Linux unhackable at TippingPoint contest ,, - Linux

This is a discussion on Linux unhackable at TippingPoint contest ,, - Linux ; "The Linux fans will be thrilled to find out that their favorite operating system have proved the safest at the contest organized this week by the security firm TippingPoint" http://www.efluxmedia.com/news_Linux...est_15743.html...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 21

Thread: Linux unhackable at TippingPoint contest ,,

  1. Linux unhackable at TippingPoint contest ,,

    "The Linux fans will be thrilled to find out that their favorite
    operating system have proved the safest at the contest organized this
    week by the security firm TippingPoint"

    http://www.efluxmedia.com/news_Linux...est_15743.html

  2. Re: Linux unhackable at TippingPoint contest ,,


    "Doug Mentohl" wrote in message
    news:c4ff314a-c66f-45b4-aa1c-e4b1382cb720@a23g2000hsc.googlegroups.com...
    > "The Linux fans will be thrilled to find out that their favorite
    > operating system have proved the safest at the contest organized this
    > week by the security firm TippingPoint"
    >
    > http://www.efluxmedia.com/news_Linux...est_15743.html


    You are starting to take lessons from Shestowicz, I see. A more careful
    search on the matter shows that none of the machines could be compromised
    remotely (day one) or even locally (day two) with their OS as the only
    active element. Once third-party software was allowed, Apple went first and
    Vista was compromised by an Adobe flaw based on Java. The perp said that
    the same attack would work with Apple or Linux, so the Ubuntu resistance was
    pure serendipity.

    Bottom line the flaw was in the Adobe product, not in the Microsoft product
    and Linux has nothing to be proud of other than being ignored by the
    attacker.


  3. Re: Linux unhackable at TippingPoint contest ,,

    >>>>> "amicus" == amicus curious writes:

    amicus> You are starting to take lessons from Shestowicz, I see.
    amicus> A more careful search on the matter shows that none of the
    amicus> machines could be compromised remotely (day one) or even
    amicus> locally (day two) with their OS as the only active
    amicus> element. Once third-party software was allowed, Apple
    amicus> went first and Vista was compromised by an Adobe flaw
    amicus> based on Java. The perp said that the same attack would
    amicus> work with Apple or Linux, so the Ubuntu resistance was
    amicus> pure serendipity.

    amicus> Bottom line the flaw was in the Adobe product, not in the
    amicus> Microsoft product and Linux has nothing to be proud of
    amicus> other than being ignored by the attacker.

    Then, I have to ask why Linux is being ignored. Maybe, the hackers
    consider hacking into a Linux system to be "out of scope", because
    it's too difficult?

    (Many book authors do pull out (usually, appropriately) the "out of
    scope" card to avoid discussing into details of complicated things
    that are too difficult and hence "uninteresting" or distracting to the
    readers.)


    --
    Lee Sau Dan u ~{@nJX6X~}

    E-mail: danlee@informatik.uni-freiburg.de
    Home page: http://www.informatik.uni-freiburg.de/~danlee

  4. Re: Linux unhackable at TippingPoint contest ,,

    LEE Sau Dan wrote:

    >>>>>> "amicus" == amicus curious writes:

    >
    > amicus> You are starting to take lessons from Shestowicz, I see.
    > amicus> A more careful search on the matter shows that none of the
    > amicus> machines could be compromised remotely (day one) or even
    > amicus> locally (day two) with their OS as the only active
    > amicus> element. Once third-party software was allowed, Apple
    > amicus> went first and Vista was compromised by an Adobe flaw
    > amicus> based on Java. The perp said that the same attack would
    > amicus> work with Apple or Linux, so the Ubuntu resistance was
    > amicus> pure serendipity.
    >
    > amicus> Bottom line the flaw was in the Adobe product, not in the
    > amicus> Microsoft product and Linux has nothing to be proud of
    > amicus> other than being ignored by the attacker.
    >
    > Then, I have to ask why Linux is being ignored. Maybe, the hackers
    > consider hacking into a Linux system to be "out of scope", because
    > it's too difficult?
    >
    > (Many book authors do pull out (usually, appropriately) the "out of
    > scope" card to avoid discussing into details of complicated things
    > that are too difficult and hence "uninteresting" or distracting to the
    > readers.)


