Well there is a difference. If your iOS device somehow gets borked and yuo want to do a restore firmware you now cant go back to the original one and (if this story is true) it means that you're forced to install the newer (and potentially slower) iOS.
You can't really spoof it, and I think it's a good way to implement it, since you have to decide ahead of time that you are going to change something system related.
Well I mean't you can spoof the enter password dialog. Most users won't notice that its not the system asking for a password and would just enter it.
And with the jailbreak you're now talking about iOS - are there any in-the-wild exploits on OS X? No, I didn't think so. Plenty of holes - but that's to be expected; they get found, and then patched. It's how security is improved.
Well I'm talking about safari, not necessarily iOS. Unpatched exploits for browsers/plugins are available for sale on many blackhat forums. I obviously can't show them to you because you need to pay money before anyone will give you details on them. The google search I linked to will give you details on previous safari vulnerabilities which allow an attacking website (often an external JS/Flash/Java ad banner displayed on a legitimate website) to run arbitrary code on the victims osx box.
No, what I was talking about, far from being "delusional" was addressing the false statement that the Mac Defender trojan is a "drive by install" as claimed. It is not. Not by any stretch of the imagination.
You're changing the argument. Actually, the person you were replying to was just describing a general mechanism on windows which uses browser or browser plugin security bugs to install software via simply visiting a website. You claimed that its not possible on the OSX. It clearly is.
It also has prompts for admin functions, UAC style
Actually OSX has nothing even close to a UAC prompt. The UAC prompt runs on a separate desktop session (session 0) making it virtually impossible to spoof, bypass or keylog. (without a previous *kernel* level infection, but then you're already screwed). Microsoft did learn their lesson the hard way because of the previous shatter attack vulnerability.
AFAIK The OSX Authentication dialog UI is easy to fake with a regular UI that looks like the real thing and can be used to keylog the users password. And apparently earlier you could even fake the dialogs to seem as if they came from a different source. Not sure if this has been fixed. I don't currently have access to OSX to test it out.
Unix, Linux and the like have always had a leg up in that respect just by their nature.
Please explain how the lack of granular security that NT contains by default is an "advantage" of unix design. Hell thats the reason SELinux exists (which admittedly goes beyond what NT has)
And these "drive bys" do not just work
Now you're just being delusional. There have been dozens of jailbreaks that can be simple achieved by visiting a website. Any clue on how they work? Hint: A remote code execution vulnerability in safari. AKA - Drive by install. AKA - Pwned.
If you want Microsoft to bundle more things maybe you should volunteer to pay for their anti-trust and anti-bundling lawsuits;-)
But to the main point, I think what hes trying to get at is the scary walled garden future of controlling what applications get installed. They're trying to push that with the app store on the desktop OS. Remember this about mainstream users, geeks are a minority. Geeks usually will find a way to get around those restrictions. For e.g. if you had to sell your software and the first step to installing your software was jailbreaking your MacBook to install it, you ain't gonna make that many sales. The alternative is to stick it in the apple app store and pay a tax to apple for letting them list your app. Because they can collect a fee on every sale I'm sure they are going to market this store as THE way to install software on the Mac. Just like most users are used to going to app store to install apps on their iOS device they are going to be conditioned to using apples new store on the desktop. Personally its a tough choice between letting unsuspecting users download and install any software off of a random website and risking potential malware infection and the walled garden approach of only allowing "safe" apps.
Ofcource.. unless you're claiming that because osx ships with the compilers it is "librerating" users by allowing them to spend several man-years writing their own software in C:-P
Well, you could test the apps in the free emulator. I doubt they'd hold it against you if you don't have the phone. If its a cool application they'd be impressed.
Basically Apple was gathering location data to ram it down AT&T's throat to try and get them to add more towers.
Well.. AFAIK there is no evidence that the data being collected is ever used or transmitted. So it looks like they just gather it and store it. On a separate note all divorce lawyers are going to love using this data now:-)
Hmm, but won't the carriers already know what the load is on particular towers ? I believe they would also have access to rudimentary triangulation to get a general location of the phone. (Used by law enforcement, etc)
From waht I can tell google is/was lax with the minimum system requirements and thus doesn't want android to require h/w acceleration so as to not alienate cheaper handsets manufacturers from adopting android. This is why all the rendering is done on the CPU instead of the GPU.
