Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [Roy makes accusations he can't prove] [Rival] Consequcnes of Windows' "Everyone's Admin" Mentality

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 21 Mar 2008 13:41:47 -0400,
 Erik Funkenbusch <erik@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> On Fri, 21 Mar 2008 16:34:18 +0000, Roy Schestowitz wrote:
>
>> ____/ chrisv on Friday 21 March 2008 16:19 : \____
>> 
>>> Erik Funkenbusch wrote:
>>> 
>>>>On Fri, 21 Mar 2008 12:01:42 +0000, Roy Schestowitz wrote:
>>>>
>>>>> [There are reports about people misusing Internet cafes that are based on
>>>>> Windows, but here's a case where jail is considered:]
>>>>> 
>>>>> Hacker Pleads Guilty to Computer Fraud
>>>>> 
>>>>> ,----[ Quote ]
>>>>>| A 21-year-old could face up to 10 years in prison in the U.S. after
>>>>>| pleading guilty to installing advertising software on PCs located around
>>>>>| Europe without permission.
>>>>> `----
>>>>> 
>>>>> http://www.pcworld.com/article/id,143620-pg,1/article.html
>>>>
>>>>Funny, but Linux's "root can do all mentality" didn't seem to stop hackers
>>>>from compromising your server.
>>>>
>>>>You really should just stop complaining about windows security.  Your own
>>>>server being hacked destroyed your ability to honestly talk about this.
>>> 
>>> Certainly.  Because "security is binary", right Fuddie?
>>> 
>>> Fsckwit.
>> 
>> The attack was carried out through phpBB, not GNU/Linux. First time in 7 years.
>
> Linux is a collection of everything that runs on it, just as Windows is a
> collection of everything that runs on it.
>

and yet you have oft times in the past claimed that flaws in Win32 apps
(that happent also have a Linux version) are not vulnerabilities in
"Windows" when they are vulnerabilities in "Linux"

> The point was, you claimed that your site was hacked by another account,
> that means they had to get root access to access other accounts, that means
> a root privilege escalation.
>

or crap security of phpbb. Go figure. No, a root exploit is not the only
way. PhPBB writes and reads files as the apache user (at least on
fedora/Centos) So no, overwriting one website via another doesn't
require root exploit.  

> I wonder how that happened.

unpatched vulnerability in the app most likely. Assuming your question
was serious.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH5A8Xd90bcYOAWPYRAnpbAKDNHu80SLo/dGlxRF/dEnByRkCmCQCg3Mqz
f117E8miZQ6wX+wtk2W3eKA=
=fs/a
-----END PGP SIGNATURE-----

-- 
Jim Richardson     http://www.eskimo.com/~warlock
God grant me the serenity to accept the things I cannot
change, the courage to change the things I can, and the
weaponry to make the difference stick!

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index