Linux is safe from such a common attack because only seven people have successfully set up WPA Make that 8 then. I actually found setting up my wireless drivers for my chipset to be 10X harder than getting WPA working. That part was a breeze.
Mac, Linux, Solaris, etc. have had many more security advisories than MS Windows has had to endure
I'm not sure where you are getting that idea, but according to secunia, Microsoft and Redhat have had exactly 3 vulnerabilities this month, with Microsoft vulns being more critical. Sure there was the Solaris telnetd vuln that made headlines, but I think it's just your perception. Plus I also think you're failing to take into account the ANI cursor overflow at the end of March which was a big deal.
Sure, exploits exist, but you have to DO something.
That's not true. Look at the ANI bug, it was actively being exploited in the wild on web pages that injected the overflow using the iframe tag. All you had to do was visit a website, no clicking required.
How many "users" running Linux are even going to know about this vulnerability, let alone patch it.
Again this seems like a case of selective memory to me. Remember the Intel wireless vulnerability that came out just before the Maynor-Apple announcement? Well if you have a Intel wireless chipset on your windows PC, you have to manually install a new driver from Intel, there is no Microsoft patch and it will *not* appear in windows update even if you have auto-updates turned on. So I fail to see how that's any different. In fact a number of Linux distros actually do have updates available for this Madwifi vuln.
My guess is that it's the "USB-to-serial thing" that's causing some bug in the BIOS that corrupts parts of the CMOS, causing a password to be set.
Frankly I don't think that's any less ridiculous speculation than the original post on Linuxquestions that people are bitching about. In fact I think that's less likely as it would require the CMOS to be corrupted, but only part of the CMOS where the password set while leaving the rest of it functional. Fails Occam's razor IMHO.
Someone tried to do that a few years ago (remember Welchia) and it caused more harm than good with widespread internet congestion and critical systems getting rebooted.
Worm description:
W32.Welchia.B.Worm is a variant of W32.Welchia.Worm. If the version of the operating system of the infected machine is Chinese (Simplified), Chinese (Traditional), Korean, or English, the worm will attempt to download the Microsoft Workstation Service Buffer Overrun and Microsoft Messenger Service Buffer Overrun patches from the Microsoft® Windows Update Web site, install it, and then restart the computer.The worm also attempts to remove the W32.Mydoom.A@mm and W32.Mydoom.B@mm worms.
http://www.symantec.com/security_response/writeup. jsp?docid=2004-021115-2540-99
Thanks for posting that, definitely informative. Some salient quotes from the judgement:
Although we conclude that Heckenkamp had a reasonable
expectation of privacy in his personal computer, we conclude
that the search of the computer was justified under the
"special needs" exception to the warrant requirement.
Although Savoy was aware that the FBI was also investigating the use
of a computer on the university network to hack into the
Qualcomm system, his actions were not taken for law
enforcement purposes. Not only is there no evidence that
Savoy was acting at the behest of law enforcement, but also
the record indicates that Savoy was acting contrary to law
enforcement requests that he delay action
This discovery, together with Savoy's earlier discovery
that the computer had gained root access to the university's
Mail2 server, created a situation in which Savoy needed to act
immediately to protect the system
I'm not that familiar with the case, but my question is who owned the computer that the administrator "hacked" into. If this was a University-purchased system, then I think they had every right. But if this is his own system that he purchased and simply was connected to a U of W network in his dorm then I think he had a reasonable expectation of privacy. His network traffic would be fair game, but unauthorized access is something different.
I'm not sure how connecting to someones network gives them the right to access my system without my consent. If I'm on a Verizon network, does that mean they can bruteforce my passwords and log onto my system, simply because I 'm connected to their network? What about Starbucks?
If the justification was to "protect the mail server" couldn't they just have physically disconnected his dorm room from the network (they knew where the first IP address was coming from). Again, I don't know the specifics of the case so I'm more curious than trying to throw stones.
Not only does it only 'infect' iPods running Linux, but it's not even able to replicate. To call it a virus is stretching the truth, to say the least; it's just a program that trashes your binaries.
