Can we really trust IT?


log in

Advanced search

Message boards : Politics : Can we really trust IT?

Previous · 1 · 2 · 3 · 4 · 5 · 6 · 7 . . . 13 · Next
Author Message
WinterKnight
Volunteer tester
Send message
Joined: 18 May 99
Posts: 8737
Credit: 25,595,351
RAC: 12,970
United Kingdom
Message 1335359 - Posted: 7 Feb 2013, 5:30:28 UTC

It looks like MS and Symantec are attempting to clean up some problems, but admit it is the tip of the iceberg.

http://uk.reuters.com/article/2013/02/06/us-cybercrime-raid-idUKBRE91515K20130206

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1335873 - Posted: 8 Feb 2013, 19:12:27 UTC
Last modified: 8 Feb 2013, 19:13:24 UTC

Patching over a raft of secret problems across all of a certain OS AND some of its applications:


Every single Internet Explorer at risk of drive-by hacks until Patch Tuesday

FIFTY-SEVEN gaping holes [about to be?] closed this month

... Five of the 12 software updates addressing the gaping holes will tackle critical flaws that allow miscreants to execute code remotely on vulnerable systems.

In all, the soon-to-be-patched vulnerabilities exist in the Windows operating system, Internet Explorer web browser, Microsoft Server Software, Microsoft Office and the .NET framework. ...



Strange that sort of widespread expansive fix across all levels of OS and applications for such critical vulnerabilities is never seen for other systems... All an artifact of design, or a side effect of expansive monopoly? And what next?!


IT is what we make it...
Martin
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12976
Credit: 7,660,525
RAC: 9,517
United States
Message 1336947 - Posted: 11 Feb 2013, 5:10:27 UTC - in response to Message 1335873.

Strange that sort of widespread expansive fix across all levels of OS and applications for such critical vulnerabilities is never seen for other systems...

Because other systems have no applications?

Profile Ex
Volunteer moderator
Volunteer tester
Avatar
Send message
Joined: 12 Mar 12
Posts: 2895
Credit: 1,797,699
RAC: 396
United States
Message 1336995 - Posted: 11 Feb 2013, 7:30:35 UTC - in response to Message 1336947.
Last modified: 11 Feb 2013, 7:33:36 UTC

...

Because other systems have no applications?

Utter rubbish. =P 90% of my computing is GNU/Linux, and I do some pretty nifty stuff here. :-)
____________
-Dave #2

3.2.0-33

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337036 - Posted: 11 Feb 2013, 14:07:49 UTC - in response to Message 1336947.
Last modified: 11 Feb 2013, 14:08:37 UTC

Strange that sort of widespread expansive fix across all levels of OS and applications for such critical vulnerabilities is never seen for other systems...

Because other systems have no applications?

Have your powers of discussion really degenerated to something so sad and pathetic? Or do you now admit that you are flogging a dead horse of trolling to try to beef up any implausible argument?


Can you, in any way, add anything positively useful or interesting to discussions on these forums?

IT and discussion are what we make them...
Martin

(Apologies for dredging up old idioms for punning the present unfolding Romanian beef scandal.)
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337037 - Posted: 11 Feb 2013, 14:10:45 UTC

The stifling expense of a game of monopoly?


Apple, Microsoft and Adobe summoned by Australia

Technology giants Apple, Microsoft and Adobe have been called by the Australian parliament to appear before a committee looking at pricing levels. ...


IT is what we make it...
Martin

____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12976
Credit: 7,660,525
RAC: 9,517
United States
Message 1337197 - Posted: 11 Feb 2013, 21:48:39 UTC - in response to Message 1337036.

Strange that sort of widespread expansive fix across all levels of OS and applications for such critical vulnerabilities is never seen for other systems...

Because other systems have no applications?

Have your powers of discussion really degenerated to something so sad and pathetic? Or do you now admit that you are flogging a dead horse of trolling to try to beef up any implausible argument?

