Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Dutch DigiNotar Servers Were Fully Hacked

Soulskill posted about 2 years ago | from the they-don't-fool-around dept.

Networking 83

ChristW writes "The final report that was handed to the Dutch government today indicates that all 8 certificate servers of the Dutch company DigiNotar were fully hacked. (Report PDF in English.) Because the access log files were stored on the same servers, they cannot be used to find any evidence for or against intrusion. In fact, blatant falsification has been found in those log files. A series of so-far unused certificates has also been found. It is unknown if and where these certificates have been used."

Sorry! There are no comments related to the filter you selected.

Falsified Logs! (2)

Beardydog (716221) | about 2 years ago | (#41834887)

Color me impressed. Log_Modifier may not fill many gigaquads, but it sure ain't free.

Re:Falsified Logs! (0)

Anonymous Coward | about 2 years ago | (#41835185)

My first thought as well.

Re:Falsified Logs! (3, Interesting)

rwa2 (4391) | about 2 years ago | (#41835755)

In other news, it sounds like someone is going to be setting up an authlog blackhole in the near future...

Did they check their .bash_history ? The silly script kiddie that got into my RH4 box back in the 90s forgot to clean his traces there. I mean, he bothered to run "history -c " , but it didn't actually stop his session from dumping everything there again after he logged out.

Re:Falsified Logs! (1)

X0563511 (793323) | about 2 years ago | (#41838501)

quick and dirty: cron jobs that wipe the history file every minute.

I thought of that in about 5 seconds.

Re:Falsified Logs! (3, Informative)

rve (4436) | about 2 years ago | (#41839281)

quick and dirty: cron jobs that wipe the history file every minute.

I thought of that in about 5 seconds.

The more canonical solution is rm ~/.bash_history && ln -s /dev/null ~/.bash_history

Re:Falsified Logs! (1)

X0563511 (793323) | about 2 years ago | (#41841787)

Oooh now that is dirty.

Re:Falsified Logs! (0)

Anonymous Coward | about 2 years ago | (#41840669)

unset HISTFILE

Re:Falsified Logs! (1)

Sadsfae (242195) | about 2 years ago | (#41841679)

FTA, looks like it was a Microsoft Windows infrastructure, all the vectors were Windows servers.

Re:Falsified Logs! (0)

Anonymous Coward | about 2 years ago | (#41835863)

And they're still recruiting [introversion.co.uk] .

Ten years on, it's amazing how many things that game got right.

Re:Falsified Logs! (0)

Anonymous Coward | about 2 years ago | (#41840491)

Aye, I've never got one of those 'frame x for hacking' missions working, so I just avoid them altogether.

Define "blatant falsification" (1)

TWX (665546) | about 2 years ago | (#41834893)

Were the Hex strings loaded with DEADBEEF or B00B135 or something?

Re:Define "blatant falsification" (1)

mfh (56) | about 2 years ago | (#41835043)

Binary art of someone being blatant, methinks...

Re:Define "blatant falsification" (0)

Anonymous Coward | about 2 years ago | (#41835063)

Wasn't deadbeef the default hex value of some IBM memory banks from way back when or something like that?

Re:Define "blatant falsification" (1)

TWX (665546) | about 2 years ago | (#41835117)

It's been used a lot. It sticks out obviously when going through a lot of raw data, so it makes for a good catch string on green-bar paper.

Shhhh... Don't let Peta find out about this...

Re:Define "blatant falsification" (0)

Anonymous Coward | about 2 years ago | (#41835417)

Wasn't deadbeef the default hex value of some IBM memory banks from way back when or something like that?

It was also a default debug address in Mac OS 7 (once you pressed the old "programmer's key" on the keyboard).

Re:Define "blatant falsification" (0)

Anonymous Coward | about 2 years ago | (#41846317)

X86 binary instructions....

Nothing to see here... (3, Funny)

Anonymous Coward | about 2 years ago | (#41834915)

This hack never happened.

- Signed: DigiNotar

Re:Nothing to see here... (1)

HomelessInLaJolla (1026842) | about 2 years ago | (#41836747)

Well, of course not, because with all eight of any servers at the level of certificate authority were hacked then you may as well consider everything else in the world to be fully hacked, too. Really, that's not an exaggeration. All eight? Do you know what an 8250 drive is? It's a security testing device. It has a stack of steel plates around the power supply to suppress any potential flux in the magnetic field which could be used to overload the r/w heads. They deliberately match each drive against each other with race competitions of algorithms on the disks just to try to get one to burn. Now, take that kind of matched security testing premise and apply it to an octogon of hacked certificate authorities.