Infact X: is a symbolic link that points to something like \Device\HardDiskVolumeN or \Device\CdromX , etc under the object manager's global namespace.
Its probably there for backwards compat anyway. I'd wager 99% of the apps would stop working if that symbolic link wasn't present.. heh.
Thats true but being officially supported has its benefits too. For e.g. if they update the firmware to change the way the Kinect interfaces with the PC/XBOX, the SDK would be updated too. We don't have to wait for a generous hacker to reverse engineer the protocol again. IMO This will give a certain comfort level to academics to use the product in their projects.
Do you also index file contents? I like W7 but I do not like the search (4.0) features. I foolishly tried to index (contents+properties) several hundred GBs of PDFs, DOCs, source code files etc and I find the search performance to be quite disappointing. The indexing is relatively clever and it gets scheduled during idle CPU time but the search itself isn't quite powerful IMO. I had a much more pleasant experience performance wise with Google desktop search.
Well, fully qualified doesn't mean static. You could compute the fully qualified name at runtime to pass to the LoadLibrary call. Or you could just stick a SetDllDirectory call somewhere in your app startup and keep the rest of the code the same.
Relax ! He was just pointing out because OSX came with hardware that only supported one button, app developers had to write apps designed for that purpose making it easier that windows in certain scenarios (e.g. touchscreens)
There is a way to enforce this. Through ISPs. Have the spyware ping back the ISP's local server through some weird encryption mechanism ever X hours, else the connection drops. Ofcource its going to get hacked eventually, but they might still try it...
Isn't this just a trick so that they can later collude and increase the service charges across the board? Get publicity of their faux-plight and then go - "See, we tried to give you guys cheap internet but.."
Or maybe they're just testing the waters to see what they can get away with w.r.t. setting precedents. On a related note, this a systemic problem with overzealous capitalism. Every quarter the profits and revenues must go up - more, more, more. After a while, when you can't really drive them up any more, what do you do? (DRM?) Please note that I'm not arguing to abolish capitalism. I quite like it and have benefited greatly by it. As with all things, capitalism too has its flaws.
employees/lobbyists routinely accept jobs in the US Government and influence laws and do all kinds of other evil acts to benefit their former employers and when they "retire" they get re-hired back with huge bonuses. Funny that...
Not saying Google is doing the same but it never hurts to double check...
Its fairly fast & stable IMO. The primary reason I switched to Chrome was because of the isolated-tab architecture of Chrome. For whatever reason FF always locked up for a few seconds when I loaded a slashdot page with > 500 comments. I've tried IE8 but on more than one occasino a crashing tab has taken down the entire browser, something which hasn't yet happened on Chrome.
Well, lets assume your premise that that they manage to have the necessary network bandwidth (making them probably bigger than any individual tier1 provider) and storage capacity to capture and store this massive amount of daily data.
The data needs to be processed as close to real time as possible to first unpack the IP packets and analyze the raw data (as you mentioned to flag it when it matches certain templates) to see if its worth processing further. Herein lies the problem. You just can't be slower than real-time to run the first pass or else you're going to miss out on tons of possibly wanted data. As an additional burden you need to index *EVERY* packet which you log so that you can search for related packets based on ip/mac addresses etc. Once they flag one packet as having potential for information, they then have to now find other packets from same end points to get the complete package - file/email/website/voice-call/etc. This is where you require additional processing and possible decrypting which again needs to be fairly quick. I just don't see any organization possessing the computing power to do this on a daily/pseudo real-time basis.
I don't think even google can process hundreds of petabytes *DAILY*. NSA might want to, but they don't have anywhere near the processing power (nobody does) to even piece together the individual data packets together in their original form much less identify the individual end-points accurately (people behind NAT,proxies,etc) or decrypt voice/email communication packets.
Slashdot Mirror
Interesting, How do you guys shop online then? Do you guys use those net-banking gateways that directly debit the amount from your account?
Well there is a difference. If your iOS device somehow gets borked and yuo want to do a restore firmware you now cant go back to the original one and (if this story is true) it means that you're forced to install the newer (and potentially slower) iOS.
It counts all websites OWNED by Google and Microsoft.
