Oh yeah? Someone has been playing on their network for months, and we know of it only because one of their employees blabbed about it.
As no doubt others will make the same case, the difference here is not that Debian got pwned or the Microscum (personal bias aside;) are any worse/better. The deal is that Microsoft stands to lose a hell of a lot more by saying they have been owned, especially with the new "secure" vista coming out.
Anyone know of the latest citibank cracks? Funny, no banks will tell us that they have been cracked, yet they are not ripped on as much...
Maybe they do.. but to some of us in the OSS world, the satisfaction of hacking some good code, or (as the case may be) writing a good book, is enough payment for us. I don't speak for every geek, but so long as I make enough money to be in rent and computers (and coffee) I am happy with my lot. I will continue to submit my code for the world to use, and I pray to the BSD-Gods that others will continue to do this also.
Wasn't there a giant conference between the big three recently to implement all this INTO the next generation of browser? I can see the arguments for the tool bar, but even the google toolbar gets to me when it clutters up my workspace (even a 24" screen can seem small when you have that much junk on it - should remove it...). Why bother with a toolbar??
What sort of crack are you smoking? Can I get some??
No version of Windows supports Autorun from anything other than a CD
Meanwhile, everytime I plug in my USB drive it loads up its own icon (via autorun.inf) and fires up my favourite music player (via autorun.inf and a batch file) whilst opening up explorer to point to my working directory (wow... autorun.inf)
A little over-kill perhaps, but I am lazy^H^H^H^Hefficient and require this.
You are correct in suggesting that most users do not want to go through, they don't care, and are not worried about their data getting stolen, more because they don't think of the possibility (IWHTM Syndrome) or they don't have the time to do so. In my experience even a firewall is too much for a lot of users, who wish the internet was AOL and don't want to know about the bad side. This is becoming less true, for sure, but the issue is still there.
In a situation like this, I feel that we should be blaming the company/corporation the laptop/data is stolen from. Their failure to have proper security policies in place is worthy of a public lynching, and they, IMO, deserve most everything they get.
Users of sensitive data should have a trusted service technician, which alleviates that particular problem, and should practice defense in depth, not go to *dodgy* websites (political sites such as the whitehouse, or nsa.gov) and have proper firewalling and security in place. If they don't want any of this, they shouldn't be handling the data in question.
As a/.er, for one, I do actually encrypt everything.
Harddisk, Boot CD, the USB Keys needed to boot the servers... everything.
The problem is that people aren't prepared to go through the kind of work I am to boot up a system. The biggest DoS attack one could pull on my would be to drop the power and let the UPS' fail, it takes me fully 30 minutes to boot a single server. The average user isn't going to deal with this sort of time frame. Hell, I don't think even the NSA would want to deal with this sort of time frame.
Maybe I am just paranoid... nah, they actually are after me...
07:33:34 up 403 days, 20:18, 3 users, load average: 50.00, 50.23, 50.02
Damn those kernel updates.
Not hitting the reply button to this one was too hard... note that I am not trying to flame, just point out a few things
Everyone knows about BSD's failure and imminent demise. As we pore over the history of BSD, we'll uncover a story of fatal mistakes, poor priorities, and personal rivalry, and we'll learn what mistakes to avoid so as to save Linux from a similarly grisly fate.
Very true... you will also uncover a community of people who share equally, rather than having one primary developer who says what can and cannot go into a kernel
In 1995, Theo de Raadt, one of the founders of the NetBSD project, formed his own rival distribution, OpenBSD, as the result of a quarrel that he documents on his website. Mr. de Raadt's stubborn arrogance was later seen in his clash with Darren Reed, which resulted in the expulsion of IPF from the OpenBSD distribution.
The fact that pf is better than ipf obviously had nothing to do with it. Personally, I hate Theo, but he is very focused on what he does. There is usally a damned good reason he does things.
As personal rivalries took precedence over a quality product, BSD's codebase became worse and worse.
wtf? OpenBSD has some of the cleanest code on the planet, it is the most secure. Where the hell did you get that from?
As we all know, incompatibilities between each BSD distribution make code sharing an arduous task. Research conducted at MIT found BSD's filesystem implementation to be "very poorly performing." Even BSD's acclaimed TCP/IP stack has lagged behind, according to this study.
