Linux-Advocacy Digest #407, Volume #32 Thu, 22 Feb 01 15:13:05 EST
Contents:
Re: Hilter Re: Information wants to be free, Revisited (Aaron Kulkis)
Re: SSH vulnerabilities - still waiting [ was Interesting article ] (The Ghost In
The Machine)
Re: SSH vulnerabilities - still waiting [ was Interesting article ] (Peter da Silva)
Re: The Windows guy. (Aaron Kulkis)
Re: SSH vulnerabilities - still waiting [ was Interesting article ] (The Ghost In
The Machine)
Re: State of linux distros (Bob Hauck)
Re: Information wants to be free, Revisited (Aaron Kulkis)
Re: SSH vulnerabilities - still waiting [ was Interesting article ] (The Ghost In
The Machine)
----------------------------------------------------------------------------
From: Aaron Kulkis <[EMAIL PROTECTED]>
Crossposted-To:
comp.sys.mac.advocacy,comp.sys.next.advocacy,comp.os.ms-windows.advocacy,demon.local
Subject: Re: Hilter Re: Information wants to be free, Revisited
Date: Thu, 22 Feb 2001 14:58:08 -0500
Woofbert wrote:
>
> In article <[EMAIL PROTECTED]>, Aaron Kulkis
> <[EMAIL PROTECTED]> wrote:
>
> > > > **FUCK*** Godwin's pea-brained "law"
> > >
> > > Do you really expect me to agree that that's any better? You still
> > > haven't demonstrated even the most fundamental understanding of what
> > > Godwin's Law says.
> >
> > "Godwin's Law" is worthless clap-trap, twisted to around to be used to
> > try to shut off discussion when the freedom-hater who is losing recognizes
> > the cliff that he's about to be shoved over.
> >
> > Godwin said that the discussion is pretty much pointless after one
> > of THE PARTICIPANTS is compared to Godwin.
> >
> > The Pea-brained of USENET...which constitutes approx. 98% of those
> > posting...have twisted Godwin's observation to mean *any* time
> > Hitler is mentioned....
> >
> > So...the only way to combat these in-duuhhhhhh-viduals is NOT to
> > argue over what "Godwin's Law" is...but to directly contest that
> > [their imaginary version] of Godwin's law has any validity.
> >
> > so, once again, I say:
> >
> > ***FUCK*** Godwin.
> >
> >
> > Satisfied?
>
> Yes. I'm satisfied in my belief that at one time you lost your temper
> and called someone a Nazi.
Only when describing the behavior of Demoncrooks.
> Whoever you were talking with got fed up with
> that sort of stupidity and refused to speak with you any further. Now
> you're all hurt and get all riled up when someone mentions Godwin.
Fuck off, loser.
>
--
Aaron R. Kulkis
Unix Systems Engineer
DNRC Minister of all I survey
ICQ # 3056642
H: "Having found not one single carbon monoxide leak on the entire
premises, it is my belief, and Willard concurs, that the reason
you folks feel listless and disoriented is simply because
you are lazy, stupid people"
I: Loren Petrich's 2-week stubborn refusal to respond to the
challenge to describe even one philosophical difference
between himself and the communists demonstrates that, in fact,
Loren Petrich is a COMMUNIST ***hole
J: Other knee_jerk reactionaries: billh, david casey, redc1c4,
The retarded sisters: Raunchy (rauni) and Anencephielle (Enielle),
also known as old hags who've hit the wall....
K: Truth in advertising:
Left Wing Extremists Charles Schumer and Donna Shelala,
Black Seperatist Anti-Semite Louis Farrakan,
Special Interest Sierra Club,
Anarchist Members of the ACLU
Left Wing Corporate Extremist Ted Turner
The Drunken Woman Killer Ted Kennedy
Grass Roots Pro-Gun movement,
A: The wise man is mocked by fools.
B: Jet Silverman plays the fool and spews out nonsense as a
method of sidetracking discussions which are headed in a
direction that she doesn't like.
C: Jet Silverman claims to have killfiled me.
D: Jet Silverman now follows me from newgroup to newsgroup
...despite (C) above.
E: Jet is not worthy of the time to compose a response until
her behavior improves.
