On Wed, 17 Nov 2004, n3td3v wrote:
...
If I was in gov, I would shut a site down that looks remotely
hax0rish, even if they've done nothing wrong. All these crews and
hacker groups, fk them all. The net needs zero tollerence with online
crime. Govs should have the authority to
On Fri, 13 Aug 2004, neL esoR wrote:
I am surprised this hasn't engendered a lively
discussion, everything else seems to.
In neL's book, this paper ranks as one of the best.
What, and risk Dan Geer's fate? In this economy? I have a wife,
a cat and two kids that depend on me.
Not to put to
On Wed, 7 Jul 2004, joe wrote:
because the *nixs are picking up a lot of the people who were previously
clueless in Windows and they aren't learning much going to *nix. They just
think it is better and more secure because they know even less about it than
they did about Windows.
At least in
On Mon, 21 Jun 2004, Michael Schaefer wrote:
Well, lets see, moving away from the Registry (single point of failure)
would be a good step.
Separating the operating system from programs would be great, I don't
like the fact that everything and it's brother thinks it can or should
dump files
On Mon, 21 Jun 2004, joe wrote:
I am not sure I agree with the first thing. Actually I think it helps in
that it is easier for people to know something is executable veruss having
to look at additional attributes to see if something is executable.
I think that making the name of a file
On Fri, 14 May 2004 [EMAIL PROTECTED] wrote:
It's really sad that Sasser has nailed *so many* machines that Dabber
is able to propagate.
Well, what about the Witty worm? It only infected machines running
a brand of firewall with a particular plug-in, as I read this document
(I'm no Windows
On Tue, 20 Apr 2004, Dave Horsfall quotes:
On Mon, 19 Apr 2004, Gregory A. Gilliss wrote:
...as I recall, there were PDPs, IBMs, Cybers (IBM clones),
CDC, VAXen, and not much else available in '88
What!?! You must be kidding - there were *tons* more hardware vendors
back then, at least in
On Fri, 16 Jan 2004, David F. Skoll wrote:
Not running A/V software on a Linux box is no risk at all. Even the
McAffee A/V software wouldn't detect a worm in time to do any good.
You can take the following simple precautions (which I do): Mount /tmp
noexec, and if you're really paranoid,
On Fri, 19 Dec 2003, Ron DuFresne wrote:
after the @stake recent actions, to be focused these days upon
avoiding mentioning the shortcomings from redmond. Are others reading the
same these days?
Absolutely. After the initial stir that Geer/Scheiener et al's anti-
monoculture broadside
On Mon, 1 Dec 2003, Frank Knobbe wrote:
Maybe one solution for MS could be to unhook IE from the OS, slowly
distance itself from it and instead add a different browser, one that is
more secure, with less bells'n'whistles perhaps. They have abandoned and
replaced products in the past, perhaps
On Mon, 27 Oct 2003, Bill Royds wrote:
Actually most of VMS was written in a programming language called BLISS-32
which was designed to write an OS.
...
The result of BLISS was VAX assembler code rather than raw machine code,
which is why the port to Alpha went the way it did. Bliss
On Sun, 26 Oct 2003, Bill Royds wrote:
You are saying that a language that requires every programmer to check for
security problems on every statement of every program is just as secure as
one that enforces proper security as an inherent part of its syntax?
And I suppose that you also
On Wed, 22 Oct 2003, Peter Busser wrote:
Because Linux people in general seem to be more concerned about speed and
features than about security. For example, the only reason Linux Security
Modules (LSM) have been included in the kernel, is that they don't have a
performance impact on users
On Sat, 18 Oct 2003, S G Masood wrote:
IMHO, testing on a private network is always
preferable for highly accurate predictions.
My guess is that the msblast worm's author did do testing on a private
network. I wrote a simulation of msblast that placed susceptible hosts
in bands in a 16-bit
Rodrigo Barbosa wrote:
As I said, I also think that Micro$oft is as insecure as my 8
y/o daughter playing with a handgun.
And then, On Mon, 29 Sep 2003, Schmehl, Paul L replied:
Your daughter wouldn't be insecure playing with a handgun if she had had
proper handgun safety training.
On Fri, 26 Sep 2003, Rick Kingslan wrote:
I'll not argue that the Windows operating systems are the target of the
majority of virus', but that's typically what happens when a system is used
by a known large group of people that might not be qualified to run a
computer, much less secure it.
I've written a framework for simulating network worms like Code Red
and msblast.
You can read my description of this framework at:
http://www.users.qwest.net/~eballen1/nws/
Let me know what you think.
___
Full-Disclosure - We believe in it.
Charter:
On Fri, 26 Sep 2003, David Hane wrote:
I recently had a machine get hacked before I could finish installing all the
damn remote-root exploit patches that have been released in the last week.
I've done the forensics and I know how they got in and what they did but I
would like to know what
On Mon, 10 Feb 2003, Steve Wray wrote:
One word. Ok two;
Driving Test.
Do you have a driving license?
Did you buy it from a shop or did you have to demonstrate
an acceptable level of competence?
Who administers it?
Holy Crap. You've got to be kidding. What an insane analogy.
First,
On Sat, 1 Feb 2003, Gregory Steuck wrote:
batz == batz [EMAIL PROTECTED] writes:
batz They use: da/dt = Ka(1-a)
...
batz Where K is the rate of information spread (based on number of
batz subscriptions to public lists vs. consortiums) 'a' being the
batz proportion of
On Mon, 20 Jan 2003 [EMAIL PROTECTED] wrote:
Are they exploitable?
I was looking for a format strings exploit on HP-UX,but couldn't find
any. Maybe because they are not exploitable???If they are,I would
appreaciate very much if anyone could provide some information about
that.
I think
On Sun, 22 Dec 2002, Simon Richter wrote:
I believe they have thought about this. Trusted software can only be
debugged on a special developer machine. My personal favourite would
be the carefully crafted DVD, which uses a buffer overflow in a player
routine (where people optimize for speed
On Fri, 20 Dec 2002, Simon Richter wrote:
On Fri, Dec 20, 2002 at 02:47:59AM +0100, yossarian wrote:
What
features will my new computer have, that will convince me to lose certain
options I have right now - playing music, copying what I like, etc?.
I'd say protection from binary viruses
On Fri, 11 Oct 2002, David Vincent wrote:
Even an unmoderated list requires some filtering
of abusers. Otherwise, what good is a list charter?
my point exactly.
At first, I thought the Poot messages were just spam. But the GOBBLES
identity possesses a certain amount of credibility.
24 matches
Mail list logo