iccaros

Linux Experts
  • Content Count

    1292
  • Joined

  • Last visited

Posts posted by iccaros

  1. NetWork Drive: And you could have your BIOS infected before you bought the motherboard from someone else, what is your point? Just because it switches owners means it didn't require user interaction to become infected? Thats a bit silly =3

    You missed the point on that one. The user-interaction occurs before the virus is present on the drive; the infection is a side-effect of automated processes (automatic network drive remounting, AutoRun, etc).

    That bird comparison was very much farfetched. :blink:

    You right: humans and birds have more in common than viruses and worms.

    "Automated"? I can't see how you can get a virus without initiating it through some form of interaction. If you are still clinging to the manufacturer of the product that led to a virus, that is user interaction. Some scum working for the product embeded a virus in the product.

    You have to do SOMETHING to get a virus, it is impossible to get a virus if it is standing there off and not plugged into the internet ,without any removable devices. Sure you can receive a machine with viruses, but they still got there somehow...

    In my opinion you don't know what you are saying! with that last statement lol.

    As for this whole debate, I think it's starting to become circular ;p I'll just say I believe what I believe, and you can believe what you believe.

    yes, then its completely useless to most users. so who cares..

    yes you must turn on the computer.. and you must use it to get a virus.. some make it harder than others for viruses to propagate(you probably do not remember but the first two shipments of windows 95 floppy's had a boot virus on the install disk.. and at that time, the OS was not always pre-installed by the manufacture.. so yes the user had to install the OS to make the system useful, but they had no choice)

    and what dose atheist have to do with freewill?? Atheist just means the absence of belief in the existence of deities, coming from the Greek ἄθεος and agnostic mean with out knowledge (in case you want to clarify) ..

  2. good point.. they all suck in there own way..

    solaris never seams to be 100%, there is always something they did not complete correctly.

    Most Linux distributions try to cater to windows user.. if I wanted to use windows I would

    Mac OS is great when you stay in the Apple world, but once out of it.. its can get harry

    Windows.. well lets not feed troll. But I will says that living in the Redmond containment zone.. I know first hand the underhanded deeds done to keep it selling.

    and bsd.. stable, works well and lets face it Theo de Raadt says what he means and pulls no punches.. but for some reason like Sun, OpenBSD always seams to miss the mark..

    so what is the best OS.. its the one that does what you want and you are comfortable with .. all other just suck :)~

  3. I'm still not sure that cross-Unix viruses are especially practical. Native code viruses would likely have to deal with, e.g., the various object file formats used by Unices (ELF on Linux and the BSDs, Mach-O on OS X, COFF on AIX and Irix, etc) and non-native viruses would likely be portable to non-Unices.

    that is why I gave the second part.. while posix viruses have existed.. they would also work on most windows servers also..

    Since we know the first user is always root and observation tells us that most people do not add accounts to the system and when they do, they do not create limited users.. we now know that a simple install exploit will work with just an OK prompt, or worse we could send RPC commands and since the system is operating as root/admin user those commands are ran as admin..

    Please tell me you mean LPC. The 'remote' part of RPC means that you can't rely on client-side security at all. I realize that there's some kind of law that RPC has to be broken but that would be a bit much.

    CVE-2008-4250: The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka Server Service Vulnerability.

    it is running code in a buffer overflow which means it must be using logged in user permissions.. or is it system level and it matters not if the person is admin or not. (if so this is worse.. than I thought)

  4. Okay, I'm kind of tired of arguing OSX as I am sure most of you are. But I think I have a valid argument when I say, just because it has unix, doesn't mean the people building off from it are not creating various exploits/security holes for their own OS. I mean I am not arguing Unix, I am arguing OSX, I think there is a difference.

    Worms that travel VIA network don't require direct user interaction, but for me, user interaction is anything from logging onto a network. So we'll ignore "worms" for the time being, which is technically a subclass of a virus but I place worms in their own separate category.

    A virus on the other hand, requires full user interaction in order to initiate itself on a system. I have never heard a virus that can just automatically startup without some form of user interaction. Name a virus that can do that and I will back down from my statement?

