sitting in the left lane while you're not making a pass because "nobody needs to go any faster than the limit" is just being a tool
You've obviously been riding your motorcycle long enough to learn that some battles just aren't worth the fight:) I'm amazed at how much less pride and arrogance I have now that I've got my motorcycle license and have come to realize that I'm riding a vehicle with about 1/10 the mass of anything else on the road, lol. IMHO, everyone should learn to drive in the smallest, least protected POS money can buy. THEN AND ONLY THEN should they move up to something bigger.
I have no problem running up on those people and sitting on their bumper until they get a clue.
All that does is irritate the driver ahead so that (s)he knowingly slows down until you try to pass, at which point they accelerate like Mario Andretti.
Tailgating is stupid. Period. And, at least in Alaska, if you rear-end someone, it's a 99% probability that you will get the ticket, no matter how much of a butt the other person is being. The only exception I ever saw to that was when a driver lost control of his SUV and came to an abrupt stop when he hit a curb. I rear-ended him, and the investigating cop decided that the driver who lost control was mostly at fault (because he lost control), but still cited me for "exceeding safe speed for conditions" <shrug>
It is possible to spoof an IP address and fake a TCP three-way handshake from a fake address. The trick is that any modern OS randomizes TCP sequence numbers to make it difficult to "complete" the three-way handshake without actually receiving part 2 of the three-way handshake. However, if you have the analytical tools to guess the correct sequence number to send back in part 3 of the three-way handshake, you're golden.
It's not exactly trivial, but girlintraining is correct -- it is possible to complete a three-way handshake from a fake address.
Back scatter spam has been a known issue for a long time now. There's no more excuse for anyone still operating a mail server this way than there is for anyone still knowingly operating an open relay (since for all intents and purposes, that's what this is).
10 isn't 100%. 1 is 100%. That's how % is defined.
Trying to follow all of the numbers without any context is making my head hurt.
Neither TFS, GPP nor you were very clear on the key aspect of percentages: they are a ratio. You said, " 10 isn't 100%" but that's not necessarily true. Ten out of how many? 10 out of 10 is 100%. However, expressed as a ratio, 10/10 = 1, which is what you said is how 100% is defined (100 per cent, i.e., 100 per 100, or 100/100 = 1 = 100%). Since no one specified ten out of how many total, 10 could be 1%, 100%, 1000% 3.14159265358% or 42%; you can't tell.
I wonder if you could make this technology a plug-in to SA to simply bump up the spam score by, say, a point and continue with your SA filtering anything higher than 5.0?
Not in my experience, for however much or little that's worth.
I found that the bulk of UCE that hit my mail server came from either China or Korea. After I began blocking all IP addresses from either of those two countries, I found the amount of spam hitting my inbox was almost nil.
Of course, it was my personal mail server, and I don't have any contacts in either of those countries, so the SNR from China and Korea was essentially zero (no signal, all noise). YMMV, however.
A machine determined to be a member of a botnet could be isolated, blocked from sending email any place other than the support address of its ISP. Access could be restored when the machine is disinfected.
That's what we did at the ISP I used to work at.We ticked off a few customers but not as many as were ticked off at us before we implemented that policy. I was amazed at how vocal our customers could be when AOL started rejecting our e-mails...
Look, I'm a GenX'er myself, but please, for the love of everything holy, can we skip the 80's -- or at least everything in the 80s that came after Cheap Trick and Rush? I suffered through synth pop and hair bands once; I really don't want to relive them again.
As an additional layer in your security regimen, you bet. As security by itself, no way...which seems to be pretty much what you are saying, only you just didn't say it directly. As you said...:
For example: in this case if you had already changed your router's IP address, it would be harder for the attackers to figure it out. For example if you use the 10.35.79.184, the same url that can exploit thousands of other dd-wrt routers (e.g. http://192.168.1.1/etcetc ), won't work on your router...So you have more time to update your router or even have time to wait to see if the updates don't break other stuff first.
However,...:
Same goes for putting running sshd servers on a different port...but so far running it on a different port works well enough for me.