You're fucked. And you likely suck dog dick for money.

Codeweavers Crossover Direct Downloads 10/31/2012 (-1)

Anonymous Coward | about 2 years ago | (#41834921)

Re:Codeweavers Crossover Direct Downloads 10/31/20 (0, Insightful)

Anonymous Coward | about 2 years ago | (#41835139)

What about for Mac OS X which is the only non-Windows desktop OS that matters?

Re:Codeweavers Crossover Direct Downloads 10/31/20 (0)

RMingin (985478) | about 2 years ago | (#41836889)

By all means, help yourself.

Giving out the links is kinda dumb when you could have the registration link and one year support and upgrades for free as well.

http://flock.codeweavers.com/ [codeweavers.com]

Niggers (-1)

Anonymous Coward | about 2 years ago | (#41834929)

Niggers commit alot of crimes. Captcha: Charcoal. LOL!

Who's to blame? (hint) (2, Insightful)

ntropia (939502) | about 2 years ago | (#41834933)

You know, for a server being violated is always a matter of probability, same story about hardware failures ("when", not "if"). Some of the variables in this equation is how "interesting" your server could. And a server releasing certificates is quite "interesting", if you ask me. So if you keep the logs of such an important server on the machine itself, there isn't much to say: the administrators of such a server are incompetent.

Re:Who's to blame? (hint) (2)

fluor2 (242824) | about 2 years ago | (#41835543)

it's not fair to blame the administrators. you should blame the people who hired them.

Re:Who's to blame? (hint) (2)

rahvin112 (446269) | about 2 years ago | (#41836367)

Yes, because those people are likely the ones that said "We are not buying another machine for log data" or said "we can't afford segregated network segments and secure communication to protect the signing servers". In my experience you can usually trace failures like this back to an unwilligness to spend money, not necessarily blatant incompetence.

It's just as likely that the management prevented proper security as it is that the IT staff were morons.

Re:Who's to blame? (hint) (1)

plover (150551) | about 2 years ago | (#41836929)

I think there's plenty of blame to go around on this one. From the top to the bottom, these guys were thoroughly incompetent. A good admin stepping into the job would have pressed for effective security policies, and balked if they weren't implemented. A competent CISO would have started with them. A competent CEO / CIO should have known they needed a CISO, being a security company after all.

Re:Who's to blame? (hint) (0)

Anonymous Coward | about 2 years ago | (#41838441)

DigiNotar did have segregated network segments. FTFA:

DigiNotar had its network highly segmented and had a number of those segments separated from the public Internet.

Re:Who's to blame? (hint) (2)

Opportunist (166417) | about 2 years ago | (#41838039)

No, blame the person writing the specs and requirements. Because the admin can't do JACK if his CISO is a dick.

Blunders like this ain't an admin's fault. This isn't some config switch set improperly or a port in the firewall left unguarded. It's a fault in the security paradigm and the security strategy of the company. This is NOT an administrator's fault. In companies of a certain size (and I guess DigiNotar would be one) the average admin doesn't even have the information to make a decision like that. A watchful admin might notice it, he might even mention it "upstairs", but he cannot DO anything about it if it doesn't get green lighted from above.

Don't blame the techs for management errors. And this, bluntly, is one.

Re:Who's to blame? (hint) (1)

dkf (304284) | about 2 years ago | (#41840617)

Blunders like this ain't an admin's fault.

Wrong. They are the admin's fault, along with the fault of others as well. Blame can be spread, but not absolved. The admin should not have let things get into a state where things could get hacked, whatever his line management said. What's worse, if things were in a management state where the admin had decided to do a private passive-aggressive work-to-rule (I've known a few admins like that; technically competent, but total dicks) then they're absolutely making things worse and are thoroughly to blame.

Mind you, I'm not absolving management here. It takes two to tango.

Re:Who's to blame? (hint) (0)

Anonymous Coward | about 2 years ago | (#41845869)

Wow, you don't know shit about what happened in reality in this case but you jump to conclusions.

It is not so uncommon for admins to tell their superiors about security problems and want to have them fixed but for whatever stupid reasons are not allowed to.

Especially in a CA scenario you would expect that the admin might not make any upgrades or security changes on the systems on his own without prior review and documentation etc.

