|
Home > Archive > Starsiege Tribes > March 2006 > Bwahahahahaha........
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Bwahahahahaha........
|
|
| Miracle 2006-03-05, 5:32 am |
| Okay, it's like, 12-day-old news, but still......
Security experts detect second Apple worm
Computer virus targets Mac operating system via Bluetooth
Reuters
Updated: 6:21 p.m. ET Feb. 21, 2006
SAN FRANCISCO - A new computer worm targeting Apple Computer
Inc.'s Macintosh computers has been identified for the second time in
one week, security experts said.
The new worm, called OSX.Inqtana.A, spreads through a vulnerability
in Apple's OS X operating system via Bluetooth wireless connections,
antivirus company Symantec said.
"We have speculated that attackers would turn their attention to other
platforms, and two back-to-back examples of malicious code targeting
Macintosh OS X ... illustrate this emerging trend," said Vincent Weafer,
senior director at Symantec Security Response.
The latest virus follows OSX/Leap-A, which was identified last week
and believed to be the first such virus targeting the Mac platform. That
worm attempts to spread via Apple's iChat instant messaging program,
which is compatible with America Online's popular AIM instant messaging
program.
Symantec said the latest worm attempts to use Bluetooth connections
to spread by searching for other Bluetooth-using devices that will accept
requests for a connection when the computer is restarted.
Bluetooth is a wireless technology used to transmit data among devices
at short distances.
The worm spreads via a vulnerability in the OS X operating system
called the Apple Mac OS X BlueTooth Directory Traversal Vulnerability.
If a Bluetooth connection is made, the worm attempts to send itself to
those remote computers. However, the worm itself does not appear to
pose an immediate threat.
"While this particular worm is not fully functional, the source code could
be easily modified by a future attacker to do damage," Weafer said, adding
that Mac users should install available software patches to their operating
systems to prevent such attacks.
The latest worm was identified Friday. Both worms are ranked a Level 1
threat on a scale of 1 to 5, with 5 being the most severe, Symantec said.
_______________________________________________________________________________
Posted Via Uncensored-News.Com - Accounts Starting At $6.95 - http://www.uncensored-news.com
<><><><><><><> The Worlds Uncensored News Source <><><><><><><><>
| |
| Hellmark 2006-03-07, 5:38 am |
| Miracle's last words before the Sword of Azrial plunged through his body
were:
quote:
> Okay, it's like, 12-day-old news, but still......
2 in a week's time, with something like 4 in total ever (if you discount
MS Word macro viruses, that targeted any system with Word, regardless of
OS). Compare that to how many are released to windows in a single day.
| |
| Miracle 2006-03-07, 5:38 am |
| Hellmark wrote:
quote:
> Miracle's last words before the Sword of Azrial plunged through his
> body were:
>
> 2 in a week's time, with something like 4 in total ever (if you
> discount MS Word macro viruses, that targeted any system with Word,
> regardless of OS). Compare that to how many are released to windows
> in a single day.
Look:
""We have speculated that attackers would turn their attention to other
platforms, and two back-to-back examples of malicious code targeting
Macintosh OS X ... illustrate this emerging trend," said Vincent Weafer,
senior director at Symantec Security Response."
Two important words here: "emerging trend". I'm just saying........
_______________________________________________________________________________
Posted Via Uncensored-News.Com - Accounts Starting At $6.95 - http://www.uncensored-news.com
<><><><><><><> The Worlds Uncensored News Source <><><><><><><><>
| |
|
|
| Hellmark 2006-03-08, 5:35 am |
| Miracle's last words before the Sword of Azrial plunged through his body
were:
quote:
> Hellmark wrote:
> Look:
> ""We have speculated that attackers would turn their attention to other
> platforms, and two back-to-back examples of malicious code targeting
> Macintosh OS X ... illustrate this emerging trend," said Vincent Weafer,
> senior director at Symantec Security Response."
> Two important words here: "emerging trend". I'm just saying........
Thats because for hackers (not the XXXXing script kiddy assholes who do
most of the damage), Windows is passe. In Hacking competitions, killing a
windowsbox scores far less points than a mac, linux, or unix machine. Its
been like that for quite some time now, and been especially bad in the
last few months with really nothing new coming from the windows front. No
major security patches, Service pack 3 is more than a year away, Vista
won't be out till later this year (although, Microsoft did have to ship a
security update for the Vista prereleases, since they've been hacked
fairly easily). Also another reason for people to turn their attention to
Macs is the added press they've had lately for the intel switch, so while
ordinarily, they'd not get a second notice for this, its now big news.
