Where Can I Buy a Zombie PC?

Windows XP >> Where Can I Buy a Zombie PC? The answer is ... pretty much anywhere. If you can purchase a PC that runs
Windoze XP, you've got the potential to have your very own Zombie PC.

"Four-fifths of spam now emanates from computers contaminated with Trojan
horse infections, according to a study by network management firm Sandvine
out this week. Trojans and worms with backdoor components such as Migmaf
and SoBig have turned infected Windows PCs into drones in vast networks of
compromised zombie PCs.

Sandvine reckons junk mails created and routed by "spam Trojans" are
clogging ISP mail servers, forcing unplanned network upgrades and stoking
antagonism between large and small ISPs."

Full article here:

http://www.theregister.co.uk/2004/06/04/trojan_spam_study/

--
WGA is the best thing that has happened for Linux in a while.

The ULTIMATE Windoze Fanboy:

http://video.google.com/videoplay?docid=-2370205018226686613

Is this a modern day equivalent of a Nazi youth rally?:

http://www.ntk.net/media/developers.mpg

A 3D Linux Desktop (video) ...

http://www.youtube.com/watch?v=DUSn-jBA3CE

View Some Common Linux Desktops ...
http://shots.osdir.com/

Windows XP1314

Windows XP >> Where Can I Buy a Zombie PC? Ground Cover wrote:

> You mean like this:
>
> http://www.experts-exchange.com/Security/Linux_Security/Q_21243561.html
>

Like nearly TWO years ago? Is that the best you can come up with?

--
Gordon Burgess-Parker
Systems and Management Accounting
www.gbpcomputing.co.uk

Windows XP >> Where Can I Buy a Zombie PC? Its still ture today!

Unless you patch your OS, Windows or the 31 flavor crap OS, you will be
prone to problems.

More misinformation from the 31 flavor idiots.

"Gordon" <EMail@HideDomain.com> wrote in message
news:EMail@HideDomain.com...
> Ground Cover wrote:
>
>> You mean like this:
>>
>> http://www.experts-exchange.com/Security/Linux_Security/Q_21243561.html
>>
>
> Like nearly TWO years ago? Is that the best you can come up with?
>
> --
> Gordon Burgess-Parker
> Systems and Management Accounting
> www.gbpcomputing.co.uk

Windows XP >> Where Can I Buy a Zombie PC? The Experts Exchange article is actually 6 months newer than the article =
that the OP cited!

http://www.theregister.co.uk/"2004/06/04"/trojan_spam_study/

--=20

Ronnie Vernon
Microsoft MVP
Windows Shell/User

"Gordon" <EMail@HideDomain.com> wrote in message =
news:EMail@HideDomain.com...
> Ground Cover wrote:
>=20
>> You mean like this:
>>=20
>> =
http://www.experts-exchange.com/Security/Linux_Security/Q_21243561.html
>>=20
>=20
> Like nearly TWO years ago? Is that the best you can come up with?
>=20
> --=20
> Gordon Burgess-Parker
> Systems and Management Accounting
> www.gbpcomputing.co.uk

Windows XP >> Where Can I Buy a Zombie PC? Ground Cover wrote:

>
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,3
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,4
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,5
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,6
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,7
>
> https://rhn.redhat.com/errata/rh-desktop-4-errata.html
>
> http://www.experts-exchange.com/Operating_Systems/Q_21418532.html

very interesting - if you go to the root page of most of those sites, they
don't exist. So I take this "redhack" and "zone-h" with a HUGE pinch of
scepticism.
Funny all those supposed attacks haven't been reported elsewhere, isn't it?

--
Gordon Burgess-Parker
Systems and Management Accounting
www.gbpcomputing.co.uk

Windows XP >> Where Can I Buy a Zombie PC? On Wednesday 12 July 2006 08:28 am, Ground Cover had this to say in
microsoft.public.windowsxp.general:

> You mean like this:
>
> http://www.experts-exchange.com/Security/Linux_Security/Q_21243561.html
>
No I don't mean like that you Wintard. There's a big difference between a
website being hacked and turning a computer into a zombie pc. But an idiot
like you wouldn't know the difference.

> NoStop wrote:
>>> The answer is ... pretty much anywhere. If you can purchase a PC
>>> that runs Windoze XP, you've got the potential to have your very own
>>> Zombie PC.
>>>
>>> "Four-fifths of spam now emanates from computers contaminated with
>>> Trojan horse infections, according to a study by network management
>>> firm Sandvine out this week. Trojans and worms with backdoor
>>> components such as Migmaf and SoBig have turned infected Windows PCs
>>> into drones in vast networks of compromised zombie PCs.
>>>
>>> Sandvine reckons junk mails created and routed by "spam Trojans" are
>>> clogging ISP mail servers, forcing unplanned network upgrades and
>>> stoking antagonism between large and small ISPs."
>>>
>>> Full article here:
>>>
>>> http://www.theregister.co.uk/2004/06/04/trojan_spam_study/
>>>
>>>
>>> --
>>> WGA is the best thing that has happened for Linux in a while.
>>>
>>> The ULTIMATE Windoze Fanboy:
>>>
>>> http://video.google.com/videoplay?docid=-2370205018226686613
>>>
>>> Is this a modern day equivalent of a Nazi youth rally?:
>>>
>>> http://www.ntk.net/media/developers.mpg
>>>
>>> A 3D Linux Desktop (video) ...
>>>
>>> http://www.youtube.com/watch?v=DUSn-jBA3CE
>>>
>>> View Some Common Linux Desktops ...
>>> http://shots.osdir.com/

--
WGA is the best thing that has happened for Linux in a while.

The ULTIMATE Windoze Fanboy:

http://video.google.com/videoplay?docid=-2370205018226686613

Is this a modern day equivalent of a Nazi youth rally?:

http://www.ntk.net/media/developers.mpg

A 3D Linux Desktop (video) ...

http://www.youtube.com/watch?v=DUSn-jBA3CE

View Some Common Linux Desktops ...
http://shots.osdir.com/

Windows XP >> Where Can I Buy a Zombie PC? On Wednesday 12 July 2006 09:09 am, Ground Cover had this to say in
microsoft.public.windowsxp.general:

> Gordon wrote:
>>> Ground Cover wrote:
>>>
>>>> You mean like this:
>>>>
>>>> http://www.experts-exchange.com/Security/Linux_Security/Q_21243561.html
>>>>
>>>
>>> Like nearly TWO years ago? Is that the best you can come up with?
>>>
>>> --
>>> Gordon Burgess-Parker
>>> Systems and Management Accounting
>>> www.gbpcomputing.co.uk
>
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,3
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,4
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,5
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,6
>
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer,redhack/page,7
>
Again, you're just going to have to learn the difference between a simple
website defacement and the actual taking over control of ones pc. Taking
over a website and defacing it doesn't mean there was any sort of inherent
security shortcomings. If I can guess a webmaster's password ... say
through a dictionary attack ... I can easily gain ftp access to that
website's files and make changes to the files. That is a TOTALLY different
thing that having a trojan installed on your pc allowing for some outsider
to take control of your pc and use it for illegal purposes.

You know, you really should understand something about computers before you
post your useless conter-attacks.

> https://rhn.redhat.com/errata/rh-desktop-4-errata.html
>
> http://www.experts-exchange.com/Operating_Systems/Q_21418532.html

ditto for the above links. Clueless Wintard trying to attack Linux with such
silliness.

--
WGA is the best thing that has happened for Linux in a while.

The ULTIMATE Windoze Fanboy:

http://video.google.com/videoplay?docid=-2370205018226686613

Is this a modern day equivalent of a Nazi youth rally?:

http://www.ntk.net/media/developers.mpg

A 3D Linux Desktop (video) ...

http://www.youtube.com/watch?v=DUSn-jBA3CE

View Some Common Linux Desktops ...
http://shots.osdir.com/

Windows XP >> Where Can I Buy a Zombie PC? What a idiot.

