Home |
Search |
Today's Posts |
|
Woodworking (rec.woodworking) Discussion forum covering all aspects of working with wood. All levels of expertise are encouraged to particiapte. |
Reply |
|
|
LinkBack | Thread Tools | Display Modes |
#41
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Fred the Red Shirt" wrote in message ... Well I am sure that every thing you say here is true, today. But security be design is going to be cracked by some one. The strong point to all the other systems security is that 99% of the people spamming and sending out viruses are concentrating on the easy target. No, the strong point to all of the other systems is that they _have to be cracked_. And again I'll say that if Microsoft disappeared tomorrow the attention of the spamers would be dirrected at cracking the security on the other OS systems. I do not contest the fact that Microsoft created the Spammers paradise but having to crack the security of an OS is not going to make the millions of spamers go away. Abusers didn't have to crack Windows, they just used the available plug-ins. Yes that is true. Path of least resistance. Take that target away and the tens of thousands or more people that make their living doing this now will look for the next easiest target. Using Windows on the internet was like walking into a gay bar at closing time with your pants down around your ankles. I would know nothing about that. I'll take your word on that one, BIG BOY. ;~) ... To think that your set up is impenetrable is to be a bit naive. False dichotomy--like 'safe' or 'unsafe' in a woodshop. |
#42
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Larry Blanchard" wrote in message news On Fri, 04 Apr 2008 01:25:46 +0000, Leon wrote: Until another OS gets the attention that Windows does by the spammers no really knows what holes of methods can be devised in the future to cause havoc. To think that your set up is impenetrable is to be a bit naive. Leon, the point he's trying to make is that spammers didn't have to devise any methods to get into Windows - Microsoft provided them :-). I totally agree and am not defending Microsoft at all. They created this problem. But like "nukes" the problem is not going to go away. An industry has been created and will continue with or with out an easy target. AFAIK, that is not the case with any of the Unix variants. I wrote code to control, among other things, smelters, rolling mills, radio telescopes, and computer aided dispatch. All of them were concerned about security for obvious reasons, especially the highway patrol :-). To put it another way, setting up an insecure Unix box takes a fair amount of work. Work that can only be done by someone with superuser authority. Setting up a secure Windows box takes a great amount of work and the result is a crippled system because many features must be disabled. If Unix became the next OS in every home like Microsoft is now, do you think that "everyone" would be able to do that fair amount of work to insure its security against spammers? I am only saying that Unix is strong because it does not appeal to the masses, a target not worth the time needed to crack it, today. If Unix replaced Windows in the future you have thousands and thousands of spammers that will have reason to go after the next easiest target. I suspect that Apple would be that target. I remember when Apple had no virus problems. Had Unix been the first OS to be in every ones homes perhaps Spammers would not exist today but now they do and they probably are not going to go away simply because the target becomes harder to get into. |
#43
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Fri, 04 Apr 2008 13:50:42 +0000, Leon wrote:
If Unix became the next OS in every home like Microsoft is now, do you think that "everyone" would be able to do that fair amount of work to insure its security against spammers? To put it another way, setting up an insecure Unix box takes a fair ^^^^^^^^ I think you read that one backwards, Leon :-). I am only saying that Unix is strong because it does not appeal to the masses, a target not worth the time needed to crack it, today. I don't doubt that dedicated hackers could get into Unix. They have before, albeit most intrusions were of the "worm" and not the "virus" species. But when every process runs in its own protected memory space, it does limit the opportunities for system-wide damage. And at least one Unix, OpenBSD, was designed specifically for security. But your point is valid. There would surely be more hacking attempts, and successes, were Unix the predominant OS. I just don't think they'd be as frequent or as severe. |
#44
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 4, 7:08 am, "J. Clarke" wrote:
Maxwell Lol wrote: Fred the Red Shirt writes: It sounds like you never heard of the "Join the Crew Virus" or Windows XP. All of the Linuxes, Unixes, and OSX are more secure BY DESIGN. Except when you screw up. The iPhone runs as superuser, and not an unpriviledged user. This is one reason why it was so easy to hack. According to McAfee (and a large number of other sources) the "Join the Crew Virus" was a hoax. That's the point. You can't get a virus just by reading email. Or rather you couldn't until Microsoft began writing email clients. -- FF |
#45
