Le jeudi 25 février 2010 23:43:54, Mark Shuttleworth a écrit :
> We're bringing social interaction from the web, into the desktop. We're
> breathing life back into the city center, as it were. We're making the
> desktop more human. This is our mission, our reason for loving what we
> do. I'm sorry
===
Ubuntu Security Notice USN-905-1 February 26, 2010
sudo vulnerabilities
CVE-2010-0426, CVE-2010-0427
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex Jones is a Hal Turner like intel-asset. He runs this gig out
of Austin, TX called infowars. Kind of a conspiracy-minded,
rightwing news portal.
Think about the waco/ruby ridge typo culture. Stuff that the gov
monitors very closely.
I don't know
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Well considering the tone I used, Frankly, I'm surprised you even
dignified that. I don't always speak in such a tone. It's just the
atmosphere of the scene here.
I want my system here to be pure and free. No blogcruft.
Remember how XP and Vista woul
On Thu, Feb 25, 2010 at 22:43, Mark Shuttleworth wrote:
> On 25/02/10 22:28, John Q Public wrote:
>
> Ubuntu one? Chatroom accounts? Online, Invisible? You're turning
> the default Ubuntu into your huge autistic chatroom.
>
>
> We're bringing social interaction from the web, into the desktop
> There are loads of known vulns in winhlp32.exe, particularly in the
> decompression routines. That's why it was removed from Vista, and why
> .hlp files are considered to be dangerous file formats.
.HLP == executable
According to http://en.wikipedia.org/wiki/WinHelp :
"A rather security critic
bugsban...@hushmail.com wrote:
> ...Unpatched bug since Mozilla firefox 3.0...
>
> Mozilla "INsecurity team" remember, security through obscurity just
> DOESN'T WORK...
> Locking down bugzilla advisories even the 2 years old ones is
> unnecessary and lame.
Care to expand on "locking down" and "
> Rather funny than scary:
> http://isec.pl/vulnerabilities10.html
There are loads of known vulns in winhlp32.exe, particularly in the
decompression routines. That's why it was removed from Vista, and why
.hlp files are considered to be dangerous file formats.
___
Rather funny than scary:
http://isec.pl/vulnerabilities10.html
cheers!
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
I must admit that this is crap. I don't blame the ubuntu team for
wanting to integegrate this kind of tools in the default base packages,
Since ubuntu is mainly designed for the masses. Nevertheless i will
remove them ( the ubuntu one client as well ) in my upcoming lucid lynx
fork ( www.shado
> anyone see this and know about it? How it works and good detection?
>
> http://www.brickhousesecurity.com/pc-computer-spy.html
>
autorun.inf is how it installs itself.
once installed, it works like any other rootkit spyware (screen grabs,
keystroke/window logger, etc).
Cheers,
Michael Hol
It uses i-bots, nano i-bots to be exact ;)
On Fri, Feb 26, 2010 at 7:35 AM, RandallM wrote:
> anyone see this and know about it? How it works and good detection?
>
> http://www.brickhousesecurity.com/pc-computer-spy.html
>
> --
> been great, thanks
> RandyM
> a.k.a System
>
> _
getPlus insufficient domain name validation vulnerability
Yorick Koster, April 2009
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:050
http://www.mandriva.com/security/
anyone see this and know about it? How it works and good detection?
http://www.brickhousesecurity.com/pc-computer-spy.html
--
been great, thanks
RandyM
a.k.a System
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosu
LOL
It was funny!
2010/2/25 Mark Shuttleworth
> On 25/02/10 22:28, John Q Public wrote:
>
> wtf is this.
>
> A centralized identity system?
>
> In an open source operating system? By default?
>
> You're going overboard here. You're just a rich trustfunder and
> your proles are afraid to say
*SyScan'10 CALL FOR PAPERS*
*ABOUT SYSCAN'10*
This year, SyScan'10 will be held in the 4 exciting cities of Singapore,
Hangzhou, Taipei and Ho Chi Minh City. Details are as follows:
*/SyScan'10 Singapore
/*date: 17 – 18 June 2010
*/SyScan'10 HangZhou
/*date: 10 - 11 July 2010
*/SyScan'10 Taipei
On Thu, Feb 25, 2010 at 2:57 PM, Dan Kaminsky wrote:
> That's 20% with a work effort of effectively 0 per password with a single
> dictionary. Spend a few minutes of brute force on each pass and the success
> rate grows.
Of course. Which is why I said it depends on what you consider "minimal". ;
On 25/02/10 22:28, John Q Public wrote:
> wtf is this.
>
> A centralized identity system?
>
> In an open source operating system? By default?
>
> You're going overboard here. You're just a rich trustfunder and
> your proles are afraid to say you're making a huge error.
Just a tip: when you're givi
Dan -
> I see where you're coming from, but what are the most recent statistics
> on the effectiveness of hash cracking? Isn't it something like 70% of the
> passwords in the field can be cracked with a minimal amount of brute
> forcing?
Of course this depends on what you mean by "minimal".
h
20 matches
Mail list logo