...
Problems with BSD's codebase were compounded by fundamental flaws in the BSD design approach. As argued by Eric Raymond in his watershed essay, The Cathedral and the Bazaar, rapid, decentralized development models are inherently superior to slow, centralized ones in software development.
I am not going to argue with Eric Raymond... but I would like to point at the current OpenBSD hackathon. Centralized development...
Any achievements that BSD managed to make were nullified by the BSD license, which allows corporations and coders alike to reap profits without reciprocating the goodwill of open-source. Fortunately, Linux is not prone to this exploitation, as it is licensed under the GPL.
Fair enough, you can use the BSD code for anything... how does this nullify the achievements? It only means we are a little more caring and sharing than our Linux brethren.
The failure of BSD culminated in the resignation of Jordan Hubbard and Michael Smith from the FreeBSD core team. They both believed that FreeBSD had long lost its earlier vitality. Like an empire in decline, BSD had become bureaucratic and stagnant. As Linux gains market share and as BSD sinks deeper into the mire of decay, their parting addresses will resound as fitting eulogies to BSD's demise.
So if I read that right, two people left one branch of the BSD operating system (assuming the big three, Net, Open and Free) and BSD has failed? That's like saying Red Hat has become corporate, so Linux is failing?
I continually read/. and see the BSD is dead posts... most of them are funny, and I will mod them thus, some are insightful and again I will mod them.
Its a pity I posted earlier, otherwise I would have modified this -10 [Fucking Stupid]... it would be nice to see someone actually consider what they post, rather than just posting blindly from one point or the other.
Incidentally, I have been using SuSE and debian for quite some time now, as well as all three BSD's. I'm not a guru, but I do have some experience...
Its funny... I rm'd my sendmail (just to be on the safe side mind) and my cron output still gets sent to root locally. Postfix replaced my sendmail with no issues (FreeBSD) and even allows me to not have to log in as root to check it with the simplistic alias scheme...
The three NetBSD servers I own/operate also do this, no sendmail on them either.
VIVA THE REVOLUTION!
Now, if we could just get Microsoft to remove Windows from the source tree...
This will be the first time I post a comment without RTFA first. To join the masses of disgruntled readers WTF IS THIS DOING ON THE FRONT PAGE OF SLASHDOT?
As a primarily perl/C/java based programmer, I was looking forward to a quick intro to a language. Then I read the article summary, looked at the tagging, and read a couple of posts...
I maintain some of these for my internal network. Difficult to code, but when you get it (and I haven't yet, I have just coded some well) they are awesome for security.
Also handy to do automatic analysis of open ports, and alerting etc. The world is your oyster, and these help prevent people stealing your pearl.
Longer days... if it was longer seconds than 3/4's of the slashdot population would be getting more sex for the 30 second's of pleasure;) Not a problem I am concerned about...
The problem is people feel much freer to express extreme anger, curse, and belittle people over email than they ever would in real life.
Hell yes. Some of the people I work with are twice my size, and all muscle. If I couldn't abuse them in email (and thus procure the respect due my role) I would get my arse kicked in a real life face to face.
If it wasn't for emails, I for one would be on the road looking for my nth job...
The people know I am frustrated: "The error says that you must have all the fields filled in... HAVE YOU DONE THAT?" or angry: "what the hell do you mean you didn't reboot the computer before you called your goddamned system administrator" who would be me. If people fail to notice the emotion in a post/email, they have probably missed some fundamental points to the english language...
Like this post, I write (and speak) with all the passiveness necessary to convey my information (and my poor spelling at times). There is no need to look at every message and say "he is pissed off" because it doesn't happen that way.
Other posters have mentioned thinking of their friends as being different in IM. Fair point, but maybe the problem is not the medium, but the people sitting behind it. A classic PEBKAC I should imagine...
I too have this problem. Being the O.S. guy in the area, I can provide some of the cheapest (and best) solutions to a problem. But then I am stuck supporting it. This became a problem when I picked up my third job
Now I take a leaf out of the BOFH manual (the register) and help my users gain extra space by deleting their harddisk. I regularily take a call, and the first thing I do is go through the Internet logs to see what they have been surfing.
