readable' sectors. Proper disk monitoring [sh/w]ould have picked it up much earlier.
This works as long as there are only a few people doing it, and you don't go and do something silly like posting the idea on a public forum...
Isn't there a more modern motorcycle we could strap a rocket to?