F: Unit_4's "Kook hunt" reminds me of "Jimmy Baker's" harangues against
adultery while concurrently committing adultery with Tammy Hahn.
G: Knackos...you're a retard.
------------------------------
From: [EMAIL PROTECTED] (The Ghost In The Machine)
Crossposted-To: comp.os.ms-windows.nt.advocacy,comp.security.ssh
Subject: Re: SSH vulnerabilities - still waiting [ was Interesting article ]
Date: Thu, 22 Feb 2001 19:58:47 GMT
In comp.os.linux.advocacy, Markus Friedl
<[EMAIL PROTECTED]>
wrote
on 19 Feb 2001 16:46:52 GMT
<96rils$nbm$[EMAIL PROTECTED]>:
>In <Ry9k6.55424$[EMAIL PROTECTED]> "Chad Myers"
><[EMAIL PROTECTED]> writes:
>
>>Really, how do you answer to all these exploits and vulnerabilities?
>
>could you please name every single 'exploits' you are talking about?
>
>could you please name every single 'vulnerabilities' you are talking about?
>
>otherwise it's impossible to take your claims for serious.
>
>
>>Perhaps you should start calling it Not so secure shell (NSSSH).
>
>perhaps you should stop spreading FUD.
>
>perhaps you should stop confusing people.
No no, he's right. Microsoft has never been compromised (Russians),
Windows is ultra-secure (Back Orifice, that weird posting worm on
alt.destroy.microsoft), and Outlook 2000 is the best
mail program out there and has never been attacked by a worm, virus,
or trojan horse (Melissa, ILUVYOU).
Any virus attacks witnessed by users on Windows are the result of
deranged imaginations (don't you believe it!).
(sarcasm off)
To be fair, Redhat apparently has a worm of its own. But that's
specific to RedHat -- not to Linux.
>
>-m
--
[EMAIL PROTECTED] -- insert random misquote here
EAC code #191 17d:10h:25m actually running Linux.
It's a conspiracy of one.
------------------------------
From: [EMAIL PROTECTED] (Peter da Silva)
Crossposted-To: comp.os.ms-windows.nt.advocacy,comp.security.ssh
Subject: Re: SSH vulnerabilities - still waiting [ was Interesting article ]
Date: 22 Feb 2001 19:49:30 GMT
In article <Nbdl6.6069$[EMAIL PROTECTED]>,
Seán Ó Donnchadha <[EMAIL PROTECTED]> wrote:
> By convention, major versions have different filenames, so you can have as
> many as you need in a given directory, a-la MFC40.DLL, MFC42.DLL, etc.
While that workaround does exist and has been used, it's not a formal
convention and there are often cases where "minor versions" are incompatible
with each other.
> You're confused. In Windows, the program does specify the library version
> (it specifies the library's filename, which identifies its major version).
For those libraries where the library writer has chosen to include the major
version (but not the minor version) in the filename.
> This is almost exactly what happens in Unix, where the program specifies
> something like libfoo.so.1 (major version), which by convention is just a
> symbolic link to something like libfoo.so.1.4 (minor version). In both
> cases, the program specifies only the major version.
That depends on the program. In cases where it matters the program can specify
a minor version, and any version with that minor version number or later is
considered to satisfy the requirement.
> This is done to allow
> the library to be updated without disturbing the program. But if you allow
> that, you're leaving the door open for software components that were never
> lab-tested in combination to be run that way.
In which case the program can provide its own copy of the minor version
required, anywhere in the library search path, and it will load it without
conflicting with other versions that may be loaded, EVEN if the major and
minor version numbers are the same.
In practice, there are two significant differences here:
1. There is a formal naming convention that all libraries and files follow.
2. The library is identified by the file it was loaded from, not the file name,
so a program with special requirements can be accomodated with a special
version of the library.
> Yes, and...? Are you trying to imply that only Windows makes it possible for
> OS updates to break applications?
No, I'm stating that the shared library mechanism used by Windows makes it
impossible to correct such situations except by running a back-version OS,
and refusing to install any software that requires a more up-to-date library,
whereas other shared library mechanisms don't have that fundamental design
flaw.