"Again, you're just going to have to learn the difference between a simple
website defacement and the actual taking over control of ones pc. Taking
over a website and defacing it doesn't mean there was any sort of inherent
security shortcomings."

Windows XP >> Where Can I Buy a Zombie PC? Ground Cover wrote:
> Troll.

You realize that's an ad hominem, don't you?

It's clear you have no argument, or you'd set it forth. Dismissing him
does not dismiss the argument he has made, no matter how much you wish
it so.

Try again?

rl
--
Rhonda Lea Kirk

If you ever need some proof that time can heal your wounds,
just step inside my heart and walk around these rooms;
where the shadows used to be.... Mary Chapin Carpenter

Windows XP >> Where Can I Buy a Zombie PC? Ground Cover wrote:
> Rhonda Lea Kirk wrote:
>>> Ground Cover wrote:
>>>> Troll.
>>>
>>> You realize that's an ad hominem, don't you?
>>>
>>> It's clear you have no argument, or you'd set it forth. Dismissing
>>> him does not dismiss the argument he has made, no matter how much
>>> you wish it so.
>>>
>>> Try again?
>>>
>>> rl
>>> --
>>> Rhonda Lea Kirk
>>>
>
> The lame stupidity sometimes drives me too far I admit - my apologies
> to all OE users who post and read here.
>
> He's assuming that the Linux boxes were not actually compromised. But
> they were, in fact, copromised and the websites were mangled to less
> and to more extents. The cited website gives no description of the
> actual hack .. and if it were just password guesses, well, that's a
> lot of guessed passwords, don't you think?
>
> Here's a good article:
>
> http://weblogs.asp.net/rreese/archive/2004/03/04/83971.aspx

Thank you.

rl
--
Rhonda Lea Kirk

If you ever need some proof that time can heal your wounds,
just step inside my heart and walk around these rooms;
where the shadows used to be.... Mary Chapin Carpenter

Windows XP >> Where Can I Buy a Zombie PC? Ground Cover wrote:
> You mean like this:
>

Please don't feed the trolls. (And everyone knows that if the Register
ever printed/published a fact, the editor responsible was canned the
very next day.)

--

Bruce Chambers

Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Windows XP >> Where Can I Buy a Zombie PC? On Wednesday 12 July 2006 01:39 pm, Ground Cover had this to say in
microsoft.public.windowsxp.general:

> Rhonda Lea Kirk wrote:
>>> Ground Cover wrote:
>>>> Troll.
>>>
>>> You realize that's an ad hominem, don't you?
>>>
>>> It's clear you have no argument, or you'd set it forth. Dismissing
>>> him does not dismiss the argument he has made, no matter how much
>>> you wish it so.
>>>
>>> Try again?
>>>
>>> rl
>>> --
>>> Rhonda Lea Kirk
>>>
>
> The lame stupidity sometimes drives me too far I admit - my apologies to
> all OE users who post and read here.
>
> He's assuming that the Linux boxes were not actually compromised. But they
> were, in fact, copromised and the websites were mangled to less and to
> more extents. The cited website gives no description of the actual hack ..
> and if it were just password guesses, well, that's a lot of guessed
> passwords, don't you think?
>
Yes of course that was a lot of guessed passwords. But in case you didn't
know there hare cracker tools that do just that and VERY quickly. It isn't
some Wintard sitting at his computer trying this one and then that one.

> Here's a good article:
>
> http://weblogs.asp.net/rreese/archive/2004/03/04/83971.aspx

What's so good about an article from a M$ shill that doesn't back up her
allegations? Go to a reputable place like CERT to find out what's really
happening in terms of online security.

--
WGA is the best thing that has happened for Linux in a while.

The ULTIMATE Windoze Fanboy:

http://video.google.com/videoplay?docid=-2370205018226686613

Is this a modern day equivalent of a Nazi youth rally?:

http://www.ntk.net/media/developers.mpg

A 3D Linux Desktop (video) ...

http://www.youtube.com/watch?v=DUSn-jBA3CE

View Some Common Linux Desktops ...
http://shots.osdir.com/

Windows XP >> Where Can I Buy a Zombie PC? Ground Cover

"Windows" OS has world dominance in business and home
computing not because it is superiour technically to other
OS's such as Mac, UNIX, Linux, FreeBSD, etc..., for indeed
it is inferior technically because it is a DOS based OS, even
although DOS is a powerfu language, but Windows
dominance is because MS and Bill Gates in particular were
very cleaver from the beginning in getting the hardware
companys on board from day one, and providing business
with a support structure, that often lacks to this day in other
OS's, business needs certainty in IT operations that is what
MS offered, some might say but did not deliver all that well.

Lets look at the Sony HomeBetaMAX (beta) and Victor
Company of Japan (JVC) VHS format battle in the home
video tape battle. The reasion why VHS won over BetaMAX
(Beta) was simply that JVC signed up more hardware
manufacturers than Sony did. The fact that VHS has a
simpler tape transport control system, helped of course, but
ultimately the share weight of hardware manufactures using
the VHS format won the day. To this day we all know that
BetaMAX (Beta) is technically superior especially when
using flying head insert editing, etc. but VHS have over the
years managed an increase in tape transport control and
included acceptable insert editing.etc.

OP was pointing out that many home PC are under "Alien"
control and sending spam, etc to an unsuspecting world.

This is a fact and most disturbing is that these innocent little
home PC's may often be involved is very nasty operations
without their owners knowledge.

"online security" at present and into the forseeable future,
there really is no such thing.

"The price of freedom is eternal vigilance"

Remember never trust a computer they have no morals.

Watch out for the "Zombie" Computers they are everywhere.

"Ground Cover" wrote:

> Q. What wastes ones time and annoys for no good reason?
> A. Linux guy who doesn't know where to post.
>
> Q. If Linux is "so great" why are you spending your time at
> msnews.microsoft.com ??
> A. Because Linux isn't all that great.
>
> Q. If Linux is so great why doesn't everyone adopt it?
> A. Because linux isn't all that great.
>
> Q. Where shoud a Linux Advocate post advocacy?
> A. A Linux Advocacy newsgroup.
>
> Now, quit trolling and go do something useful like helping someone who
> depended on the Linux Apache combo and now who's websites are hacked.
> Perhaps you might help them migrate to Windows Server 2003.
>
>
>

Windows XP >> Where Can I Buy a Zombie PC? In article <EMail@HideDomain.com>, EMail@HideDomain.com says...
> Ground Cover wrote:
> > Troll.
>
> You realize that's an ad hominem, don't you?
>
> It's clear you have no argument, or you'd set it forth. Dismissing him
> does not dismiss the argument he has made, no matter how much you wish
> it so.
>
> Try again?

Didn't you just troll the poster that you replied to?

--

EMail@HideDomain.com
remove 999 in order to email me

Windows XP >> Where Can I Buy a Zombie PC? On Thursday 13 July 2006 08:41 am, Ground Cover had this to say in
microsoft.public.windowsxp.general:

> To a great extent that is true.
>
> You also forgot a few points.
>
<snipping a long "history" of computers by Gound Cover>
>
> To be honest, I only ever caught one malware -as far as I know

hahaha ... "as far as you know" ... that's a good one.

> - and that
> was when I ignored a call to install a certain patch for if I were running
> Windows 2000 with IIS installed. But, otherwise I had already done some
> reading etc. and was not one likely to fall for the "screensaver" in the
> email. And since I had been involved with JavaScript, I had decided early
> on to turn it off [a bit ironic - I knew how to code it, so I browse
> default with it off].
>
> Many of Microsoft's problems, security-wise, is its users.

Typical MickeyMouse shill - BLAME THE USER (victim).

> They want
> JavaScript ON. They want Java ON .. always.

Can you imagine today's web without javascript?

> They want ActiveX ON.

This is a MickeyMouse "innovation" and shouldn't be allowed on the Web.

> Vulnerabilites get identified and patched, but the user .. the user wants
> to see the dancing bunnies - at all costs - and there's not much can be
> done.

