[News] New worm feeds on latest Microsoft bug - Linux

This is a discussion on [News] New worm feeds on latest Microsoft bug - Linux ; The racist, liar and software thief Gary Stewart (flatfish) nymshifted: > On Mon, 27 Oct 2008 00:36:17 +0100, Richard Rasker wrote: > >> Moshe Goldfarb. wrote: >> >>> On Sun, 26 Oct 2008 23:02:40 +0100, Richard Rasker wrote: >>> >>> ...

+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast
Results 21 to 40 of 44

Thread: [News] New worm feeds on latest Microsoft bug

  1. Re: [News] New worm feeds on latest Microsoft bug

    The racist, liar and software thief Gary Stewart (flatfish) nymshifted:

    > On Mon, 27 Oct 2008 00:36:17 +0100, Richard Rasker wrote:
    >
    >> Moshe Goldfarb. wrote:
    >>
    >>> On Sun, 26 Oct 2008 23:02:40 +0100, Richard Rasker wrote:
    >>>
    >>> So please try a little harder to come up
    >>>> with a plausible way that Linux could become as insecure as Windows.
    >>>>
    >>>>
    >>>> Richard Rasker
    >>>
    >>> Simple.... a rogue program in one of the many repositories for Linux
    >>> software.

    >>
    >> No, not so simple ...
    >>
    >>> Do you *really know* what say the mediaubuntu is downloading to your
    >>> machine?
    >>> What about the various restricted repositories that Ubuntu users need to
    >>> add in order to play mp3, libdvdcss etc...

    >>
    >> One word: keys. A checksum of every downloaded file is compared to a key
    >> on a separate server. So any distributor of rogue software must not only
    >> compromise a package mirror, but also the key server. The only realistic
    >> way to spread malicious software this way is to get further upstream --
    >> but that's exceedingly diffcult.
    >> Then of course you could try creating a complete application which has
    >> concealed malware aboard, but this is even less plausible: the
    >> application must be something a lot of people want to install -- and even
    >> in the unlikely event that you succeed in creating something hugely
    >> popular, your cunning plan will fall apart as soon as anyone bothers to
    >> dive into the source code. The chance of which is a solid 100% if you
    >> actually create something that appeals to a lot of people.
    >>
    >>> How do you really know what is in there and what you are loading on to
    >>> your machine?
    >>>
    >>> Answer: you don't.

    >>
    >> Answer: you do. At least you do know that what's downloaded onto your
    >> machine has the same checksum as what the software creator put online.
    >> And so far, it's virtually impossible to
    >>
    >>> Mint Linux was infected as were others earlier this year.

    >>
    >> If this has actually led to infections, then Mint has made severe
    >> mistakes in its package management and distribution -- e.g. no key
    >> checks, or no use of keys and key servers at all.
    >>
    >>> It will happen more as Linux user numbers increase, if they do.

    >>
    >> I seriously doubt it -- these attacks all have to do with Linux servers
    >> being compromised, usually through bad PHP code. For all intents and
    >> purposes, desktop Linux isn't attacked at all. Sure, with an increasing
    >> popularity of desktop Linux there will inevitably be more attacks -- but
    >> I'm very confident that we won't see this endless malware mess that's
    >> been rampant in the Windows world for well over a decade now. Linux
    >> really is better designed, with nothing like the old one-user no-network
    >> computer legacy which made Windows so terribly insecure -- although the
    >> ultimate cause of this legacy was of course plain incompetence in
    >> designing the OS in the first place.
    >>
    >> Richard Rasker

    >
    > All the checks and balanaces in the world will not compensate for ignorant
    > users, social engineering etc.
    > Does Linux make it more difficult?
    > Probably, but it will happen.


    Even *if* it would happen, the question is: Is the infection rate high
    enough to sustain a virus, to let it stay alive

    > Even from my own experience, too much trust is put in Linux and what is up
    > in the sky to download.


    Well, point us to those rogue download sites for linux soft, will you?

    > I want to play mp3 files, I see a post to add this that and the other
    > repository to my Ubuntu package manager and I do.
    > And that is exactly what most people will do.
    >
    > I have no clue what is coming down, I just want to play mp3 files for
    > example.


    Bull**** to the highest degree, flatfish, and you know it.
    MP3 playing is working by default in any major linux distro.

    > It's going to happen when Linux is a big enough desktop target, which is
    > where most of the infections are coming from in the Windows world.
    >


    You have no clue whatsoever you are blubbering about
    --
    The nice thing about standards is that there are so many of them
    to choose from. -- Andrew S. Tanenbaum


  2. Re: [News] New worm feeds on latest Microsoft bug

    Peter Köhlmann wrote:

    >> You stupid fool, you know nothing about RPC and how it works, you know
    >> nothing about COM or DCOM object communications over TCP 135 the
    >> COM/DCOM port you moron.