Of course, all it would take for someone to discover that you were running sshd on an alternate port for them to run "nmap -sV -p1-65535" on your IP address. However, that is time consuming, and most hackers are after the low hanging fruit, so instead, they "nmap -sV -p22 1.2.3.0/24" (for example). However, as you said, if someone was targeting you specifically, all bets are off.
Botnet building malware actually use common exploits, that are known and patched. And the reason they are found so quickly is becouse they are used on souch a large scale, to build botnets. Your example has nothing to do with security trough obscurity. The reason botnets exist is becouse people leave their computers turned on and unpatched.
How do you think the common exploits were found? When $Random_Software_Company releases software -- say, perhaps an operating system -- do they publish all of the "common exploits" on their web site so black hats can create botnets? Do the black hats have the source code for $Random_Commercial_Operating_System so they can find exploits?
Of course not! That's absurd. Therefore, it stands to reason that at one time, the common exploits were unknown exploits that someone with a lot of time, perseverance, luck and skills discovered, despite security through obscurity. And therefore, security through obscurity is NOT sufficient security.
I have no problem with security through obscurity as another layer in your security model. But to say that security through obscurity in and of itself works in the real world is deluded, at best.
I'm not an engineer either, but I'd guess the single stem trunk is so that you don't have to hang the turbine way out in front of the tower (bending moment, and all that) to keep the propeller blades from hitting the tower below it. A single-stem trunk is purely vertical; however, the base is wider than the peak for three- or four-legged towers.
And how many people would have education or health care if a third world military dictatorship handed us our butts on a silver platter because we dismantled our military so we could focus exclusively on social problems?
I'm not arguing that social programs are unimportant -- they clearly are important. However, if we don't have the ability to defend ourselves against foreign threats, then we won't have the resources to take care of our people, either.
Looks like someone else skipped calculus class, too. What is the limit of (($manufacturing_cost_per_plane x $number_of_airplanes_built) + $program_development_cost) / $number_of_airplanes_built as $number_of_airplanes_built -> infinity?
Let's make a bad/. RIAA/MP3-upload analogy: you run an MP3 upload site (we'll ignore the RIAA and the $200,000 in fines and legal fees for now). It costs you $15 to buy a CD plus, say, $2 for your labor and electrical power to rip the CD to MP3 format plus, say, $0.005 for bandwidth for every time the CD is uploaded. What is your cost to upload the CD to one person? Answer: $15 + $2 + $0.005 = ~$17. This gives you a cost per upload of ~$17 / 1 = ~$17. Now, what if you upload the CD to 1,000 people? Answer: $15 + $2 + (1000 x $0.005) = $22. This gives you a cost per upload of $22 / 1000 = ~$0.02.
Same thing with the airplanes. There is a cost associated with manufacturing each airplane, and the more airplanes you produce, the greater a factor it becomes. However, the more airplanes you produce, the less the fixed costs of development are a factor, leading to a reduction in total cost per airplane as you amortize the cost of development across multiple airplanes. It's really not a difficult concept to understand...
The only answer to that problem is lots and lots of jewelry.
Let me know how that works for you. Seems to me like you are training your wife to bring up something again every time she wants a shiny new trinket...
<pedantic>
Unfortunately, TFS -- and to a lesser extent, TFA -- seems to be ripe with exaggerated claims: "'Our goal was really to come up with a system where, through a property of nature, the message, or the data, disappears.'" and "After eight hours, the message will be impossible to unscramble and will remain gibberish forever."
No. Unless I am missing something from TFA, it is like any other "secure" encryption scheme: merely very, very difficult to break. Given a fast enough computer -- or a large enough cluster of computers working together -- it can be cracked. The only thing Vanish protects against is someone stealing the encryption key from your PC.
</pedantic>
Slashdot Mirror
sitting in the left lane while you're not making a pass because "nobody needs to go any faster than the limit" is just being a tool
You've obviously been riding your motorcycle long enough to learn that some battles just aren't worth the fight :) I'm amazed at how much less pride and arrogance I have now that I've got my motorcycle license and have come to realize that I'm riding a vehicle with about 1/10 the mass of anything else on the road, lol. IMHO, everyone should learn to drive in the smallest, least protected POS money can buy. THEN AND ONLY THEN should they move up to something bigger.