So you don't know shit if this admin was actually able to fix the stuff but you still blame him. His only option might have been to quit the job.

I have not worked for a CA but as a admin I was caught in a similar situation where I had to live with a serious security problem because I was banned from changing anything.

STFU before blaming the admin you ass.

Re:Who's to blame? (hint) (1)

Opportunist (166417) | about 2 years ago | (#41851035)

The question is whether an admin can actually make that decision. Considering how sensitive the whole subject is and how management usually thinks techs don't know about "responsibility", chances are that he could not. The admin could have been well aware that there is a problem, and if he is smart he wrote a mail (and printed it for his own records) to his superior, but it is very unlikely that he could make a decision like that without a blessing from above. What's worse, there most likely even existed an order that he MUST NOT do something like that with the thinly veiled threat that if he does he's being fired on the spot. That has nothing to do with a passive-aggressive work-to-rule attitude, simply with "I want to keep my job so I have to work to THEIR rules".

A good admin would probably have noticed it, and he probably informed management about it. Whether he did or not we'll probably never know, because such things (hopefully!) don't make it out into the open, at least if this doesn't go to a public court. But it is very likely that he sat there, knowing well that he's guarding a ticking time bomb, but he just didn't get the necessary ok from above to do anything about it.

Bloody n00bs... (3, Insightful)

fuzzyfuzzyfungus (1223518) | about 2 years ago | (#41834947)

You would think that a company playing at something mildly important(like, oh being a CA for the Dutch government...) could, at very least, do basic things like store logs on WORM tape... Yes, those are overpriced compared to the normal ones; but they aren't that expensive.

Re:Bloody n00bs... (3, Insightful)

Anonymous Coward | about 2 years ago | (#41835023)

WORMs cost money... so does all security... I'm sure the contract was awarded to the lowest bidder.

Re:Bloody n00bs... (3, Insightful)

Opportunist (166417) | about 2 years ago | (#41838087)

*sigh* Most likely, yeah.

Security is the stepchild of IT. They don't produce. Ok, so does a lot of IT, but at least with the rest of IT, management can somehow hope that eventually they can fire a couple of people. With ITSEC, no such luck. They don't streamline production (worse, they often bog it down), they don't make people redundant, in fact, they make more people necessary. Plus, those pesky, nosey security geeks keep peeking into every computer and might find out that the boss is surfing on pages containing gay llama porn.

It's sad but true, if you see two people sitting on a huge table in the crowded cafeteria and nobody wants to join them, and they're not talking with each other either, you know where security and controlling are.

But unlike controlling, it's pretty hard to make your boss understand the dangers of a security breach in IT.

Re:Bloody n00bs... (1)

DarkOx (621550) | about 2 years ago | (#41840097)

Man you just described the scene in our cafeteria most days. I happen to be one those guys at the table. What always amazes me is production just does not get it. I really am their best friend. They are always freak out that "our security stuff" might mess up their PLC and someone could get hurt.

  Its like the possibility that a worm could get on their unpatched XP SP1 platforms from one of the endless parade of technician laptops that get plugged into that subnet and someone could get hurt is entirely lost on them. You'd think a bunch of plant engineers would get that its better to test out security controls under somewhat controlled conditions with people aware they might be a problem than to get owned during third shift.

Codered and welchia were not that long ago, and stuxnet and flame were just in the news but memories are short apparently.

Re:Bloody n00bs... (1)

Opportunist (166417) | about 2 years ago | (#41851011)

Our product managers found out that I'm on their side by now. What I learned is that you have to "sell" it to them, my angle was that I write part of their specs and also verify that they are being kept by the suppliers, thus taking work off their shoulders. Actually, what happens is that I write the sec requirements (which is my job anyway), then adapt them to their project (which is technically their job but that way at least I get what I want instead of them guessing what my specs are actually about and then omitting what really counts...) and review the bids (so I can make sure that my security guidelines are implemented).

It serves both of us. I get in the hard- and software we buy what our security standards require, and keep them from having to deal with it at least during the bidding stage of the project. Maybe it could work for you too, maybe trying to get into the acquisition/programming procedures for your PLCs would help them get rid of the concerns for "your security stuff" and enable you to get what you need?

Re:Bloody n00bs... (1)

buglista (1967502) | about 2 years ago | (#41839545)

Another syslog server costs peanuts, just has to be a bunch of disk with only port 514/udp listening. Shit, I use to run an internal CA which was more secure than these guys, because it was air-gapped. I know that doesn't scale, but we weren't charging people for certs, just doing it for internal use.