What system. Oh that's right, only Microsoft has a system with applications bundled. But that still wouldn't be right. Apple has a system and it is the one you like *nix, and it comes bundled with applications. You don't bash it, because if you did you would be bashing your own precious system. Linux has no bundled applications. They all come from other suppliers.

So you scream and scream about the bundled applications and call them the system. So you flog the dead horse again and again. Change the title of the thread to "BASH MICROSOFT" and go look in the mirror. The little word describing the picture in the mirror is disingenuous.


____________

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337270 - Posted: 12 Feb 2013, 0:44:52 UTC - in response to Message 1337197.

What system. Oh that's right, only Microsoft ... Change the title of the thread to "BASH MICROSOFT" ...

Perhaps it is Microsoft that is generating most of the examples of late?

I'm very sure that Apple has raised the ire of many people with Steve Job's death-bed parting gift of "Thermonuclear litigation" to stifle world developments in IT... (However, I guess various lawyers are very happy with all the arguments... All at our expense...)

And your useful examples of contribution to discussions are what?...


IT is very much what we make it...
Martin

____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337274 - Posted: 12 Feb 2013, 0:50:38 UTC

Two contrasting snippets:


Samba 4 arrives with full Active Directory support

The team behind the Samba Project has released version 4.0 of its open source Windows interoperability software suite, the first version to offer full compatibility with Microsoft's Active Directory protocols.

The Samba stack is by far the most popular solution for networking non-Microsoft platforms with Windows machines, but previous versions only provided Windows NT Domain Controller functionality.

According to the Samba Team's press release, Samba 4 can now act as an Active Directory Domain Controller and offer services to any currently supported versions of client-side Windows, including Windows 8. ...

... What all of this means is that for the first time, organizations have the option of replacing one or more Microsoft Active Directory servers – currently priced starting at $501 apiece for the small business version and scaling up to the Moon – with alternatives based on 100 per cent free software, via Samba 4.0 running on Linux or some other free OS.

If Microsoft is upset about that, though, it's not letting on. ...

... That agreement only came after the European Commission ordered Microsoft to disclose technical information about Windows to its rivals, as a result of an anti-trust ruling against the company in 2004. ...




Microsoft licence cops kick in TWICE as many customers' doors as rivals

Microsoft audited far more customers on software licensing than its rivals managed during 2012 - and Redmond is expected to turn the screws further over the next two years. ...



2004?... That has been rather a long wait... Is that any way to run a business?

IT is what we make it...
Martin

____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12976
Credit: 7,660,525
RAC: 9,517
United States
Message 1337288 - Posted: 12 Feb 2013, 2:20:25 UTC - in response to Message 1337274.

Microsoft licence cops kick in TWICE as many customers' doors as rivals

Microsoft audited far more customers on software licensing than its rivals managed during 2012

Thought there might have been something there, but there wasn't. Doesn't even say what "customers" means or how it came up with the percentages. Then it doesn't say anything about the survey being conducted in a scientific manner or give error bars.

There are lies, damn lies and statistics.

But they did self report their piracy was about 38%
38% of enterprises indicated that 11% or more of their application spend is associated with applications that are overused, and therefore out of compliance, up from 26% one year ago.


And Microsoft looks to be doing more random than the others
Microsoft was the leading auditor reported across all organization sizes. The other application producers favored performing audits of the large organizations (over $1B revenue), to a greater degree than Microsoft did.


With 38% percent of the responses coming from pirates, perhaps Microsoft is just better at figuring out who is a pirate than the other vendors, unless their software is just that more popular.

Of course the BSA runs radio advertising offering a bounty to report.

____________

Profile Ex
Volunteer moderator
Volunteer tester
Avatar
Send message
Joined: 12 Mar 12
Posts: 2895
Credit: 1,797,699
RAC: 396
United States
Message 1337475 - Posted: 12 Feb 2013, 16:13:55 UTC - in response to Message 1337197.

Strange that sort of widespread expansive fix across all levels of OS and applications for such critical vulnerabilities is never seen for other systems...