Maybe my users hate me, I think this depends. I have a lot of mother's out there who are happy I found out that their son was surfing porn. Or the husband who was having an affair with someone and using MSN to contact them.
Its a bastard job, but someone's gotto do it. None of these users contact me any more, they all know I will find something and incriminate them...
I hate to say it mate, but BULLSHIT. I work with Windows 2003 Terminal Servers. Let me tell you, those things crash for no apparant reason. Device drivers are good, can confirm that by looking at the manufacturers of the hardware alone.
Verifiable information: Sure, the passwords to access my VPN are... fuck off. Noone on/. is that stupid. The proof I give you is my word. Deal with that.
M$ ISA Server = Crash from 200+ users. Reboot it maybe 8 times per week.
Linux Proxy = (Squid) = 300+ users (we grew) 88 days and counting.
Meanwhile, we need to schedule reboots on a domain controller that is DEFAULT. If it didn't come with Server 2k3 Ent. it isn't on there. This thing will lock up, and randomly crash/reboot if we don't kick it once a week.
Love to be giving you logs, but unfortunately, I practice some form of security through obscurity...
I have the... dubious... honour of knowing some of the researchers on this particular project. I don't claim to be a cryptographer (READ: Freak with less life than a normal computer tech;)) but I had them take me through this topic anyway. Quantum Crypto does IMHO work. At least the theory of it does.
It seems that a lot of people (in regards to the security of this) are missing the point. This particular project aims to secure the physical medium.
Points of attack The exchange where the links are connected (can only go so far remember) The exchange The end points.
One has to remember that this is a method of assigning security to the physical layer.
It does work, and this lot are taking it into the next generation. I don't think it is the best idea (with or without the diamonds;)) but it is none the less a good one, and highly secure...
Final Note: Most of these researchers have top level security clearance.
You put the laptop on a secured DMZ network behind redundant firewalls, and (just to be sure) you cut the sending pairs on the ethernet cable. You might as well run it inside a f. cage, because (even though you are in the middle of nowhere) you may JUST let that signal out.
After you have done this you spend 36 days shredding the harddisk with a custom program, at which time you remove said hard disk, smash it, and then melt it down. Only to buy a new one.
Total cost ~$20,000. But you get to say you stole the MacBook
On a more serious note, if this could be automated. Like having the reciever automatically lock and unlock the mac based on how close you are to it... then it would be decent technology. As it stands, if you forget to lock it just once, you don't have much of a hope.
Re:It doesn't have to be all-or-nothing
on
Gmail vs Pine
·
· Score: 1
RSS is also available from Gmail if that is an option you would prefer to use. It is handy as hell to just hvae the ticker open in a small xterm, and view them that way. Just my two cents.
Whilst I like what you have said, and will implemented most of it (in suggestion) I have one thing to say...
tell them to spread the word
FFS I hope you mean teach other users the same, and not "send this email to ten of your best friends, and you will sucesfully DoS my pissy 133mHz mail server. Thank you, and have a nice day"
The problem is, of course, that people see phishing attacks every day, only, we call them "Chain Mail".
Re:I never thought my family was this stupid....
on
Why Phishing Works
·
· Score: 1
Ah, see, myself, I went the dsniff way:) They didn't have to "fall" for anything, even though the SHOULD know better, I took the time to install a copy of dnsiff on a Linux box I had kicking around, and slipped it inline with the router. SSL enabling and a bit of work later, I was finding Bank Passwords, PayPal codes, and those porn site numbers I had been after:)
There is one problem with what is going on here... I had just generated a self-signed SSL certificate and stuck it there. AND THEY WERE STILL CLICKING OK AND MOVING ON!
About fucking time! Good on the team (can't see the site,/.'d still) but I know I'm a going to be moving away from my Linux installation GUI's, and finally to the BSD desktop (Can't convince users to install BSD as a desktop OS, and now I can:) )... Good work team!
I for one do something at the moment that always seems to rile my co-workers
I actually buy FreeBSD and OpenBSD CD's from a local re-seller. Rarely use the CD's I must say, but have no problems supporting the community. Me, I use OpenSSH every day, there are alternatives, but none cut it as well. OpenSSH is derived from proprietry software you will remember, but the alternatives are just shit. I agree with parent, cut the shit and pay up. It's fucking good software, and just because your a poor technician (hell I still am) doesn't mean you can't flog $50 from your parents/spouse/neighbour [when they're not looking] and buy a CD fer fucks sake.