Re:Bloody n00bs... (1)

tlhIngan (30335) | about 2 years ago | (#41835415)

You would think that a company playing at something mildly important(like, oh being a CA for the Dutch government...) could, at very least, do basic things like store logs on WORM tape... Yes, those are overpriced compared to the normal ones; but they aren't that expensive.

Welcome to business. The same rules apply everywhere - try to cut as many corners as you can so the company can boast about huge profits and the CEO can pay for this space tourist ticket.

The only things that change are how far you can take it before you get caught, and what the penalties are. In thie case, it was basically closing up shop. Not the worst (they could've held the execs liable, for example)...

Re:Bloody n00bs... (1)

Ryanrule (1657199) | about 2 years ago | (#41837175)

You need to insert liability. IE, signing agency is FULLY liable for any losses incurred due to their security failure. This will make signing very expensive. That is ok.

Re:Bloody n00bs... (1)

Opportunist (166417) | about 2 years ago | (#41838101)

Sadly, it won't increase security. The money will not be used to hire better people and tighten security, it will go into reserves for when (not if) they get to pay for their blunders.

Re:Bloody n00bs... (1)

DarkOx (621550) | about 2 years ago | (#41840161)

<serious>No it won't got to reserves. It will go to insurance premiums and to one of the big audit firms annually to NOT find problems and generate a great deal of glossy print outs to make the insurance firm feel good. </serious>

<half kidding>
The insurance firm will then sell stocks and bonds to a large brokerage, who will aggregate them into a fund or other financial product with more insurance companies suggesting that all risk has been eliminated. The original insurance companies will by these products (essentially their own companies) back from the brokers after paying a hefty commission and list them as assets.

Then brokers will revalue the assets higher based on the now expanded balance sheets, and suggest that more leverage is therefore okay. Eventually some hack of some tiny backwater CA nobody uses will cause a ripple effect bring the entire financial system to knees.
</half kidding>

FULLY hacked? (4, Funny)

ilsaloving (1534307) | about 2 years ago | (#41834961)

As opposed to, what, partially hacked?

Isn't that like being almost pregnant?

Re:FULLY hacked? (5, Informative)

fuzzyfuzzyfungus (1223518) | about 2 years ago | (#41835021)

It's always a dangerous assumption to make; but architecturally the concept of 'partially hacked' isn't terribly nonsensical. Consider the enormous number of web server setups where OS-level credentials and web application authentication are entirely different things. It happens all the time that kiddies will crack the web component and scribble all over your php forum or CMS or whatnot; but without ever gaining access to the OS.

You really don't want to work on the assumption that 'eh, I'm sure we were only partially hacked, no need to reinstall the OS'; but it may well often be true.

Re:FULLY hacked? (1)

NinjaTekNeeks (817385) | about 2 years ago | (#41835495)

Agreed. Had the attacker not been able to leverage the access he obtained on the web servers to compromise the SQL Server he may very well have been stopped in his tracks in the DMZ.

Re:FULLY hacked? (0, Offtopic)

Anonymous Coward | about 2 years ago | (#41835121)

Yes.

Nope, it is like saying only the vagina was penetrated.

Re:FULLY hacked? (4, Informative)

dutchwhizzman (817898) | about 2 years ago | (#41835345)

4 out of 8 CA servers were proven to be tampered with and the hacker got Admin and/or SYSTEM privileges. The only thing he didn't get away with were the actual private keys, since those were stored in hardware that did the actual signing. If Diginotar would have scheduled the signing to a specific time of day and removed the smartcards from the readers for those CAs, he wouldn't even have been able to get his rogue certificates signed. The other 4 servers weren't interesting for the hacker and my interpretation is that he mainly used the CA server that could sign "web site certificates" for MITM purposes. I'd say that qualifies as "fully hacked" as opposed to for instance a single web server where a single web service was not completely secure, so he could manipulate it into signing requests. He got through 3 layers of (obviously lacking) security before he got to the CA servers themselves. Layer 1 was web servers, layer 2 was the office network and layer 3 were the CA servers themselves. He used stacked tunnels to get through firewalls between network segments and used public webservers he already owned as file drop. Out of over 250 investigated machines, he got access on all significant ones in the certificate, web hosting and logging processes, but the actual hardware containing the private keys. In summary, I'd say fully hacked is an accurate description.