    User Interaction example list:

    Going to a website

    Clicking on an Exe

    Running a program

    Generally things that involve clicking...

    This is getting fun..

    First OSX Is certified UNIX.. http://www.apple.com/macosx/technology/unix.html (unix is a certification of compliance to a standard. Just Liek the Linux standards base.. )

    also for viruses that take no user interaction

    here is a one (listed on MS's site)

    http://onecare.live.com/standard/en-us/vir...Win32/Small.BDC

    TrojanDownloader:Win32/Small.BDC is a Trojan downloader that targets certain versions of Microsoft Windows. The Trojan is downloaded and executed by files infected by a variant of Virus:Win32/Small. TrojanDownloader:Win32/Small.BDC downloads and executes malicious software from a Web site without user interaction.

    a simple DNS redirection and you typed www.google.com and you bounce to my page that hooks you up (not that I would do that )

    This is not user interaction because it is normal use of the computer.. to say this is user interaction is like saying because you bought a car, got in it and someone crashed into you while you were starting the engine its partly your fault.

  5. hmm.. usage..

    Usage is a joke of an argument IMO, because Mac OSX is based on BSD (next was based on BSD and became Darwin) BSD is UNIX, and as such keeps a lot of things the in common with other Unix systems. This means that a hack written for any Unix system that is not kernel dependent work well on many different flavors of Unix. Since more servers run UNIX than run windows.. Its not correct to say the system does not have a large attack vector. Linux systems fall in the same boat.

    If that does not work then hows this..

    there were a lot of viruses written for Mac OS 6,7,8 and 9. While you saw Macs in schools, you saw very few, I believe my high school of over 3,000 students had 4 Mac's but we had 100 PC's running Dos. The Mac's were for the graphic artist and CAD classes and the student shared. WordStar for Dos was used on the PC's. So Apple did not have a big market share and the systems were not connected to the Internet (what Internet? ). So it was even harder to spread a virus but they existed, and they did damage.

    As I stated before, you can have all the security options in the world, and trust me XP and Vista has lot of them, but if the person using the system has admin privileges they make the entire system vulnerable (Vista fixed this, but contains a bug in the windows installer that allows non admin users to install harmful software). This is why windows systems are attacked more than others. When you hack a system you look for what you know about the system.. what is the same. So in a Unix system we know that Root is ID 0 (in SElinux and Trusted Solaris root is a role and not a id), so if we could connect with a account that can present its self as id 0, then you own it.. so in the 1980's Unix started to root squash. So all accounts that connect remotely even if its root, are now given a temporary id that is not 0. the exception to that was SSH but proper setting up of SSH fixes that issue. But we also know that most Unix systems are setup with the user not being root and having to use a Sudo to affect the OS.

    What do we know about windows.. the first user of the system is the admin (or root user.. if you like). Since we know the first user is always root and observation tells us that most people do not add accounts to the system and when they do, they do not create limited users.. we now know that a simple install exploit will work with just an OK prompt, or worse we could send RPC commands and since the system is operating as root/admin user those commands are ran as admin.. so in this case no ok prompt the system quietly install the exploit with no user interaction. We also know from observation that most users click on ok prompts with out reading them. So an exploit that requires a OK prompt will still work on a majority of users.

    As for me quiting.. I don't what you to feel you can't have a discussion with a moderator and disagree. You can and it is encouraged.

    Also I don't know your knowledge and I expect everyone to challenge mine.. the whole point was you stated that viruses needed user intervention, and JCL and I (JCL who is a True expert in all he talks about) relayed that the definition of virus is that it needed no user intervention, that is what I meant by study the subject.

    This is old but gives the point about market share http://www.theregister.co.uk/2003/10/06/li...indows_viruses/

    good poll information

    http://www.darkreading.com/security/perime...cleID=208804378

    as for you opinion, we love your opinion, we just don't agree with it..

    Plus I like to debate.. so I have some of the same flaws.. (you can not offend me.. is near imposable)

  6. A virus is without question something that requires a user to initiate, like most any other malicious intended programs.