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 3, 10:39 pm, Maxwell Lol wrote:
Fred the Red Shirt writes: You forgot to mention the versions of XP home that required the user to connect to MS over the internet and without any firewall or other protections in order to complete the installation. I had the same problem with Linux years ago. It was a new install, and while downloading hte latest patches, it was compromised. Out sysadmin found out (the hard way) that a patch from HP reset our mailserver to an open relay. Of course the documentation from HP didn't warn about that, it was obvious--to them. -- FF |
#46
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Larry Blanchard" wrote in message news On Fri, 04 Apr 2008 13:50:42 +0000, Leon wrote: If Unix became the next OS in every home like Microsoft is now, do you think that "everyone" would be able to do that fair amount of work to insure its security against spammers? To put it another way, setting up an insecure Unix box takes a fair ^^^^^^^^ I think you read that one backwards, Leon :-). Probably so. I have been on medication all week fighting an upper respitory infection transfered to me my my wife. She sent me an unsecured e-mail and I read it. ;~) |
#47
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Leon" wrote in message ... I totally agree and am not defending Microsoft at all. They created this problem. But like "nukes" the problem is not going to go away. An industry has been created and will continue with or with out an easy target. If Unix became the next OS in every home like Microsoft is now, do you think that "everyone" would be able to do that fair amount of work to insure its security against spammers? I am only saying that Unix is strong because it does not appeal to the masses, a target not worth the time needed to crack it, today. If Unix replaced Windows in the future you have thousands and thousands of spammers that will have reason to go after the next easiest target. I suspect that Apple would be that target. I remember when Apple had no virus problems. Had Unix been the first OS to be in every ones homes perhaps Spammers would not exist today but now they do and they probably are not going to go away simply because the target becomes harder to get into. You are correct Leon. So much so, that CERT came into being over a hacked UNIX environment - not hacked Microsoft environments. Virus', worms, trojan horses, etc. were all very real threats in the UNIX world. One of the problem with open source environments like UNIX is that it is indeed easy to create malicious code. Apple has already seen the attention of the hacker community as well. Not to the degree that Microsoft has, but for all of the reasons you've listed. -- -Mike- |
#48
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 4, 9:38 am, "Leon" wrote:
"Fred the Red Shirt" wrote in ... ... No, the strong point to all of the other systems is that they _have to be cracked_. And again I'll say that if Microsoft disappeared tomorrow the attention of the spamers would be dirrected at cracking the security on the other OS systems. I do not contest the fact that Microsoft created the Spammers paradise but having to crack the security of an OS is not going to make the millions of spamers go away. Millions of spammers? On what planet? 80% of spam is sent by one hundred spammers. The ROKSO list has even shrunk in recent years down to to only 112 this week from about 200 a while back. Spamhaus doesn't allow deep linking, but you'er welcomed to go in the front door here http://www.spamhaus.org. Exploring their site can be quite educational. Of the top ten spammers, seven are Russian/Ukrainian organized crime, dominated by former KGB personnel. Yambo Financials, (ROKSO #9) for example. They have been hosted by Verizon for several years, maybe even from before the Worldcon/MCI/UUNet pruchase. Here's their ROKSO description: 9 Yambo Financials Ukraine Huge spamhaus tied into distribution and billing for child, animal, and incest-porn, pirated software, and pharmaceuticals. Run their own merchant services (credit-card "collection" sites) set up as a fake "bank." Currently hosted he SBL54087 63.81.154.248/31 verizon.com 01-May-2007 03:01 GMT Yambo Financials Yambo botnet nameservers/webhosts (compromised systems) Wanna bet those compromised systems are Windows PCs? Contrary to popular belief the ISPs know who the spammers are and where they are hosted. While it is easy for a spammer to hide the identification of his hosting iSP from a typical recipient, ISPs have their system logs and people who can read them. Just after the turn of the millenium the threat of blacklisting of spam-friendly ISPs had been used to herd most of the ROKSO spammers onto two ISPs, UUNET (or whatever it was then called) and one Chinese ISP. The stage was set to deliver a crippling blow to the worl'd spammers. Then the botnets, zombies, and anonymizing servers emerged not only allowing the spammers to expand their spew, but also to counter-attack with DDOS attacks against several blacklisters. Microsoft made that possible. While Leon is correct, that harder targets can be cracked, it takes more skill, time, and effort to do so, while the time and effort to close off those security is far less than that required to 'patch' millions of PCs. If Microsoft had not thrown the doors to those PCs wide open to abusers, the opportunities for abuse would have been orders of magnitude less numerous and that abuse much more easily curbed. Yes, if Microsoftware had to be cracked there would have been more attacks directed at Macs, Unix, and VMS boxes. But the success rate of those attacks would have been much much lower and the response to close those security holes much much faster and more effective. It would have been much harder for any spammer to aquire any money, let alone for scores to steal millions. -- FF |