    >
    > Fine. And now go playing on the motorway again, idiot


    But you can't dispute it you moron, because you really don't know what
    you are talking about when it comes to RPC, COM or DCOM.

    All you did was talk out the side of your head, and I doubt that you
    really know anything about Linux too, after this display of ignorance.

    Now, you take your car with you in it, and you run it into a poll on the
    motorway you moron.


  3. Re: [News] New worm feeds on latest Microsoft bug

    Moshe Goldfarb. wrote:
    > On Sun, 26 Oct 2008 19:44:36 -0400, Linux Pimps wrote:
    >
    >> Moshe Goldfarb. wrote:
    >>> On Sun, 26 Oct 2008 19:26:13 -0400, Linux Pimps wrote:
    >>>
    >>>> Moshe Goldfarb. wrote:
    >>>>> On Sun, 26 Oct 2008 23:45:22 +0100, Peter KŲhlmann wrote:
    >>>>>
    >>>>>> Moshe Goldfarb. wrote:
    >>>>>>
    >>>>>>> On Sun, 26 Oct 2008 23:23:26 +0100, Peter KŲhlmann wrote:
    >>>>>>>
    >>>>>>>> The racist, liar and software thief Gary Stewart (flatfish) nymshifted:
    >>>>>>>>
    >>>>>>>>> On Sun, 26 Oct 2008 14:40:58 -0700 (PDT), nessuno@wigner.berkeley.edu
    >>>>>>>>> wrote:
    >>>>>>>>>
    >>>>>>>>>>
    >>>>>>>>>> One day after Microsoft issued a rare emergency Windows security
    >>>>>>>>>> patch, the bad guys have a few new ways to take advantage of the
    >>>>>>>>>> bug.....a new worm, called Gimmiv....
    >>>>>>>>>>
    >>>>>>>>>> This vulnerability lies in the Windows Server service.... "It is
    >>>>>>>>>> downloaded onto a target machine via social engineering
    >>>>>>>>> Key words: Social Engineering.......
    >>>>>>>> And completely wrong.
    >>>>>>>> It is a vulnerability in the windows RPC code, and absolutely no user
    >>>>>>>> interaction is needed
    >>>>>>> That's not what the article says.
    >>>>>> I don't care what the article says. It is a RPC error, thus *no* user
    >>>>>> interaction is needed.
    >>>>>> In principle a machine with a running firewall should be safe, but a small
    >>>>>> error in setting the firewall will make the machine wide open.
    >>>>>> If you have file- and printer sharing enabled, very easily you can enable
    >>>>>> also the access from the outside. Then all bets are off.
    >>>>>> The problem is in a code area which is not protected by "/GS security
    >>>>>> cookies"
    >>>>>>
    >>>>>>> It has to make it to the first machine.
    >>>>>> Wrong
    >>>>>>
    >>>>>> And actually it is quite similar to the 2006 vulnerability in RPC,
    >>>>>> when "Vanebot" or "Mocbot" were infecting windows machines without any user
    >>>>>> interaction at all
    >>>>> I'll take your word for it but the term social engineering should have been
    >>>>> left out of the article.
    >>>>>
    >>>> No don't take his word for it, because TCP port 135 is the RPC/DCOM
    >>>> port. If that port is protected on the machine by a host based firewall,
    >>>> which that port is closed by default by a host based firewall running on
    >>>> the machine, then the machine cannot be attacked using RPC, period.
    >>> That much I do know.
    >>> I believe Peter did say it would be blocked by most firewalls.
    >>>
    >>> My contention is with the social engineering part which is going to be the
    >>> downfall of Linux.
    >>>

    >> But he turned around and said that if MS File and Print sharing were
    >> open on the FW, a possible mistake he indicates, then the RPC exploit
    >> can take place. RPC uses TCP port 135 and not UDP 137-139 and TCP 445
    >> (NT only) the Windows Networking Ports.

    >
    > Yes he did.
    >
    >> Something/a program has to be listening on a port on the other end.

    >
    > Correct.
    >
    >> So the RPC exploit is not spreading from one machine to the next if the
    >> machine has TCP port 135 closed, which is the default state on a FW.

    >
    > Correct.
    >
    >> The social engineering means that a user of a machine was initially
    >> involved in the compromise.

    >
    > That's what I suggested.
    > He said no.
    > The article says yes.
    >
    >


    It was just the great Kohlmann making things up, talking out the side of
    his head, and in ignorance.

