In comp.os.linux.advocacy, William Poaster
on Wed, 9 Aug 2006 23:26:36 +0100
> It was on Wed, 09 Aug 2006 02:00:03 +0000, that The Ghost In The Machine
>> In comp.os.linux.advocacy, Roy Schestowitz
>> on Wed, 09 Aug 2006 01:40:19 +0100
>>> Phishing Trojan plays ping-pong with captured data
>>> ,----[ Quote ]
>>> | After infecting a victim's computer, the Trojan is programmed to
>>> | install itself as an Internet Explorer Browser Helper Object (BHO).
>>> | The software then waits for a victim to post sensitive data online.
>>> | This data, once entered, is captured by the Trojan and sent to attackers.
>> Now where have we heard that one before....? :-)
>> In other news, Microsoft touts major security improvements in Vista,
>> making it "even more secure than earlier Windows client operating
>> And, since one will need it while reading the second link, here's
>> a large grain of salt:
>> / /|
>> / / |
>> +------+ |
>> | | +
>> | | /
>> | |/
>> (Not responsible for cardiovascular damage caused by said crystal of
>> salt or falling out of one's chair.)
> And to counteract M$'s propaganda about Fista, there's this:
> Vista: No Silver Bullet for Security
> ....the new OS still offers a big target, a few weak spots, and plenty of
> room for patching.
> Patch Tuesday is here to stay!
"The OS is just there to run the programs, and if the programs
themselves are not secure, the whole system is insecure."
(Matasano Security researcher Tomas Ptacek)
Does this make sense to anyone else? It makes a little but not a lot of
sense to me; of course running tftp on one's server without proper
safeguards is an invitation to disaster, but a layered security method
helps -- Apache in particular runs as 'nobody' or 'www', an account with
very few if any privileges; it might not even have a home directory.
This is telling, though:
Security aside, Vista doesn't have much more
functionality than XP, says Marc Maiffret, CTO for
eEye Digital Security. "There are almost zero new
functionality features in Vista besides the security
stuff," Maiffret says. "But Microsoft is doing all the
right things with security they can. But eventually,
bugs will be a given."
Windows Vista. Because it's time to refresh your hardware. Trust us.