ANTI FLAME DISCLAIMER: Everyone is entitled to their opinion. This is mine. Don't like it. Try this command to stop reading my posts: dd if=/dev/random of=/dev/hd0
I send virus tests to servers and I would not like an ISP stopping that.
Ah, that's what we call it now:)
Having never ran an ISP I can't comment too tightly on this, but in broader terms, filtering spam for my company is a bitch. The problem is, of course, that automated programs (such as spamassassin, which I use personally), just don't cut it on a grander scale. I have seen 11 year old kids with hotmail address' that are more random than the 90% of the spam addresses that we get [by default, I recommend blocking hotmail, and then allowing a select number of emails through to your secondary filters]
Now, the problem arises when you start filtering your emails on keywords. Take the recent "bank" worms that (at least here in aus) we started to get, "National Australia Bank" and "Westpac" were just two of them. We thought we could do the right thing, and save ourselves some time, so we just set these to be automatically deleted on detection... BAD MOVE. We find out later that at least two high level director's in the company had accounts with these people, and were liasing with customer support people on the inside. Do you see the problem here? You can profile your customers habits only so much, and (in the case of 300+ users) it becomes innefficinet to continually update and check these profiles (even with automation).
The onus shouldn't be on the ISP to do the filtering, as this would cost them a lot more than it does now just to consume the bandwidth...
Besides I happen to think the price for those "ultra allure pheremones" is pretty cheap, now all I need is someone else's credit card...
Slashdot Mirror
As no doubt others will make the same case, the difference here is not that Debian got pwned or the Microscum (personal bias aside
Anyone know of the latest citibank cracks? Funny, no banks will tell us that they have been cracked, yet they are not ripped on as much...
I thought these people got paid per page?
Maybe they do.. but to some of us in the OSS world, the satisfaction of hacking some good code, or (as the case may be) writing a good book, is enough payment for us. I don't speak for every geek, but so long as I make enough money to be in rent and computers (and coffee) I am happy with my lot. I will continue to submit my code for the world to use, and I pray to the BSD-Gods that others will continue to do this also.
My $0.02 (Aus).. Cheers.
Wasn't there a giant conference between the big three recently to implement all this INTO the next generation of browser? I can see the arguments for the tool bar, but even the google toolbar gets to me when it clutters up my workspace (even a 24" screen can seem small when you have that much junk on it - should remove it...). Why bother with a toolbar??
What sort of crack are you smoking? Can I get some??
No version of Windows supports Autorun from anything other than a CD
Meanwhile, everytime I plug in my USB drive it loads up its own icon (via autorun.inf) and fires up my favourite music player (via autorun.inf and a batch file) whilst opening up explorer to point to my working directory (wow... autorun.inf)
A little over-kill perhaps, but I am lazy^H^H^H^Hefficient and require this.
Score -1 Flamebait...
You are correct in suggesting that most users do not want to go through, they don't care, and are not worried about their data getting stolen, more because they don't think of the possibility (IWHTM Syndrome) or they don't have the time to do so. In my experience even a firewall is too much for a lot of users, who wish the internet was AOL and don't want to know about the bad side. This is becoming less true, for sure, but the issue is still there.
/.er, for one, I do actually encrypt everything.
In a situation like this, I feel that we should be blaming the company/corporation the laptop/data is stolen from. Their failure to have proper security policies in place is worthy of a public lynching, and they, IMO, deserve most everything they get.
Users of sensitive data should have a trusted service technician, which alleviates that particular problem, and should practice defense in depth, not go to *dodgy* websites (political sites such as the whitehouse, or nsa.gov) and have proper firewalling and security in place. If they don't want any of this, they shouldn't be handling the data in question.
As a
Harddisk, Boot CD, the USB Keys needed to boot the servers... everything.
The problem is that people aren't prepared to go through the kind of work I am to boot up a system. The biggest DoS attack one could pull on my would be to drop the power and let the UPS' fail, it takes me fully 30 minutes to boot a single server. The average user isn't going to deal with this sort of time frame. Hell, I don't think even the NSA would want to deal with this sort of time frame.