    Linux boxes are the most prized boxes for crackers, & are often a *more*
    attractive target than windoze ones. The reason they don't bother trying to
    crack them, is because Linux boxes are *much* harder to crack than Windoze
    ones. If this wasn't the case, are all the security experts wrong?
    Anyway, anything said by amicus curious - Bill Wiesberger can be dismissed, as
    he's a shill for M$ with no credibility.

    --
    Mandriva - 2008.1 - RC2 - 64bit OS.
    COLA trolls: http://colatrolls.blogspot.com/

  5. Re: Linux unhackable at TippingPoint contest ,,

    Doug Mentohl wrote:
    > "The Linux fans will be thrilled to find out that their favorite
    > operating system have proved the safest at the contest organized this
    > week by the security firm TippingPoint"
    >
    > http://www.efluxmedia.com/news_Linux...est_15743.html



    Mental forgot the "Ubuntu community had to yank five of the eight
    Ubuntu-hosted community servers sponsored by Canonical offline Aug. 6 after
    discovering that the servers had been hijacked and were attacking other
    machines."

    http://www.eweek.com/c/a/Security/Ub...Launch-Attack/




  6. Re: Linux unhackable at TippingPoint contest ,,

    On Tue, 1 Apr 2008 09:45:06 -0500, DFS wrote:

    > Doug Mentohl wrote:
    >> "The Linux fans will be thrilled to find out that their favorite
    >> operating system have proved the safest at the contest organized this
    >> week by the security firm TippingPoint"
    >>
    >> http://www.efluxmedia.com/news_Linux...est_15743.html

    >
    >
    > Mental forgot the "Ubuntu community had to yank five of the eight
    > Ubuntu-hosted community servers sponsored by Canonical offline Aug. 6 after
    > discovering that the servers had been hijacked and were attacking other
    > machines."
    >
    > http://www.eweek.com/c/a/Security/Ub...Launch-Attack/


    Probably because Roy Schestowitz's web site infected them somehow.
    Ever notice how Schestowitz shills Ubuntu all over digg.com?

    Interesting isn't it?

    --
    Moshe Goldfarb
    Collector of soaps from around the globe.
    Please visit The Hall of Linux Idiots:
    http://linuxidiots.blogspot.com/

  7. Re: Linux unhackable at TippingPoint contest ,,

    >>>>> "William" == William Poaster writes:

    William> Linux boxes are the most prized boxes for crackers,

    Of course, Linux is a very useful *tool* for crackers and hackers,
    because of its flexibility and rich of functions.


    William> & are often a *more* attractive target than windoze
    William> ones.

    No. Linux is not an attractive target for attacking, because of the
    very strong protection mechanisms (e.g. file permissions, process
    isolation, etc.). It is a *challenging* target, but not very
    attractive because it's too difficult.


    William> The reason they don't bother trying to crack them, is
    William> because Linux boxes are *much* harder to crack than
    William> Windoze ones.

    So, Linux is not as attractive as a target, because makes the task too
    difficult (but really *challenging* and interesting).



    --
    Lee Sau Dan u ~{@nJX6X~}

    E-mail: danlee@informatik.uni-freiburg.de
    Home page: http://www.informatik.uni-freiburg.de/~danlee

  8. Linux unhackable at TippingPoint contest says efluxmedia.com article,but fuddie is too dense to click on the link ..

    On 31 Mar, 14:02, "amicus 'funkentroll in disguise' curious" wrote:
    > "Doug Mentohl" wrote in message


    > You are starting to take lessons from Shestowicz, I see. *A more carefulsearch on the matter shows ..


    Like where, I quoted the article, how does a twisted lowlife **** like
    yourself spin this ito an attack on 'Shestowicz'. Kindly address the
    contents of a post instead of attacking someone not called 'Doug
    Mentohl' ...

  9. Re: Linux unhackable at TippingPoint contest says efluxmedia.com article, but fuddie is too dense to click on the link ..


    "Doug Mentohl" wrote in message
    news:b9462611-c298-4593-b442-058f1f4dc3af@q27g2000prf.googlegroups.com...
    On 31 Mar, 14:02, "amicus 'funkentroll in disguise' curious" wrote:
    > "Doug Mentohl" wrote in message


    > You are starting to take lessons from Shestowicz, I see. A more careful
    > search on the matter shows ..