  4. Re: [News] New worm feeds on latest Microsoft bug

    On Mon, 27 Oct 2008 01:06:00 +0100, Peter KŲhlmann wrote:

    > The racist, liar and software thief Gary Stewart (flatfish) nymshifted:
    >
    >> On Mon, 27 Oct 2008 00:36:17 +0100, Richard Rasker wrote:
    >>
    >>> Moshe Goldfarb. wrote:
    >>>
    >>>> On Sun, 26 Oct 2008 23:02:40 +0100, Richard Rasker wrote:
    >>>>
    >>>> So please try a little harder to come up
    >>>>> with a plausible way that Linux could become as insecure as Windows.
    >>>>>
    >>>>>
    >>>>> Richard Rasker
    >>>>
    >>>> Simple.... a rogue program in one of the many repositories for Linux
    >>>> software.
    >>>
    >>> No, not so simple ...
    >>>
    >>>> Do you *really know* what say the mediaubuntu is downloading to your
    >>>> machine?
    >>>> What about the various restricted repositories that Ubuntu users need to
    >>>> add in order to play mp3, libdvdcss etc...
    >>>
    >>> One word: keys. A checksum of every downloaded file is compared to a key
    >>> on a separate server. So any distributor of rogue software must not only
    >>> compromise a package mirror, but also the key server. The only realistic
    >>> way to spread malicious software this way is to get further upstream --
    >>> but that's exceedingly diffcult.
    >>> Then of course you could try creating a complete application which has
    >>> concealed malware aboard, but this is even less plausible: the
    >>> application must be something a lot of people want to install -- and even
    >>> in the unlikely event that you succeed in creating something hugely
    >>> popular, your cunning plan will fall apart as soon as anyone bothers to
    >>> dive into the source code. The chance of which is a solid 100% if you
    >>> actually create something that appeals to a lot of people.
    >>>
    >>>> How do you really know what is in there and what you are loading on to
    >>>> your machine?
    >>>>
    >>>> Answer: you don't.
    >>>
    >>> Answer: you do. At least you do know that what's downloaded onto your
    >>> machine has the same checksum as what the software creator put online.
    >>> And so far, it's virtually impossible to
    >>>
    >>>> Mint Linux was infected as were others earlier this year.
    >>>
    >>> If this has actually led to infections, then Mint has made severe
    >>> mistakes in its package management and distribution -- e.g. no key
    >>> checks, or no use of keys and key servers at all.
    >>>
    >>>> It will happen more as Linux user numbers increase, if they do.
    >>>
    >>> I seriously doubt it -- these attacks all have to do with Linux servers
    >>> being compromised, usually through bad PHP code. For all intents and
    >>> purposes, desktop Linux isn't attacked at all. Sure, with an increasing
    >>> popularity of desktop Linux there will inevitably be more attacks -- but
    >>> I'm very confident that we won't see this endless malware mess that's
    >>> been rampant in the Windows world for well over a decade now. Linux
    >>> really is better designed, with nothing like the old one-user no-network
    >>> computer legacy which made Windows so terribly insecure -- although the
    >>> ultimate cause of this legacy was of course plain incompetence in
    >>> designing the OS in the first place.
    >>>
    >>> Richard Rasker

    >>
    >> All the checks and balanaces in the world will not compensate for ignorant
    >> users, social engineering etc.
    >> Does Linux make it more difficult?
    >> Probably, but it will happen.

    >
    > Even *if* it would happen, the question is: Is the infection rate high
    > enough to sustain a virus, to let it stay alive
    >
    >> Even from my own experience, too much trust is put in Linux and what is up
    >> in the sky to download.

    >
    > Well, point us to those rogue download sites for linux soft, will you?
    >
    >> I want to play mp3 files, I see a post to add this that and the other
    >> repository to my Ubuntu package manager and I do.
    >> And that is exactly what most people will do.
    >>
    >> I have no clue what is coming down, I just want to play mp3 files for
    >> example.

    >
    > Bull**** to the highest degree, flatfish, and you know it.
    > MP3 playing is working by default in any major linux distro.
    >
    >> It's going to happen when Linux is a big enough desktop target, which is
    >> where most of the infections are coming from in the Windows world.
    >>

    >
    > You have no clue whatsoever you are blubbering about


    Ah, the old "when Linux is a big enough desktop target"/"if Linux was as
    popular as Windows" crap, which has been disproved by Linux security
    experts. But still the wintrolls roll out the *same* tired out cliches.

    I've been hearing the same old BS from wintrolls for the last 10 years, &
    there are more Linux users now than back then. As linux boxes are *highly*
    prized amongst crackers, how come we haven't heard Linux bot-nets?

    --
    Most people are sheep. *
    Microsoft is very effective
    at fleecing the flockers.