Re:FULLY hacked? (1)

PolygamousRanchKid (1290638) | about 2 years ago | (#41835625)

As opposed to, what, partially hacked?

Well, yes, it's partial differential equations and quantum mechanics . . .

Isn't that like being almost pregnant?

It's just like Schrödingers cat was pregnant and not prenant at the same time.

In Abstract Hilbert Space.

Re:FULLY hacked? (0)

Anonymous Coward | about 2 years ago | (#41841267)

This is the sad word diarrhea of idiots speaking english, even if they are native. They find necessary to intensify what they say because it is usually of no substance. Read Feynman's lectures for some real english.

is there any connection with stuxnet (0)

Anonymous Coward | about 2 years ago | (#41835209)

just curious

Re:is there any connection with stuxnet (1)

plover (150551) | about 2 years ago | (#41837037)

No, the signed keys used in the stuxnet attack were believed to have been stolen by an actual break-it at the factories that made the motor controllers.

Not surprised at all! (1)

tikal808 (2622665) | about 2 years ago | (#41835487)

Just look at what their web servers have been running for years! What a joke!! http://uptime.netcraft.com/up/graph?site=www.diginotar.nl [netcraft.com]

Re:Not surprised at all! (1)

Anonymous Coward | about 2 years ago | (#41835555)

As opposed to the OS and web server running on the kernel.org servers that were compromised by trojans? I wish I wish I could remember their names...

Not to worry, I shut him up... apk (-1)

Anonymous Coward | about 2 years ago | (#41835701)

http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835589

* :)

"As opposed to the OS and web server running on the kernel.org servers that were compromised by trojans? I wish I wish I could remember their names..." -

Here you go, "hot off the presses" in 2011-2012:

2012:

Medicaid hack update: 500,000 records and 280,000 SSNs stolen:

http://www.zdnet.com/blog/security/medicaid-hack-update-500000-records-and-280000-ssns-stolen/11444

So, what's dts.utah.gov running everyone?

LINUX (and yes, it got HACKED) -> http://uptime.netcraft.com/up/graph?site=dts.utah.gov

What's health.utah.gov running too??

YOU GUESSED IT: LINUX AGAIN -> http://uptime.netcraft.com/up/graph?site=health.utah.gov

* Ah, yes - see the YEARS OF /. "BS" FUD is CRUMBLING AROUND THE PENGUINS EARS HERE & 2012's starting out just like 2011 did below!

===

2011:

KERNEL.ORG COMPROMISED - The Cracking of Kernel.org: (that's VERY bad - do you trust it now?)

http://linux.slashdot.org/story/11/08/31/2321232/Kernelorg-Compromised

---

Linux.com pwned in fresh round of cyber break-ins:

http://www.theregister.co.uk/2011/09/12/more_linux_sites_down/

---

Mysql.com Hacked, Made To Serve Malware:

http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware

What's that site running? You guessed it - Linux -> http://uptime.netcraft.com/up/graph?site=mysql.com

---

London Stock Exchange serving malware:

http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware

(I mean hey - NOT ONLY DID LINUX FALL FLAT ON ITS FACE less than a few minutes into the job http://linux.slashdot.org/story/11/02/19/0147232/London-Stock-Exchange-Price-Errors-Emerged-At-Linux-Launch, & crash not only ONCE, but TWICE there? You see "Linux 'fine security'" in motion @ the LSE too!)

---

DUQU ROOTKIT/BOTNET BEING SERVED FROM LINUX SERVERS:

http://it.slashdot.org/story/11/11/30/1610228/duqu-attackers-managed-to-wipe-cc-servers

---

Linux Foundation, Linux.com Sites Down To Fix Security Breach:

http://linux.slashdot.org/story/11/09/11/1325212/linux-foundation-linuxcom-sites-down-to-fix-security-breach

---

Linux's showing in CA's breached recently too? Ok: (very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)

http://uptime.netcraft.com/up/graph?site=StartCom.com

http://uptime.netcraft.com/up/graph?site=GlobalSign.com

http://uptime.netcraft.com/up/graph?site=Comodo.com

http://uptime.netcraft.com/up/graph?site=DigiCert.com

http://uptime.netcraft.com/up/graph?site=www.gemnet.nl

The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:

http://itproafrica.com/technology/security/cas-hacked/

&

http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811

---

The Stratfor SECURITY hack: (can't blame it on poor setup, this IS a security firm that uses Linux)

http://yro.slashdot.org/story/11/12/28/1743201/data-exposed-in-stratfor-compromise-analyzed