You can't really spoof it, and I think it's a good way to implement it, since you have to decide ahead of time that you are going to change something system related.
Well I mean't you can spoof the enter password dialog. Most users won't notice that its not the system asking for a password and would just enter it.
And with the jailbreak you're now talking about iOS - are there any in-the-wild exploits on OS X? No, I didn't think so. Plenty of holes - but that's to be expected; they get found, and then patched. It's how security is improved.
Well I'm talking about safari, not necessarily iOS. Unpatched exploits for browsers/plugins are available for sale on many blackhat forums. I obviously can't show them to you because you need to pay money before anyone will give you details on them. The google search I linked to will give you details on previous safari vulnerabilities which allow an attacking website (often an external JS/Flash/Java ad banner displayed on a legitimate website) to run arbitrary code on the victims osx box.
No, what I was talking about, far from being "delusional" was addressing the false statement that the Mac Defender trojan is a "drive by install" as claimed. It is not. Not by any stretch of the imagination.
You're changing the argument. Actually, the person you were replying to was just describing a general mechanism on windows which uses browser or browser plugin security bugs to install software via simply visiting a website. You claimed that its not possible on the OSX. It clearly is.
It also has prompts for admin functions, UAC style
Actually OSX has nothing even close to a UAC prompt. The UAC prompt runs on a separate desktop session (session 0) making it virtually impossible to spoof, bypass or keylog. (without a previous *kernel* level infection, but then you're already screwed). Microsoft did learn their lesson the hard way because of the previous shatter attack vulnerability.
AFAIK The OSX Authentication dialog UI is easy to fake with a regular UI that looks like the real thing and can be used to keylog the users password. And apparently earlier you could even fake the dialogs to seem as if they came from a different source. Not sure if this has been fixed. I don't currently have access to OSX to test it out.
http://alastairs-place.net/archives/000079.html
Unix, Linux and the like have always had a leg up in that respect just by their nature.
Please explain how the lack of granular security that NT contains by default is an "advantage" of unix design. Hell thats the reason SELinux exists (which admittedly goes beyond what NT has)
And these "drive bys" do not just work
Now you're just being delusional. There have been dozens of jailbreaks that can be simple achieved by visiting a website. Any clue on how they work? Hint: A remote code execution vulnerability in safari. AKA - Drive by install. AKA - Pwned.
http://www.google.com/search?&q=safari+remote+execution+vulnerability
If you want Microsoft to bundle more things maybe you should volunteer to pay for their anti-trust and anti-bundling lawsuits ;-)
But to the main point, I think what hes trying to get at is the scary walled garden future of controlling what applications get installed. They're trying to push that with the app store on the desktop OS. Remember this about mainstream users, geeks are a minority. Geeks usually will find a way to get around those restrictions. For e.g. if you had to sell your software and the first step to installing your software was jailbreaking your MacBook to install it, you ain't gonna make that many sales. The alternative is to stick it in the apple app store and pay a tax to apple for letting them list your app. Because they can collect a fee on every sale I'm sure they are going to market this store as THE way to install software on the Mac. Just like most users are used to going to app store to install apps on their iOS device they are going to be conditioned to using apples new store on the desktop. Personally its a tough choice between letting unsuspecting users download and install any software off of a random website and risking potential malware infection and the walled garden approach of only allowing "safe" apps.
Ofcource.. unless you're claiming that because osx ships with the compilers it is "librerating" users by allowing them to spend several man-years writing their own software in C :-P
Well, you could test the apps in the free emulator. I doubt they'd hold it against you if you don't have the phone. If its a cool application they'd be impressed.
Basically Apple was gathering location data to ram it down AT&T's throat to try and get them to add more towers.
Well.. AFAIK there is no evidence that the data being collected is ever used or transmitted. So it looks like they just gather it and store it. On a separate note all divorce lawyers are going to love using this data now :-)
Hmm, but won't the carriers already know what the load is on particular towers ? I believe they would also have access to rudimentary triangulation to get a general location of the phone. (Used by law enforcement, etc)
There has been a long standing open bug regarding this. Please vote on this if you can. http://code.google.com/p/android/issues/detail?id=6914
From waht I can tell google is/was lax with the minimum system requirements and thus doesn't want android to require h/w acceleration so as to not alienate cheaper handsets manufacturers from adopting android. This is why all the rendering is done on the CPU instead of the GPU.