> "Peter da Silva" <[EMAIL PROTECTED]> wrote:
> > For values of protected that don't include, say, being protected
> > against being used to launch spam,
> No, you may simply run the browser as a user who has no address book. That's
> what I do.
And this makes it impossible for the ActiveX applet to explicitly open a
TCP/IP connection and act as an open relay?
> > denial of service attacks,
> Examples please?
Any of the distributed denial of service tools can be embedded in ActiveX
applets.
> > or further exploits against other hosts on the LAN,
> No, the local user account I use has no identity (and therefore no rights)
> on the LAN.
That makes it impossible for the ActiveX applet to explictly open a TCP/IP
connection and run exploit code over it?
> > WAN, or Internet.
> You mean that the ActiveX control may connect to arbitrary Internet
> resources, whereas something like a Java applet may not? I suppose you do
> have a small point there.
I mean that an ActiveX applet can do anything that the locally logged on user
can do. Any exploit, spam, or DDOS tool can be delivered to and run by the
applet, no matter what your local privileges are.
> > You're being somewhat disingenuous about the "sufficiently low user
> > privileges" since virtually no applications, not even Microsoft's own
> > leading applications such as Office, can be used under any privilege
> > level low enough to prevent an ActiveX exploit from compromising your
> > computer.
> Sorry, but that's just totally untrue.
An ActiveX aplet can do anything the locally logged in user can. If the
locally logged in user can write to files from Microsoft Word, then so
can the applet. If the locally logged in user can read from an Access
database containing proprietary information, then so can the ActiveX applet.
If the locally logged on user can read or modify shared calendar entries,
then so can the applet. If the locally logged in user can save changes to
Word templates, then so can the applet.
If your system is locked down so far that the locally logged in user can
not make network connections or modify any persistent state that might be
able to used to hide executable code or a script, then there's little real
work that user can do in, say, Microsoft Office.
--
`-_-' In hoc signo hack, Peter da Silva.
'U` "A well-rounded geek should be able to geek about anything."
-- [EMAIL PROTECTED]
Disclaimer: WWFD?
------------------------------
From: Aaron Kulkis <[EMAIL PROTECTED]>
Subject: Re: The Windows guy.
Date: Thu, 22 Feb 2001 15:02:45 -0500
[EMAIL PROTECTED] wrote:
>
> On Wed, 21 Feb 2001 20:11:54 -0500, Aaron Kulkis <[EMAIL PROTECTED]> wrote:
> >
> [deletia]
> >> > Any edition of the "dinosaur" book should do.
> >>
> >> Should it?
> >
> >Yes
> >> Are you guessing?
> >
> >No
> >
> >> Have you actually read this in the book?
> >
> >Yes
> >
> >> Simply provide a page reference.
> >
> >Do your OWN homework, shithead.
> >
> >You *DO* know how to use a subject index, don't you.
> >
> >
> >Clue for the fucking clueless (That includes YOU, Funkenbush):
> >
> > He's not talking about "The Adventures of Barney"
> >
>
> This is a better link (shorter).
>
> http://www.bell-labs.com/topic/books/os-book/
>
Whoops...got my dinosaur computer books mixed up.
> >
> >
> >See:
>http://www.amazon.com/exec/obidos/ASIN/0201100886/o/qid=982804266/sr=8-1/ref=aps_sr_b_1_1/107-8739579-6387762
>
> [deletai]
>
> --
>
> Ease of use should be associated with things like "human engineering"
> and "use the right tool for the right job". And of course,
> "reliability", since stopping to fix a problem or starting over due
> to lost work are the very antithesis of "ease of use".
>
> Bobby Bryant - COLA
> |||
> / | \
--
Aaron R. Kulkis
Unix Systems Engineer
DNRC Minister of all I survey
ICQ # 3056642
H: "Having found not one single carbon monoxide leak on the entire
premises, it is my belief, and Willard concurs, that the reason
you folks feel listless and disoriented is simply because
you are lazy, stupid people"
I: Loren Petrich's 2-week stubborn refusal to respond to the
challenge to describe even one philosophical difference
between himself and the communists demonstrates that, in fact,
Loren Petrich is a COMMUNIST ***hole
J: Other knee_jerk reactionaries: billh, david casey, redc1c4,
The retarded sisters: Raunchy (rauni) and Anencephielle (Enielle),
also known as old hags who've hit the wall....