    We all know it has very little viruses, but this isn't due to good programming by Apple, this is due to it not being an appropriate target by hackers. Speaking from my personal views on apple, apple products are overpriced and suck...

    This is what is ignorant

    First the definition of virus is it take no user interaction.. Conficker spreads via Microsoft Windows Server Service RPC , no user interaction need, but boot the machine, have connected to a network

    also since you state that you hate Mac, Then why post on the board unless you are trolling.

    the second part is exactly what I was posting about, its being a not appropiate target to hackers is due to a security model

    also lets look at the older Mac Os.. IT had viruses even though it had a much smaller user base than they do now.. simple logic.. user base has nothing to do with virus writing..

    as a matter of fact there are Zero virus for Mac OS.. there are vulnerabilities but no viruses. if it takes root access its not a exploit.. The exploit is gaining root access.

    in the end I am sorry if you were offended, but the comments are ignorant of what a virus is (it means you don't know what you are talking about on that subject) and the rest is still in debate and really can not be proved which is why its still debated.

    and if you have a complaint against me, tell Jeff . He owns the board and will not punish anyone for making a complaint about us moderators, and I will gladly give up moderator if it makes you feel better, and Jeff fells I crossed the line. but please study on the subject you are talking about and don't troll.

  7. I fail to see where I was getting "political", it was more like a factual footnote? Unless you have something against us LGBT? In fact, you taking that one line out of my entire post means you are just trying to boast moderation ability >.>, if you want to create an argument saying the thing you did, in the manner you said it, then that is a sure fine way of creating more "Political" discussion... not reducing it.

    Just in case you make the argument "i was merely suggesting", telling someone even with "please and thank you" is an order regardless. If you had been a normal member, the issue could of been ignored, but since you have moderation ability, you are giving that order based off that power.

    So, excuse me for saying so, but from my point of view, that was an unnecessary post, as is my own. As a moderator, there is a time and place. Moderation ability should be used only for issues that require them ( aka as sparingly as possible ). A moderator should never go out looking for trouble, especially where none exists. :unsure:

    The subject of same-sex marriages is a highly charged emotional topic tied up with politics. We have a forum for topics such as this. In the future please post topics such as this in the World and Politics forum. Thank you.

    hitest

    I wasn't posting in regards to same sex marriage, I simply made a small statement about Apple, which this entire thread is about Apple... It was nothing to get excited over... If i wanted a political debate about same sex marriage, my post would of contained nothing about Apple, and more about same sex marriage... You are kind of stretching my one sentence, I can make whatever footnote I wish... it wasn't "off topic" -.-

    I agree your post was fine.. IMHO

    but you must agree that its was off topic as the discussion had to do with security, not the political givings of a company, but I would not take it personal. Hitest is a Great person, who I think misunderstood how you meant that part of the comment

    we can disagree and we can discuss as long as no one is offended, so we try (well not me, some times I just say what I think... :) to not offend each other, and that is all he was alluding to.

    look forward to your future post.

  8. wow, spreading FUD now. .I understand Peaches that you are not the author, but come on this story comes from MS and was shot down last week as not really a security problem, why..

    first you need physical access to the machine. you also need to have the root account on the machine.. if you have both of these you do not need to write an exploit you own the machine..

    also you need a specific intel chipset..

    this who 'exploit' is nothing more than a user with root access can simply write to memory in Linux while on windows there is no tool to do so, so this makes it harder?

    just like on a linux machine if I am root I cam ifconfig eth0:0 and mutihome my network card.. windows has no command to do this, only with special drivers can you do it..

    so its not an explit if you have to be root to do it..

  9. In theory if your running windows Vista with all it's updates and have good spyware, antivirus running. You would be just as safe using os x (with updates) out of the box. Unless on either machine you download something bad and install it. Same with Linux.

    In the next week or so os x 10.5.7 will be out with a lot of bug fixes and this summer 10.6 will be available. 10.6 is a new os written just for intel Macs that should mean old security bugs fixed and new ones to find.