Also, on both of these proof of concept viri (since they don't actually do
damage), the root password is requested and must be entered before the
virus can take effect. That's one major difference that most people are
also neglecting, since for windows users its a concept totally foreign to
them because the vast majority run as the XXXXing administrator, and never
experienced a secure multiuser enviroment. For mac users, its not really a
problem, since if they went to view an image, and a terminal window pops
up instead, plus another window asking for the root password because a
system change was requested, that's really a giant red flag saying "THIS
SHIT AIN'T RIGHT!" and to hit the cancel button instead.
| |
|
|
| Miracle 2006-03-08, 5:35 am |
| Hellmark wrote:
quote:
> Miracle's last words before the Sword of Azrial plunged through his
> body were:
>
> Thats because for hackers (not the XXXXing script kiddy assholes who
> do most of the damage), Windows is passe. In Hacking competitions,
> killing a windowsbox scores far less points than a mac, linux, or
> unix machine. Its been like that for quite some time now, and been
> especially bad in the last few months with really nothing new coming
> from the windows front. No major security patches, Service pack 3 is
> more than a year away, Vista won't be out till later this year
> (although, Microsoft did have to ship a security update for the Vista
> prereleases, since they've been hacked fairly easily). Also another
> reason for people to turn their attention to Macs is the added press
> they've had lately for the intel switch, so while ordinarily, they'd
> not get a second notice for this, its now big news.
>
> Also, on both of these proof of concept viri (since they don't
> actually do damage), the root password is requested and must be
> entered before the virus can take effect. That's one major difference
> that most people are also neglecting, since for windows users its a
> concept totally foreign to them because the vast majority run as the
> XXXXing administrator, and never experienced a secure multiuser
> enviroment. For mac users, its not really a problem, since if they
> went to view an image, and a terminal window pops up instead, plus
> another window asking for the root password because a system change
> was requested, that's really a giant red flag saying "THIS SHIT AIN'T
> RIGHT!" and to hit the cancel button instead.
Okay, remember I said it's late and I'm tired- do you mean the
Mac OS acts as its own virus software? This is what I'm trying to
wrap my poor tired head around: You said "For mac users, its not
really a problem, since if they went to view an image, and a terminal
window pops up instead, plus another window asking for the root
password because a system change was requested, that's really a
giant red flag saying "THIS SHIT AIN'T RIGHT!" and to hit the
cancel button instead."
Isn't that what an AV proggie does?
_______________________________________________________________________________
Posted Via Uncensored-News.Com - Accounts Starting At $6.95 - http://www.uncensored-news.com
<><><><><><><> The Worlds Uncensored News Source <><><><><><><><>
| |
| Hellmark 2006-03-08, 5:35 am |
| Miracle's last words before the Sword of Azrial plunged through his body
were:
quote:
> Hellmark wrote:
> Okay, remember I said it's late and I'm tired- do you mean the
> Mac OS acts as its own virus software? This is what I'm trying to
> wrap my poor tired head around: You said "For mac users, its not
> really a problem, since if they went to view an image, and a terminal
> window pops up instead, plus another window asking for the root
> password because a system change was requested, that's really a
> giant red flag saying "THIS SHIT AIN'T RIGHT!" and to hit the
> cancel button instead."
> Isn't that what an AV proggie does?
No, it does not try to act like an antivirus program. AV apps detect and
remove malware, where as this simply is a security measure to make sure
that only proper people can make vital system changes. On every OS, but
Windows (although MS is trying to change that, but still way far behind),
there is the root or admin user, and then the normal user account that
gets used for typical computer usage. Root/admin/super-user only gets used
to make a change to the OS and any other important files, and all other
users cannot make those changes (personal profile changes, that only
effect the user, and not the system, are not included in this root only
stuff). For example, on your normal windows box, the normal user account
is the admin account, and so when you get a virus it can do what ever it
wants, where as on a machine setup in the *nix method, the normal user
cannot do anything to harm the OS, so all a virus could do is harm that
user's personal files, but the computer still works ok. On a mac, when
something that can effect the system is requested (either by the user
themselves, by an installation program, or malware), OSX pops up with a
nice window requesting the admin password and ID, saying that something
wanted to effect the system. If the info is incorrect, or the cancel
button is selected, then that system changing operation is not done. Yes,
most AV apps do this to some, very limited (no password or ID, just a yes
or no "Are you sure?" box), extent on Windows, but that's only because its
more secure, and Windows isn't doing it in the first place. If all Windows
systems were configured like like OSX/Linux/Unix then the AV software
would not need to do it.
That whole principal is why most *nix users don't freak out, and often
laugh when there is a major windows security issue, is because Windows
doesn't do things in a correct manner in the first place. Effectively, for
the consumer market, Windows has been a single user only OS (meaning, one
single account, that can do anything) until XP was introduced (NT and 2000
before it were multi user, but those aren't consumer grade OS's like 95,
98, ME, XP Home, etc). Due to this 25 year single user only mentality (say
25, since I am including DOS, since thats where this shit started, since
Windows was originally just a shell), many programmers abused that with
poor programming techniques that essentially required that sort of setup.