K: Truth in advertising:
Left Wing Extremists Charles Schumer and Donna Shelala,
Black Seperatist Anti-Semite Louis Farrakan,
Special Interest Sierra Club,
Anarchist Members of the ACLU
Left Wing Corporate Extremist Ted Turner
The Drunken Woman Killer Ted Kennedy
Grass Roots Pro-Gun movement,
A: The wise man is mocked by fools.
B: Jet Silverman plays the fool and spews out nonsense as a
method of sidetracking discussions which are headed in a
direction that she doesn't like.
C: Jet Silverman claims to have killfiled me.
D: Jet Silverman now follows me from newgroup to newsgroup
...despite (C) above.
E: Jet is not worthy of the time to compose a response until
her behavior improves.
F: Unit_4's "Kook hunt" reminds me of "Jimmy Baker's" harangues against
adultery while concurrently committing adultery with Tammy Hahn.
G: Knackos...you're a retard.
------------------------------
From: [EMAIL PROTECTED] (The Ghost In The Machine)
Crossposted-To: comp.os.ms-windows.nt.advocacy,comp.security.ssh
Subject: Re: SSH vulnerabilities - still waiting [ was Interesting article ]
Date: Thu, 22 Feb 2001 20:03:09 GMT
In comp.os.linux.advocacy, Peter da Silva
<[EMAIL PROTECTED]>
wrote
on 22 Feb 2001 16:42:08 GMT
<973fh0$[EMAIL PROTECTED]>:
>In article <l0al6.6050$[EMAIL PROTECTED]>,
>Seán Ó Donnchadha <[EMAIL PROTECTED]> wrote:
>> Actually Peter, your facts on Win32 are fundamentally flawed because it most
>> certainly *DOES* provide version control for shared libraries
>> (VS_VERSION_INFO resources along with version-aware file installation APIs).
>
>Does that allow you to have multiple versions of the same library installed?
I suspect yes. The fact that the OS doesn't read the multiple versions
after instaling one of them picked more or less at random (depending on
the first app run) is a very very eentsy teensy tiny itty bitty flaw....
:-)
[rest snipped]
--
[EMAIL PROTECTED] -- no, it's not a yellow polka dot bikini, either
EAC code #191 17d:10h:33m actually running Linux.
No electrons were harmed during this message.
------------------------------
From: [EMAIL PROTECTED] (Bob Hauck)
Subject: Re: State of linux distros
Reply-To: hauck[at]codem{dot}com
Date: Thu, 22 Feb 2001 20:04:28 GMT
On 22 Feb 2001 18:20:55 GMT, Donovan Rebbechi <[EMAIL PROTECTED]> wrote:
>I think it will be difficult to get rid of SuSE and Turbo, because SuSE
>is "European Linux", Turbo is "East Asian Linux". Redhat is essentially
>"American Linux". (Debian is "free Linux") They all seem to have pretty
>solid niches carved out for themselves. On the other hand, Caldera don't
>fit into this picture at all.
Caldera wants to position themselves as "Business Linux".
They seem to be relying on a value-added strategy more than selling
boxed sets. This fits in with SCO and their network of VAR's who sell
not "Unix" so much but rather "Dental Office Automation", "Rental Car
Tracking"or "Call Center Management". Turnkey vertical apps in other
words.
--
-| Bob Hauck
-| Codem Systems, Inc.
-| http://www.codem.com/
------------------------------
From: Aaron Kulkis <[EMAIL PROTECTED]>
Crossposted-To:
comp.sys.mac.advocacy,comp.sys.next.advocacy,comp.os.ms-windows.advocacy
Subject: Re: Information wants to be free, Revisited
Date: Thu, 22 Feb 2001 15:07:28 -0500
"Donal K. Fellows" wrote:
>
> Craig Kelley wrote:
> > That's my point. Do we want Nancy Reagan on TV
>
> No! Anything but that!
>
> > telling everyone, "Don't buy handguns"?