By definition that's what a virus is. The fact that it appends copies of itself to elf files *is* replication. If it had the ability to self propagate then it would be a worm. Viruses are by definition file infectors.
The only reason it's news is because this virus infects ipods. Anytime you have a new virus that is the first to infect a given OS/device it makes headlines, like the first cellphone virus, bluetooth virus, etc. There has and always will be a segment of the virus-writing community who are more interested in being the first to do something rather than to cause significant damage.
The common ancestor of humans and chimps would be considered an ape. So the GPs comment was correct. The fact that people get so upset at that has more to do with our own arrogance than anything else.
I haven't personally used it, but I had a course in graduate school where a prof went into detail about it. When it flags a paper for plagiarizing, it gives it a relative score and shows the plagiarized passages. So it should be pretty clear to anyone using it whether it's a simple 3-word string or an entire paraagraph/page that's verbatim.
OT: He actually caught someone plagiarizing the previous semester...best part was that it was an ethics class.
On a webmail-based account like hotmail or yahoo, the full html page is often rendered, including javascript. You can disable html, but again that's a measure that grandma and grandpa aren't likely to know to do.
I've seen phishing scam emails using obfuscated javascript for links to the actual phishing sites recently, so that isn't always a tipoff. Your grandma and grandpa aren't going to be able to download the page source and walk through the javascript to see what it's doing.
While I agree with you to an extent, if there are trivial measures that you can implement to stop this then why wouldn't you?
Plus many of the phishing scams are actually becoming rather complex. Many are now linking images directly from the targets website so that they look fairly legitimate and then use tricks like obfuscated javascript for the link to the phishing site itself so that a cursory "put mouse over link and see where it goes" isn't going to be a clear tipoff to joe sixpack.
Preserve what? No one is gonna care who stole what from us.
You can preserve the evidence of how you got owned, like the means of entry, how privilege elevation was performed, what was done on the system. It's not uncommon for crackers to upload a binary, execute it so that it's running in memory and then delete the binary file, so if the bash_history was wiped you may never find any evidence it was even there unless you looked at the system while it was running. Figuring out how you were compromised may help you prevent it from happening again.
Most of the "Apple Bugs" were 3rd party
There were only at most 8 third party bugs released by MOAB, so almost 75% of the bugs were in Apple software.
Needless to say they were almost all immediately fixed, sometimes within hours
The only bugs fixed "within hours" were a few of the 3rd party bugs. Apple only fixed a single bug (quicktime) by the time that MOAB had finished. So in a month they patched a single vuln. They didn't fix the majority of bugs identified by MOAB until the 2007-003 security update released March 13 2007...MOAB was in January.
The greenpeace article did say that it was within a single standard deviation, which for most scientific purposes would mean that it's not statistically different. IMO, Greenpeace does seem a bit dishonest in the way they hedge around that, but it would be nice to see the full data or see it done in a more human-like study population like chimps.
There may be some alternate explanation, like water intake as mentioned above, but based on those numbers you posted that's impossible. Even if you converted every single calorie to fat (without expending a single calorie on anything else) you still couldn't gain that much fat.
There may be some alternate explanation, like water intake as mentioned above, but based on those numbers you posted that's impossible. Even if you converted every single calorie to fat (without expending a single calorie on anything else) you still couldn't gain that much fat.
3500calories==1 pound of fat
3500*35lbs==122500 calories needed
300cal/day * 30days/month * 6months == 54000 calories
which isn't even halfway there...
Look at the sentence before it:
"a killer satellite with a lifetime in years could be quickly built for deployment in orbits close to potential targets. These days, much smaller vehicles could be launched and then maneuvered, undetected, into such ambush orbits. They could even use the Moon's gravity to surreptitiously slip into the high-altitude orbits of key US observation, communications, and navigation satellites."
and the one quoted:
"Even planning a space-to-space attack can take hours or days or longer for the moving attacker and target to line up in a proper position."
They both look to be referring to space-to-space attacks, as OP was pointing out.