  5. Re: [News] New worm feeds on latest Microsoft bug

    Moshe Goldfarb. wrote:

    > On Mon, 27 Oct 2008 00:36:17 +0100, Richard Rasker wrote:
    >
    >> Moshe Goldfarb. wrote:


    [snip infection of Linux machines]

    >>> It will happen more as Linux user numbers increase, if they do.

    >>
    >> I seriously doubt it


    > All the checks and balanaces in the world will not compensate for ignorant
    > users, social engineering etc.
    > Does Linux make it more difficult?
    > Probably, but it will happen.


    Attacks on Linux will increase with increasing popularity, that can't be
    denied.

    > Even from my own experience, too much trust is put in Linux and what is up
    > in the sky to download.
    >
    > I want to play mp3 files, I see a post to add this that and the other
    > repository to my Ubuntu package manager and I do.
    > And that is exactly what most people will do.
    >
    > I have no clue what is coming down, I just want to play mp3 files for
    > example.


    There are only a limited number of repositories to add to get everything
    available. But OK, for the sake of the argument, let's assume that someone
    sets up a repository for the sole purpose of infecting Linux machines. Then
    let's see what else must happen to spread malware:
    1. This new and malicious repository must be advertized. This might work for
    a few days at most, but pretty soon it's found out. Still, it might trick a
    number of users in the meantime.
    2. The repository must offer doctored packages, yet with the correct keys,
    or new packages with its own keys. The first are almost impossible to
    create, and the second has the problem that no-one will blindly install
    them. Oh deary deary, what to do? Those poor malware people ...

    > It's going to happen when Linux is a big enough desktop target, which is
    > where most of the infections are coming from in the Windows world.


    In the Windows world, it's perfectly normal to search out a particular
    doodah you think you want to use, download the .exe from any old Web page
    you find it on, without the possibility of checking its integrity (as
    Windows has no coherent system of software management and key checking
    whatsoever), and install the thing by double-clicking the downloaded file.
    This is vastly more insecure than your "fake (or hacked) repository"
    scenario -- which is foiled easily by checking keys.
    In the Windows world, the only way to be reasonably certain that it's not
    malware is to spend quite some time Googling the software itself, the site
    where you got it from, and the alleged creator. And if you're in luck,
    you'll find a more or less "official" site which shows an MD5sum or the
    likes. But that's no use for ordinary users, who have no idea what MD5 is
    or how they can check downloaded files with it. Heck, I tried using md5sum
    on a Windows box some time ago, but it simply wasn't there! This lack of
    even the most basic of file checksum tools is one of the many things that
    tells me that Windows doesn't deserve the qualification of "operating
    system". It's a glorified application starter, which isn't designed with
    security (or even networking) in mind.

    Richard Rasker
    --
    http://www.linetec.nl

  6. Re: [News] New worm feeds on latest Microsoft bug

    Richard Rasker wrote:
    > tells me that Windows doesn't deserve the qualification of "operating
    > system". It's a glorified application starter, which isn't designed with
    > security (or even networking) in mind.
    >


    This person is talking out the side of his head too.

    http://www.petri.co.il/unblock-files-windows-vista.htm

    Windows Vista is known to be much more picky about the file types it
    allows the user to use than previous operating systems. Some file types
    are considered to be a potential threat, and therefore are blocked.
    -----------------

    One downloads files from a reputable source. One doesn't run around to
    p2p's and other such dubious places downloading files. And that's called
    use commonsense with computers while in a social engineering setting.

  7. Re: [News] New worm feeds on latest Microsoft bug

    Linux Pimps wrote:

    > Peter Köhlmann wrote:
    >
    >>> You stupid fool, you know nothing about RPC and how it works, you know
    >>> nothing about COM or DCOM object communications over TCP 135 the
    >>> COM/DCOM port you moron.

    >>
    >> Fine. And now go playing on the motorway again, idiot

    >
    > But you can't dispute it you moron,


    I will not "discuss" it with cretins like you

    Get lost, you moron
    --
    Only two things are infinite,
    the Universe and Stupidity.
    And I'm not quite sure about the former.
    - Albert Einstein


  8. Re: [News] New worm feeds on latest Microsoft bug

    Linux Pimps wrote:

    > Richard Rasker wrote:
    >> tells me that Windows doesn't deserve the qualification of "operating
    >> system". It's a glorified application starter, which isn't designed with
    >> security (or even networking) in mind.
    >>

    >
    > This person is talking out the side of his head too.
    >
    > http://www.petri.co.il/unblock-files-windows-vista.htm
    >
    > Windows Vista is known to be much more picky about the file types it
    > allows the user to use than previous operating systems. Some file types
    > are considered to be a potential threat, and therefore are blocked.
    > -----------------
    >
    > One downloads files from a reputable source. One doesn't run around to
    > p2p's and other such dubious places downloading files. And that's called
    > use commonsense with computers while in a social engineering setting.


