-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2006-06-01, Roy Schestowitz spake thusly:
> __/ [ Mark Kent ] on Thursday 01 June 2006 11:23 \__
>
>> begin oe_protect.scr
>> Mathew P. <Mathew@xxxxxxxx> espoused:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> On 2006-06-01, Roy Schestowitz spake thusly:
>>>> ,----[ Quote ]
>>>>| A woman from Greater Manchester has become a victim of an internet scam
>>>>| in which hackers hijack computer files and blackmail owners to get them
>>>>| back.
>>>>|
>>>>| The new phenomenon, known as Ransomware, means victims cannot access
>>>>| any of the files stored in their My Documents folder.
>>>> `----
>>>>
>>>> http://news.bbc.co.uk/1/hi/england/manchester/5034384.stm
>>>>
>>>> Windows: Insecure by design.
>>>> --Roy Culley
>>>
>>> I've read about this. Utterly amazing. How any clear thinking person
>>> can deny the depth of security vulnerability, and the ease with which
>>> serious breaches can and do occur in Windows, is a mystery. It's like
>>> trying to support a theory that the earth is flat.
>>>
>>
>> The more this kind of thing happens, the more people are going to be
>> looking for secure alternatives. The MS-sponsored FUD (we've seen a lot
>> of it here from the astroturfing crowd) is going to struggle to overcome
>> problems as serious as this.
>
>
> The problem may be that one of the selling point of Linux involves the
> ridicule of a rival. Linux vendors will not play this game. They will boast
> XGL, but rarely serve people some security 'enlightenment'. People will
> knock themselves out and suffer before upgrading to Linux. Seen this
> becoming the sole motivator to a Linux migration before...
>
> One thing I love to see are some recent Ubuntu migrants (maybe weeks or
> months old) who go out of their way to public forums telling Windows users
> how great Ubuntu/Linux is. It leads to exponential expansion. The
> chicken-and-egg scenario (e.g. vendors providing drivers, application ports)
> is soon to be eliminated.
I have never seen or used Ubuntu, but I have heard good things
about it here. I am happy with Fedora, and I have put considerable
time into customizing it just the way I want it (time well spent)
so I wouldn't be going to another distro any time soon. If Ubuntu makes
the acceptance of Linux to windows users more flavorful, than it
is definetly a good thing.
--------------------8<-----------------------
> I know it's slightly off topic, but I spent over an hour this morning erasing
> SPAM. I can assure you that, judging by the repetitive nature of it, it was
> spewed out from Windows zombies.
I have heard people complaining that their windows installation keeps getting
slower and slower. Until I learned about Zombie machines I had no clue that
a windows machine could be hijacked without the user having any knowledge
of it, or of the automated tasks it was performing. Now that I have been
thinking about the two, it seems to me that there is definetly a connection.
When I was a windows user, I actually thought that an OS just naturally
got slower as time went by, and eventually (more sooner than later) a
reinstallation would (naturally, who would doubt?) be neccesary. I think
probably this is true of most non professional windows users. I would
be willing to bet that a great deal of this slow down, BSOD, crashing,
file corruption, chronic drive fragmentation (etc) is due to
zombie machines. I also wouldn't be at all suprised if the attack and
takeover was accomplished via automation with an internet crawler. This
would account for the very high estimated number of hijacked windows boxes.
It would also account for the highly successful DDOS attack method.
> Being a Microsoft-free person, I continue
> to live as a sufferer, which I think is unfair. The legal newsgroups said
> that no case can be made against anybody. That's what the majority said
> anyway...
There is an old saying: nothing is impossible. The universe deals only
in probabilities.
It isn't impossible to consider that no case can be made. I am no lawyer,
but I disagree with the idea that it is. Liability assignment is
often murky waters. I believe that while a case may not be impossible
to build and win, it does have a degree of improbability for a court
win, especially if going up against the likes of MS. This has little
to do with the merits of the case, and everything to do with the
battalion of skilled lawyers on permanent staff at MS.
Having said all of that, there is precedent for making a case. The
manufacturer of a swing set can be held liable for injury to a child if
the product line was not properly designed.
IMHO, this is analagous to the zombie phenominon. An improper software
design (in Windows) is allowing security breaches into the OS of the
personal computer used by a given consumer. It is private property
and an assumption of protection of that property against illegal
attacks is reasonable given the functions that an OS is expected
to provide.
This is the cyberspace equivalent of "breaking and entering". IMO
by virtue of being the producer of Windows, Microsoft can be held
liable.
> Best wishes,
>
> Roy
Regards,
Mathew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)
iD8DBQFEf1nLlkJ5K/IU2ToRAk7FAJ4g2bK1sZUfyD5CfO+cA1TYZq0VDwCg0YvD
x6xd6mQ7p+fRq2qDqj4vOqI=
=OgkA
-----END PGP SIGNATURE-----
--
"Always do the right thing: It will delight / Aluminum Foil Deflector Beanies
some and astound the rest" - Mark Twain / Psychotronic protection, low prices
|
|