These same users will undoubtedly be flocking to Vista as it will offer
dancing bunnies and not much else.

> A PC owner has the right to run as root.

The Windoze XP installation routine does this by default. Why did
MickeyMouse do this? Probably doesn't make that much difference as Windoze
isn't a true multiuser operating system to start with.

> The install routine can
> make "users" but at some point the software company has to "hand over the
> keys" so to speak. Yet there's no requirement that the PC owner have ever
> read even a
> magazine article on how to run the thing ..
>
> .. Anway, the storm has abated somewhat.
>
Abated?

http://www.thehostingnews.com/article2057.html

"Malware, Worms and Viruses, Increase 240% in 2005
News

Glendale, California - (The Hosting News) - February 22, 2006 - Internet
security and virus alert company, PandaLabs, is reporting a 240% increase
in the number of new malware specimens detected in 2005. In all, over
46,000 new threats, including viruses, worms, Trojans, bots and other types
of malware, were detected in 2005, compared to 13,000 threats detected in
2004. "

"Therefore, by the end of this year, the number of new variants detected
could exceed 100,000, which is more than the computer threats detected in
the previous 20 years."

ALL directed at Windoze boxes, btw. Because they're so easy to target!

Rootkits are the up and coming means of attack. Here's a rather interesting
article:

http://www.computerweekly.com/Articles/Article.aspx?liArticleID=215403&liFlavourID=1

"Huge increase in Windows-targeted stealth malware
by Tash Shifrin
Tuesday 18 April 2006

Security experts have warned of a 700% rise in reports of rootkits ? malware
that actively conceals its existence using stealth technology ? over the
past year.

The most dramatic rise has been in rootkits targeted at Windows systems,
security firm McAfee said in a white paper, with the number of
Windows-based malware stealth components shooting up by 2,300% between 2001
and 2005.

Over the same period, the number of Linux-based rootkits has fallen to a
?negligible number?.

McAfee said the open source environment, online collaboration sites and
blogs were ?largely to blame for the increased proliferation and complexity
of rootkit components?.

It added that malware authors found the Windows platform ?an attractive
target? because of its huge installed base and the technical challenges it
posed.

Rootkits are also becoming more far more sophisticated, the white paper
said. Stealth technologies have moved from Trojans to other forms of
malware and potentially unwanted programs (PUPs).

The complexity of rootkits had increasing by 400% between 2000 and 2005, but
then shot up by 900% over the past year. "

> XP SP2 was released. The number of extememe vulnerabilities discovered in
> Windows this past year is way fewer than say found in 2004. Many users are
> much more circumscript in their behaviour. And Linux still hasn't found
> the vendor support it needs for to "take the desktop" [and it probably
> never
> will]

Your wishful thinking. Linux certainly won't replace Windoze soon, but there
certainly is a growing user-base of new Linux users who have left Windoze
behind because they are sick and tired of the constant insecurities posed
by the toy operating system. Suse is now ready for the desktop without
question and has the support of a major player. IBM has invested $1 billion
into Linux. Believe it or not, Linux is no longer what it was just a few
years ago. Today it is an ALTERNATIVE to the Windoze desktop.

> so Microsoft - not having to look over its shoulder- has been
> taking its time with Vista.
>
> Vista will try - and will probably succeed - to rectify the security
> situation through an alert system [and without fanfare, running some of
> software e.g. Internet Explorer with only user privileges even if an
> Adminstrator is logged on]. Vista will probably substantially reduce the
> impact of malware much further than XP SP2.
>

Personally I have my doubts because with 50 million lines of source code,
the vaste majority coming from earlier versions of Windoze, it doesn't look
to be anything more than XP with new eye-candy. But, the proof of the
pudding will be in the eating. Let's revisit this particular discussion say
6 months after Vista is released and see how successful MickeyMouse will
be.

> So there you have it. No matter what Microsoft or Linus Torvalds does,
> someone is going to log on as "root", regardless, and run
> /bin/dancing_bunnies and there's nothing anyone can do about it.
>
Linux users tend to know better and some distros go out of their way to
discourage ordinary users from running as root. Eye-candy on its own does
not lead to more insecurity if the underlying operating system itself is
constructed to keep the operating system separate and apart from the user
space. The POSIX model does this. The Windoze model does not.

> But with firewalls and care and Vista, the rest of us have a better chance
> at mitgating the impact.
>
Your blind faith in Vista is a bit funny to contemplate, but expected from a
MickeyMouse shill I guess. As I said above, let's revisit this topic down
the road when Vista has had a chance to expose itself to the Net for a
while. :-)

>
> Grumpy wrote:
>>> Ground Cover
>>>
>>> "Windows" OS has world dominance in business and home
>>> computing not because it is superiour technically to other
>>> OS's such as Mac, UNIX, Linux, FreeBSD, etc..., for indeed
>>> it is inferior technically because it is a DOS based OS, even
>>> although DOS is a powerfu language, but Windows
>>> dominance is because MS and Bill Gates in particular were
>>> very cleaver from the beginning in getting the hardware
>>> companys on board from day one, and providing business
>>> with a support structure, that often lacks to this day in other
>>> OS's, business needs certainty in IT operations that is what
>>> MS offered, some might say but did not deliver all that well.
>>>
>>> Lets look at the Sony HomeBetaMAX (beta) and Victor
>>> Company of Japan (JVC) VHS format battle in the home
>>> video tape battle. The reasion why VHS won over BetaMAX
>>> (Beta) was simply that JVC signed up more hardware
>>> manufacturers than Sony did. The fact that VHS has a
>>> simpler tape transport control system, helped of course, but
>>> ultimately the share weight of hardware manufactures using
>>> the VHS format won the day. To this day we all know that
>>> BetaMAX (Beta) is technically superior especially when
>>> using flying head insert editing, etc. but VHS have over the
>>> years managed an increase in tape transport control and
>>> included acceptable insert editing.etc.
>>>
>>> OP was pointing out that many home PC are under "Alien"
>>> control and sending spam, etc to an unsuspecting world.
>>>
>>> This is a fact and most disturbing is that these innocent little
>>> home PC's may often be involved is very nasty operations
>>> without their owners knowledge.
>>>
>>> "online security" at present and into the forseeable future,
>>> there really is no such thing.
>>>
>>> "The price of freedom is eternal vigilance"
>>>
>>> Remember never trust a computer they have no morals.
>>>
>>> Watch out for the "Zombie" Computers they are everywhere.
>>>
>>>
>>>
>>> "Ground Cover" wrote:
>>>
>>>> Q. What wastes ones time and annoys for no good reason?
>>>> A. Linux guy who doesn't know where to post.
>>>>
>>>> Q. If Linux is "so great" why are you spending your time at
>>>> msnews.microsoft.com ??
>>>> A. Because Linux isn't all that great.
>>>>
>>>> Q. If Linux is so great why doesn't everyone adopt it?
>>>> A. Because linux isn't all that great.
>>>>
>>>> Q. Where shoud a Linux Advocate post advocacy?
>>>> A. A Linux Advocacy newsgroup.
>>>>
>>>> Now, quit trolling and go do something useful like helping someone
>>>> who depended on the Linux Apache combo and now who's websites are
>>>> hacked. Perhaps you might help them migrate to Windows Server 2003.

--
WGA is the best thing that has happened for Linux in a while.

The ULTIMATE Windoze Fanboy:

http://video.google.com/videoplay?docid=-2370205018226686613

Is this a modern day equivalent of a Nazi youth rally?:

http://www.ntk.net/media/developers.mpg

A 3D Linux Desktop (video) ...

http://www.youtube.com/watch?v=DUSn-jBA3CE

View Some Common Linux Desktops ...
http://shots.osdir.com/

Windows XP >> Where Can I Buy a Zombie PC? Leythos wrote:
> In article <EMail@HideDomain.com>, EMail@HideDomain.com says...
>> Ground Cover wrote:
>>> Troll.
>>
>> You realize that's an ad hominem, don't you?
>>
>> It's clear you have no argument, or you'd set it forth. Dismissing
>> him does not dismiss the argument he has made, no matter how much
>> you wish it so.
>>
>> Try again?
>
> Didn't you just troll the poster that you replied to?