I have no problem running up on those people and sitting on their bumper until they get a clue.
All that does is irritate the driver ahead so that (s)he knowingly slows down until you try to pass, at which point they accelerate like Mario Andretti.
Tailgating is stupid. Period. And, at least in Alaska, if you rear-end someone, it's a 99% probability that you will get the ticket, no matter how much of a butt the other person is being. The only exception I ever saw to that was when a driver lost control of his SUV and came to an abrupt stop when he hit a curb. I rear-ended him, and the investigating cop decided that the driver who lost control was mostly at fault (because he lost control), but still cited me for "exceeding safe speed for conditions" <shrug>
These include...the number of ports open on the sending machine.
WTF? Does the filter nmap the sending mail server before accepting the message?!?!
Research before slamming others, please.
It is possible to spoof an IP address and fake a TCP three-way handshake from a fake address. The trick is that any modern OS randomizes TCP sequence numbers to make it difficult to "complete" the three-way handshake without actually receiving part 2 of the three-way handshake. However, if you have the analytical tools to guess the correct sequence number to send back in part 3 of the three-way handshake, you're golden.
It's not exactly trivial, but girlintraining is correct -- it is possible to complete a three-way handshake from a fake address.
Mod parent up!
Back scatter spam has been a known issue for a long time now. There's no more excuse for anyone still operating a mail server this way than there is for anyone still knowingly operating an open relay (since for all intents and purposes, that's what this is).
Personally I would think that if 10 is 100%
10 isn't 100%. 1 is 100%. That's how % is defined.
Trying to follow all of the numbers without any context is making my head hurt.
Neither TFS, GPP nor you were very clear on the key aspect of percentages: they are a ratio. You said, " 10 isn't 100%" but that's not necessarily true. Ten out of how many? 10 out of 10 is 100%. However, expressed as a ratio, 10/10 = 1, which is what you said is how 100% is defined (100 per cent, i.e., 100 per 100, or 100/100 = 1 = 100%). Since no one specified ten out of how many total, 10 could be 1%, 100%, 1000% 3.14159265358% or 42%; you can't tell.
</pedantic>
I wonder if you could make this technology a plug-in to SA to simply bump up the spam score by, say, a point and continue with your SA filtering anything higher than 5.0?
Not in my experience, for however much or little that's worth.
I found that the bulk of UCE that hit my mail server came from either China or Korea. After I began blocking all IP addresses from either of those two countries, I found the amount of spam hitting my inbox was almost nil.
Of course, it was my personal mail server, and I don't have any contacts in either of those countries, so the SNR from China and Korea was essentially zero (no signal, all noise). YMMV, however.
A machine determined to be a member of a botnet could be isolated, blocked from sending email any place other than the support address of its ISP. Access could be restored when the machine is disinfected.
That's what we did at the ISP I used to work at.We ticked off a few customers but not as many as were ticked off at us before we implemented that policy. I was amazed at how vocal our customers could be when AOL started rejecting our e-mails...
Look, I'm a GenX'er myself, but please, for the love of everything holy, can we skip the 80's -- or at least everything in the 80s that came after Cheap Trick and Rush? I suffered through synth pop and hair bands once; I really don't want to relive them again.
TR2N - TRZN - TREZON - T.Reznor
There fixed that for you. He hasn't betrayed us; he's guaranteed an awesome soundtrack!
Sweet nostalgia -- Tail Gunner is one of my all-time favorite classic videogames :)
For example: in this case if you had already changed your router's IP address, it would be harder for the attackers to figure it out. For example if you use the 10.35.79.184, the same url that can exploit thousands of other dd-wrt routers (e.g. http://192.168.1.1/etcetc ), won't work on your router...So you have more time to update your router or even have time to wait to see if the updates don't break other stuff first.
However,...:
Same goes for putting running sshd servers on a different port...but so far running it on a different port works well enough for me.
