* Posts by eulampios

1186 publicly visible posts • joined 10 Aug 2011

China, Russia called out as cyberspy hotbeds

eulampios

Get yourself a good spam filter to not care about. Gmail got a pretty smart one, unlike hotmai's. I barely see it in my INBOXes (2 accounts) + run my own with spamassassin.

Samsung demands iPhone 4S source code in Aussie row

eulampios

Who started it? Of course, the most obese and obnoxious of the two said dogs. The idiots from Samsung have as well become a comparable evil by siding with Microsoft recently.

Open-sourcers suggest Linux secure boot block workarounds

eulampios

antitrust law forbids this

If a single company sides with a number of independent ones to control the market in its entirety, they all seek troubles from the antitrust authorities.

Especially, when the the prototype of your "petrol-driven automobile" example is absolutely irrelevant, because it were it could justify ANY possible pro-trust behavior. Infect, from the fact that all the PC's I own and had to buy with the Windows logo run Linuxes/FreeBSD flawlessly, in fact much better than the original "petrol-engined " junk.

eulampios

or rather anti-trust

>>Trust and Microsoft - two words that you don't see together without Don't in front

With the exception of the prefix "anti", like, antitrust cases "M$ vs US", "MS vs EU" etc. :)

Safe as Windows: Smartphones' security nightmare

eulampios

@JDX

You also point out only one aspect of malware creation, OS's software vulnerabilities. It is an important one. And various *nix system do not lack those, not as serious (remote code execution et al) and as numerous as in MS Windows though.

MS Windows also has vulnerabilities in its design. These are more heavily used to infect and spread the said malware.

The fact that the code is closed makes it harder to keep it more secure.

Compare the number of vulnerabilities in th Adobe Reader and the various OSS alternatives, like xpdf, evince, and kpdf.

eulampios

proven and hard to disprove

>>miscreants focus their energy on it?

These are not the only miscreants to blame, the designers of MS Windows OS are even more mis-creative in that regard.

Remember a common vector in the most effective and great malware on Windows? It was RPC. RPC is entirely Redmond's stupidity. Another one is "user-friendliness" + design flaw to judge about a file (attachment) based on its extension. Memento ILOVELETER with 5 *10^7 machines affected?

eulampios

stereotypes again

>>we have the makings of a serious mobile security problem, particularly for Android users, just as Android seems set to become the Windows of the mobile world, in all the good and bad senses that brand implies.

OK, so there is no difference already between the malware from the Google Market that you install with your own hands (e.g., thinking that this SexyLeg is cool and indispensable app) , and when your own Windows system does it without your knowledge on its own (thanks to tons of "user-friendly" features, design flaws and vulnerabilities, 0-day and not)

Android 'stands on Microsoft's shoulders', says MS lawyer

eulampios

As I myself use MS Windows only when forced to, refusing to touch it even at the college where I teach and hence bring a live Ubuntu usb with me.

However, assuming some people do post from MS Windows. Weren't they made use it in the first place? Schools teach MS (rarely but equally evil Apple) , colleges teach and make you use MS and force you to pay for it. MS sides with OEMs and make you use Windows whenever you buy a PC. -

Apple shifts Lossless Audio Codec to open source

eulampios

good only for win7 benchmark?

Your benchmark essentially contradicts http://flac.sourceforge.net/comparison.html , where it provides these figures, in particular:

Codec Total CPU Total CPU Size Avg.ratio

FLAC 1.2.1 (-3) 7:23.77 3:47.42 5:31.15 2:19.07 412.42 MB 54.57%

Apple Lossless (iTunes 4.5) 19:53.27 19:53.27 10:01.86 10:01.86 414.45 MB 54.96%

So, compared to ALAC., when encoding to the codec, FLAC takes about 3 times shorter (7:30 min vs. 20 min) with roughly the same compression ratio.

I myself use shntools backend (Linux/FreeBSD) for all of my encodings and find FLAC to be great and better than ape. Nowadays all decent music players consume close to non CPU to play flac (reasonable default ratio).

Right now with clementine listening to flac encoded "Concerto pour violon n° 12 en mi majeur RV265 - I. Allegro". It occupies 2% cpu time + 5% of 1.5 GB RAM (with 219G mostly in flac music collection! ) on 64bit Ubuntu LTS, Pentium 4 CPU 3.00GHz.