    Like where, I quoted the article, how does a twisted lowlife **** like
    yourself spin this ito an attack on 'Shestowicz'. Kindly address the
    contents of a post instead of attacking someone not called 'Doug
    Mentohl' ...

    Surely you are just being coy. My post was obviously no attack on
    Shestowicz, he has already established himself as a laughingstock. I was
    chiding you for not being fully candid about the details of the hacking test
    you cited. Since he is the stereotype for such behavior, I alluded to it.

    And I did address the contents of your post, clearly showing where you were
    being disingenuous, and I note that you have no defense for your conduct in
    not disclosing the details of the matter.


  10. Re: Linux unhackable at TippingPoint contest ,,

    On 2008-04-01, DFS wrote:
    > Doug Mentohl wrote:
    >> "The Linux fans will be thrilled to find out that their favorite
    >> operating system have proved the safest at the contest organized this
    >> week by the security firm TippingPoint"
    >>
    >> http://www.efluxmedia.com/news_Linux...est_15743.html

    >
    >
    > Mental forgot the "Ubuntu community had to yank five of the eight
    > Ubuntu-hosted community servers sponsored by Canonical offline Aug. 6 after


    ...which means squat to most end users, or even most server admins
    who are not in the habit of going out of their way to run dodgey PHP apps.

    > discovering that the servers had been hijacked and were attacking other
    > machines."
    >
    > http://www.eweek.com/c/a/Security/Ub...Launch-Attack/
    >
    >
    >



    --

    Metallica is not worth the ruination of someone |||
    who has pirated their music / | \


    Posted Via Usenet.com Premium Usenet Newsgroup Services
    ----------------------------------------------------------
    ** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
    ----------------------------------------------------------
    http://www.usenet.com

  11. Re: Linux unhackable at TippingPoint contest ,,

    JEDIDIAH wrote:
    > On 2008-04-01, DFS wrote:
    >> Doug Mentohl wrote:
    >>> "The Linux fans will be thrilled to find out that their favorite
    >>> operating system have proved the safest at the contest organized
    >>> this week by the security firm TippingPoint"
    >>>
    >>> http://www.efluxmedia.com/news_Linux...est_15743.html

    >>
    >>
    >> Mental forgot the "Ubuntu community had to yank five of the eight
    >> Ubuntu-hosted community servers sponsored by Canonical offline Aug.
    >> 6 after

    >
    > ...which means squat to most end users, or even most server admins
    > who are not in the habit of going out of their way to run dodgey PHP
    > apps.


    minimize the problem? check.
    blame anything but Linux or Linux admins? check.

    Great "advocacy", JED!




    >> discovering that the servers had been hijacked and were attacking
    >> other machines."
    >>
    >> http://www.eweek.com/c/a/Security/Ub...Launch-Attack/




  12. Re: Linux unhackable at TippingPoint contest ,,


    "DFS" wrote in message
    news:UtXIj.16579$%15.12882@bignews7.bellsouth.net. ..
    > JEDIDIAH wrote:
    >> On 2008-04-01, DFS wrote:
    >>> Doug Mentohl wrote:
    >>>> "The Linux fans will be thrilled to find out that their favorite
    >>>> operating system have proved the safest at the contest organized
    >>>> this week by the security firm TippingPoint"
    >>>>
    >>>> http://www.efluxmedia.com/news_Linux...est_15743.html
    >>>
    >>>
    >>> Mental forgot the "Ubuntu community had to yank five of the eight
    >>> Ubuntu-hosted community servers sponsored by Canonical offline Aug.
    >>> 6 after

    >>
    >> ...which means squat to most end users,


    Which means that it's vulnerable, it was hacked, and it took a while for
    Canonical to discover that it's own servers were attacking each other. Just
    because "every user" wasn't affected doesn't make it any less important.

    >> or even most server admins
    >> who are not in the habit of going out of their way to run dodgey PHP
    >> apps.


    Sounds to me like a variant of the "linux is just the kernel" defense. Why
    haven't all these eyeballs found and fixed these PHP bugs?


    > minimize the problem? check.
    > blame anything but Linux or Linux admins? check.
    >
    > Great "advocacy", JED!