Slashdot Mirror
Are you sure it's *all* carnivorous predators or just members of Felidae (cats, tigers, panthers)?
crontab -e
# cron for root
# update system at 4AM daily
0 4 * * *
Even easier:
su -
service yum start
Enabling nighly yum update: [OK]
Mac, Linux, Solaris, etc. have had many more security advisories than MS Windows has had to endure
I'm not sure where you are getting that idea, but according to secunia, Microsoft and Redhat have had exactly 3 vulnerabilities this month, with Microsoft vulns being more critical. Sure there was the Solaris telnetd vuln that made headlines, but I think it's just your perception. Plus I also think you're failing to take into account the ANI cursor overflow at the end of March which was a big deal.
Sure, exploits exist, but you have to DO something.
That's not true. Look at the ANI bug, it was actively being exploited in the wild on web pages that injected the overflow using the iframe tag. All you had to do was visit a website, no clicking required.
How many "users" running Linux are even going to know about this vulnerability, let alone patch it.
Again this seems like a case of selective memory to me. Remember the Intel wireless vulnerability that came out just before the Maynor-Apple announcement? Well if you have a Intel wireless chipset on your windows PC, you have to manually install a new driver from Intel, there is no Microsoft patch and it will *not* appear in windows update even if you have auto-updates turned on. So I fail to see how that's any different. In fact a number of Linux distros actually do have updates available for this Madwifi vuln.
Hmmm I hadn't thought about the checksum, that's a *really* good point as well.
My guess is that it's the "USB-to-serial thing" that's causing some bug in the BIOS that corrupts parts of the CMOS, causing a password to be set. Frankly I don't think that's any less ridiculous speculation than the original post on Linuxquestions that people are bitching about. In fact I think that's less likely as it would require the CMOS to be corrupted, but only part of the CMOS where the password set while leaving the rest of it functional. Fails Occam's razor IMHO.
Worm description: W32.Welchia.B.Worm is a variant of W32.Welchia.Worm. If the version of the operating system of the infected machine is Chinese (Simplified), Chinese (Traditional), Korean, or English, the worm will attempt to download the Microsoft Workstation Service Buffer Overrun and Microsoft Messenger Service Buffer Overrun patches from the Microsoft® Windows Update Web site, install it, and then restart the computer.The worm also attempts to remove the W32.Mydoom.A@mm and W32.Mydoom.B@mm worms.
http://www.symantec.com/security_response/writeup
Although we conclude that Heckenkamp had a reasonable expectation of privacy in his personal computer, we conclude that the search of the computer was justified under the "special needs" exception to the warrant requirement.
Although Savoy was aware that the FBI was also investigating the use of a computer on the university network to hack into the Qualcomm system, his actions were not taken for law enforcement purposes. Not only is there no evidence that Savoy was acting at the behest of law enforcement, but also the record indicates that Savoy was acting contrary to law enforcement requests that he delay action
This discovery, together with Savoy's earlier discovery that the computer had gained root access to the university's Mail2 server, created a situation in which Savoy needed to act immediately to protect the system
I'm not that familiar with the case, but my question is who owned the computer that the administrator "hacked" into. If this was a University-purchased system, then I think they had every right. But if this is his own system that he purchased and simply was connected to a U of W network in his dorm then I think he had a reasonable expectation of privacy. His network traffic would be fair game, but unauthorized access is something different.
I'm not sure how connecting to someones network gives them the right to access my system without my consent. If I'm on a Verizon network, does that mean they can bruteforce my passwords and log onto my system, simply because I 'm connected to their network? What about Starbucks?
If the justification was to "protect the mail server" couldn't they just have physically disconnected his dorm room from the network (they knew where the first IP address was coming from). Again, I don't know the specifics of the case so I'm more curious than trying to throw stones.
Not only does it only 'infect' iPods running Linux, but it's not even able to replicate. To call it a virus is stretching the truth, to say the least; it's just a program that trashes your binaries.
By definition that's what a virus is. The fact that it appends copies of itself to elf files *is* replication. If it had the ability to self propagate then it would be a worm. Viruses are by definition file infectors.
The only reason it's news is because this virus infects ipods. Anytime you have a new virus that is the first to infect a given OS/device it makes headlines, like the first cellphone virus, bluetooth virus, etc. There has and always will be a segment of the virus-writing community who are more interested in being the first to do something rather than to cause significant damage.