Tsunami Trojan: First Mac attack based on Linux crack

eulampios

>>All it takes is to put a line in your xsession -or something- and copy a small script wherever to open a backdoor and/or launch a keylogger everytime you log in. And then there _are_ ways to escalate priviledges...

Are you changing from email/mutt to xsession? Who would copy a script to my xsession? While I am at lunch and Mr./Miss. hacker boots my lappy into the run level 1 (ro single)? We are not talking about this possibility. As it follows from most of compromised systems (including Debian) ssh policy is the weakest link, (not the technology). This again is a different subject.

If you have a link to point to any REAL existing cases ( or thousands of cases) when that had happened, I will agree with you. Remember the 50mln machines infected by ILOVEYOU ?

Note, that I am not asserting that Linux/BSD are so secure, one has to pay zero care to the security. Up-to-date system, strong passwords (no reuses) and so on. However, emailophobia is a paranoia. This is one of many reasons why Windows sucks.

PS I rarely get "dubious" emails, thanks to gmail's spam filter and my own spamassassin.

eulampios

You runnung how many Debians???

Well, smartie pants, firstly, mutt does not open ANY attachment unless you tell it to and/or teach it how (in muttrc and mailcap) nor do any of the decent email client. Secondly, As far as the spooky thing ito "open dubious" emails is concerned, windbloats systems are known to open/autorun attachments without prior user's permission.

Anyways, did even "opening" an attachment in any Debian system ever incur any Halloween as it had done on thousands of Windblows systems? Of course I can stumble upon this attachment :

/bin/sh

sudo rm -rf /* &&printf "%s\n" "Have a great day! "

My bad, you must be talking about that one then ... :) Oops I woulds till have to chmod it and give password. I better drop my PC out of the roof of a building (will make sure it is clear) ;-)

Yes, Mac OS X is much more secure than Windows, it's security is weaker than that of free *BSD's or GNU/Linux.

PS Persevering in this matter on your side makes me doubt your Debian experience.

eulampios

not like that though

http://en.wikipedia.org/wiki/Conficker

eulampios

Or better

Or better install Linux to be able to get 99.999% of all software from secure and centralized repositories.

eulampios

>>My understanding is that a WORM probegates from computer to computer on the same network, without human intervention.

Your understanding appears to be wrong . Just reread that very article, that does mention the user's authorization to run the Java applet in question and says about "several cases in the wild". Compare it with the glorious (yet not the greatest) stuxnet :)

eulampios

chmod +x scary_virus

That would be true if Mac OS X had security architecture similar to that in MS Windows, and not, as currently , to that in Unix (despite all the Jobs' matters)

eulampios

scary stuff

>>Don't open dubious mail attachments

And if I do what would happen? ( in my Debian GNU/Linux while using the mutt email client)?

eulampios

too much imagination

>>would be up to the attackers imagination. Spam it out, p2p it, driveby web infections, cross scripting, the old scroll here trick, simply downloading it to already infected machines, port scanning for vulns, etc etc...

That's is the most interesting part. All the mentioned methods might be extremely hard to implement, except for the social engineering (for some people ) or an unknown vuln., weak password. What you are suggesting though is (at least was) pretty mundane in the Windows world.

Windows XP and iPod: A tale of two birthdays

eulampios

the windows way

Why did such problem never exist for 4BSD in the 80-s? Saying nothing about the *BSD and Linux variants contemporary to Windows of any version.

Mass ASP.NET attack causes websites to turn on visitors

eulampios

once again

Did you read mine? I said that on GNU/Linux I do not care about these web browsers' dangers resulting from whichever fault (bad SQL/PHP/.NET/JAVA)

t is only the MS Windows users' worry. Now are you getting it?

eulampios

Microsoft is the culprit anyways

It is not the server side vulnerability that makes this interesting, but the ubiquitous client side Microsoft Windows virus friendly OS. Long live the Microshit!

Trojan targets Mac's built-in security defences

eulampios

not all

Not really, *BSD and GNU/Linux distributives and apparently not. For these OS's 99.99 % of software installation and updates happen from central repositories/ports through package managers using checksums and PGP. Of course, repos/ports may as well be fooled/hacked to get end users install malware.. well that never happened.

This free and open software has luxury, proprietary and non-free Mac OSX and Windows cannot afford

Samsung takes another hit in patent punch-up

eulampios

the "visionary's" greed

So, does Steve Jobs need this bloody money now?