    If anyone has the os x botnet trojan (estimated at less then a 1000 machines) you can get a free removal tool at Secure Mac.

    this version will include memory randomization and no exe bit (as those are intel specific programmings..)

    which means OSX will not be susceptible to the hack that won Charlie Miller $10,000 this year. .

    Also they are talking about adding application sandboxing, which would give you what solaris can do with zones for linux/bsd with jails.

  10. But I suggest you read the month of the apple bugs website before making claims that the Apple OS is secure.

    No operating system is perfectly secure. Some hardened versions of BSD like OpenBSD are quite secure.

    Lets say we reversed the popularity of windows and OSX, something tells me, OSX would have far more viruses than windows XP does in reality today.

    But who knows, you also have to calculate the difference in income, of course more money = more staff. So maybe, maybe not. But as it stands, there is no possible way that OSX is more secure than windows XP

    and I do love Windows XP ( nlited of course ;3 ) :thumbsup:

    hmm,

    I love ignorance..

    first name how OSX is not secure and what features it is missing (I can by the way)

    also name the ways to hack a Vista machine (hint they are the same in most ways )

    name the 2 things that will put XP even on a even start?

    I will start

    OSX is missing no exaction bit and OS memory randomisation (next release fixes both of these)

    Vista and XP still give its first user full system privileges..

    On a OSX machine the user uses SUDO (through a nice gui) to gain privlages

    what does this little difrence mean

    you are serfing the web and a pop up that is correctly written to install software on Mac OSX comes up. This is easy to do in both Mozilla and safari. the user than is confronted with the system asking for the Admin password.. Most users, but not all would click cancel on the password part because it is not normal for things on the web to ask for your admin account password

    on Vista and XP the same situation, the user is presented a prompt (pop up written in active X). at which time the user selects cancel on the pop up (but its coded the same as ok) and on xp the program is installed since the user is admin on 99% of all windows systems shipped out. on Vista a OK prompt comes up but most users have been found to just hit ok because they are used to windows vista asking for a OK prompt for a lot of things that don't make sence to them.

    now to make XP and or Vista even close to this on security feature, make all users limited users accounts.. problem 88% of software will not run in this mode..

    and yes with Internet explorer just going to a website and running a java script can install a virus with no user interaction as agian to make it simple most users have INTERNET security set to minimum, so the user did nothing but click a link on a web page.. and if for some reason you do not believe it, please pick up a few books. We do it all the time to government sites as this is what I do for a living, I get paid to secure and show security issues to our customers.

    on OSX a user just going to a site could not install software, but you can attack it using a buffer overrun (the guy who hacked safari in 5 min worked on that exploit for over a year)

    so what can fix both of these issues, firefox with noscript running.. but again how many normal people know about this..

    so while OSX is missing two major security options that windows has, the entire user structure of windows makes its features moot.

    also since you need to get root access, a virus on mac would have a issues spreading

    now for this case, some people downloaded a piece of software and installed it, and when asked gave the software their password.. This would work on any system.. any, in windows vista if you are a limited user even and you install a piece of software there is a bug that gives the installation program system privlages.. so even a limited user on vista can do this..

    how do you stop this kind of attack

    use roles and sandboxing.. but as of yet only solaris and SELinux support this. while winows has roles in windows domain the policy is tricky to get right (not impossable) but sand boxing is implemented by applications not the OS in windows (they call it siloing )

    so the point, anytime anyone says this SO is more secure than that OS, ask why and show me.. if they can't they are giving opinion not fact.

    also popularity is a joke answer and a excuse.. OSX is based on UNIX (bsd as a matter of fact) and UNIX system make up more than 55% of the installed market (just not desktop). UNIX and Linux systems run more publicly accessed systems than any other. a virus written to attack UNIX or Linux would most likely be able to affect all of them, so they are a bigger target and can effect more people. if google was taken down or infected it would case a loot more trouble then infecting th ewindows desktops.. so hackers do try and are trying to hack Unix systems just as much or more. but I guess it sounds good, until you think about it for more than 5 min