    It's the users fault. Linux is just the kernel. So what, most people don't
    use *that* feature.


    >
    >>> discovering that the servers had been hijacked and were attacking
    >>> other machines."
    >>>
    >>> http://www.eweek.com/c/a/Security/Ub...Launch-Attack/

    >
    >




    --
    Posted via a free Usenet account from http://www.teranews.com


  13. Re: Linux unhackable at TippingPoint contest ,,

    On Wed, 2 Apr 2008 22:41:32 -0500, DFS wrote:

    > JEDIDIAH wrote:
    >> On 2008-04-01, DFS wrote:
    >>> Doug Mentohl wrote:
    >>>> "The Linux fans will be thrilled to find out that their favorite
    >>>> operating system have proved the safest at the contest organized
    >>>> this week by the security firm TippingPoint"
    >>>>
    >>>> http://www.efluxmedia.com/news_Linux...est_15743.html
    >>>
    >>>
    >>> Mental forgot the "Ubuntu community had to yank five of the eight
    >>> Ubuntu-hosted community servers sponsored by Canonical offline Aug.
    >>> 6 after

    >>
    >> ...which means squat to most end users, or even most server admins
    >> who are not in the habit of going out of their way to run dodgey PHP
    >> apps.

    >
    > minimize the problem? check.
    > blame anything but Linux or Linux admins? check.
    >
    > Great "advocacy", JED!


    Jedi doesn't advocate Linux he writes books for DR Seuss.


    --
    Moshe Goldfarb
    Collector of soaps from around the globe.
    Please visit The Hall of Linux Idiots:
    http://linuxidiots.blogspot.com/

  14. Re: Linux unhackable at TippingPoint contest says efluxmedia.comarticle, but fuddie is too dense to click on the link ..

    On 2 Apr, 19:20, "amicus_curious" I run and hide wrote:
    > I was chiding you for not being fully candid about the details of the hacking test you cited ..


    > And I did address the contents of your post, clearly showing where you were being disingenuous ..


    Like where in this post did I was 'disingenuous'

    I quoted an article ..

    http://groups.google.co.uk/group/com...dbb1821e7f3be4

    You are merely being your usual dishonest, disingenuous, offencive
    cunt, as usual ..

  15. Re: Linux unhackable at TippingPoint contest says efluxmedia.com article, but fuddie is too dense to click on the link ..


    "Doug Mentohl" wrote in message
    news:6ffba12d-6dff-4ffc-a3e0-205f2510a0b1@s13g2000prd.googlegroups.com...
    > On 2 Apr, 19:20, "amicus_curious" I run and hide wrote:
    >> I was chiding you for not being fully candid about the details of the
    >> hacking test you cited ..

    >
    >> And I did address the contents of your post, clearly showing where you
    >> were being disingenuous ..

    >
    > Like where in this post did I was 'disingenuous'
    >
    > I quoted an article ..
    >

    But not the whole article and also not other articles that contained more
    pertinent information. That is being disingenuous, i.e. false, misleading.


  16. fuddie still too dense to click on the link ..

    On 3 Apr, 15:46, "amicus_curious" wrote:

    > But not the whole article and also not other articles that contained more pertinent information. *That is being disingenuous, i.e. false, misleading..


    What more 'pertinent information' are you refering to ...

    You're gone beyone a joke, fuddie, your now just being pathetic ..


  17. Re: Linux unhackable at TippingPoint contest ,,

    On 2008-04-03, Ezekiel wrote:
    >
    > "DFS" wrote in message
    > news:UtXIj.16579$%15.12882@bignews7.bellsouth.net. ..
    >> JEDIDIAH wrote:
    >>> On 2008-04-01, DFS wrote:
    >>>> Doug Mentohl wrote:
    >>>>> "The Linux fans will be thrilled to find out that their favorite
    >>>>> operating system have proved the safest at the contest organized
    >>>>> this week by the security firm TippingPoint"
    >>>>>
    >>>>> http://www.efluxmedia.com/news_Linux...est_15743.html
    >>>>
    >>>>
    >>>> Mental forgot the "Ubuntu community had to yank five of the eight
    >>>> Ubuntu-hosted community servers sponsored by Canonical offline Aug.
    >>>> 6 after
    >>>
    >>> ...which means squat to most end users,

    >
    > Which means that it's vulnerable, it was hacked, and it took a while for
    > Canonical to discover that it's own servers were attacking each other. Just
    > because "every user" wasn't affected doesn't make it any less important.