The common ancestor of humans and chimps would be considered an ape. So the GPs comment was correct. The fact that people get so upset at that has more to do with our own arrogance than anything else.
Sorry, should be "unless it's set to read in plaintext". Forward/reply in plaintext are still vulnerable.
IE7 on Vista is protected, but what about Vista Mail? Dshield lists Vista as being vulnerable, even when it's set to read as plaintext:
http://www.dshield.org/indexd.html
He did that with virtually all the OSes and made it clear in each OS summary that's what he did.
I haven't personally used it, but I had a course in graduate school where a prof went into detail about it. When it flags a paper for plagiarizing, it gives it a relative score and shows the plagiarized passages. So it should be pretty clear to anyone using it whether it's a simple 3-word string or an entire paraagraph/page that's verbatim. OT: He actually caught someone plagiarizing the previous semester...best part was that it was an ethics class.
On a webmail-based account like hotmail or yahoo, the full html page is often rendered, including javascript. You can disable html, but again that's a measure that grandma and grandpa aren't likely to know to do.
I've seen phishing scam emails using obfuscated javascript for links to the actual phishing sites recently, so that isn't always a tipoff. Your grandma and grandpa aren't going to be able to download the page source and walk through the javascript to see what it's doing.
While I agree with you to an extent, if there are trivial measures that you can implement to stop this then why wouldn't you?
Plus many of the phishing scams are actually becoming rather complex. Many are now linking images directly from the targets website so that they look fairly legitimate and then use tricks like obfuscated javascript for the link to the phishing site itself so that a cursory "put mouse over link and see where it goes" isn't going to be a clear tipoff to joe sixpack.
Preserve what? No one is gonna care who stole what from us.
You can preserve the evidence of how you got owned, like the means of entry, how privilege elevation was performed, what was done on the system. It's not uncommon for crackers to upload a binary, execute it so that it's running in memory and then delete the binary file, so if the bash_history was wiped you may never find any evidence it was even there unless you looked at the system while it was running. Figuring out how you were compromised may help you prevent it from happening again.
There were only at most 8 third party bugs released by MOAB, so almost 75% of the bugs were in Apple software.
Needless to say they were almost all immediately fixed, sometimes within hours
The only bugs fixed "within hours" were a few of the 3rd party bugs. Apple only fixed a single bug (quicktime) by the time that MOAB had finished. So in a month they patched a single vuln. They didn't fix the majority of bugs identified by MOAB until the 2007-003 security update released March 13 2007...MOAB was in January.
The greenpeace article did say that it was within a single standard deviation, which for most scientific purposes would mean that it's not statistically different. IMO, Greenpeace does seem a bit dishonest in the way they hedge around that, but it would be nice to see the full data or see it done in a more human-like study population like chimps.
There may be some alternate explanation, like water intake as mentioned above, but based on those numbers you posted that's impossible. Even if you converted every single calorie to fat (without expending a single calorie on anything else) you still couldn't gain that much fat.
//Now with html spacing goodness
3500calories==1 pound of fat
3500*35lbs==122500 calories needed
300cal/day * 30days/month * 6months == 54000 calories
which isn't even halfway there...
There may be some alternate explanation, like water intake as mentioned above, but based on those numbers you posted that's impossible. Even if you converted every single calorie to fat (without expending a single calorie on anything else) you still couldn't gain that much fat. 3500calories==1 pound of fat 3500*35lbs==122500 calories needed 300cal/day * 30days/month * 6months == 54000 calories which isn't even halfway there...
Look at the sentence before it:
"a killer satellite with a lifetime in years could be quickly built for deployment in orbits close to potential targets. These days, much smaller vehicles could be launched and then maneuvered, undetected, into such ambush orbits. They could even use the Moon's gravity to surreptitiously slip into the high-altitude orbits of key US observation, communications, and navigation satellites."
and the one quoted: "Even planning a space-to-space attack can take hours or days or longer for the moving attacker and target to line up in a proper position."
They both look to be referring to space-to-space attacks, as OP was pointing out.
How is it FUD if Microsoft is issuing patches for it?