#49
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 4, 9:38 am, "Leon" wrote:
"Fred the Red Shirt" wrote in ... ... Abusers didn't have to crack Windows, they just used the available plug-ins. Yes that is true. Path of least resistance. Take that target away and the tens of thousands or more people that make their living doing this now will look for the next easiest target. While 'tens of thousands' is not as wildly incorrect as 'millions' it is still way of the mark. There may have been a total of a few tens of thousands of email spammers since the inception of the practice, but the overwhelming number of those were chicken boners who almost certainly lost money by spamming. E.g. they paid for spamware and/or affiliate membership is some internet-based pyramid scheme, made no sales and got malletted within hours or days of sending their first spam. Almost every ISP will terminate the account of a spammer who isn't paying them a lot extra (e.g. the notorius 'pink' contracts with ATT and others.) The number making a living off spam today are no more than two or three hundred and never were any more than that. There may be fewer today than at any time in the last ten years due in no small measure to organized crime offering deals their competition couldn't refuse. -- FF |
#50
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 4, 1:12 pm, "Leon" wrote:
"Larry Blanchard" wrote in message news ... To put it another way, setting up an insecure Unix box takes a fair ^^^^^^^^ I think you read that one backwards, Leon :-). Probably so. I have been on medication all week fighting an upper respitory infection transfered to me my my wife. She sent me an unsecured e-mail and I read it. ;~) Next time read your email while wearing a condom... -- FF |
#51
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 4, 2:20 pm, Steve wrote:
... I believe that Unix would be just as insecure if it was as commercially successful as Windows. I think Unix is secure because it has remained in the hands of informed and educated administrators and developers, mostly. Big commercial success means lots of uninformed users who would demand whiz-bang applications like games. Programmers who crank out that stuff aren't particularly concerned with security -- they're concerned with getting the code out the door by the Christmas sales season and making pretty pictures, so they take hardware and software shortcuts. The basic internet applications bundled with a typical Unix application, are relatively (compared to Msoftware) secure. Maintaining that scurity does require routine effort, but to downgrade to a Microsoft level of insecurity would require great additional effort and cost to the user. 'Good' marketing would no doubt convince many to do so. In contrast Microsoft OSes come bundled with grossly insecure applications. It takes additional effort to add security. IOW, it takes additional effort to **** up a Unix installation. Windows comes pre-****ed as a convenience to the spammers and other crackers. -- FF |
#52
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
Fred the Red Shirt wrote:
.... a living off spam today are no more than two or three hundred and never were any more than that. .... Question I've never understood--how does anybody actually make any money? I can see the possibility (however remote) that somebody responds to the phishing, etc., but 98% of what I get is simply machine-generated gibberish it appears. What's up w/ that? -- |
#53
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 4, 3:23 pm, "Mike Marlow" wrote:
"Leon" wrote in message ... You are correct Leon. So much so, that CERT came into being over a hacked UNIX environment - not hacked Microsoft environments. Virus', worms, trojan horses, etc. were all very real threats in the UNIX world. One of the problem with open source environments like UNIX is that it is indeed easy to create malicious code. Apple has already seen the attention of the hacker community as well. Not to the degree that Microsoft has, but for all of the reasons you've listed. Yes. But if you go back 20 some odd years ago when Unix boxes still outnumbered machines on the internet running microsoftware, what was the percentage of each that was compromised at any give time? Despite the fact that the Unix machines were more lucrative targets, having faster connections and greater bandwidth, as well as outnumbering Microsoft PCs, wasn't the percentage of infected PCs much, much, higher? It certainly jumped when Microsoft released its first OS/ email client combination that allowed a sender to install software onto the recipient's computer without notifying the recipient. That upswing was pretty much entirely a product of the technical aspects of the microsoftware and had almost nothing to do with it's popularity. -- FF |