Maybe I am just paranoid... nah, they actually are after me...
07:33:34 up 403 days, 20:18, 3 users, load average: 50.00, 50.23, 50.02
Damn those kernel updates.
Not hitting the reply button to this one was too hard... note that I am not trying to flame, just point out a few things
/. and see the BSD is dead posts... most of them are funny, and I will mod them thus, some are insightful and again I will mod them.
Everyone knows about BSD's failure and imminent demise. As we pore over the history of BSD, we'll uncover a story of fatal mistakes, poor priorities, and personal rivalry, and we'll learn what mistakes to avoid so as to save Linux from a similarly grisly fate.
Very true... you will also uncover a community of people who share equally, rather than having one primary developer who says what can and cannot go into a kernel
In 1995, Theo de Raadt, one of the founders of the NetBSD project, formed his own rival distribution, OpenBSD, as the result of a quarrel that he documents on his website. Mr. de Raadt's stubborn arrogance was later seen in his clash with Darren Reed, which resulted in the expulsion of IPF from the OpenBSD distribution.
The fact that pf is better than ipf obviously had nothing to do with it. Personally, I hate Theo, but he is very focused on what he does. There is usally a damned good reason he does things.
As personal rivalries took precedence over a quality product, BSD's codebase became worse and worse.
wtf? OpenBSD has some of the cleanest code on the planet, it is the most secure. Where the hell did you get that from?
As we all know, incompatibilities between each BSD distribution make code sharing an arduous task. Research conducted at MIT found BSD's filesystem implementation to be "very poorly performing." Even BSD's acclaimed TCP/IP stack has lagged behind, according to this study.
...
Problems with BSD's codebase were compounded by fundamental flaws in the BSD design approach. As argued by Eric Raymond in his watershed essay, The Cathedral and the Bazaar, rapid, decentralized development models are inherently superior to slow, centralized ones in software development.
I am not going to argue with Eric Raymond... but I would like to point at the current OpenBSD hackathon. Centralized development...
Any achievements that BSD managed to make were nullified by the BSD license, which allows corporations and coders alike to reap profits without reciprocating the goodwill of open-source. Fortunately, Linux is not prone to this exploitation, as it is licensed under the GPL.
Fair enough, you can use the BSD code for anything... how does this nullify the achievements? It only means we are a little more caring and sharing than our Linux brethren.
The failure of BSD culminated in the resignation of Jordan Hubbard and Michael Smith from the FreeBSD core team. They both believed that FreeBSD had long lost its earlier vitality. Like an empire in decline, BSD had become bureaucratic and stagnant. As Linux gains market share and as BSD sinks deeper into the mire of decay, their parting addresses will resound as fitting eulogies to BSD's demise.
So if I read that right, two people left one branch of the BSD operating system (assuming the big three, Net, Open and Free) and BSD has failed? That's like saying Red Hat has become corporate, so Linux is failing?
I continually read
Its a pity I posted earlier, otherwise I would have modified this -10 [Fucking Stupid]... it would be nice to see someone actually consider what they post, rather than just posting blindly from one point or the other.
Incidentally, I have been using SuSE and debian for quite some time now, as well as all three BSD's. I'm not a guru, but I do have some experience...
Its funny... I rm'd my sendmail (just to be on the safe side mind) and my cron output still gets sent to root locally. Postfix replaced my sendmail with no issues (FreeBSD) and even allows me to not have to log in as root to check it with the simplistic alias scheme...
The three NetBSD servers I own/operate also do this, no sendmail on them either.
VIVA THE REVOLUTION!
Now, if we could just get Microsoft to remove Windows from the source tree...
* Picking up a hitchhiker
Do they have a towel??? They must be ok...
Amen to that.
This will be the first time I post a comment without RTFA first. To join the masses of disgruntled readers WTF IS THIS DOING ON THE FRONT PAGE OF SLASHDOT?
As a primarily perl/C/java based programmer, I was looking forward to a quick intro to a language. Then I read the article summary, looked at the tagging, and read a couple of posts...
brb... going to digg
houldn't we be creating and deploying self immunizing tools in our infrastructure that detects these boxes and quarantines them?