    If this is proof of anything, it's that Microsoft are utterly incompetent
    morons who have NO IDEA what "security" means. Just give a file a different
    extension, and oh looky, it's downloaded right away, no questions asked.

    This is the same kind of utter stupidity in Vista where an executable file
    with the string "install" in its name triggers a security warning, but the
    exact same file renamed "fred" (or whatever else) is merrily executed right
    away. And remember the Zune? It had this (don't laugh) "DRM" on board,
    where copying music files between users was prevented by, yup, looking at
    extensions. If it weren't so sad, it would be laughable. It's like having a
    guard dog which only barks at stealthy moving masked intruders, but wags
    its tail when strangers in plain clothes walk into the house.

    What is this with Microsoft? Howcome that in 2008, these idiots /still/
    design software that treats a file name or extension as any reliable
    indication of a file's nature? And in the process of (hahaha) "securing the
    OS" and (pffrrrt) "protecting the users" all they achieve is making Windows
    more of a hassle to use (sheesh, editing the Registry to be able to receive
    MP3 files ...). But apparently, the OS is still as secure as a wet paper
    bag, and needs all the "protection" from the binary equivalent of sticky
    tape, paperclips, elastic bands, and shielding baggies it can get. And
    sure, i'll help. As long as the bad guys stick to Microsoft's naming and
    extension conventions as well. Duh.

    Richard Rasker
    --
    http://www.linetec.nl

  9. Re: [News] New worm feeds on latest Microsoft bug

    Richard Rasker wrote:
    > Linux Pimps wrote:
    >
    >> Richard Rasker wrote:
    >>> tells me that Windows doesn't deserve the qualification of "operating
    >>> system". It's a glorified application starter, which isn't designed with
    >>> security (or even networking) in mind.
    >>>

    >> This person is talking out the side of his head too.
    >>
    >> http://www.petri.co.il/unblock-files-windows-vista.htm
    >>
    >> Windows Vista is known to be much more picky about the file types it
    >> allows the user to use than previous operating systems. Some file types
    >> are considered to be a potential threat, and therefore are blocked.
    >> -----------------
    >>
    >> One downloads files from a reputable source. One doesn't run around to
    >> p2p's and other such dubious places downloading files. And that's called
    >> use commonsense with computers while in a social engineering setting.

    >




    You're no expert on anything. You are a dumb home user. And I wouldn't
    trust anything you have to say as far as I could toss a building
    somewhere. When you pull out a link from the year 2006 and give false
    information or your spin on it as if it's the gospel, then no, no one
    should trust anything you have to say.

    You are guru's guru and an expert's expert in your own worthless mind,
    *clown*.

  10. Re: [News] New worm feeds on latest Microsoft bug

    Linux Pimps wrote:

    > Richard Rasker wrote:
    >> Linux Pimps wrote:
    >>
    >>> Richard Rasker wrote:
    >>>> tells me that Windows doesn't deserve the qualification of "operating
    >>>> system". It's a glorified application starter, which isn't designed
    >>>> with security (or even networking) in mind.
    >>>>
    >>> This person is talking out the side of his head too.
    >>>
    >>> http://www.petri.co.il/unblock-files-windows-vista.htm
    >>>
    >>> Windows Vista is known to be much more picky about the file types it
    >>> allows the user to use than previous operating systems. Some file types
    >>> are considered to be a potential threat, and therefore are blocked.
    >>> -----------------
    >>>
    >>> One downloads files from a reputable source. One doesn't run around to
    >>> p2p's and other such dubious places downloading files. And that's called
    >>> use commonsense with computers while in a social engineering setting.

    >>

    >
    >
    >


    Naturally. You can't refute *anything* of what he wrote, because it is true.

    *You* are the idiot here, and you show it with every post you make,
    pretending to "snip without reading" and declaring anyone with at least
    half a brain as "dumb home user" or similar.

    If you had more than that single rotten braincell you would be ashamed of
    your incompetence and totally lacking knowledge about the simplest things.
    Instead you show us time and again what cretinous users wintendo has
    --
    The Day Microsoft makes something that does not suck is probably
    the day they start making vacuum cleaners.


  11. Re: [News] New worm feeds on latest Microsoft bug

    Peter KŲhlmann wrote:



    You kiss his behind well like a good little NG lapdog, Petey.