Dennis Ritchie: The C man who booted Unix

eulampios

Thank you, dmr!

Condolences to the family.

Can't even imagine what kind of IT it would be without those bearded altruistic guys. (S. Jobs is not included due to the lack of altruism).

What a beautiful life! Requiescat in pace!

Dell signals Windows 8 fondleslab range

eulampios

hp sucks more

Not necessarily. Commenting this from the 2005 E510 machine that would have been so bad on Windows. WInXP died around 2006. Ubuntu 10.04 GNOME desktop + Compiz is gorgeous with just 1.5 G of RAM. Dell is a bit overpriced though

HP is actually the worst quality, imho Yes, I agree, Dell's Ubuntu offer is a joke.

Hadoop: A Linux even Microsoft likes

eulampios

oops they did again...

Nice article

Microsoft has been wrong, who would ever doubt it? Nevertheless, Microsoft is still very well stifling the FOSS, competition, competence and common sense.

>>its contribution of Linux drivers

A microscopic drop in the drivers' ocean. This contribution pertains only M$' own virtual machine implementation. I turned it off (and not only because it did not compile for me.)

Sony network ransacked in huge brute-force attack

eulampios

right

All of them : Microshit, Apple, Sony and Oracle deserve to die.

Microsoft flags Firefox and Chrome for security failings

eulampios

On the up-to-date Ubuntu 10.04 LTS with a custom kernel I get

ff7 ---> 2

konqeror,epiphany, w3m, lynx, elinks ---> "Cannot rate your browser"

Funny guys.

IE security hole sewn up for Patch Tuesday

eulampios

A racketeer or a seamstress?

The Microsoft's main business has been IT racketeering so far. Hence the comments.

eulampios

M$-spelling: "dispite teh"

at least non-M$ browsers have spell-checkers...

GNOME emits 'head up the arse' desktop update

eulampios

That is a pretty rare issue nowadays. Last time I had it with... FreeBSD-7 3-4 years ago.

eulampios

great post

Great post and a good thought!

eulampios

GNU/Linux (*BSD) + music=awesome

<<The music software available was also far too limiting (and non-functional), and the disaster which is Pulseaudio meant I couldn't even produce music without hearing pops, clicks, and noise.>>

It might have been just a driver issue. Now pulseaudio is very stable and good. My experience is that with Linux/FreeBSD I had much more choices than Windows people had. Consider cdrdao, shntools, sox etc. Yes they are available for Windblows OS as well, however, it is not usually accessible to those who are so afraid of the command line (yes the right way to communicate with the machine. )

Anyways, let me brag about my music collection I was able to build thanks to GNU and Linux. Turned ape into flac all over. Populated all cuesheets (with sed, awk, bash and cuetols). Enjoying now Bach (the papa and sons), Handel, Mozart, Haydn, Beethoven and other great stuff playing in clementine. Good 'ol xmms, audacious, even mplayer are also very good. Maybe it is just me with classical music, some kind of rock rocks and pop pops up on Windows only?

eulampios

tough love

If windows is cool, why their best text editor notepad or anything else sucks so much? Is there a reasonable shell and a terminal program (not that stupid ugly-looking thing they still have)? Have Win7 become modular finally? What about those shoutings "don't click on the link, don't insert a DVD/usb, don't open this email message - they might be dangerous"?!!! Or you just love running a piece or two of extra bloatware, called an AV scan that constantly grind your hdd, occupy your RAM/CPU and might do some other stuff, you do not have an idea of?

eulampios

compiz surpassed both apple's and windmond's eye-candiness once and for all

To me both Apple and MS UI don't look as good as Gnome2 or KDE, or even enlightenment. Plus how much control do you have over them?

Tried expose on the Win7 desktop -- so lame awkward and slow even with good hardware. Aero and Cocoa are no match to the beauty, sleekness and power of compiz.

eulampios

sorry for it

What an unfortunate and rare experience! I am sorry for you, sir, as well as are a few former Windows users being quite happy with GNU/Linux (Ubuntu, so far Unity-free) after I helped them install it.

Yes, I remember I too sometimes get disappointed with certain upgrades. Freshly-baked cutting-edge Fedora and Ubuntu are not supposed to be absolutely problems-free. LTS Ubuntu or Debian (stable) are stable as rock though. With free and open software everyone has much more choices than with the locking-in alternatives.