#54
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 4, 9:03 am, "Swingman" wrote:
...Add to the mix the fact that sloppy coding inherent in a rush-to-market mentality (notably manifested in the infamous "buffer overruns") has been responsible for most of the known virus/malicious code exploits with MSFT products. ... As a matter of curiosity, do you know if MS has begun using Code Data Separation? -- FF |
#55
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
dpb wrote:
Fred the Red Shirt wrote: ... a living off spam today are no more than two or three hundred and never were any more than that. ... Question I've never understood--how does anybody actually make any money? I can see the possibility (however remote) that somebody responds to the phishing, etc., but 98% of what I get is simply machine-generated gibberish it appears. What's up w/ that? Most of the machine-generated crap you see is virus/bot software trying to infect your computer and turn it into a spam zombie--some of the spam out there is phishing (as you've seen), some is for Viagra and random penis enlargement stuff (nearly all medical spam is actual for "herbal viagra" or what have you, which has nothing in common with the original), and some of the zombies are just there waiting to be called into action to DoS a company that isn't paying protection money. Yep, vulnerable computers are being used for big-money extortion, some of it against the major world banks and such corporations. Colin |
#56
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Fred the Red Shirt" wrote IOW, it takes additional effort to **** up a Unix installation. Windows comes pre-****ed as a convenience to the spammers and other crackers. LOL ... pretty much what Larry B said, but with a bit more delicacy. -- www.e-woodshop.net Last update: 3/27/08 KarlC@ (the obvious) |
#57
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Fred the Red Shirt" wrote in message On Apr 4, 9:03 am, "Swingman" wrote: ...Add to the mix the fact that sloppy coding inherent in a rush-to-market mentality (notably manifested in the infamous "buffer overruns") has been responsible for most of the known virus/malicious code exploits with MSFT products. ... As a matter of curiosity, do you know if MS has begun using Code Data Separation? I'm not sure I understand the question ... do you mean the OS taking advantage of processor functionality, like NX, to prevent stack overflows, or their .net/xml content management/code/data separation? -- www.e-woodshop.net Last update: 3/27/08 KarlC@ (the obvious) |
#58
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Fred the Red Shirt" wrote IOW, it takes additional effort to **** up a Unix installation. Windows comes pre-****ed as a convenience to the spammers and other crackers. Reminds me of this girl I used to know... |
#59
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
Bull****. After using OE for many years, listening to others
recommendations I tried other newsreaders. I'm back to using OE and I'm sticking with it. Does everything I want it to do and at no cost. I like it so much I may just send Bill Gates a $20 bill as a thank you. As usual, I agree with you EP. But I think I'll stop short of the $20 part. Just think, if Bill Gates had a nickel for every PC that ever crashed.....Oh wait, he does!!! |
#60
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Fred the Red Shirt" wrote in message ... But if you go back 20 some odd years ago when Unix boxes still outnumbered machines on the internet running microsoftware, what was the percentage of each that was compromised at any give time? But... I maintain that this is because the world of hacking, creating viri, etc. had not reached the level of interest that is has today. Despite the fact that the Unix machines were more lucrative targets, having faster connections and greater bandwidth, as well as outnumbering Microsoft PCs, wasn't the percentage of infected PCs much, much, higher? Law of large numbers. Once the phenonena became publicized, interest, copy-cats, etc. skyrocketed and the PC was the obvious target for reasons of (both) securitiy issues and popluation. It certainly jumped when Microsoft released its first OS/ email client combination that allowed a sender to install software onto the recipient's computer without notifying the recipient. That upswing was pretty much entirely a product of the technical aspects of the microsoftware and had almost nothing to do with it's popularity. I believe it was due to both. -- -Mike- |
#61
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Sat, 5 Apr 2008 06:08:13 -0400, "Buck Turgidson"
wrote: Bull****. After using OE for many years, listening to others recommendations I tried other newsreaders. I'm back to using OE and I'm sticking with it. Does everything I want it to do and at no cost. I like it so much I may just send Bill Gates a $20 bill as a thank you. As usual, I agree with you EP. But I think I'll stop short of the $20 part. Just think, if Bill Gates had a nickel for every PC that ever crashed.....Oh wait, he does!!! I like Free Agent, or Agent. -- Posted via a free Usenet account from http://www.teranews.com |
#62
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
On Apr 4, 7:18 pm, "Swingman" wrote:
"Fred the Red Shirt" wrote in message On Apr 4, 9:03 am, "Swingman" wrote: ...Add to the mix the fact that sloppy coding inherent in a rush-to-market mentality (notably manifested in the infamous "buffer overruns") has been responsible for most of the known virus/malicious code exploits with MSFT products. ... As a matter of curiosity, do you know if MS has begun using Code Data Separation? I'm not sure I understand the question ... do you mean the OS taking advantage of processor functionality, like NX, to prevent stack overflows, or their .net/xml content management/code/data separation? Yes. Several years ago, round about when W2k came out a person whose expertise I respect pointed out that Windows stored data and code interspersed in memory so that an overflow in the data could overwrite elements of a program, or maybe even the OS. Sounds to me like he was explaining the infamous 'buffer overflow exploits' as well as why Windows crashed so much. That type of problem was solved by pretty much everyone BUT Microsoft decades earlier by segregating data and programming in memory--Code Data Separation (CDS). I remember CDS as a compiler option for our HP a-900 (I think it was a 900) circa 1987. So, which of those was I talking about? -- FF |
#63
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
Fred the Red Shirt wrote in
: On Apr 4, 7:18 pm, "Swingman" wrote: I'm not sure I understand the question ... do you mean the OS taking advantage of processor functionality, like NX, to prevent stack overflows, or their .net/xml content management/code/data separation? Yes. Several years ago, round about when W2k came out a person whose expertise I respect pointed out that Windows stored data and code interspersed in memory so that an overflow in the data could overwrite elements of a program, or maybe even the OS. Sounds to me like he was explaining the infamous 'buffer overflow exploits' as well as why Windows crashed so much. That type of problem was solved by pretty much everyone BUT Microsoft decades earlier by segregating data and programming in memory--Code Data Separation (CDS). I remember CDS as a compiler option for our HP a-900 (I think it was a 900) circa 1987. So, which of those was I talking about? -- FF Some of this isn't an OS issue. It's a processor architectural issue. The x86 processors use a von Nuemon (sp?) architecture, where both data and instructions are transmitted on the same bus and stored in the same memory. The PIC, for example, uses a Harvard architecture where data and instructions are kept seperate. There are x86 options now (like the NX bit) to try to solve some of the problems, but it will take a LONG LONG time to get everyone switched over. It took 10 years to get everyone switched over from the DOS-based 9x kernals to the superior NT kernal. Oh, and don't underestimate the resourcefulness of crackers. If they post "please send me teh codez" enough, someone's bound to do it! (Just adding a bit of humour.) :-) Puckdropper -- You can only do so much with caulk, cardboard, and duct tape. To email me directly, send a message to puckdropper (at) fastmail.fm |
#64
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Buck Turgidson" wrote in message ... Bull****. After using OE for many years, listening to others recommendations I tried other newsreaders. I'm back to using OE and I'm sticking with it. Does everything I want it to do and at no cost. I like it so much I may just send Bill Gates a $20 bill as a thank you. As usual, I agree with you EP. But I think I'll stop short of the $20 part. Just think, if Bill Gates had a nickel for every PC that ever crashed.....Oh wait, he does!!! Dear Mr. Gates Enclosed is $30 cash (cash so we can keep the IRS out of this) to show my appreciation for giving us Outlook Express for reading newsgroups. It is a fine program and does everything I could ever want. Use the $30 to take the family out for a nice dinner. You can even super size your meal with this much money. I was going to send you $20 and suggested to my friend Buck that he send you twenty also. Well, turns out Buck is just a cheap SOB and he didn't want to help you out. So, I'm sending extra. Maybe Buck will be shamed into sending you the other 10 dollars this way. I doubt it thought. Last time I have Buck a nickel to hold the buffalo started to cry because Buck squeezed so hard. He sure is tight with money. Thanks again Mr. Gates and I'm looking forward to more of your free software. So is Buck but he won't write you. Your friend Ed |
#65
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Edwin Pawlowski" wrote in message Use the $30 to take the family out for a nice dinner. You can even super size your meal with this much money. Bill is visiting my place right now. Send me the check for $30 and I'll take him out for dinner. He's kind of skinny so I'll only need to supersize my meal if that's ok with you. |
#66
Posted to rec.woodworking
|
|||
|
|||
Help--I need a new newsreader
"Fred the Red Shirt" wrote
As a matter of curiosity, do you know if MS has begun using Code Data Separation? Yes: http://i29.tinypic.com/10gidzr.jpg -- www.e-woodshop.net Last update: 3/8/08 KarlC@ (the obvious) |
Reply |
|
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
[OT] -- Pan Newsreader Help | Metalworking | |||
OT - Newsreader question | Metalworking | |||
newsreader | Woodworking |