  12. Re: [News] New worm feeds on latest Microsoft bug

    Richard Rasker wrote:

    > Linux Pimps wrote:
    >
    >> Richard Rasker wrote:
    >>> tells me that Windows doesn't deserve the qualification of "operating
    >>> system". It's a glorified application starter, which isn't designed with
    >>> security (or even networking) in mind.
    >>>

    >>
    >> This person is talking out the side of his head too.
    >>
    >> http://www.petri.co.il/unblock-files-windows-vista.htm


    I just realized once over how mindbogglingly stupid this "blocked files"
    strategy is. OK, MP3 files turn out to be potentially harmful when played
    on a Windows machine. No doubt it's a nasty little software bug in WMP. So
    what does Microsoft do? Do they fix their broken crapware, so that MP3
    files can be played without a problem once again? Nope, they block MP3's.

    This is very, very stupid indeed -- and it gets even worse: AFAICS, MP3's
    are only blocked when coming in through MSN, yet can be downloaded from the
    Web or received in the mail without any problem. So this "protection" 1.
    isn't worth a fart in a hurricane, and 2. still forms a major hassle for
    users, 3. causes inconsistent behaviour in Windows, and 4. is a sure sign
    that Microsoft hasn't a clue about what they're doing.

    .... And in ten years time, come "Windows 20", all but five file extensions
    are blocked ... but still Windows bot nets rule the Internet, and users
    have to struggle ever more to use their computers the way they want ... and
    the struggle against malicious software is all but lost ...

    Richard Rasker
    --
    http://www.linetec.nl

  13. Re: [News] New worm feeds on latest Microsoft bug

    Richard Rasker wrote:
    > Richard Rasker wrote:
    >
    >> Linux Pimps wrote:
    >>
    >>> Richard Rasker wrote:
    >>>> tells me that Windows doesn't deserve the qualification of "operating
    >>>> system". It's a glorified application starter, which isn't designed with
    >>>> security (or even networking) in mind.
    >>>>
    >>> This person is talking out the side of his head too.
    >>>
    >>> http://www.petri.co.il/unblock-files-windows-vista.htm

    >
    > I just realized once over how mindbogglingly stupid this "blocked files"
    > strategy is. OK, MP3 files turn out to be potentially harmful when played
    > on a Windows machine. No doubt it's a nasty little software bug in WMP. So
    > what does Microsoft do? Do they fix their broken crapware, so that MP3
    > files can be played without a problem once again? Nope, they block MP3's.


    You are no expert here. Can you show me somewhere that your name is up
    in lights and that you are an expert's expert?
    >
    > This is very, very stupid indeed -- and it gets even worse: AFAICS, MP3's
    > are only blocked when coming in through MSN, yet can be downloaded from the
    > Web or received in the mail without any problem. So this "protection" 1.
    > isn't worth a fart in a hurricane, and 2. still forms a major hassle for
    > users, 3. causes inconsistent behaviour in Windows, and 4. is a sure sign
    > that Microsoft hasn't a clue about what they're doing.


    You are no expert here. Can you show me somewhere that your name is up
    in lights and that you are an expert's expert?
    >
    > ... And in ten years time, come "Windows 20", all but five file extensions
    > are blocked ... but still Windows bot nets rule the Internet, and users
    > have to struggle ever more to use their computers the way they want ... and
    > the struggle against malicious software is all but lost ...
    >


    You are stupid, and they need to lock you up under the asylum.

    It's a lot of wonderful lip drivel service from your worthless mind, but
    nevertheless, it's just lip drivel.

    I wouldn't trust your lip drivel, like I said, as far as I could toss a
    building somewhere, and that is nowhere.

    When I need to take control of Vista, I know how to take control of it,
    no problem. But I also want the protection that it provides that no
    other NT based O/S can provide. If you don't like it, then you don't
    like it, tough.

    What a maroon you are -- what a maroon. :-P




  14. Re: [News] New worm feeds on latest Microsoft bug

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    ____/ Peter Köhlmann on Sunday 26 October 2008 22:45 : \____

    > In principle a machine with a running firewall should be safe, but a small
    > error in setting the firewall will make the machine wide open.


    Based on what I've read, it can bypass firewalls by attacking (spreading) from
    local networks, assuming these are not blocked.

    - --
    ~~ Best of wishes

    Roy S. Schestowitz | GPL - Global Programmer's Law
    http://Schestowitz.com | Free as in Free Beer | PGP-Key: 0x74572E8E
    Load average (/proc/loadavg): 0.66 0.76 0.87 1/263 15158
    http://iuron.com - semantic search engine project initiative
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEARECAAYFAkkFprQACgkQU4xAY3RXLo4ZFgCgkhJ9WlrD56 sXsiHEsWIePcfh
    CwwAoIsCUw4RUfDvSnMNAfRL6GjBB+Pp
    =ilkX
    -----END PGP SIGNATURE-----

  15. Re: [News] New worm feeds on latest Microsoft bug

    Roy Schestowitz wrote:

    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > ____/ Peter Köhlmann on Sunday 26 October 2008 22:45 : \____
    >
    >> In principle a machine with a running firewall should be safe, but a
    >> small error in setting the firewall will make the machine wide open.