Of course, all it would take for someone to discover that you were running sshd on an alternate port for them to run "nmap -sV -p1-65535" on your IP address. However, that is time consuming, and most hackers are after the low hanging fruit, so instead, they "nmap -sV -p22 1.2.3.0/24" (for example). However, as you said, if someone was targeting you specifically, all bets are off.
Botnet building malware actually use common exploits, that are known and patched. And the reason they are found so quickly is becouse they are used on souch a large scale, to build botnets. Your example has nothing to do with security trough obscurity. The reason botnets exist is becouse people leave their computers turned on and unpatched.
How do you think the common exploits were found? When $Random_Software_Company releases software -- say, perhaps an operating system -- do they publish all of the "common exploits" on their web site so black hats can create botnets? Do the black hats have the source code for $Random_Commercial_Operating_System so they can find exploits?
Of course not! That's absurd. Therefore, it stands to reason that at one time, the common exploits were unknown exploits that someone with a lot of time, perseverance, luck and skills discovered, despite security through obscurity. And therefore, security through obscurity is NOT sufficient security.
I have no problem with security through obscurity as another layer in your security model. But to say that security through obscurity in and of itself works in the real world is deluded, at best.
Just post your ideas on "Ask Slashdot", of course!
I'm not an engineer either, but I'd guess the single stem trunk is so that you don't have to hang the turbine way out in front of the tower (bending moment, and all that) to keep the propeller blades from hitting the tower below it. A single-stem trunk is purely vertical; however, the base is wider than the peak for three- or four-legged towers.
Flamebait? C'mon, mods...it was funny.
One good joke deserves another. Think about it.
And how many people would have education or health care if a third world military dictatorship handed us our butts on a silver platter because we dismantled our military so we could focus exclusively on social problems?
I'm not arguing that social programs are unimportant -- they clearly are important. However, if we don't have the ability to defend ourselves against foreign threats, then we won't have the resources to take care of our people, either.
The F-16 also had quite a few bugs at first, but now is a very capable airplane.
Looks like someone else skipped calculus class, too. What is the limit of (($manufacturing_cost_per_plane x $number_of_airplanes_built) + $program_development_cost) / $number_of_airplanes_built as $number_of_airplanes_built -> infinity?
/. RIAA/MP3-upload analogy: you run an MP3 upload site (we'll ignore the RIAA and the $200,000 in fines and legal fees for now). It costs you $15 to buy a CD plus, say, $2 for your labor and electrical power to rip the CD to MP3 format plus, say, $0.005 for bandwidth for every time the CD is uploaded. What is your cost to upload the CD to one person? Answer: $15 + $2 + $0.005 = ~$17. This gives you a cost per upload of ~$17 / 1 = ~$17. Now, what if you upload the CD to 1,000 people? Answer: $15 + $2 + (1000 x $0.005) = $22. This gives you a cost per upload of $22 / 1000 = ~$0.02.
Let's make a bad
Same thing with the airplanes. There is a cost associated with manufacturing each airplane, and the more airplanes you produce, the greater a factor it becomes. However, the more airplanes you produce, the less the fixed costs of development are a factor, leading to a reduction in total cost per airplane as you amortize the cost of development across multiple airplanes. It's really not a difficult concept to understand...
I'm so ashamed :)
The only answer to that problem is lots and lots of jewelry.
Let me know how that works for you. Seems to me like you are training your wife to bring up something again every time she wants a shiny new trinket...
Unless you live in England and the government decides to force you to hand over your encryption key. With Vanish, you *can't* hand over the encryption key because you never had it in the first place.
<pedantic>
Unfortunately, TFS -- and to a lesser extent, TFA -- seems to be ripe with exaggerated claims: "'Our goal was really to come up with a system where, through a property of nature, the message, or the data, disappears.'" and "After eight hours, the message will be impossible to unscramble and will remain gibberish forever."
No. Unless I am missing something from TFA, it is like any other "secure" encryption scheme: merely very, very difficult to break. Given a fast enough computer -- or a large enough cluster of computers working together -- it can be cracked. The only thing Vanish protects against is someone stealing the encryption key from your PC.
</pedantic>
Dangit, how did you guess?!?!? :D