No. I didn't. If it had been trolling, I don't expect I would've thanked
him for his post and the link, but instead would have used his reply to
me in some other way than he intended.

"Trolling" seems to have taken on a new meaning in the time I was MIA
from usenet. Now, much like spam, it seems to mean "anything someone
posts that someone else doesn't like." I've been posting for 17 years,
and these are definitely not the good old days.

I'm not constitutionally capable of writing anything I don't believe to
be the truth, so I make a lousy troll. What you're seeing
elsewhere--because I assume that's the basis for your question--is a
lifelong knack for playing the straight man, and--in that one collection
of threads in acv--an absolute outrage at ridiculous predictions about
my future behavior--none of which were accurate.

But if the above is your working definition, then I guess I was
trolling. And because I post a lot of things that some people don't
like, I guess I'll have to resign myself to the accusation. I just think
it's demeaning to all the real trolls, many of whom I admire greatly for
their excellence at the craft.

rl
--
Rhonda Lea Kirk

If you ever need some proof that time can heal your wounds,
just step inside my heart and walk around these rooms;
where the shadows used to be.... Mary Chapin Carpenter

Windows XP >> Where Can I Buy a Zombie PC? In article <EMail@HideDomain.com>, EMail@HideDomain.com says...
> Leythos wrote:
> > In article <EMail@HideDomain.com>, EMail@HideDomain.com says...
> >> Ground Cover wrote:
> >>> Troll.
> >>
> >> You realize that's an ad hominem, don't you?
> >>
> >> It's clear you have no argument, or you'd set it forth. Dismissing
> >> him does not dismiss the argument he has made, no matter how much
> >> you wish it so.
> >>
> >> Try again?
> >
> > Didn't you just troll the poster that you replied to?
>
> No. I didn't. If it had been trolling, I don't expect I would've thanked
> him for his post and the link, but instead would have used his reply to
> me in some other way than he intended.
>
> "Trolling" seems to have taken on a new meaning in the time I was MIA
> from usenet. Now, much like spam, it seems to mean "anything someone
> posts that someone else doesn't like." I've been posting for 17 years,
> and these are definitely not the good old days.
>
> I'm not constitutionally capable of writing anything I don't believe to
> be the truth, so I make a lousy troll. What you're seeing
> elsewhere--because I assume that's the basis for your question--is a
> lifelong knack for playing the straight man, and--in that one collection
> of threads in acv--an absolute outrage at ridiculous predictions about
> my future behavior--none of which were accurate.
>
> But if the above is your working definition, then I guess I was
> trolling. And because I post a lot of things that some people don't
> like, I guess I'll have to resign myself to the accusation. I just think
> it's demeaning to all the real trolls, many of whom I admire greatly for
> their excellence at the craft.

There was no accusation, only a question to see what you thought. Had I
wanted to "accuse" you of being a troll I would have done so directly.

Having been on Usenet since 84, I've seen the changes too, and the
addition of file attachments was the biggest BAD thing that's happened
to Usenet, along with HTML enabled Usenet clients :)

--

EMail@HideDomain.com
remove 999 in order to email me

Windows XP >> Where Can I Buy a Zombie PC? Leythos wrote:
> In article <EMail@HideDomain.com>, EMail@HideDomain.com says...
>> Leythos wrote:
>>> In article <EMail@HideDomain.com>, EMail@HideDomain.com
>>> says...
>>>> Ground Cover wrote:
>>>>> Troll.
>>>>
>>>> You realize that's an ad hominem, don't you?
>>>>
>>>> It's clear you have no argument, or you'd set it forth. Dismissing
>>>> him does not dismiss the argument he has made, no matter how much
>>>> you wish it so.
>>>>
>>>> Try again?
>>>
>>> Didn't you just troll the poster that you replied to?
>>
>> No. I didn't. If it had been trolling, I don't expect I would've
>> thanked him for his post and the link, but instead would have used
>> his reply to me in some other way than he intended.
>>
>> "Trolling" seems to have taken on a new meaning in the time I was MIA
>> from usenet. Now, much like spam, it seems to mean "anything someone
>> posts that someone else doesn't like." I've been posting for 17
>> years, and these are definitely not the good old days.
>>
>> I'm not constitutionally capable of writing anything I don't believe
>> to be the truth, so I make a lousy troll. What you're seeing
>> elsewhere--because I assume that's the basis for your question--is a
>> lifelong knack for playing the straight man, and--in that one
>> collection of threads in acv--an absolute outrage at ridiculous
>> predictions about my future behavior--none of which were accurate.
>>
>> But if the above is your working definition, then I guess I was
>> trolling. And because I post a lot of things that some people don't
>> like, I guess I'll have to resign myself to the accusation. I just
>> think it's demeaning to all the real trolls, many of whom I admire
>> greatly for their excellence at the craft.
>
> There was no accusation, only a question to see what you thought. Had
> I wanted to "accuse" you of being a troll I would have done so
> directly.
>
> Having been on Usenet since 84, I've seen the changes too, and the
> addition of file attachments was the biggest BAD thing that's happened
> to Usenet, along with HTML enabled Usenet clients :)

<troll> Well, we know where to squarely lay the blame for that, now
don't we?

<laughing> Sorry. Couldn't resist.

--
Rhonda Lea Kirk

If you ever need some proof that time can heal your wounds,
just step inside my heart and walk around these rooms;
where the shadows used to be.... Mary Chapin Carpenter

Windows XP >> Where Can I Buy a Zombie PC? On Thursday 13 July 2006 08:18 pm, Ground Cover had this to say in
microsoft.public.windowsxp.general:

> Inline:
>
> NoStop wrote:
>>> On Thursday 13 July 2006 08:41 am, Ground Cover had this to say in
>>> microsoft.public.windowsxp.general:
>>>
>>>> To a great extent that is true.
>>>>
>>>> You also forgot a few points.
>>>>
>>> <snipping a long "history" of computers by Gound Cover>
>>>>
>>>> To be honest, I only ever caught one malware -as far as I know
>>>
>>> hahaha ... "as far as you know" ... that's a good one.
>
>
> It's true. For all I know, all you know, every system beyond the most
> simple in your place and mine is "rooted".
>
Oh puhleeze ... I use chkrootkit ( http://www.chkrootkit.org/ ). What do you
use to check your Windoze boxes for rootkits?

>
>>>> - and that
>>>> was when I ignored a call to install a certain patch for if I were
>>>> running Windows 2000 with IIS installed. But, otherwise I had
>>>> already done some reading etc. and was not one likely to fall for
>>>> the "screensaver" in the email. And since I had been involved with
>>>> JavaScript, I had decided early on to turn it off [a bit ironic - I
>>>> knew how to code it, so I browse default with it off].
>>>>
>>>> Many of Microsoft's problems, security-wise, is its users.
>>>
>>> Typical MickeyMouse shill - BLAME THE USER (victim).
>
> Well, to a great extent the user has to share the blame. Maybe not the
> user specifically, in some aspect. I jsut cleaned up a computer for a
> customer. She had be completely trojaned / compromised / and spywared. She
> was also running Windows XP Pro 2002 (RTM) without a single patch ever
> applied.
>
>
> Microsoft made the patches available - but they were not applied. You
> canbring a horse to water, but you can't .....
>
MickeyMouse has been notorious for taking its sweet time in making patches
available. In fact, the longest time from discovery to patch of any major
software producer other than Sun. On top of that, some of its security
patches have caused MAJOR problems for many computers that updated, making
users leery about jumping in to pick up a patch until they've gotten
feedback from other users. MickeyMouse's use of a critical update to plant
WGA on users systems adds to the concern.