    >
    > Based on what I've read, it can bypass firewalls by attacking (spreading)
    > from local networks, assuming these are not blocked.
    >


    Certainly. There is lots of malware which shuts off the toy windows uses
    as "firewall".
    When malware has entered the system, all bets for windows are off.
    --
    Microsoft: The company that made email dangerous
    And web browsing. And viewing pictures. And...


  16. Re: [News] New worm feeds on latest Microsoft bug

    Peter Köhlmann wrote:
    > Roy Schestowitz wrote:
    >
    >> -----BEGIN PGP SIGNED MESSAGE-----
    >> Hash: SHA1
    >>
    >> ____/ Peter Köhlmann on Sunday 26 October 2008 22:45 : \____
    >>
    >>> In principle a machine with a running firewall should be safe, but a
    >>> small error in setting the firewall will make the machine wide open.

    >> Based on what I've read, it can bypass firewalls by attacking (spreading)
    >> from local networks, assuming these are not blocked.
    >>

    >
    > Certainly. There is lots of malware which shuts off the toy windows uses
    > as "firewall".
    > When malware has entered the system, all bets for windows are off.


    That holds for any O/S stupid. If the exploit can get there and is
    executed all bets are off stupid, no matter what O/S is being used, if
    the exploit is running under the context of a user/admin.

  17. Re: [News] New worm feeds on latest Microsoft bug

    Linux Pimps wrote:

    > Peter Köhlmann wrote:
    >> Roy Schestowitz wrote:
    >>
    >>> -----BEGIN PGP SIGNED MESSAGE-----
    >>> Hash: SHA1
    >>>
    >>> ____/ Peter Köhlmann on Sunday 26 October 2008 22:45 : \____
    >>>
    >>>> In principle a machine with a running firewall should be safe, but a
    >>>> small error in setting the firewall will make the machine wide open.
    >>> Based on what I've read, it can bypass firewalls by attacking
    >>> (spreading) from local networks, assuming these are not blocked.
    >>>

    >>
    >> Certainly. There is lots of malware which shuts off the toy windows uses
    >> as "firewall".
    >> When malware has entered the system, all bets for windows are off.

    >
    > That holds for any O/S stupid. If the exploit can get there and is
    > executed all bets are off stupid, no matter what O/S is being used, if
    > the exploit is running under the context of a user/admin.


    *If* little cretin, *if*

    You wintendo fanbois constantly forget that little word.

    Windows "security" is not quite as strong as a wet paper bag
    --
    Microsoft's Guide To System Design:
    It could be worse, but it'll take time.


  18. Re: [News] New worm feeds on latest Microsoft bug

    Peter Köhlmann wrote:
    > Linux Pimps wrote:
    >
    >> Peter Köhlmann wrote:
    >>> Roy Schestowitz wrote:
    >>>
    >>>> -----BEGIN PGP SIGNED MESSAGE-----
    >>>> Hash: SHA1
    >>>>
    >>>> ____/ Peter Köhlmann on Sunday 26 October 2008 22:45 : \____
    >>>>
    >>>>> In principle a machine with a running firewall should be safe, but a
    >>>>> small error in setting the firewall will make the machine wide open.
    >>>> Based on what I've read, it can bypass firewalls by attacking
    >>>> (spreading) from local networks, assuming these are not blocked.
    >>>>
    >>> Certainly. There is lots of malware which shuts off the toy windows uses
    >>> as "firewall".
    >>> When malware has entered the system, all bets for windows are off.

    >> That holds for any O/S stupid. If the exploit can get there and is
    >> executed all bets are off stupid, no matter what O/S is being used, if
    >> the exploit is running under the context of a user/admin.

    >
    > *If* little cretin, *if*
    >
    > You wintendo fanbois constantly forget that little word.
    >
    > Windows "security" is not quite as strong as a wet paper bag


    Another one of your worthless one liners.

    Stupid, if the user is running as a Standard user which is a user that
    doesn't have admin privileges, then how can malware do anything under
    the context of a Standard user account?

    If the user on Linux logs onto Linux with the root admin account, then
    the machine is going to get attacked.

    The user/admin running on Vista as user/admin with UAC enabled on Vista,
    is assigned two access. One token is for full admin rights, and another
    one is for Standard user rights, with Standard user rights being
    assigned as the default.