    It makes it important in the same way that the traditional
    problems with BIND and sendmail are important.

    >
    >>> or even most server admins
    >>> who are not in the habit of going out of their way to run dodgey PHP
    >>> apps.

    >
    > Sounds to me like a variant of the "linux is just the kernel" defense. Why
    > haven't all these eyeballs found and fixed these PHP bugs?


    You might as well ask why buffer overflows still happen.

    >
    >
    >> minimize the problem? check.
    >> blame anything but Linux or Linux admins? check.
    >>
    >> Great "advocacy", JED!

    >
    > It's the users fault. Linux is just the kernel. So what, most people don't
    > use *that* feature.


    Sometimes it is the users fault. It's stupid to deny it. Denying
    such things make it harder to spell out sane computing practices and
    things that should be avoided.

    Without this, morons like you would still be running around with
    versions of sendmail that could bring down the entire net regardless
    of which "kernel" was running underneath.

    [deletia]

    The nice thing about being free to choose your tools without
    some Lemming whining at you about the mandatory flavor of the
    month is that you can blacklist the crap (like IE and msoffice)
    and avoid it.

    PHP for all practical purposes is a 3rd party app. The fact
    that you can root it is about as relevant as the fact that you
    can root AutoCAD on Windows.

    --


    The average IT manager is a less effective mentor than a
    Spongebob Squarepants cartoon.


    Posted Via Usenet.com Premium Usenet Newsgroup Services
    ----------------------------------------------------------
    ** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
    ----------------------------------------------------------
    http://www.usenet.com

  18. Re: fuddie still too dense to click on the link ..


    "Doug Mentohl" wrote in message
    news:e7404156-dab8-40a1-bc70-

    >What more 'pertinent information' are you refering to ...


    1. The part where it was acknowledged that Windows and Ubuntu were not
    compromised in their native versions as installed, ie. Windows didn't break.

    2. The part where the problem was with Adobe Flash and Java, not with
    Windows.

    3. The part where the perpetrator of the hack allowed that it would work
    against Ubuntu as well as Vista, but he like Vista better, which was part of
    the prize he got for winning.


  19. Re: fuddie still too dense to click on the link ..

    On 3 Apr, 20:23, "amicus_curious" wrote:

    > 1.


    > 2.


    > 3.


    How does any of 1, 2, 3 invalidate ...

    "The Linux fans will be thrilled to find out that their favorite
    operating system have proved the safest at the contest organized this
    week by the security firm TippingPoint"

    Oh and 'Vindows' did break ..

    "In the third and final day Shane Macaulay from Security Objectives
    won the Fujitsu U810 laptop running Vista Ultimate SP1"

  20. Re: fuddie still too dense to click on the link ..

    On 2008-04-03, amicus_curious wrote:
    >
    > "Doug Mentohl" wrote in message
    > news:e7404156-dab8-40a1-bc70-
    >
    >>What more 'pertinent information' are you refering to ...

    >
    > 1. The part where it was acknowledged that Windows and Ubuntu were not
    > compromised in their native versions as installed, ie. Windows didn't break.
    >
    > 2. The part where the problem was with Adobe Flash and Java, not with
    > Windows.


    Anymore the Windows kernel isn't the problem. It's been this way
    for awhile. The apps are the problem and Microsoft led the way in
    doing really stupid things at the app level.

    This isn't even getting into bugs.

    Bugs in Flash or Java are a serious problem since they are
    so widely used. This does lead to the question of why these
    bugs aren't manifesting in Linux and OS/X and causing similar
    problems.

    >
    > 3. The part where the perpetrator of the hack allowed that it would work
    > against Ubuntu as well as Vista, but he like Vista better, which was part of
    > the prize he got for winning.
    >



    --
    Oracle... can't live with it... |||
    / | \
    can't just replace it with postgres...

    Posted Via Usenet.com Premium Usenet Newsgroup Services
    ----------------------------------------------------------
    ** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
    ----------------------------------------------------------
    http://www.usenet.com

+ Reply to Thread
Page 1 of 2 1 2 LastLast