Infact X: is a symbolic link that points to something like \Device\HardDiskVolumeN or \Device\CdromX , etc under the object manager's global namespace.
Its probably there for backwards compat anyway. I'd wager 99% of the apps would stop working if that symbolic link wasn't present.. heh.
Thats true but being officially supported has its benefits too. For e.g. if they update the firmware to change the way the Kinect interfaces with the PC/XBOX, the SDK would be updated too. We don't have to wait for a generous hacker to reverse engineer the protocol again. IMO This will give a certain comfort level to academics to use the product in their projects.
Do you also index file contents? I like W7 but I do not like the search (4.0) features. I foolishly tried to index (contents+properties) several hundred GBs of PDFs, DOCs, source code files etc and I find the search performance to be quite disappointing. The indexing is relatively clever and it gets scheduled during idle CPU time but the search itself isn't quite powerful IMO. I had a much more pleasant experience performance wise with Google desktop search.
Its shitty because it installs itself as a service (i.e. admin privs) to do some crap it doesn't need to. (according to the OP).
Well, fully qualified doesn't mean static. You could compute the fully qualified name at runtime to pass to the LoadLibrary call. Or you could just stick a SetDllDirectory call somewhere in your app startup and keep the rest of the code the same.
Agree, but sometimes JS files are hosted off separate domains, etc, making white-listing a pain.
Relax ! He was just pointing out because OSX came with hardware that only supported one button, app developers had to write apps designed for that purpose making it easier that windows in certain scenarios (e.g. touchscreens)
Dude.. my mom makes her presentations in excel !
There is a way to enforce this. Through ISPs. Have the spyware ping back the ISP's local server through some weird encryption mechanism ever X hours, else the connection drops. Ofcource its going to get hacked eventually, but they might still try it...
Isn't this just a trick so that they can later collude and increase the service charges across the board? Get publicity of their faux-plight and then go - "See, we tried to give you guys cheap internet but.."
Or maybe they're just testing the waters to see what they can get away with w.r.t. setting precedents. On a related note, this a systemic problem with overzealous capitalism. Every quarter the profits and revenues must go up - more, more, more. After a while, when you can't really drive them up any more, what do you do? (DRM?) Please note that I'm not arguing to abolish capitalism. I quite like it and have benefited greatly by it. As with all things, capitalism too has its flaws.
Apparently a rich idiot ! :P
employees/lobbyists routinely accept jobs in the US Government and influence laws and do all kinds of other evil acts to benefit their former employers and when they "retire" they get re-hired back with huge bonuses. Funny that...
Not saying Google is doing the same but it never hurts to double check...
Its fairly fast & stable IMO. The primary reason I switched to Chrome was because of the isolated-tab architecture of Chrome. For whatever reason FF always locked up for a few seconds when I loaded a slashdot page with > 500 comments. I've tried IE8 but on more than one occasino a crashing tab has taken down the entire browser, something which hasn't yet happened on Chrome.
Well, lets assume your premise that that they manage to have the necessary network bandwidth (making them probably bigger than any individual tier1 provider) and storage capacity to capture and store this massive amount of daily data.
The data needs to be processed as close to real time as possible to first unpack the IP packets and analyze the raw data (as you mentioned to flag it when it matches certain templates) to see if its worth processing further. Herein lies the problem. You just can't be slower than real-time to run the first pass or else you're going to miss out on tons of possibly wanted data. As an additional burden you need to index *EVERY* packet which you log so that you can search for related packets based on ip/mac addresses etc. Once they flag one packet as having potential for information, they then have to now find other packets from same end points to get the complete package - file/email/website/voice-call/etc. This is where you require additional processing and possible decrypting which again needs to be fairly quick. I just don't see any organization possessing the computing power to do this on a daily/pseudo real-time basis.
I don't think even google can process hundreds of petabytes *DAILY*. NSA might want to, but they don't have anywhere near the processing power (nobody does) to even piece together the individual data packets together in their original form much less identify the individual end-points accurately (people behind NAT,proxies,etc) or decrypt voice/email communication packets.