Because other systems have no applications?

Have your powers of discussion really degenerated to something so sad and pathetic? Or do you now admit that you are flogging a dead horse of trolling to try to beef up any implausible argument?

What system. Oh that's right, only Microsoft has a system with applications bundled. But that still wouldn't be right. Apple has a system and it is the one you like *nix, and it comes bundled with applications. You don't bash it, because if you did you would be bashing your own precious system. Linux has no bundled applications. They all come from other suppliers.

So you scream and scream about the bundled applications and call them the system. So you flog the dead horse again and again. Change the title of the thread to "BASH MICROSOFT" and go look in the mirror. The little word describing the picture in the mirror is disingenuous.


Actually one could argue the exact opposite. Linux has almost every popular open source app in the repository lists on each distro... all in one easy to find easy to use location...
____________
-Dave #2

3.2.0-33

Profile James Sotherden
Avatar
Send message
Joined: 16 May 99
Posts: 9026
Credit: 36,974,051
RAC: 24,714
United States
Message 1337484 - Posted: 12 Feb 2013, 16:49:44 UTC - in response to Message 1337475.

Strange that sort of widespread expansive fix across all levels of OS and applications for such critical vulnerabilities is never seen for other systems...

Because other systems have no applications?

Have your powers of discussion really degenerated to something so sad and pathetic? Or do you now admit that you are flogging a dead horse of trolling to try to beef up any implausible argument?

What system. Oh that's right, only Microsoft has a system with applications bundled. But that still wouldn't be right. Apple has a system and it is the one you like *nix, and it comes bundled with applications. You don't bash it, because if you did you would be bashing your own precious system. Linux has no bundled applications. They all come from other suppliers.

So you scream and scream about the bundled applications and call them the system. So you flog the dead horse again and again. Change the title of the thread to "BASH MICROSOFT" and go look in the mirror. The little word describing the picture in the mirror is disingenuous.


Actually one could argue the exact opposite. Linux has almost every popular open source app in the repository lists on each distro... all in one easy to find easy to use location...

Ex, were getting close to the shut down, But later tomorow Im going to PM you about converting my wifes old laptop over to linux.
____________

Old James

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12976
Credit: 7,660,525
RAC: 9,517
United States
Message 1337507 - Posted: 12 Feb 2013, 21:34:17 UTC - in response to Message 1337475.

Actually one could argue the exact opposite. Linux has almost every popular open source app in the repository lists on each distro... all in one easy to find easy to use location...

Wow a list of other peoples products, not made by the maker of the distro. That leaves people free to bash an application and O/S maker but disingenuously compare them to an O/S only maker. If what you implied was true, then with Java on that list it would be correct to say that Linux has tons and tons of security issues.


____________

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337717 - Posted: 13 Feb 2013, 11:41:54 UTC - in response to Message 1337507.

Actually one could argue the exact opposite. Linux has almost every popular open source app in the repository lists on each distro... all in one easy to find easy to use location...

Wow a list of other peoples products, not made by the maker of the distro. That leaves people free to bash an application and O/S maker but disingenuously compare them to an O/S only maker. If what you implied was true, then with Java on that list it would be correct to say that Linux has tons and tons of security issues.

I'm sorry, but I just do not follow your desperate negativity and 'trashing' upon every post. All just a silly game of Trolling? Or are you paid to spread FUD?


Please note the name "distro". That is short for "distribution". In the early days of the Linux kernel and the GNU collection of software building an operating system, developers and users had to run through a recipe to download (old FTP) and compile software from all around the internet of the day. A very slow and very Geekie early days method during rapid development. Certain Geeks streamlined the process by collecting core components together in one place that they then distributed... The GPL licensing deliberately allows (and encourages) that. It helps everyone.

Since those very early days, the name/description "distro" has stuck and the description "Linux distro" has come to describe any collection of software operating on top of a Linux kernel. A great security strength is the use of signed repositories where all the software for a particular distro is kept in effect in one place.