What's that domain run? Yes kids - you guessed it: LINUX -> http://uptime.netcraft.com/up/graph?site=www.stratfor.com

---

Phishers/Spammers FAVOR attacking LAMP: (Linux, Apache, mySQL, PHP)

http://www.theregister.co.uk/2011/06/10/domains_lamped/

PERTINENT QUOTE/EXCERPT:

"Phishers compromise LAMP-based websites for days at a time and hit the same victims over and over again, according to an Anti-Phishing Working Group survey. Sites built on Linux, Apache, MySQL and PHP are the favoured targets of phishing attackers"

---

Toss ANDROID (yes, a Linux since it uses a Linux kernel) in also, since it's being "shredded" on the mobile phone security-front rampantly for years now?

* You get the picture...

APK

P.S.=> Of course, when you DO that to these little nerdy wannabes? They merely access their other "alternate registered 'luser'" accounts, and downmod facts in some VAIN ATTEMPT @ "hiding them" (and their stupidity from the public eye)... ... apk

Oh, really? Try this *NIX boy... apk (0, Insightful)

Anonymous Coward | about 2 years ago | (#41835589)

What were ALL THE OTHER CA's HACKED RUNNING? Linux

Proof?? Fine, easy, & here 'tis ("eat it" boy):

(very, Very, VERY BAD for ecommerce, online shopping, banking, etc./et al)

---

http://uptime.netcraft.com/up/graph?site=StartCom.com

http://uptime.netcraft.com/up/graph?site=GlobalSign.com

http://uptime.netcraft.com/up/graph?site=Comodo.com

http://uptime.netcraft.com/up/graph?site=DigiCert.com

http://uptime.netcraft.com/up/graph?site=www.gemnet.nl

---

The list of CA Servers BREACHED that RUN LINUX (StartCom, GlobalSign, DigiCert, Comodo, GemNet)... per these articles verifying that:

http://itproafrica.com/technology/security/cas-hacked/

&

http://threatpost.com/en_us/blogs/site-dutch-ca-gemnet-offline-after-web-server-attack-120811

---

* Thus, in case you didn't KNOW IT? Happened the SAME TIME as it did on that single Dutch Windows CA server & "4 out of 5 dentists CAN'T BE WRONG?"... Sure they can be, when 4/5 breaches OCCURRED ON LINUX SERVERS!

APK

P.S.=> How do your words taste, now that you have to "eat them", flavored with the "bitter taste of SELF-DEFEAT" as well as your FOOT IN YOUR MOUTH... Penguin-boy!

... apk

Re:Oh, really? Try this *NIX boy... apk (1)

tikal808 (2622665) | about 2 years ago | (#41836083)

You have put together a good compilation of various issues with Linux. Of course in my brief comment, I never even mentioned Linux. I'm looking forward to seeing what kind of issues you have complied regarding Net/Free/Open BSD. Cheers.

Re:Oh, really? Try this *NIX boy... apk (-1)

Anonymous Coward | about 2 years ago | (#41836121)

Lame backpedaling is lame. We knew what you were alluding to.

Re:Oh, really? Try this *NIX boy... apk (0)

Anonymous Coward | about 2 years ago | (#41836227)

My reading of the original comment was that DigiNotar didn't bother to update IIS 6.0, the implication more along the lines of the allegation that Sony was running unpatched Apache instances in front of the PSN.

Re:Oh, really? Try this *NIX boy... apk (-1)

Anonymous Coward | about 2 years ago | (#41836629)

Haha bullshit. Defending yourself as AC is lame. And their breach had nothing to do with IIS anyway.

Little "Pro-*NIX douche" did what I said too (0)

Anonymous Coward | about 2 years ago | (#41836599)

Downmodded this reply to you ( w/ Linux fuckups in security 2011-2012 ) -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835701 AND he tried to "hide" my post that put him in his place with a downmod here also -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835589 where I easily PROVED that more Linux CA's were breached, by far (5:1 ratio vs. Windows).

* He truly IS the "typical little nerd weasel" that I personally OFTEN associate with what I call "not men" online (weasels)...