    The user/admin must be escalated to the full admin token at the moment
    of privileged escalation to complete the task,and then the user/admin is
    returned to using the Standard user token.

    Look you moron, nothing is bullet proof not even Linux. But MS is moving
    to better protect the O/S with UAC and some other things under the hood.






  19. Re: [News] New worm feeds on latest Microsoft bug

    Moshe Goldfarb. wrote:
    > Only because I at least admit I am light on security,


    Then don't make statements about security then, although...


    > unlike others in this
    > group who proclaim to be experts on everything.



    You don't have to be an expert on security to know that windows security
    is woefully inadequate. Just a bit of honesty will do. When 14 year old
    kids can take control of millions of windows machines with ease, and the
    manufacturer of the OS is either incapable or unwilling to do anything
    about it, then you know the computing world has a very serious problem.

    And as others have said in this thread a lot of the problem is the
    incompetent security paradigm that has been the norm in the windows
    world for 10+ years now. It should have been fixed years ago, and
    they're still shying away from it, even with vista.

  20. Re: [News] New worm feeds on latest Microsoft bug

    Moshe Goldfarb. wrote:

    > On Mon, 27 Oct 2008 00:19:58 +0100, Peter Köhlmann wrote:
    >
    >> Moshe Goldfarb. wrote:
    >>
    >>> On Sun, 26 Oct 2008 23:45:22 +0100, Peter Köhlmann wrote:
    >>>
    >>>> Moshe Goldfarb. wrote:
    >>>>
    >>>>> On Sun, 26 Oct 2008 23:23:26 +0100, Peter Köhlmann wrote:
    >>>>>
    >>>>>> The racist, liar and software thief Gary Stewart (flatfish)
    >>>>>> nymshifted:
    >>>>>>
    >>>>>>> On Sun, 26 Oct 2008 14:40:58 -0700 (PDT),
    >>>>>>> nessuno@wigner.berkeley.edu wrote:
    >>>>>>>
    >>>>>>>>
    >>>>>>>> One day after Microsoft issued a rare emergency Windows security
    >>>>>>>> patch, the bad guys have a few new ways to take advantage of the
    >>>>>>>> bug.....a new worm, called Gimmiv....
    >>>>>>>>
    >>>>>>>> This vulnerability lies in the Windows Server service.... "It is
    >>>>>>>> downloaded onto a target machine via social engineering
    >>>>>>>
    >>>>>>> Key words: Social Engineering.......
    >>>>>>
    >>>>>> And completely wrong.
    >>>>>> It is a vulnerability in the windows RPC code, and absolutely no user
    >>>>>> interaction is needed
    >>>>>
    >>>>> That's not what the article says.
    >>>>
    >>>> I don't care what the article says. It is a RPC error, thus *no* user
    >>>> interaction is needed.
    >>>> In principle a machine with a running firewall should be safe, but a
    >>>> small error in setting the firewall will make the machine wide open.
    >>>> If you have file- and printer sharing enabled, very easily you can
    >>>> enable also the access from the outside. Then all bets are off.
    >>>> The problem is in a code area which is not protected by "/GS security
    >>>> cookies"
    >>>>
    >>>>> It has to make it to the first machine.
    >>>>
    >>>> Wrong
    >>>>
    >>>> And actually it is quite similar to the 2006 vulnerability in RPC,
    >>>> when "Vanebot" or "Mocbot" were infecting windows machines without any
    >>>> user interaction at all
    >>>
    >>> I'll take your word for it

    >>
    >> You better do.

    >
    > Only because I at least admit I am light on security, unlike others in
    > this group who proclaim to be experts on everything.


    You know that this is utter bull****, flatfish. You comment on about every
    aspect of linux, and nearly always in a deragatory manner
    You rarely say something about the practically non-existant security of
    windows. You deny that windows (or better, those incompetent retards at MS)
    is responsible for 99.99% of all the spam and malware out there

    >>> but the term social engineering should have
    >>> been left out of the article.
    >>>

    >>
    >> Maybe. And on the other hand, you should perhaps tried to see if other,
    >> more technical oriented news than "NYT" have to say something about it
    >> before blubbering your bull****
    >> Even MS might be a better source for real info than NYT in this case

    >
    > Don't talk to me.
    > Talk to your com padre, Linux advocate "par excellence", Richard Rasker.
    > He posted it not me.
    >


    And you felt the need to comment on it. Although you are "light on
    security". You did not even question the article (because it was
    somewhat "favourable" for windows ("social engeneering")), although you
    nitpick all the posts from Roy. Double standards, as usual from you
    wintendo fanbois

    --
    Avoid reality at all costs.


+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast