Pages: [1] 2 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Jim McGregor
|
Posted - 2008.08.11 16:19:00 -
[1]
LOL
Soon Linux is the only way to be safe. Windows comes with so many different pieces of vulnerable software (that you cant even uninstall sometimes, as with Internet Exploder) that its really becoming difficult to be safe using it.
---
Originally by: Roguehalo Can you nano Titans?
|
Fraszoid
Caldari Condottieri Industries The Economy
|
Posted - 2008.08.11 16:29:00 -
[2]
Damn, hopefully Firefox will keep me safe. -------------------------------------------------- Everyone is born right handed, only the great over come it.
Check out my players guide at: http://www.eve-miners.info/guide/minersguide.html |
Pwett
Minmatar QUANT Corp. QUANT Hegemony
|
Posted - 2008.08.11 16:29:00 -
[3]
'The approach can also potentially be applied to other operating systems such as Windows XP and Mac OS X. '
Pretty hot. _______________ Pwett CEO, Founder, & Executor <Q> QUANT Hegemony
|
Jim McGregor
|
Posted - 2008.08.11 16:41:00 -
[4]
Originally by: Pwett 'The approach can also potentially be applied to other operating systems such as Windows XP and Mac OS X. '
Pretty hot.
They both have Internet Exploder dont they... ---
Originally by: Roguehalo Can you nano Titans?
|
Xevan Templar
7th Batavian Squadron
|
Posted - 2008.08.11 16:45:00 -
[5]
Originally by: Fraszoid Damn, hopefully Firefox will keep me safe.
This. Started to use firefox several years back, never ever wanting to return back to the lousy bill gates browser Please resize your signature to a maximum size of 400 x 120 pixels and 24000 bytes. Naviagtor |
Meiyang Lee
Gallente Azteca Transportation Unlimited Gunboat Diplomacy
|
Posted - 2008.08.11 16:50:00 -
[6]
Edited by: Meiyang Lee on 11/08/2008 16:50:42 it's not so much IE that's the problem, but the way Windows (especially Vista) treats .Net objects and such within a browser. Vista implicitly trusts a .Net object embedded in a browser, allowing the attacker to load what they want where they want regardless of Vista's other security systems.
Better linkage
|
Jim McGregor
|
Posted - 2008.08.11 16:51:00 -
[7]
Originally by: Meiyang Lee it's not so much IE that's the problem, but the way Windows (especially Vista) treats .Net objects and such within a browser (and no it's not just IE, technically FF is just as vulnerable since it abuses Windows itself, not the browser) Vista implicitly trusts a .Net object embedded in a browser, allowing the attacker to load what they want where they want regardless of Vista's other security systems.
Better linkage
Linux is the only way to be safe(r). ---
Originally by: Roguehalo Can you nano Titans?
|
Pwett
Minmatar QUANT Corp. QUANT Hegemony
|
Posted - 2008.08.11 16:57:00 -
[8]
I really hope this puts to death Vista's fascist ways of file handling.
I don't really need an OS to protect me from myself. No matter what they try to do, if enough people use it it will be hacked. _______________ Pwett CEO, Founder, & Executor <Q> QUANT Hegemony
|
Patch86
Di-Tron Heavy Industries Atlas Alliance
|
Posted - 2008.08.11 17:02:00 -
[9]
Lol, Vista.
So anyone care to explain in simple terms what this hack might be? ------
Originally by: Micheal Dietrich You can even get a midget with a camera to sit on the floorboard.
|
Liranan
M'8'S Frontal Impact
|
Posted - 2008.08.11 17:02:00 -
[10]
Originally by: Jim McGregor
Originally by: Meiyang Lee it's not so much IE that's the problem, but the way Windows (especially Vista) treats .Net objects and such within a browser (and no it's not just IE, technically FF is just as vulnerable since it abuses Windows itself, not the browser) Vista implicitly trusts a .Net object embedded in a browser, allowing the attacker to load what they want where they want regardless of Vista's other security systems.
Better linkage
Linux is the only way to be safe(r).
Apart from all the virusses, malware and hacker related tools that are now targetting Linux, I fully agree with you. Farjung is my God |
|
Xevan Templar
7th Batavian Squadron
|
Posted - 2008.08.11 17:03:00 -
[11]
Originally by: Pwett I really hope this puts to death Vista's fascist ways of file handling.
I don't really need an OS to protect me from myself. No matter what they try to do, if enough people use it it will be hacked.
Agreed. At my work we use programs like Autocad and 3D max, we had one new computer with vista to test it out and it completely Fubar'd these programs.
|
Meiyang Lee
Gallente Azteca Transportation Unlimited Gunboat Diplomacy
|
Posted - 2008.08.11 17:16:00 -
[12]
Originally by: Patch86 Lol, Vista.
So anyone care to explain in simple terms what this hack might be?
If I understood the discussion on [H]OCP correctly it basically comes down to Vista trusting certain objects and scripts used in websites without checking them first. This allows a potential attack to avoid all of Vista's security layers by planting his code where ever he wants in memory (Vista normally randomises the address of any gives piece of data making it much harder to reliably attack another piece of data in memory, since you don't know where it is) And also load other data where he wants (by letting the invading script call for it for example) that way the attacker knows where his malicious software is in the memory and also where his target is, so he can then attack his target with great accuracy. And Vista is utterly powerless to stop it.
|
Delvardious Kaesos
Caldari Ashen Lion Mining and Production Consortium Axiom Empire
|
Posted - 2008.08.11 17:18:00 -
[13]
I'm not really surprised Microsoft would screw themselves over this bad. Their shoddy workmanship is coming back to haunt them. Time for Microsoft to lose more money. ---------------------------------------- Today's Empires, Tomorrow's Ashes.
|
Jacob Mei
|
Posted - 2008.08.11 17:19:00 -
[14]
Vistas fate as worse than Windows2000 has just been sealed me thinks. -------------------------------- To borrow a phrase:
Players who post are like stars, there are bright ones and those who are dim.
|
Tarminic
24th Imperial Crusade
|
Posted - 2008.08.11 17:21:00 -
[15]
Originally by: Meiyang Lee
Originally by: Patch86 Lol, Vista.
So anyone care to explain in simple terms what this hack might be?
If I understood the discussion on [H]OCP correctly it basically comes down to Vista trusting certain objects and scripts used in websites without checking them first. This allows a potential attack to avoid all of Vista's security layers by planting his code where ever he wants in memory (Vista normally randomises the address of any gives piece of data making it much harder to reliably attack another piece of data in memory, since you don't know where it is) And also load other data where he wants (by letting the invading script call for it for example) that way the attacker knows where his malicious software is in the memory and also where his target is, so he can then attack his target with great accuracy. And Vista is utterly powerless to stop it.
Wouldn't an easy solution just be to make it so Vista no longer trusts .net objects implicitly? I don't see why this would be difficult to code... ---------------- Play EVE: Downtime Madness v0.83 (Updated 7/3) |
Pwett
Minmatar QUANT Corp. QUANT Hegemony
|
Posted - 2008.08.11 17:31:00 -
[16]
Originally by: Jacob Mei Vistas fate as worse than Windows2000 has just been sealed me thinks.
You mean Windows ME, right?
I still use 2000 on a few of my computers. It's a very stable platform. _______________ Pwett CEO, Founder, & Executor <Q> QUANT Hegemony
|
Remata Lakira
Terran Coalition
|
Posted - 2008.08.11 17:46:00 -
[17]
Edited by: Remata Lakira on 11/08/2008 17:46:33 This is beautiful I'm waiting for the vista fanbois to go "it's fine, learn to use your computer" so I can laugh some more.
|
Gneeznow
Minmatar North Eastern Swat Pandemic Legion
|
Posted - 2008.08.11 17:48:00 -
[18]
Originally by: Pwett
Originally by: Jacob Mei Vistas fate as worse than Windows2000 has just been sealed me thinks.
You mean Windows ME, right?
I still use 2000 on a few of my computers. It's a very stable platform.
I used windows2000 on my main PC up until they started releasing ''games for windows'' which forced me to install XP to play games like dark messiah and company of heroes, if it were not for that I would still be using win2kPro
|
Bish Ounen
Gallente Omni-Core Freedom Fighters Ethereal Dawn
|
Posted - 2008.08.11 17:56:00 -
[19]
Edited by: Bish Ounen on 11/08/2008 17:57:17
Originally by: Liranan Apart from all the virusses, malware and hacker related tools that are now targetting Linux, I fully agree with you.
Care to provide a link? Because I haven't seen any new exploits specifically aimed at Linux. I have seen some remote exploits in applications that run ON Linux, (MySQL Buffer overflow exploits, Apache security problems, etc., but none of those actually result in the ability to randomly execute code within the OS, and certainly haven't granted Super User level privileges.
I have seen some LOCAL exploits that can grant SU privileges, but those have been patched, and of course, you need to actually be sitting AT the PC to actually USE them. So I'm not sure how they compare to the OCEANS of virii, spyware, and remote exploits from Windows. Tactical Logistics using the last T1 Frigate hull!
|
NightmareX
MAFIA Pirate Coalition
|
Posted - 2008.08.11 18:12:00 -
[20]
Edited by: NightmareX on 11/08/2008 18:13:05 Is Windows Server 2008 also included with this?. Yes Windows Server 2008 runs on the same core as Vista.
I'm just asking, because i'm using Windows Server 2008 as a main OS. Don't want to install Windows Vista on my computer, because i have never been happy with it.
|
|
Asestorian
Sebiestor tribe
|
Posted - 2008.08.11 18:20:00 -
[21]
One of the links does mention Windows Server 2008 as being vulnerable to the attack.
