253 posts • joined Tuesday 11th September 2007 06:21 GMT
In other words, it may have actually been a partner trying to expedite getting the job done.
Easiest way, hack QinetiQ.
Re: what about the ssh keys ? lol
It gets in the way of Agility, Extreme Programming, BYOD and whatever other latest Management Fad that hits the fan.
We are truly fortunate...
It is with greatest humility and admiration that we find our patch systems to be highly useful at doing much more than just making our computers run slower and inevitably need to be replaced as they start crashing from the continuous stream of CYA patch code.
Our computers become ever more needful of having multi-core systems with appreciable memory to run security software in the hopes that at least 5% of their processing power be left for doing other mundane activities, usually the tasks for which we purchased them in the first place despite the reality that the systems are probably already secretly compromised despite the 95% devotion of processing power for the prevention thereof.
Let the patches freely flow!
Re: The process is tiresome
Oracle Sievemaster Sisyphus, just keep rolling that stone!
One day it may stay up there at the top of the hill, somewhere around the heat death of the universe.
Re: Every Android sold
All these Oracle Sievemaster Java fans like to make noise by pointing out that Android phones supposedly run Java applications.
Android uses the Java programming language and the Android API. Java source code is compiled to run on Dalvic. They had the good sense to boot the Java API and Java Virtual Machine to the curb.
Re: RedKit Exploit Kit ..
So basically one Adobe PDF Reader vulnerability that was patched two years ago and one Smoking Piece o'Java that was patched last year.
Despite Oracle Slagware being a torture hole of demonic spew, if you'd kept it patched to the latest vulnerable version, you would still have missed out on joining the trojanfest. Nice to know that keeping the patches up had some little use and wasn't totally a Sisyphean task heading towards Pyrrhic Victory.
Re: Zero Day
Based on "Tora, Tora, Tora", involves a lot of Mitsubishi A6Ms swarming your battleship to draw off the fire from the low flying Aichi D3As delivering torpedos for the kill.
Re: and they want to do business with the rest of the world?!
It works in their interest to transparently proxy your VPN communications for a reason. You only thing you have free access through. They have your lunch.
Re: Numpties, you picked the wrong points.
The Immoral Minority wins the election, the Moral Majority is flabbergasted.
Conclusion: Maybe your name is wrong and you're really the Moral Minority
Running their own fab
Apple has squat for experience creating hardware in a fab.
The first year's production will be up to the quality of Apple Maps.
By the time they get up to speed, they'll be the greying dry dust of history.
Re: Linux = Insecure.
More likely that Right Wing resistance to learning anything new and to paying enough wages to get someone knowledgeable had set in and they weren't going to pay anyone smart enough to secure the site, no matter what OS and web server the site's being run on.
Re: "The Trojan features Windows 8 compatibility..."
Sweet Metrosexualness and all that... Plays well with others...
Re: 'Speak softly and carry a big stick' (Churchill)
And a phrase used long before by TR "Bullmoose" Roosevelt during the era of William Randolph "You provide the pictures and I'll provide the war" Hearst.
Yabba Dabba Doo on the loose...
So Bummer Harris prattled on a publicly accessible broadcast medium where anyone archiving the feed could have decided there was incitement and sent it in and we have our knickers in a twist over a Subpoena under duly constituted process of law...
Re: virus vs trojan
Preaching to the choir doesn't take care of the problem
To the common user viruses = all the above, to the common Mac user, Macs don't get viruses, so by continuing this logic, Mac users don't have to worry about any of this silly junk.
I work in a community of Mac, iPad, iPhone users and keep trying to get the word out that Mac Malware exists, but the most literate give me the, "It runs on OS X which is Unix and Unix doesn't get viruses like Windows does". routine which makes them sound smart but makes for an environment ripe for digital ambush of the willfully unwary.