>
> Shucks! If you'd stopped with the first half of that sentence, it would
> have been so much less contentious... :^)
>
> > Because the law will not change the fact that
> > criminals have them; ie, the same people who abuse them even now.
>
> IIRC from the debate when handguns were banned in the UK, whether or not
> the criminal element have them was not considered to be a major factor,
> but rather on the nutcases with a grudge against their workplace, school,
> neighbourhood or just humanity in general. Criminals break the law, so
> what's another law to them? Madmen are a different matter.
If you stop on 20-death nutcase by passing laws that facilitate
80 seperate, individual homocides....what is the benefit, exactly?
[Other than putting the English people back into a position with
respect to their government, that existed between the people
and Little John]
>
> Donal.
> --
> Donal K. Fellows http://www.cs.man.ac.uk/~fellowsd/ [EMAIL PROTECTED]
> -- I have to warn you up front that I'm pretty sure you're full of crap, but
> it might still be interesting to see your argument.
> -- Bill Newman <[EMAIL PROTECTED]>
--
Aaron R. Kulkis
Unix Systems Engineer
DNRC Minister of all I survey
ICQ # 3056642
H: "Having found not one single carbon monoxide leak on the entire
premises, it is my belief, and Willard concurs, that the reason
you folks feel listless and disoriented is simply because
you are lazy, stupid people"
I: Loren Petrich's 2-week stubborn refusal to respond to the
challenge to describe even one philosophical difference
between himself and the communists demonstrates that, in fact,
Loren Petrich is a COMMUNIST ***hole
J: Other knee_jerk reactionaries: billh, david casey, redc1c4,
The retarded sisters: Raunchy (rauni) and Anencephielle (Enielle),
also known as old hags who've hit the wall....
K: Truth in advertising:
Left Wing Extremists Charles Schumer and Donna Shelala,
Black Seperatist Anti-Semite Louis Farrakan,
Special Interest Sierra Club,
Anarchist Members of the ACLU
Left Wing Corporate Extremist Ted Turner
The Drunken Woman Killer Ted Kennedy
Grass Roots Pro-Gun movement,
A: The wise man is mocked by fools.
B: Jet Silverman plays the fool and spews out nonsense as a
method of sidetracking discussions which are headed in a
direction that she doesn't like.
C: Jet Silverman claims to have killfiled me.
D: Jet Silverman now follows me from newgroup to newsgroup
...despite (C) above.
E: Jet is not worthy of the time to compose a response until
her behavior improves.
F: Unit_4's "Kook hunt" reminds me of "Jimmy Baker's" harangues against
adultery while concurrently committing adultery with Tammy Hahn.
G: Knackos...you're a retard.
------------------------------
From: [EMAIL PROTECTED] (The Ghost In The Machine)
Subject: Re: SSH vulnerabilities - still waiting [ was Interesting article ]
Date: Thu, 22 Feb 2001 20:09:11 GMT
In comp.os.linux.advocacy, Peter Köhlmann
<[EMAIL PROTECTED]>
wrote
on Mon, 19 Feb 2001 22:41:48 +0100
<[EMAIL PROTECTED]>:
>Chad Myers wrote:
>>
>> All wrappings around Telnet. In the end, it's just telnet. It's utilities
>> to make telnet more available, but isn't really an improvement on telnet.
>> In the end, the user is still just telnetting.
>>
>
>Chad, when will you learn to read the posts of others?
>SSH is NOT telnet. Telnet is a protocol, ftp is a protocol,
>ssh is a protocol.
I think you mean SSL, or perhaps TLS.
Then again, SSH sits on top of one of those and has a protocol of its own
(a fairly simple one, I would think, based on keystrokes). :-)
>SSh is NOT a wrapper around telnet, that is just fucking bullshit from
>Chad Myers, the present Wintendo-Troll.
Sshd might be construed as a wrapper around /bin/login, in a weird
sort of way. However, that's sshd, the daemon side; ssh (the client
side) does not call telnet, nor does sshd call telnetd AFAIK.
(I have the source for ssh, I probably should look to be sure. :-) )
[rest snipped]
--
[EMAIL PROTECTED] -- insert random misquote here
EAC code #191 17d:10h:37m actually running Linux.
It's a conspiracy of one.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.advocacy.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