0 6/BH-Fed-06-Aitel.pdf
We already do. They are refferred to as Nematodes. The primary paper on them is available online: http://www.blackhat.com/presentations/bh-federal-
I maintain some of these for my internal network. Difficult to code, but when you get it (and I haven't yet, I have just coded some well) they are awesome for security.
Also handy to do automatic analysis of open ports, and alerting etc. The world is your oyster, and these help prevent people stealing your pearl.
Longer days... if it was longer seconds than 3/4's of the slashdot population would be getting more sex for the 30 second's of pleasure ;) Not a problem I am concerned about...
The problem is people feel much freer to express extreme anger, curse, and belittle people over email than they ever would in real life.
Hell yes. Some of the people I work with are twice my size, and all muscle. If I couldn't abuse them in email (and thus procure the respect due my role) I would get my arse kicked in a real life face to face.
If it wasn't for emails, I for one would be on the road looking for my nth job...
The people know I am frustrated: "The error says that you must have all the fields filled in... HAVE YOU DONE THAT?" or angry: "what the hell do you mean you didn't reboot the computer before you called your goddamned system administrator" who would be me. If people fail to notice the emotion in a post/email, they have probably missed some fundamental points to the english language...
Like this post, I write (and speak) with all the passiveness necessary to convey my information (and my poor spelling at times). There is no need to look at every message and say "he is pissed off" because it doesn't happen that way.
Other posters have mentioned thinking of their friends as being different in IM. Fair point, but maybe the problem is not the medium, but the people sitting behind it. A classic PEBKAC I should imagine...
I too have this problem. Being the O.S. guy in the area, I can provide some of the cheapest (and best) solutions to a problem. But then I am stuck supporting it. This became a problem when I picked up my third job
Now I take a leaf out of the BOFH manual (the register) and help my users gain extra space by deleting their harddisk. I regularily take a call, and the first thing I do is go through the Internet logs to see what they have been surfing.
Maybe my users hate me, I think this depends. I have a lot of mother's out there who are happy I found out that their son was surfing porn. Or the husband who was having an affair with someone and using MSN to contact them.
Its a bastard job, but someone's gotto do it. None of these users contact me any more, they all know I will find something and incriminate them...
I hate to say it mate, but BULLSHIT. I work with Windows 2003 Terminal Servers. Let me tell you, those things crash for no apparant reason. Device drivers are good, can confirm that by looking at the manufacturers of the hardware alone.
/. is that stupid. The proof I give you is my word. Deal with that.
Verifiable information: Sure, the passwords to access my VPN are... fuck off. Noone on
M$ ISA Server = Crash from 200+ users. Reboot it maybe 8 times per week. Linux Proxy = (Squid) = 300+ users (we grew) 88 days and counting.
Meanwhile, we need to schedule reboots on a domain controller that is DEFAULT. If it didn't come with Server 2k3 Ent. it isn't on there. This thing will lock up, and randomly crash/reboot if we don't kick it once a week.
Love to be giving you logs, but unfortunately, I practice some form of security through obscurity...
I have the... dubious... honour of knowing some of the researchers on this particular project. I don't claim to be a cryptographer (READ: Freak with less life than a normal computer tech ;)) but I had them take me through this topic anyway. Quantum Crypto does IMHO work. At least the theory of it does.
;)) but it is none the less a good one, and highly secure...
It seems that a lot of people (in regards to the security of this) are missing the point. This particular project aims to secure the physical medium.
Points of attack
The exchange where the links are connected (can only go so far remember)
The exchange
The end points.
One has to remember that this is a method of assigning security to the physical layer.
It does work, and this lot are taking it into the next generation. I don't think it is the best idea (with or without the diamonds
Final Note: Most of these researchers have top level security clearance.
Not long after Fyodor put out the freebie chapter for how to own a continent, I looked into the process of spoofing a full TCP connection.
I felt it prudent to follow the RFC's and set said evil bit. So now I have a DoS tool with the evil bit...
If spoofing is no longer valid, then someone has a hell of a lot of explaining to do as to why this tool works so well...