The most vulnerable and exploitable portion of the internet, identified as CVE-0 has been shown to be easily overcome by well crafted attacks. The more over-confident and power-conscious the target, the easier it is to socially stroke it to the point of climax where it spews forth the information the attacker wishes. This is best enabled by an entire forensics surveillance directed at lower level entities taking advantage of their wish to be helpful, to identify CVE-0's contacts within the company, contacts external to the company, captured emails to analyze the writing style of CVE-0's contacts and various outside interests. Identifying communications for events and projects can help prepare CVE-0 for communications that contain desirable attachments which when activated, further root in to produce better information streams to the attacker.
I got the "Macs don't get viruses" comment as late as last week. Since most of the Mac users I know include all malware as viruses, it's no great reach for them to include clicking on links or running dmg installers.
Re: Why don't you get it already?
Heh, about 1,000 computers in countries that aren't very trusting of Western Technology and afraid already of being spied on? How could it go undetected for very long? Very easily...
If the Iranian government was eating less of the stupid sauce, there'd be normal business relationships between commerce within Iran and the companies that produce anti-malware. There isn't, so you have a breeding ground for this stuff to be sent to.
And to keep it all in perspective...
Stuxnet = 2010 Bugatti Veyron
Flame = 1976 Cadillac Fleetwood
Luxury cars both, one lean, fast and tight to the road, built with custom parts
the other huge, soft, padded and drives like a fishing boat on the ocean, built from repriced Chevrolet parts.
Oh, and as a reality check, except for the Toyota Landcruiser whose engine was a copy of a Chevy 235 inline 6, all the engines copied were top-of-the-line European technology. Interestingly enough, they didn't consider US auto technology worth copying.
Re: a couple of Chinese proverbs
"What goes round comes round". And they ain't really started yet.
Payback for the Opium Wars and all that God Bothering might be a real bitch...
The joke on "us" in the long run is that they're the next tech giant. I remember the old jokes about Japanese cars, they were copies (Mazda 626 engine = field repairable BMW 1600, Toyota 4M engine = field repairable Mercedes SOHC inline 6) and if you pulled the panels off the doors, you could read the beer can labels. Note that I said on the engines, that the Japanese copies were field repairable. Having worked on all four engines, it's a really important distinction. Not only were the Japanese copying, but they were modifying and changing to make stuff work better in the real world. You won't necessarily have a full machine shop to do repairs in Central America. So given the choice, the Japanese model could be the better choice in the long run.
From copy and refine to world leader and innovator was a two decade jump and was the brute force necessary to push American car manufacturers out of the 1950's OHV engine technology they were so stuck on. Why buy a lumbering OHV, gas guzzling tuna boat when you could buy a Pentroof DOHC 4 valve per cylinder engine that outperforms in power and fuel economy, an engine three times its displacement.
The Chinese are stepping into the arena of high-tech many decades later, the electronics fabs they use are on the leading edge, why do you think they'll sit around waiting for orders? Might as well put them to work.
Steal, refine and innovate. It's been done in the past, and will be done in the future. If you won't do it yourself, someone else will do it for you. So, ship it overseas and lose it...
Re: @cashxx Apple is going after all servers that is talking to this malware..........
Given their clownshow reaction to a known exploit fixed by Oracle and mostly ignored by them and their stupid "part of the os" Java variant, I nominate Apple to run the TSA and DHS. More hilarity to ensue...
Empty bottles are highly dangerous...
If you're of the female persuasion, have a young child and are carrying a breast pump, be sure that the bottles you bring with you are filled with milk. You may be required to fill them at the airport in order to bring them along as empty baby bottles may be used to constitute a weapon.
Re: Free will
It's always been more fun to throw a smoke bomb into the hot kitchen and see what happens. If you do it right, everyone else flees, you pop it with an extinguisher and get to work.
Re: We should all strike
The Wally method, if you can't take a vacation because the PHB has you overbooked, take an in-office vacation. There's all sorts of make-busy and twiddle-fidget that needs to be caught up on anyway, and it can be explained that if the lighter tasks don't get done, the system will go down in flames eventually.
Just remember, the best way to destroy a PHB is to give them what they want, not what they need. Makes them look proactive and allows you to do a bit of Jeeze who'da thunk it while thinking over the previous decades when you were young and altruistic and had to fight tooth and nail to get things done right. Give in and let it rot, then explain afterwards how it should have been done, but now will cost more because of the heap of fail that's built up.