---
Quote: EVE is unfair by design.
|
NightmareX
MAFIA Pirate Coalition
|
Posted - 2008.08.11 18:26:00 -
[22]
Originally by: Asestorian One of the links does mention Windows Server 2008 as being vulnerable to the attack.
I just re-readed the 2nd link that was posted longer up and Server 2008 was mentioned, so i'll then guess i'm also in danger of that.
But i know what i'm doing on my computer, and my security are up to date. And i'm also using Mozilla Firefox 3.0.1, but not sure if that have something with that hack to do.
I'll just use what's best to use, or with the best security on Windows Server 2008 anyways.
|
Yoshimako
|
Posted - 2008.08.11 18:48:00 -
[23]
Originally by: Remata Lakira Edited by: Remata Lakira on 11/08/2008 17:46:33 This is beautiful I'm waiting for the vista fanbois to go "it's fine, learn to use your computer" so I can laugh some more.
How quick all the microsoft haters are to come out of the woodwork...?
At the end of the day, it doesnt matter what you use. Expecially for an average pc user, if someone knowledgeable decides they want to **** up their comp for whatever reason floats their boat then they are going to be able and do it, regardles of what os they are using.
|
Thuranni
The Scope
|
Posted - 2008.08.11 18:49:00 -
[24]
Originally by: Jim McGregor
LOL
Soon Linux is the only way to be safe. Windows comes with so many different pieces of vulnerable software (that you cant even uninstall sometimes, as with Internet Exploder) that its really becoming difficult to be safe using it.
If you honestly think that a piece of open source software is any safer than one developed by a dedicated team of hundreds of (payed) programmers, you are delusional.
The only reason that the security flaws in Linux (I'm certain there are at least as many if not more than in Windows) have not been exposed is that so few people use it, that noone bothers to check. If Linux becomes popular, they will be found, and they will be exploited.
|
Rialtor
Amarr Yarrrateers
|
Posted - 2008.08.11 18:51:00 -
[25]
Edited by: Rialtor on 11/08/2008 18:54:51 Edited by: Rialtor on 11/08/2008 18:51:31
While I am computer savy, I'm not going to pretend like I know OSes like hardcore hackers so I'll take this guy's word for it.
Quote:
Under contest rules, Macaulay and Miller aren't allowed to divulge specific details about their bugs until they are patched, but Macaulay said the flaw that he exploited was a cross-platform bug that took advantage of Java to circumvent Vista's security.
"The flaw is in something else, but the inherent nature of Java allowed us to get around the protections that Microsoft had in place," he said in an interview shortly after he claimed his prize Friday. "This could affect Linux or Mac OS X." Source
But funny how people say Mac's are more secure but it fell in 2 minutes, lol.
What I don't understand is that if he hacked Java, why didn't he just hac the linux boy too. IS this guy allergic to money? ;).
---- sig ----
Never doubt that a small group of thoughtful, committed citizens can change the world... Indeed, it's the only thing that ever has. |
Thuranni
The Scope
|
Posted - 2008.08.11 18:53:00 -
[26]
Originally by: Jim McGregor Soon Linux is the only way to be safe. Windows comes with so many different pieces of vulnerable software (that you cant even uninstall sometimes, as with Internet Exploder) that its really becoming difficult to be safe using it.
Originally by: Rialtor "The flaw is in something else, but the inherent nature of Java allowed us to get around the protections that Microsoft had in place," he said in an interview shortly after he claimed his prize Friday. "This could affect Linux"This could affect Linux or Mac OS X."
lol yourself, Jimbo.
|
northwesten
Amarr Trinity Corporate Services
|
Posted - 2008.08.11 19:00:00 -
[27]
to be honest all these well known OS not 100% but what about FreeBSD? I only know 2 people who uses this.
Trinity Corporate Services
|
Viqtoria
Caldari Groping Hand Social Club
|
Posted - 2008.08.11 19:10:00 -
[28]
i use vista and i don't give a damn. it's great being me. Please keep your signature on-topic.
|
Ryysa
Paisti Paisti Syndicate
|
Posted - 2008.08.11 19:18:00 -
[29]
Originally by: Rialtor hacked Java
Please, stop posting.
EW Guide - KB Tool - My Music |
Rialtor
Amarr Yarrrateers
|
Posted - 2008.08.11 19:23:00 -
[30]
Originally by: Ryysa
Originally by: Rialtor hacked Java
Please, stop posting.
oh I'm sorry, used java to exploit... is that better for you your highness, can I continue posting please?
---- sig ----
Never doubt that a small group of thoughtful, committed citizens can change the world... Indeed, it's the only thing that ever has. |
|
|
|
|
Pages: [1] 2 :: one page |
First page | Previous page | Next page | Last page |