>
>>>> They want
>>>> JavaScript ON. They want Java ON .. always.
>>>
>>> Can you imagine today's web without javascript?
>>>
>>>> They want ActiveX ON.
>>>
>>> This is a MickeyMouse "innovation" and shouldn't be allowed on the
>>> Web.
>
>
> JavaScript was developed by Brendan Eich while he was a Netscape:
> http://en.wikipedia.org/wiki/Brendan_Eich
>
I was talking about ActiveX as being a MickeyMouse "innovation". Can you
follow a thread?

>
>>>> Vulnerabilites get identified and patched, but the user .. the user
>>>> wants to see the dancing bunnies - at all costs - and there's not
>>>> much can be done.
>>>
>>> These same users will undoubtedly be flocking to Vista as it will
>>> offer dancing bunnies and not much else.
>>>
>>>> A PC owner has the right to run as root.
>>>
>>> The Windoze XP installation routine does this by default. Why did
>>> MickeyMouse do this? Probably doesn't make that much difference as
>>> Windoze isn't a true multiuser operating system to start with.
>
>
> This is why I included the history. There's a historical reason for this.
> Microsoft started out supplying the OS for the little PC. The PC XT wasn't
> considered a "mainframe"; it most usually did only word processing.
> Microsoft did a reasonably good job with DOS - WP worked just fine on the
> thing.
>
>
>>>> The install routine can
>>>> make "users" but at some point the software company has to "hand
>>>> over the keys" so to speak. Yet there's no requirement that the PC
>>>> owner have ever read even a
>>>> magazine article on how to run the thing ..
>>>>
>>>> .. Anway, the storm has abated somewhat.
>>>>
>>> Abated?
>>>
>>> http://www.thehostingnews.com/article2057.html
>>>
>>> "Malware, Worms and Viruses, Increase 240% in 2005
>>> News
>
>
> The malware authors are having to work more furiously for less. In fact,
> the actual number of discovered vulnerabilities has gone way done. PC Mag
> has report that more serious vulnerabilities have been discovered for
> Linux this past year than for Windows.
>
>
>>> Glendale, California - (The Hosting News) - February 22, 2006 -
>>> Internet security and virus alert company, PandaLabs, is reporting a
>>> 240% increase in the number of new malware specimens detected in
>>> 2005. In all, over 46,000 new threats, including viruses, worms,
>>> Trojans, bots and other types of malware, were detected in 2005,
>>> compared to 13,000 threats detected in 2004. "
>
>
> But is the actual impact going up .. or down. I suspect it is going down.

Well you suspect wrong.

"Stats from at least three different security vendors make clear the trend,
perhaps even bode well for their businesses: Malware is growing.

Although virus rates themselves may be falling, Trojans are picking up the
slack at an alarming rate, the vendors said.

Another common trend: The growth of malware is almost exclusively targeted
at Windows operating system-based PC's, prompting one security vendor to
advise users to switch to Apple Macs.

They all found similar staggering stats on the amount of malware out there."

http://www.internetnews.com/xSP/article.php/3618381

> And once Vista starts weighs in ..
>
From same article:

"The introduction of new security measures, including some planned for
Vista, may slow down the rate at which machines are impacted by malware,
O'Brien said. But its unlikely the trend will go away. "Vista will be a
hurdle but not an obstacle."

And the trend as pointed out is GROWING not declining.

>
>>> "Therefore, by the end of this year, the number of new variants
>>> detected could exceed 100,000, which is more than the computer
>>> threats detected in the previous 20 years."
>>>
>>> ALL directed at Windoze boxes, btw. Because they're so easy to
>>> target!
>>>
>>> Rootkits are the up and coming means of attack. Here's a rather
>>> interesting article:
>>>
>>>
http://www.computerweekly.com/Articles/Article.aspx?liArticleID=215403&liFlavourID=1
>>>
>>> "Huge increase in Windows-targeted stealth malware
>>> by Tash Shifrin
>>> Tuesday 18 April 2006
>>>
>>> Security experts have warned of a 700% rise in reports of rootkits ?
>>> malware that actively conceals its existence using stealth
>>> technology ? over the past year.
>
>
> Probably all variations on a theme.
>
So you know or are you once again surmising? You seem to do alot of that.

>
>>> The most dramatic rise has been in rootkits targeted at Windows
>>> systems, security firm McAfee said in a white paper, with the number
>>> of Windows-based malware stealth components shooting up by 2,300%
>>> between 2001 and 2005.
>>>
>>> Over the same period, the number of Linux-based rootkits has fallen
>>> to a ?negligible number?.
>>>
>>> McAfee said the open source environment, online collaboration sites
>>> and blogs were ?largely to blame for the increased proliferation and
>>> complexity of rootkit components?.
>>>
>>> It added that malware authors found the Windows platform ?an
>>> attractive target? because of its huge installed base and the
>>> technical challenges it posed.
>>>
>>> Rootkits are also becoming more far more sophisticated, the white
>>> paper said. Stealth technologies have moved from Trojans to other
>>> forms of malware and potentially unwanted programs (PUPs).
>>>
>>> The complexity of rootkits had increasing by 400% between 2000 and
>>> 2005, but then shot up by 900% over the past year. "
>>>
>>>
>>>
>>>> XP SP2 was released. The number of extememe vulnerabilities
>>>> discovered in Windows this past year is way fewer than say found in
>>>> 2004. Many users are much more circumscript in their behaviour. And
>>>> Linux still hasn't found the vendor support it needs for to "take
>>>> the desktop" [and it probably never
>>>> will]
>>>
>>> Your wishful thinking. Linux certainly won't replace Windoze soon,
>>> but there certainly is a growing user-base of new Linux users who
>>> have left Windoze behind because they are sick and tired of the
>>> constant insecurities posed by the toy operating system.
>
>
> Not really, not anymore. Windows Server 2003 is handling some pretty huge
> computer operations.
>
I don't know how you judge "huge". What I'd call "huge" would be something
like Google. Now that's huge!!! Funny, but it runs on Linux.

So looking at "huge computer operations" take a look at the following:

*** "GNU/Linux dominates in supercomputing: it is used in 78% of the world?s
500 fastest supercomputers use GNU/Linux, most of the world?s ten fastest
supercomputers... including the world?s most powerful supercomputer (as of
March and November 2005). By March 2005 Forbes noted that 60% of the
world?s fastest supercomputers use GNU/Linux, using data from Top500 to
determine which computers are the world?s fastest. Of those top 500, the
best available information shows that 301 run GNU/Linux, 189 on Unix, 2 on
FreeBSD (another OSS/FS Unix variant), and one on Microsoft?s Windows. A
few machines? operating systems are unknown, but even so, Forbes says
?Linux clearly is by far the top choice for high-performance computing.?"

*** "Joe Greenseid reported on LWN that this dominance is even more obvious
is the top ten supercomputers as of March 2005; GNU/Linux systems account
for 8 out of the top 10. Six of these ten were made by IBM, including five
Blue Gene systems and one PPC Cluster. Third place is held by an SGI Altix
running GNU/Linux. Thunder, an Intel Itanium2 Tiger4 ?white box? system,
holds seventh place and runs GNU/Linux."

