13 posts • joined Thursday 27th September 2007 02:30 GMT
Forget the Internet - what about the other dangers piped in to my home?
•Gas and Electricity, Burns, maims and kills thousands of people worldwide every year, many of them children.
•Water:- Has the potential to poison, spread disease, scald or even cause death by drowning -responsible for millions of fatalities each year, you guessed it – many of them children.
•Telephone Lines:- Can be used to convey dangerous and illegal information with criminals throughout the globe, and have the potential to connect dial-up networks to anywhere in the world and transfer illegal files and information.
•Postal Service/Couriers:- Many gigabytes of data are transferred every day using this medium on CD’s, DVD’s and Magnetic tape - how do we know they dont contain child porn?
What the government doing about that?
From Trends Security Suggestions (Linked from article)
"Trend Micro recommends the usage of the Comma Delimited Format when saving or exchanging Excel spreadsheets. Comma Delimited files (with the .csv file extension) have the same functionality as regular workbooks (with the .xls extension) ."
Whilst "turning DNS over to TCP exclusively" might go a little way toward closing up this hole its far a practcal solution because it has the potential to open up many more possible exploits, increase the cpu and bandwidth on the server and slowing down the internet experience for everyone.
In my understanding it follows that if the UDP transaction ID is predictable, the default TCP transaction ID is likely to follow suit, thus it is still vulnerable, allbeit to a slighlty more sophisticated attack.
Better to come up with a fix that a workaround.
Would it be easier to manage this crap in an IPv6 world?
My guess is we will just acrrue a whole host of new problems!
Health and Safety
What you are paying for here, is not just a safe method of disposing of hard drives, but the peace of mind that you are not going to be sued by an employee who has just been mutilated beyond recognition by thermite, high caliber bullet ricochets or fizzy pop injections.
Whats the real 'cost of ownership' of your scrap heap challenge hard drive death machines?
It's misleading to report that it took him 2 minutes when all the reports are that he worked on this exploit for weeks beforehand. Sure it took him a couple of minutes to execute it - so what?
If we really want to legitimately test the security of these 3 different OS'es - put them on the internet and increase the prize money to compete with what certain government agencies are prepared to pay for this sort of stuff.
They would ALL be knocked over within seconds.
All this comp tells me is someone who spends his time looking for and reporting vuln's found one and waited until this conference to report it.
If you agree with me, add a pointless comment below bitching about how great your choice of OS is over someone elses.
.......mine is the one with woolen mittens hanging out of the sleeves by a piece of wool.
Most useless gaget ever...
That would have to be one of those dynamo torches that require constant squeezing, make a noise like a boyracer on a tuk-tuk and provide roughly the same amount of light as a digital watch light.
Unless of course your refining your wrist muscles for later!
Your unique - Just like everybody else!
Czeck Wearwolf in Cardiff?
Where can I buy the movie rights?
Good job he wasn't a wolf in Sheeps clothing though!
Coat - Czeck
Taxi - Czeck
>if we're using ethernet switches, our laser printers are going to see diddly squat interesting traffic.
Unless we are ARP poisoning, but it still sounds a little too 'Tom Clancy' for my liking!
Missing the point
Facebook is still in it's infancy - it has about 300 Staff, and at present about 420,000 new members per day, not to mention the 34 Million active members allready on there.
So if you do the maths, making the assumption that the 2 complaints mentioned went unanswered for any other reason than pure logistics is problematic.
Yes when Microsoft buys a share in it, and can throw some money and time at this problem, it is reasonable to eventually expect some kind of action and acountability for these complaints.
However even then it is not as simple is just disabling the account of anyone who is reported, the operators would need to audit and investigate, and even then it is likely that the accused will just create another account, this time he may register as a 14yr old girl using a proxy server located in Roumania.
So why bother? - Take some responsibility there are better ways to protect your kids online!