Tried Win7 recently, it's not as good as my Gnome2 though, nor KDE, nor XFCE, nor Enlightenment, nor Fluxbox (especially, on this very thin hardware, obsolete according to M$). No bash nor any other reasonable shell, no control, no freedom, very little common sense.

Gnome2 is/was almost perfect. Why changing it? Linus is right, I hope gnome developers will learn a lesson here. And all of us still have plenty of choices, this is (partly) why many of us left the Windows camp in the first place.

Microsoft takes the Android profit, the Wonkas take the pain

eulampios

You must be a connoisseur of groin-kicking (when being kicked) yourself. :)

Android's scariest nightmare: resurgently sexy Microsoft

eulampios

So even M$ can improve?

Did Redmond get their Mango-tango multitasking? The reason I am asking is it's always been a problem for them (Phone7 in particular). Lack of good programmers and plenty of greedy business people.

On the other hand, what M$ is trying to do with FUD is anticompetitive. There's no theft, but FAT32 idiotism involved. Consider 70% of web and mail servers, 90% of top500, imagine all Google revenues.

I would personally applaud M$ despite all the disgust to them if they could win fairly just only for once.

Google cries foul, Feds dump Microsoft cloud monopoly

eulampios

Any monopoly is evil

Yeah, Android is secure ifyou do not install the malware by YOUR OWN very-knowledgeable-windie-hands. As far as the stuxnet/conficker/you-name-it virus loving system from Redmond is concerned, malware installs onto the OS BY ITSELF.

Microsoft delivers fatal blow to yet another botnet

eulampios

a habit

As a matter of fact , all major packagers, like aptitude/apt, yum and others so use the Pretty Good Privacy system and simple md5sum checksumming. I remind you that on most LInux and *BSD distros installations and updates are carried out from central repos.

Yes, a newbie that just came from the Windows camp never heard of this. He/she had always been using different unverified sources to install soft from. Updates might be either not convenient or inexistent. So he or she might end up doing what they simply did on Windows.

eulampios

Shannon, do you know that hotmail has a pretty bad spam filter. Gmail's is much smarter. It might even be based on spamassassin.

eulampios

genau

"Alles für Microsoftenschaft" or "Microsofentschaft über alles"

eulampios

one more blow to wish

>Microsoft delivers fatal blow to yet another botnet

I wish someone would finally deliver a fatal blow to the ugliest botnets of all - the Microsoft corp itself.

MySQL.com breach leaves visitors exposed to malware

eulampios

altera pars

All seem to forget DigiNotar - a Microsoft-filled business that recently went bankrupt. It has been hacked for years producing hundreds of false SSL certificates.

Microsoft turns to FBI in hunt for Rustock ringleader

eulampios

@ac

The difference is the default setup, It is harder to root a typical *nix box than a Windows box. Read Anon about the hbgary.com hack (arstechnica.com)

Say, on Ubuntu the desktop (not the server) setup disables the root account, i.e., it does exist, however one cannot login as root. To handle admin tasks the sudo utility is used, not su, (sudoers will define the group of admins). Using the command "passwd root" and typing in a password will enable the root though.

On Windows, by default, the first user will have admin rights. If you are an admin you, every time you login, there is a great risk for the system. Besides, MS has a "Run As" utility which is closer to su, rather than sudo,

eulampios

@the well informed ShelLuser

<<which at its height enslaved about 1.6 million PCs>>

Still this is three orders of magnitude difference, isn't it (whereas, as for the MS fanboys themselves, the desktops numbers are a two)?

And BTW you must know something I don't, could you pls point at the evidence of thousands of "rooted Linux and BSD boxes" ? (Don't bother about hijacked php services, though)

eulampios
Facepalm

are you not kidding?

>>Not only did MS try to keep their OS environment safe

What did they do to keep their OS safe again? Must've missed that one apparently, sorry .

Windows 8 to ship with built-in malware protection

eulampios

schools overfed with M$ and Mac

And how do they know that?

One professor in my grad school was notorious in cramming all his diffeq courses with super expensive Mathematica. No wonder, he had a grant paid by the Wolfram Res. Now you ask , why do engineers have such extravagant tastes? Why not go with free and equally powerful octave, gp, maxima etc?