*** "More recent data from November 2005 shows this as an increasing trend.
Jay Lyman?s November 15, 2005 article Linux continues supercomputer
domination notes that on the November 2005 Top500 list, 78% of the world?s
fastest machines (391/500) rely on Linux, far more than anything else.
Seven of the top 10 systems are running GNU/Linux (the other three run AIX,
UNICOS, and Super-UX), and as with the March 2005 survey, the fastest
supercomputer in the world runs on GNU/Linux. In contrast, ?Microsoft
Windows didn?t even turn up on the list.? Erich Strohmaier, co-founder and
editor of the Top500 list, said that the OSS/FS ?Linux is the dominating OS
in the supercomputing community and will keep this role... If anything, it
will only enlarge its prevalence.? In fact, he believes that ?no other
operating system is likely to be used as much as [GNU/]Linux in the
foreseeable Top500 future.? "

http://www.dwheeler.com/oss_fs_why.html

>
>>>Suse is now
>>> ready for the desktop without question and has the support of a
>>> major player. IBM has invested $1 billion into Linux. Believe it or
>>> not, Linux is no longer what it was just a few years ago. Today it
>>> is an ALTERNATIVE to the Windoze desktop.
>
>
> But not a viable one. As per already premised in this sub-thread, Linux
> just doesn't have the vendor support.
>
>
>>>> so Microsoft - not having to look over its shoulder- has been
>>>> taking its time with Vista.
>>>>
>>>> Vista will try - and will probably succeed - to rectify the
>>>> security situation through an alert system [and without fanfare,
>>>> running some of software e.g. Internet Explorer with only user
>>>> privileges even if an Adminstrator is logged on]. Vista will
>>>> probably substantially reduce the impact of malware much further
>>>> than XP SP2.
>>>>
>>>
>>> Personally I have my doubts because with 50 million lines of source
>>> code, the vaste majority coming from earlier versions of Windoze, it
>>> doesn't look to be anything more than XP with new eye-candy. But,
>>> the proof of the pudding will be in the eating. Let's revisit this
>>> particular discussion say 6 months after Vista is released and see
>>> how successful MickeyMouse will be.
>
>
> Well, Internet Explorer 7+ is already showing greater resistance and it's
> still in beta.
>
Greater resistance than what? If you're comparing it to IE 6 then you
certainly aren't setting the bar very high, are you?

>
>>>> So there you have it. No matter what Microsoft or Linus Torvalds
>>>> does, someone is going to log on as "root", regardless, and run
>>>> /bin/dancing_bunnies and there's nothing anyone can do about it.
>>>>
>>> Linux users tend to know better and some distros go out of their way
>>> to discourage ordinary users from running as root. Eye-candy on its
>
>
> But if Linux were more popular this would not be the case. Linux as a home
> /
> small business / gamer platform, isn't having to deal as much with the
> user who wants to see the dancing bunnies .. simply because it is not
> popular. If it were, it would. Then what? The dancing bunnies would be
> dancing. Social engineering emails would instruct hapless victims in how
> to log in as root and run /bin/dancing_bunnies and so on. And they would.
> Why? They want to see the dancing bunnies.
>
How silly. Do you have any idea how open source software is developed and
distributed? Do you think Linux users just come across a piece of software
somewhere and get convinced to install it, like Windoze users always do?
Linux distros have packaging systems and the packages are SIGNED. Sure a
Linux user can go to a place like sourceforge and pickup the source code
and compile an application himself and run it. But code sitting in a
repository like sourceforge is totally vetted.

It's becoming more and more obviously that you really don't understand open
source at all. You're coming at it with a preconceived Windoze-mindset.
Things in the open source world are not like what you're obviously familiar
with and used to, or else you wouldn't be making such silly statements. Go
out grasshopper and learn, then we can carry on an intelligent discussion.

>
>>> own does not lead to more insecurity if the underlying operating
>>> system itself is constructed to keep the operating system separate
>>> and apart from the user space. The POSIX model does this. The
>>> Windoze model does not.
>>>
>>>> But with firewalls and care and Vista, the rest of us have a better
>>>> chance at mitgating the impact.
>>>>
>>> Your blind faith in Vista is a bit funny to contemplate, but
>>> expected from a MickeyMouse shill I guess. As I said above, let's
>>> revisit this topic down the road when Vista has had a chance to
>>> expose itself to the Net for a while. :-)
>
>
> You will be disappointed. Why? Windows Vista will be harder to compromise.

I said we'll see. I said I have my doubts. You are so certain. I'm not,
because I've seen the history of stuff from MickeyMouse.

> IE7+ runs with user not admin privileges etc. etc, and so on

But can the malware picked up by IE7 be prevented from writing bits to the
Windoze registry? Have they plugged the ability of any software program run
on Windoze to write what it wants to wherever it wants within the registry?
Will Vista do this? Will all software have to be rewritten to run on Vista
now that it is unable to write to the registry whenever it wants to?

> .. My guess
> is that overall, fewer people will be less affected less often and the
> impact of malware will be reduced.

Your "guess". Just what do you base this on? Because MickeyMouse says its
so? Didn't they say XP was the most secure o/s they ever produced and it
proved to be just the opposite?

> Never-the-less, if a user insists on
> seeing the dancing bunnies there will be some systems compromised
> regardless - but this would happen with any popular OS.
>
Not so. See above.

> <chop>

--
WGA is the best thing that has happened for Linux in a while.

The ULTIMATE Windoze Fanboy:

http://video.google.com/videoplay?docid=-2370205018226686613

Is this a modern day equivalent of a Nazi youth rally?:

http://www.ntk.net/media/developers.mpg

A 3D Linux Desktop (video) ...

http://www.youtube.com/watch?v=DUSn-jBA3CE

View Some Common Linux Desktops ...
http://shots.osdir.com/

Windows XP >> Where Can I Buy a Zombie PC? NoStop take a look at some real specs.
http://www.tpc.org/tpcc/results/tpcc_perf_results.asp

Oh maybe you need that RED pill first.