Microsoft (unlike Apple, and other companies, for their own systems) never
did anything to stop that bad behavior. Now, Microsoft kinda has got
themselves into a catch 22, to either do steps into the right direction to
secure things to prevent viruses and other forms of malware from being
such a big problem but break a massive amount of programs (example, after
service pack 2 was released, how over 450 programs were acknowledged by MS
to not run correctly, including over 40 MS programs) or leave things as is
but make it easier for malware.
While there are many other security holes and such, and things will never
be 100% secure for ANY OS, if you have such a flawed basis, you cannot
expect a good result. That issue is just one of the problematic ways
Windows goes about in doing things.
Damn, I'm long winded tonight.
| |
| ScratchMonkey 2006-03-08, 5:35 am |
| "Miracle" <GetLost@yourexpense.com> wrote in news:440e9f76_1
@news6.uncensored-news.com:
quote:
> Okay, remember I said it's late and I'm tired- do you mean the
> Mac OS acts as its own virus software?
Windows has the same protection. But application writers have written stuff
that only works when the user has full administrative privileges. And
that's because most programmers are click-and-drool types who can't escape
the poor practices enouraged by the MS development tools. So users run as
administrators and all the protection of a modern OS is already bypassed.
You know how everytime someone has a network-related problem, the solution
is to disable the whole firewall? And no mention is made of determining why
the firewall might be an issue so that the minimum opening is made for the
offending application? It's the same thing with telling users to fix
problems by running as administrator.
AV programs are for the most part band-aids that attempt to re-introduce
the protection that's already present by guessing which program activities
are signs of maliciousness.
It's possible for Apple and Linux users to run all the time as
Administrator (AKA root) but the practice is strongly discouraged and
anyone who admits to running routinely as root is going to be laughed out
of the house.
When you hear about new exploits discovered on Linux, a lot of them are
"privilege escalation" exploits in which a program running as a regular
user somehow manages to escalate its rights to that of root. You never hear
about these kinds of things on Windows because everyone is already running
as "root" and the virus doesn't have to worry about that hurdle.
| |
| Hellmark 2006-03-08, 7:37 pm |
| Miracle's last words before the Sword of Azrial plunged through his body
were:
quote:
> ScratchMonkey wrote:
> Indeed! Plus, Bluetooth just settled the lawsuit, so they're free
> to expand in all directions. Email via Bluetooth is HUGELY popular
> in big cities.
Don't you mean Blackberry? Bluetooth is a wireless standard, not a company.
| |
| Hellmark 2006-03-08, 7:37 pm |
| ScratchMonkey's last words before the Sword of Azrial plunged through his
body were:
quote:
> "Miracle" <GetLost@yourexpense.com> wrote in news:440e9f76_1
> @news6.uncensored-news.com:
> AV programs are for the most part band-aids that attempt to re-introduce
> the protection that's already present by guessing which program activities
> are signs of maliciousness.
> It's possible for Apple and Linux users to run all the time as
> Administrator (AKA root) but the practice is strongly discouraged and
> anyone who admits to running routinely as root is going to be laughed out
> of the house.
I know that some programs for normal usage refuse to run if the account
running them was root (cant remember which ones, just remember reading
about and seeing some do that).
| |
| ScratchMonkey 2006-03-08, 7:37 pm |
| Hellmark <hellmark@gmail.XXXXSPAM.com> wrote in
news:pan.2006.03.08.10.59.54.841827@gmail.XXXXSPAM.com:
quote:
> I know that some programs for normal usage refuse to run if the account
> running them was root (cant remember which ones, just remember reading
> about and seeing some do that).
I see it a lot as well, often in scripts that are intended for use by
ordinary users and where the author doesn't want his script to accidentally
scram the system.
[ `id -u` = 0 ] && fail "Do not run as root"
(This assumes that fail is a Bash function that echoes its argument and
exits with non-zero status.)
The popup prompting for root's password is likely a wrapper script for the
real program. That's how Red Hat installs system configuration utilities in
the regular Gnome desktop menus.
| |
| Miracle 2006-03-10, 7:40 pm |
| Hellmark wrote:
quote:
> Miracle's last words before the Sword of Azrial plunged through his
> body were:
>
> Don't you mean Blackberry? Bluetooth is a wireless standard, not a
> company.
Yeah. <red face> Hey, I'll blame it on the fever........
_______________________________________________________________________________
Posted Via Uncensored-News.Com - Accounts Starting At $6.95 - http://www.uncensored-news.com
<><><><><><><> The Worlds Uncensored News Source <><><><><><><><>
| |
| Miracle 2006-03-10, 7:40 pm |
| Thanks, you two! I saved your posts for later, when I'm
using more brain cells than I am right now. :o}
_______________________________________________________________________________
Posted Via Uncensored-News.Com - Accounts Starting At $6.95 - http://www.uncensored-news.com
<><><><><><><> The Worlds Uncensored News Source <><><><><><><><>
|
| |
|
|