Further notes:

You are free to keep to just a distro's collection of software, or you are equally free to know your stuff for yourself to add your own.

Two interesting variations on that theme are the Google Android system which is the Linux kernel with Google's "Bionic" libc/OS, and the GNU Hurd microkernel (suffering stalled development) with the GNU OS. ("Linux" is often used to describe all of the Linux kernel + GNU OS + FLOSS applications.)


Educated? Enthused even?

IT is what we make it,
Martin


____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337718 - Posted: 13 Feb 2013, 11:44:43 UTC - in response to Message 1337507.

... free to bash...


Note also the shell environment Bash... (Very deliberately and cleverly so named!)


:-)

IT is what we make it...
Martin

____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337725 - Posted: 13 Feb 2013, 12:20:50 UTC
Last modified: 13 Feb 2013, 12:21:35 UTC

Is this the 'proprietary way' of abusing FLOSS?


Lots of router vulnerabilities, not many patches

... Routers from Linksys, Netgear and repeat offender D-Link are affected. Some of the vulnerabilities can be exploited to inject commands remotely. ...


All that looks to be a rather poor example of non-maintenance, and of risque broad feature richness left unmaintained.



IT is what we make it...
Martin
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337903 - Posted: 13 Feb 2013, 21:00:44 UTC

It is that messy time of month again:

Get up, shake off the hangover: These 57 Microsoft holes won't fix themselves

... A bumper Microsoft Patch Tuesday has rolled out 12 security bulletins that collectively address a hefty 57 vulnerabilities.

... reveal critical holes ... 13 bugs found in Internet Explorer, ... privilege-escalation flaw in win32k.sys, a core Windows kernel-mode component ... gain control of a user's machine via a drive-by download.

... patches Microsoft's web browser to squash a security bug in an ActiveX dynamic-link library. This update is, if anything, even more important because it addresses a vulnerability that's being actively exploited by miscreants.

The other critical updates cover Windows bugs...



The comments to that article speak for themselves. These monthly updates add quite a burden in the desktop IT world...

A serious question: Are we really being 'unfair' on Microsoft? Or are there design problems there that other operating systems and products simply do not suffer?... (Please, no unsubstantiated anecdotes or random opinion. Referenced examples only.)



IT is what we make it...
Martin

____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 8567
Credit: 4,232,641
RAC: 1,152
United Kingdom
Message 1337905 - Posted: 13 Feb 2013, 21:03:25 UTC

Can you trust this?


Intel's new TV box to point creepy spy camera at YOUR FACE

One day we're gonna watch you like it's 1984...



IT is what we make it...
Martin


____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12976
Credit: 7,660,525
RAC: 9,517
United States
Message 1337934 - Posted: 13 Feb 2013, 23:28:07 UTC - in response to Message 1337903.

privilege-escalation flaw in win32k.sys, a core Windows kernel-mode component

http://technet.microsoft.com/en-us/security/bulletin/ms13-016
The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerabilities.

For Windows 8, Windows Server 2012, and Windows RT this security update has no severity rating.

Severity ratings do not apply to this update for the specified software because the known attack vectors for these vulnerabilities are blocked.

Sounds like if you are running outdated software, only then is it an issue.


____________

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12976
Credit: 7,660,525
RAC: 9,517
United States
Message 1339443 - Posted: 19 Feb 2013, 21:31:54 UTC

http://news.yahoo.com/exclusive-apple-hit-hackers-targeted-facebook-last-week-182005220.html

The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch attacks against Facebook , which the social network disclosed on Friday.

Apple said it plans to release a piece of software on Tuesday, which it said customers can use to identify and repair Macs infected with the malware used in the attacks.

So why does Apple have to repair Oracle Corp's Java software?

____________

Previous · 1 · 2 · 3 · 4 · 5 · 6 · 7 . . . 13 · Next

Message boards : Politics : Can we really trust IT?

Copyright © 2014 University of California