>> Not really, not anymore. Windows Server 2003 is handling some pretty huge
>> computer operations.
>>
> I don't know how you judge "huge". What I'd call "huge" would be something
> like Google. Now that's huge!!! Funny, but it runs on Linux.
>
> So looking at "huge computer operations" take a look at the following:
>
> *** "GNU/Linux dominates in supercomputing: it is used in 78% of the
> world?s
> 500 fastest supercomputers use GNU/Linux, most of the world?s ten fastest
> supercomputers... including the world?s most powerful supercomputer (as of
> March and November 2005). By March 2005 Forbes noted that 60% of the
> world?s fastest supercomputers use GNU/Linux, using data from Top500 to
> determine which computers are the world?s fastest. Of those top 500, the
> best available information shows that 301 run GNU/Linux, 189 on Unix, 2 on
> FreeBSD (another OSS/FS Unix variant), and one on Microsoft?s Windows. A
> few machines? operating systems are unknown, but even so, Forbes says
> ?Linux clearly is by far the top choice for high-performance computing.?"
>
> *** "Joe Greenseid reported on LWN that this dominance is even more
> obvious
> is the top ten supercomputers as of March 2005; GNU/Linux systems account
> for 8 out of the top 10. Six of these ten were made by IBM, including five
> Blue Gene systems and one PPC Cluster. Third place is held by an SGI Altix
> running GNU/Linux. Thunder, an Intel Itanium2 Tiger4 ?white box? system,
> holds seventh place and runs GNU/Linux."
>
>
> *** "More recent data from November 2005 shows this as an increasing
> trend.
> Jay Lyman?s November 15, 2005 article Linux continues supercomputer
> domination notes that on the November 2005 Top500 list, 78% of the world?s
> fastest machines (391/500) rely on Linux, far more than anything else.
> Seven of the top 10 systems are running GNU/Linux (the other three run
> AIX,
> UNICOS, and Super-UX), and as with the March 2005 survey, the fastest
> supercomputer in the world runs on GNU/Linux. In contrast, ?Microsoft
> Windows didn?t even turn up on the list.? Erich Strohmaier, co-founder and
> editor of the Top500 list, said that the OSS/FS ?Linux is the dominating
> OS
> in the supercomputing community and will keep this role... If anything, it
> will only enlarge its prevalence.? In fact, he believes that ?no other
> operating system is likely to be used as much as [GNU/]Linux in the
> foreseeable Top500 future.? "
>
> http://www.dwheeler.com/oss_fs_why.html
>
>
>
>>
>>>>Suse is now
>>>> ready for the desktop without question and has the support of a
>>>> major player. IBM has invested $1 billion into Linux. Believe it or
>>>> not, Linux is no longer what it was just a few years ago. Today it
>>>> is an ALTERNATIVE to the Windoze desktop.
>>
>>
>> But not a viable one. As per already premised in this sub-thread, Linux
>> just doesn't have the vendor support.
>>
>>
>>>>> so Microsoft - not having to look over its shoulder- has been
>>>>> taking its time with Vista.
>>>>>
>>>>> Vista will try - and will probably succeed - to rectify the
>>>>> security situation through an alert system [and without fanfare,
>>>>> running some of software e.g. Internet Explorer with only user
>>>>> privileges even if an Adminstrator is logged on]. Vista will
>>>>> probably substantially reduce the impact of malware much further
>>>>> than XP SP2.
>>>>>
>>>>
>>>> Personally I have my doubts because with 50 million lines of source
>>>> code, the vaste majority coming from earlier versions of Windoze, it
>>>> doesn't look to be anything more than XP with new eye-candy. But,
>>>> the proof of the pudding will be in the eating. Let's revisit this
>>>> particular discussion say 6 months after Vista is released and see
>>>> how successful MickeyMouse will be.
>>
>>
>> Well, Internet Explorer 7+ is already showing greater resistance and it's
>> still in beta.
>>
> Greater resistance than what? If you're comparing it to IE 6 then you
> certainly aren't setting the bar very high, are you?
>
>>
>>>>> So there you have it. No matter what Microsoft or Linus Torvalds
>>>>> does, someone is going to log on as "root", regardless, and run
>>>>> /bin/dancing_bunnies and there's nothing anyone can do about it.
>>>>>
>>>> Linux users tend to know better and some distros go out of their way
>>>> to discourage ordinary users from running as root. Eye-candy on its
>>
>>
>> But if Linux were more popular this would not be the case. Linux as a
>> home
>> /
>> small business / gamer platform, isn't having to deal as much with the
>> user who wants to see the dancing bunnies .. simply because it is not
>> popular. If it were, it would. Then what? The dancing bunnies would be
>> dancing. Social engineering emails would instruct hapless victims in how
>> to log in as root and run /bin/dancing_bunnies and so on. And they would.
>> Why? They want to see the dancing bunnies.
>>
> How silly. Do you have any idea how open source software is developed and
> distributed? Do you think Linux users just come across a piece of software
> somewhere and get convinced to install it, like Windoze users always do?
> Linux distros have packaging systems and the packages are SIGNED. Sure a
> Linux user can go to a place like sourceforge and pickup the source code
> and compile an application himself and run it. But code sitting in a
> repository like sourceforge is totally vetted.
>
> It's becoming more and more obviously that you really don't understand
> open
> source at all. You're coming at it with a preconceived Windoze-mindset.
> Things in the open source world are not like what you're obviously
> familiar
> with and used to, or else you wouldn't be making such silly statements. Go
> out grasshopper and learn, then we can carry on an intelligent discussion.
>
>
>
>>
>>>> own does not lead to more insecurity if the underlying operating
>>>> system itself is constructed to keep the operating system separate
>>>> and apart from the user space. The POSIX model does this. The
>>>> Windoze model does not.
>>>>
>>>>> But with firewalls and care and Vista, the rest of us have a better
>>>>> chance at mitgating the impact.
>>>>>
>>>> Your blind faith in Vista is a bit funny to contemplate, but
>>>> expected from a MickeyMouse shill I guess. As I said above, let's
>>>> revisit this topic down the road when Vista has had a chance to
>>>> expose itself to the Net for a while. :-)
>>
>>
>> You will be disappointed. Why? Windows Vista will be harder to
>> compromise.
>
> I said we'll see. I said I have my doubts. You are so certain. I'm not,
> because I've seen the history of stuff from MickeyMouse.
>
>> IE7+ runs with user not admin privileges etc. etc, and so on
>
> But can the malware picked up by IE7 be prevented from writing bits to the
> Windoze registry? Have they plugged the ability of any software program
> run
> on Windoze to write what it wants to wherever it wants within the
> registry?
> Will Vista do this? Will all software have to be rewritten to run on Vista
> now that it is unable to write to the registry whenever it wants to?
>
>> .. My guess
>> is that overall, fewer people will be less affected less often and the
>> impact of malware will be reduced.
>
> Your "guess". Just what do you base this on? Because MickeyMouse says its
> so? Didn't they say XP was the most secure o/s they ever produced and it
> proved to be just the opposite?
>
>> Never-the-less, if a user insists on
>> seeing the dancing bunnies there will be some systems compromised
>> regardless - but this would happen with any popular OS.
>>
> Not so. See above.
>
>> <chop>
>
> --
> WGA is the best thing that has happened for Linux in a while.
>
> The ULTIMATE Windoze Fanboy:
>
> http://video.google.com/videoplay?docid=-2370205018226686613
>
> Is this a modern day equivalent of a Nazi youth rally?:
>
> http://www.ntk.net/media/developers.mpg
>
> A 3D Linux Desktop (video) ...
>
> http://www.youtube.com/watch?v=DUSn-jBA3CE
>
> View Some Common Linux Desktops ...
> http://shots.osdir.com/
>

Windows XP >> Where Can I Buy a Zombie PC? On Thu, 13 Jul 2006 11:41:13 -0400, "Ground Cover"

>The little PC running MS-DOS, security wasn't a concern. The idea was to
>have a "little" computer that could be used to type up stuff, do a bit of
>"Basic" or even run a spreadsheet [e.g. Lotus 1 2 3].

There's security, and that is based on safety. Security goes about
not letting Fred do what only Pete is supposed to do, and that was
indeed not a concern with stand-alone Personal Computer.

>The Internet came along and one could also hook up the PC XT
>so that it could send and receive email etc.

Not really, no - unless you're referring to a handful of insiders,
perhaps - and I suspect, not even that. After the XT came the 286,
and only with the 386 that followed that, did Windows start to gain
momentum. It was around this time that Internet started to catch on,
as opposed to BBSs that pervaded earlier.

>There were hardly any viruses at first ..

Wrong. The av industry started and flourished in the days of DOS,
when viruses spread via infected disks and executable programs.

>and these usually had to be physcially introduced by, say, 5 1/4 infloppy
>disk.

Folks used diskettes all the time, in those days; it was how files,
software etc. were distributed. If you wanted a shareware program,
you'd take a diskette to someone with a modem who would look for it on
various BBSs, download it, and copy it onto your diskette. If you
liked it, you might upload it to other BBSs.

That's where the innocence was; in accepting host-to-user-to-host as a
safe way to distribute shareware and free software. Often the code
files on a BBS would be infected, and would infect whoever downloaded
and used them. Everyone was aware of this; most BBSs would warn you
of the risk, disclaim responsability, and advise you to scan downloads
with an antivirus utility before use.

There was a solid concern for safety - users knew about viruses and
av, they knew that .exe, .com and .bat files were potentially
dangerous, and the OS wasn't dumb enough to run any other files as
code. IOW, the safety was from a clear data vs. code distinction.

>And Microsoft eventullay got around to putting a windowing system on these
>early machines. But the Windows ran on DOS.

>There was a decided naivete to the whole thing. Like Pearl Habour on
>December 5th or New York on September 10.

I disagree. Folks weren't so stupid as to automatically run macros in
"documents", let BBSs automatically drop and run code on visitors' PCs
the way web sites today, or auto-run scripts in email "message text".

That stupidity came later, and we are still paying for it.

>Microsoft and many many others were having a great time too - like a
>prosperous and growing town everyone could take a shot and see if they could
>make it big - and then came two things: the World Wide Web followed shortly
>after by "Chicago" - Windows 95.

>Windows 95 was the most successful and wonderful mistake ever envisioned by
>humankind. ....... it ran on DOS ., [hense the mistake].

Total bollocks. Firstly, it was launched from DOS but did not "run on
DOS" unless you chose to start up in Safe Mode. Secondly, there was
more stability and design impact from the need to run programs written
for Win3.yuk than DOS; whereas DOS sessions were pre-emptively
multitasked like Win32 apps, Win16 apps competitively (sorry,
"co-operatively") multitasked just as they did in the Mac.