Obviously your not a perl programmer
You put the laptop on a secured DMZ network behind redundant firewalls, and (just to be sure) you cut the sending pairs on the ethernet cable. You might as well run it inside a f. cage, because (even though you are in the middle of nowhere) you may JUST let that signal out.
After you have done this you spend 36 days shredding the harddisk with a custom program, at which time you remove said hard disk, smash it, and then melt it down. Only to buy a new one.
Total cost ~$20,000. But you get to say you stole the MacBook
On a more serious note, if this could be automated. Like having the reciever automatically lock and unlock the mac based on how close you are to it... then it would be decent technology. As it stands, if you forget to lock it just once, you don't have much of a hope.
RSS is also available from Gmail if that is an option you would prefer to use. It is handy as hell to just hvae the ticker open in a small xterm, and view them that way. Just my two cents.
I have to agree. After writing a DoS tool to implement the Evil Bit a few years ago, I was hoping for something with a little more BANG.
Anyone got a link? Let us all know.
Whilst I like what you have said, and will implemented most of it (in suggestion) I have one thing to say...
tell them to spread the word
FFS I hope you mean teach other users the same, and not "send this email to ten of your best friends, and you will sucesfully DoS my pissy 133mHz mail server. Thank you, and have a nice day"
The problem is, of course, that people see phishing attacks every day, only, we call them "Chain Mail".
Ah, see, myself, I went the dsniff way :) They didn't have to "fall" for anything, even though the SHOULD know better, I took the time to install a copy of dnsiff on a Linux box I had kicking around, and slipped it inline with the router. SSL enabling and a bit of work later, I was finding Bank Passwords, PayPal codes, and those porn site numbers I had been after :)
There is one problem with what is going on here... I had just generated a self-signed SSL certificate and stuck it there. AND THEY WERE STILL CLICKING OK AND MOVING ON!
God the future looks promising...
One thing to say...
/.'d still) but I know I'm a going to be moving away from my Linux installation GUI's, and finally to the BSD desktop (Can't convince users to install BSD as a desktop OS, and now I can :) )... Good work team!
About fucking time! Good on the team (can't see the site,
Well paid. I do see your point, but think that something was lost in translation.
The bad move was the fact that it was deleted rather than caught and filtered. Other than that, I agree with you.
I for one do something at the moment that always seems to rile my co-workers
I actually buy FreeBSD and OpenBSD CD's from a local re-seller. Rarely use the CD's I must say, but have no problems supporting the community. Me, I use OpenSSH every day, there are alternatives, but none cut it as well. OpenSSH is derived from proprietry software you will remember, but the alternatives are just shit. I agree with parent, cut the shit and pay up. It's fucking good software, and just because your a poor technician (hell I still am) doesn't mean you can't flog $50 from your parents/spouse/neighbour [when they're not looking] and buy a CD fer fucks sake.
ANTI FLAME DISCLAIMER: Everyone is entitled to their opinion. This is mine. Don't like it. Try this command to stop reading my posts: dd if=/dev/random of=/dev/hd0
I send virus tests to servers and I would not like an ISP stopping that.
:)
Ah, that's what we call it now
Having never ran an ISP I can't comment too tightly on this, but in broader terms, filtering spam for my company is a bitch. The problem is, of course, that automated programs (such as spamassassin, which I use personally), just don't cut it on a grander scale. I have seen 11 year old kids with hotmail address' that are more random than the 90% of the spam addresses that we get [by default, I recommend blocking hotmail, and then allowing a select number of emails through to your secondary filters]
Now, the problem arises when you start filtering your emails on keywords. Take the recent "bank" worms that (at least here in aus) we started to get, "National Australia Bank" and "Westpac" were just two of them. We thought we could do the right thing, and save ourselves some time, so we just set these to be automatically deleted on detection... BAD MOVE. We find out later that at least two high level director's in the company had accounts with these people, and were liasing with customer support people on the inside. Do you see the problem here? You can profile your customers habits only so much, and (in the case of 300+ users) it becomes innefficinet to continually update and check these profiles (even with automation).
The onus shouldn't be on the ISP to do the filtering, as this would cost them a lot more than it does now just to consume the bandwidth...
Besides I happen to think the price for those "ultra allure pheremones" is pretty cheap, now all I need is someone else's credit card...