M
Moshe Goldfarb
On Fri, 04 Apr 2008 23:08:21 +0100, Roy Schestowitz wrote:
> ____/ Doug Mentohl on Friday 04 April 2008 21:58 : \____
>
>> Who is the company that made right-click, email, browsing and typing
>> on your own computer dangerous ..
>
> The problem is the belief that execution of arbitrary code is seen as safe.
> Office macros, ActiveX, E-mail attachments/content executed upon viewing or
> clicking. With a networked environment, binaries can be very easily passed and
> the worst one can do is permit them to run easily, especially with full system
> privileges.
>
> Microsoft would tell you that Windows is easy to use, but with a broken model
> of /mistrust/ it also makes Windows easy for criminals to use (remotely). As
> USA indicated a couple of weeks ago, on an average day, about 40% of the
> world's PCs are zombies. All that needs to be done to make one a zombie is
> simply to plug in the PC to the network socket (the BBC reported on this some
> time ago). That's not just about the execution model, but the underlying
> system, such as a bad TCP/IP stack. Did you know that 2 months ago,
> Microsoft's 'new & shiny' TCP/IP stack allowed Vista to be hijacked merely by
> sending it a properly-crafted TCP/IP packet? Security by 'obscurity'... it
> figures.
So says Roy Schestowitz whose Linux server at www.schestowitz.com was
hacked and owned a couple of weeks ago.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/
> ____/ Doug Mentohl on Friday 04 April 2008 21:58 : \____
>
>> Who is the company that made right-click, email, browsing and typing
>> on your own computer dangerous ..
>
> The problem is the belief that execution of arbitrary code is seen as safe.
> Office macros, ActiveX, E-mail attachments/content executed upon viewing or
> clicking. With a networked environment, binaries can be very easily passed and
> the worst one can do is permit them to run easily, especially with full system
> privileges.
>
> Microsoft would tell you that Windows is easy to use, but with a broken model
> of /mistrust/ it also makes Windows easy for criminals to use (remotely). As
> USA indicated a couple of weeks ago, on an average day, about 40% of the
> world's PCs are zombies. All that needs to be done to make one a zombie is
> simply to plug in the PC to the network socket (the BBC reported on this some
> time ago). That's not just about the execution model, but the underlying
> system, such as a bad TCP/IP stack. Did you know that 2 months ago,
> Microsoft's 'new & shiny' TCP/IP stack allowed Vista to be hijacked merely by
> sending it a properly-crafted TCP/IP packet? Security by 'obscurity'... it
> figures.
So says Roy Schestowitz whose Linux server at www.schestowitz.com was
hacked and owned a couple of weeks ago.
--
Moshe Goldfarb
Collector of soaps from around the globe.
Please visit The Hall of Linux Idiots:
http://linuxidiots.blogspot.com/