The 64k heap issue also arose from Win3.yuk compatibility needs,
rather than anything to do with DOS.

DOS wasn't the enemy...

>Microsoft ... should have waited until they had a Windows 2000 like
>system ready and had spent some time in considerable consideration
>of security and privacy.

Win2000 is NT 5.0, and NT predated Win95. NT was originally supposed
to be the new 32-bit Windows for everybody, but it became clear that
it was not going to run faster, and would need far more RAM just to be
able to run at the same speed.

So it was repositioned as a hi-end stability wonder, for big expensive
servers and workstations.

Win95 followed this debacle, while NT continued as a niche product,
through 3.1 to 3.5 to 4.0 and Service Packs. As a niche business
product, it soon became network-centric and orientated towards
professional network administration.

This is where your "security" (as opposed to "safety") came from - the
need to administer different users with different levels of trust and
expertise. But there was a downside to that, too.

>But what's done was done. And it really was no one's fault. Most all of us
>made the demands. We wanted computers and the Internet "now". We accepted,
>no, almost begged, scratched and pleaded for Microsoft Windows and Microsoft
>Office and other Microsoft products - we all dumped Netscape Navigator like
>some filthy rag - we wanted the flush buttons and smooth scrolling - and the
>flash for the websites. We were having a whale of a time.

Actually, the early web wasn't such a dangerous place - and not only
because ppl weren't nasty (viruses were already common, and generally
far more destructive than today) but because plain HTML behaved like a
true data type, i.e. it was safe to "view" without "running code".

The industry started to push scripting and cookies into HTML so that
web sites could better exploit their visitors - use the visitor's
storage as an ash tray (cookies) and push the processing load (and
with it, risk of program errors) as well (scripts, Java).

Netscape and IE were competing, and trying to attract web developers
with power that was unique to their particular browser. With
Netscape, it was "buy the server software that is most likely to match
the de facto browser standard that we give away free". With MS, it
was "we'll give you even more ways to program users' PCs, and we will
gain market share by giving our browser away free with Windows".

>Then the storms of viruses, excessive pronography, scams and malware which
>hit some poeple like hurrican Katrina.

You can track the "virus storms" to design safety failures...
- macro viruses to MS Office auto-running scripts
- script malware to unfamiliar and hidden file name extensions
- Melissa etc. to Outlook's scriptability from Word, etc.
- Kak and similar to auto-running scripts in email "message text"
- Lovesan and Sasser etc. to NT's focus as "network client"

Win9x was designed as a stand-alone OS, whereas NT became a "network
client". Until this "network client" was widely deployed through
stand-alone consumerland via XP, we didn't see pure network worms that
spread globally within minutes via clickless attack.

>Many of Microsoft's problems, security-wise, is its users. They want
>JavaScript ON. They want Java ON .. always. They want ActiveX ON.
>Vulnerabilites get identified and patched, but the user .. the user wants to
>see the dancing bunnies - at all costs - and there's not much can be done.

The user needs to regain the knowledge that was common in the DOS
days; that data files can be safely viewed, and that other files are
code and thus dangerous to run.

They lack this ability because Microsoft hides that information (file
name extensions off by default, now multiple code extensions to worry
about, and the dumb-ass "open" concept).

Not only that, but contexts that should be as safe as "viewing data"
are no longer safe, because by design, MS breaks the code/data barrier
(autorunning macros and scripts, CDs autorun when inserted, etc.).

It gets worse; even when MS does show you what a file is supposed to
be, it will let the file lie successfully. The most dangerous files
types (.exe) are free to set whatever icon they like, and thus (as
file name extensions are hidden by default) they can pretend to be
data files and appear to be low risk. In many contexts, if a hi-risk
file type is named as if it is a lo-risk type, Windows considers this
to be an "honest mistake" and runs it in the hi-risk way.

So, is this the "security" you were referring to? Or is this the
point at which we became stupidly trusting and insecure?

>A PC owner has the right to run as root.

PC = Personal Computer. If you own your own computer and are not
beholden to any boss or network admin, then YES, you have the right to
run as root - in fact, you are the only one to have that right.

What modern PCs do, is leave the system so wide open that anything can
walk right in and act with the same rights as the user - that is why
today's users have to cower in the "lowered rights" basement, while
all sorts of user-hostile code stomps around as "system" (think DRM).

>but at some point the software company has to "hand over the keys" so to
>speak. Yet there's no requirement that the PC owner have ever read even a
>magazine article on how to run the thing ..

Why should consumers have to pretend to be certified sysadmins
managing multiple office workers, just because that was how NT was
designed before being dropped on consumers as-is?

>XP SP2 was released. The number of extememe vulnerabilities discovered in
>Windows this past year is way fewer than say found in 2004. Many users are
>much more circumscript in their behaviour. And Linux still hasn't found the
>vendor support it needs for to "take the desktop" [and it probably never
>will] so Microsoft - not having to look over its shoulder- has been taking
>its time with Vista.

Ah, Vista's another story...

>Vista will try - and will probably succeed - to rectify the security
>situation through an alert system [and without fanfare, running some of
>software e.g. Internet Explorer with only user privileges even if an
>Adminstrator is logged on]. Vista will probably substantially reduce the
>impact of malware much further than XP SP2.

Vista may fix old mistakes but make new ones. There's still the
stupid "I'll do it for you!" and "you don't have to know anything!"
nonsense that got us into trouble in the first place - underfootware
services that grope files you had no intention to run, expanded
directory metadata that gets complex enough to exploit, and a shell
that encourages users to be clueless about where files are.

>So there you have it. No matter what Microsoft or Linus Torvalds does,
>someone is going to log on as "root", regardless, and run
>/bin/dancing_bunnies and there's nothing anyone can do about it.

By definition, every user has the right to modify thier data. So as
long as the design is stupid enough to allow all software to run with
the user's rights, any software can destroy the user's data.

That is why I consider lowered user rights as being near useless when
it comes to protecting the user's interests. They may be helpful in
reducing vendor support costs, but that's another set of needs.

>Grumpy wrote:
>>> Ground Cover

>>> "Windows" OS has world dominance in business and home
>>> computing not because it is superiour technically to other
>>> OS's such as Mac, UNIX, Linux, FreeBSD, etc..., for indeed
>>> it is inferior technically because it is a DOS based OS, even
>>> although DOS is a powerfu language

Oh boy - the error count is offscale here. For starters, DOS isn't a
"language" (nor is it particularly powerful), and Windows hasn't been
DOS-based since the original Win95.

In fact, DOS itself started out as a CPM workalike, before it switched
to copy UNIX functionality instead. That's why we have UNIX-like
directories and redirection, yet CPM-like drive letter and path vs.
parameter delimiter syntax.

However, DOS wasn't multitasking, multi-user, or as connectivity-savvy
as UNIX. That would only be attempted once Intel came up with a
protected mode that worked properly, after the 286 fiasco.

>>> but Windows dominance is because ...

...DOS was already dominant, because the PC was already dominant.

The PC was dominant because it was open hardware (IBM tried to take
the ball back with PS/2, and got kicked out of the game instead).

DOS was dominant because IBM adopted it, and Bill G et al were
successful because IBM didn't lock DOS to the PC, so that Microsoft
could sell it for any IBM-compatible PC.

Now let's look at the decisions your superior platforms were making at
this time, and subsequently. Apple kept their sphincter screwed
tight, just like an '80s "home computer" dinosaur company, so that you
had to buy Apple's computers to run Apple's OS. UNIX was split over
numerous incompatible platforms, so that binary-level run-anywhere was
but a dream, and hardware was costly and skills requirements high.

So yes, at both hardware and OS levels, Apple and UNIX (and Sun etc.)
offered superior solutions at the outset, but were too piggy to get
the big picture. With smaller market share, the platforms were slower
to grow and improve, so that the PC overcame the handicap and won.

>------------ ----- --- -- - - - -
Drugs are usually safe. Inject? (Y/n)
>------------ ----- --- -- - - - -