No you can't run that remote office VPN link to provision 5 voip phones, 5 computers and a printer using two Netgear routers you picked up at Office Depot and a DSL connection sqeezed out of Qwest's behind on the spur of the moment. It's sure been an interesting six months trying to keep it going hasn't it? But that's what thinking outside the box gets you. Now lets start thinking inside the box and build the connection using equipment and data services that real companies discovered and have been successfully using for a decade or more.
Worried on knocking out 100 million machines?
With a patch, heck the Adobe Knock Quotient I hear my workmate complain about daily due to Adobe software says that they already achieve that without patches.
Over time as Banks lose relevence...
it will be found to be safer to build your own environmentally controlled vault in your house to protect your valuables. As the world's nations go slowly bankrupt, you might want to make sure it's got enough room to store food as all the fiduciary paper out there proves to be highly useful only for papering your walls and in the bog. Across the board, it will all be proven to be paper with printing on it and worth exactly that much.
You heard it first here...
After 10 years of analysis it will be realized that the 10 gigs of over 850,000 PGP encrypted files were all random sized output from /dev/random. However due to staring at it too long, snow ghosts will be seen in the randomness that will get extrapolated into Osama being pissed because of an Iranian rebuff, Chad developing the bomb, Syria discovering uranium in their hills, the second coming of Osama and the Jihadi Death Star, the beginning date of the battle of Armageddon in the Plains of Megiddo, Israeli porn star videos and goats.
So, is it
as useless as WEP?
as useless as WPA?
as useless as WPA2-AES?
The Chinese know how to do oil spills better!
Excessive negative comments will lower your search result rating. Hmm... Ok.
Best thing that's ever happened...
Now industrial computing can start taking security seriously. Firm that up now and "CyberWar" will be less effective or nonexistent later when someone attempts it.
Personally, I filed it among all those "End of the Internet" predictions we've been receiving since 1995.
Cool! What's old is new again!
Remember the old Modem Redialer Attacks?
Make some money, make them call through some south sea island for fun and profit!
Call 900 numbers with exorbitant fees, or just plain cause embarrassment with all those Goat Lust calls...
The iPhone Eloi can tell you, "There's an app for that..."
iFramed? Heh, an Apple friendly recapitalization for that age old exploit precursor...
Yep, he is...
and no, he doesn't care. And neither would you if you made the money he makes. He can afford privacy when he wants it, sorry you can't.
Eric "Privacy is useless" Schmidt
Good old "privacy doesn't exist anymore" Eric Schmidt pontificating again?
He needs to start paying into a fund for those people who should move. He's obviously got the stuff by the truckfull to spend moving around himself...
Presenting the all new and shiny "Eric Schmidt" move me because Google compromised my Identity Fund... Ought to find a few takers.
Linux may be more secure, or quicker to patch...
but when there's a flaw, usually it's a real doozy!
Sure, heh more likely...
They were flexing their muscle to prove their hotness. Like SPEWS RIP. I remember that one really well, all our business email bounced to the null bucket and we spent the day fielding phone calls asking us if we still were in business. SPEWS isn't missed, and soon, neither will be SORBS. There are other quite effective means of killing off spam.
As good as Prof Feinman's O-Ring failure demo for the Shuttle Booster...
Short, sweet and to the point.
A pump that should run only three seconds per the PLC programming proceeds to run continuously because of a Stuxnet simulant infection of the PLC.
that we don't take Linux seriously in the process control industry as an OS to run PLC programming and data acquisition programs. Care to list out Linux software that does this?
- Product Round-up Smartwatch face off: Pebble, MetaWatch and new hi-tech timepieces
- Geek's Guide to Britain The bunker at the end of the world - in Essex
- FLABBER-JASTED: It's 'jif', NOT '.gif', says man who should know
- If you've bought DRM'd film files from Acetrax, here's the bad news
- Microsoft reveals Xbox One, the console that can read your heartbeat