  11. in Truth all Operating systems are easy to attack. just get the user to run the software. And all software has bugs.. until we create the perfect compiler we do not have a chance to write perfect code. And this windows is more popular is a great myth, as a hack that breaks into a Mac would likely work on any UNIX/Linux system which at last count out numbered windows installs with a much higher profile. The simple fact is that virus spread is slower due to the root/user model of a UNIX system compared to the User is admin model of a Windows system. Now if we move windows to a Domain and control it, then it get a lot of the same protections that Unix gives as the user is not a admin (when done correctly) a Admin would have a Admin account and a separate user account. but on desktops the first user by default on a windows system is an admin. so the first thing I have my windows friends do is create a limited user account. but if they play games this does not work well.

    also even on a Vista system with great protections, if the user decides to install software they get a pop-up (or screen goes dark) and it ask if it is ok to run the installer. once the user hits OK the installer has system rights.. not the user rights.. the rights is not as big of an issues as how many times, for minor changes the user is asked to hit ok, this leads to the user just accepting and hitting OK no matter what caused it.

    in the Unix structure the user must enter a password or change roles. either is not asked often so it is not a common thing to do so it stops most but not all. but in any case the program is only installed with the users rights (if the system is setup correctly). which means that it cannot just start processes. so viruses just do not spread as well, so total impact is much smaller and not worth the time.

    you can hate or love apple for its politics, which have nothing to do with its OS, but its proximity to specific cities.

    Windows has some great security feature, its sad that most of that is destroyed on home systems by making the default user the admin.

    Mac has some horrible security holes, like no randomized memory (coming soon) or no execution bit, but makes up for that in the standard Unix security of limiting users

    Linux has both worlds that get screwed up with Gnome and KDE

    so in the end, use what you like but be smart..

    for a hobby I like to click the popup virus warnings from the web while running IE from WINE. . they try to install malware (since I clicked ok to the active X script) but Wine Is not ready for the desktop.. its still has issues running viruses.

    oldie by a goodie

    http://www.linux.com/feature/42031

  12. is this going to be connected to the Internet, It is never a good Ideal to run MS SQl on the same system as a Internet facing web server.

    .NET will make Resource friendly hard and I am assuming you want free so here we go

    http://www.411asp.net/home/webapps/forum (listing of asp.net forum software free or not)

    http://www.dmgforums.com/ (free)

    We only use share point, but I would not recommend it.. Almost all web stuff I do is LAMP based so, I can not give advice on specific ASP.net software sorry.

  13. reading the comments found this..

    I followed the steps and ran into the same problem finding the plist file in leopard. I looked around a little bit, and found that you dont need perian or to change the midi settings at all. In fact, you can turn on Dolby Digital passthrough and get that nice little red dolby digital light (if you have an onkyo amp) by going to the preferences while in the dvd player, it has to be stopped first, and under “disc setup” the audio options at the bottom allow you specify which output you want…and select whatever is appropriate.

    Hope that helps anyone with leopard!

    # Kyle Kolbe Says:

    December 20th, 2007 at 8:33 am

    In Leopard, I’ve settled on Mplayer (1.0rc2 latest svn build, you need X11 installed for it to work). You can set Mplayer’s prefs with a command line to passthrough AC3 and DTS signals from a Mac’s optical output. In Mplayer’s prefs-additional parameters add

    “-ac hwac3,hwdts,”

    I think, I have to double check. Only way I’ve been able to get true surround sound out of MKV files on the Macbook Pro.

    # Andre Lorentsen Says:

    December 31st, 2007 at 5:25 pm

    Followed the steps and can confirm that this works perfectly under Leopard. The plist file is in your home library folder.

    The tip from Kyle Kolbe also works for mplayer 1.0rc2.

  14. I understand the frustration... but remember its not that they are not allowing... you must have a HDCP approved Codex to do 5.1 (or better) and that is a licencing fee. My Dell does not do 5.1 either with out a plugin the same as the apple. it says 5.1 on everything.. but does not put it out.. I blame the MPAA and RIAA for all of the copywrite protection.

    but frustration noted and I believe Apple should have a help on their site that tells you how to do this.