APK

P.S.=> His "kind"? Come with the territory, & the deceits of YEARS of hearing "Run Linux - it's invulnerable to anything" (pretty much)... & they WONDER WHY their OS of choice is in DEAD-LAST place? People are NOT stupid & can see right thru their b.s. & deceits - typical little 'geeks' in *thinking* they're "so smart" (most are stupid as hell imo & their skill level in the art & science of computing also? WEAK!)...

... apk

There were only 2 types involved... apk (0)

Anonymous Coward | about 2 years ago | (#41836535)

Linux (5 of 6 'hacked') & 1 Windows unit...

(Thus, who're YOU *trying* to fool, with this utter line of EVASIVE bullshit quoted next below, hmmm?)

"You have put together a good compilation of various issues with Linux.Of course in my brief comment, I never even mentioned Linux" - by tikal808 (2622665) on Wednesday October 31, @06:26PM (#41836083)

* It's not "working-out-well" for you... not @ all, considering ONLY LINUX &/or WINDOWS were involved in the CA breaches...

YOU? Fail... like all lying little *NIX noobz always do - amazing: YOU & "your kind"... you really DON'T HAVE any honor whatsoever, do you? Deceits are just "part of your 'repetoire'" aren't they??

APK

P.S.=> You little *NIX weasels & YEARS of "Linux = invulnerable" (or other types of *NIX variants, like MacOS X being "invulnerable to viruses" etc./et al that even APPLE outright LIED on) around here on /.? All coming to an end for a LONG TIME now... you reaped what you all sowed, now enjoy eating it!

... apk

Re:There were only 2 types involved... apk (0)

Anonymous Coward | about 2 years ago | (#41836893)

Aight, bitch, show me the linux botnets. Show me any linux virus that isn't somebody's proof-of-concept research project.

Show me that you know anything about securing a server of any kind.

Nothing is invulnerable. If someone (besides Oracle) had claimed that, this would be news. You're a lying fuckwad for claiming otherwise.

What is true, is that most Linux distros have some sort of default role-based security, and that you can crank that up to 11 if you have time. You can further use chroot to separate processes, and for the ultra-paranoid, there is Qubes OS. Also, if you have lots and lots of time, you can personally inspect every line of code in your entire fucking system, and let me know when *any* of that is true for Windows. If you don't know what the words mean, google them.

You FAILED Penguin boy... apk (0)

Anonymous Coward | about 2 years ago | (#41837177)

GET OVER IT -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835589

* LMAO, @ this "ReAcTioN" from you quoted next:

"Aight, bitch, show me the linux botnets. Show me any linux virus that isn't somebody's proof-of-concept research project. Show me that you know anything about securing a server of any kind." - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

No, that's ok, since I showed EVERYONE READING HERE that you're FULL of it... see link above & "rinse, lather, & repeat", boy... & your "AC" reply now? Especially not fooling anyone... lol!

(THAT is the "problem" w/ you little "nerds" - again, you *THINK* you're smart, until I come along & SHOW YOU what smart actually really is by TOTALLY OUTSMARTING YOU & "your kind" (weasels, & you wonder WHY Your OS of choice is in dead-last place on servers + desktops combined? Don't wonder - we all "see you", & RIGHT thru you & your kind, because you're stupid...)

* Face facts - Vs. that link above? LMAO - YOU FAILED & rather badly... playing RIGHT into my hands, because as was said in the film "V: For Vendetta"?

"He knows us better than we know ourselves"

When you modded down my reply here (using your "alternate registered 'luser'" account(s)) -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835701 AND tried doing it here too (but the INSIGHTFUL still stands strong, lol) -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835589

LMAO!

Then, you VAINLY *tried* the usual bullshit in "mincing words" (since you didn't mention Linux)... lol, only to FIND YOURSELF WITH "EGG ON YOUR FACE" (you only did THAT to yourself yet again) since there was ONLY LINUX & WINDOWS INVOLVED... lol!

Priceless...

APK

P.S.=> Sometimes, I actually *think* fools like you that shoot your mouths off without being aware of ALL of the facts are actually a 'setup', a 'plant' of sorts, to spur controversy & argument... I say that, since NOBODY is that stupid as you've shown yourself to be, clearly & WITHOUT question - & of course, you KNOW I've just GOTTA say it, as-is-per-my-usual "inimitable style":

THIS? This was just "too, Too, TOO EASY - just '2ez'" - but, as I said just above? I often think it's so easy & meant to be...

... apk

Ah, I just GOTTA do this too... apk (0)

Anonymous Coward | about 2 years ago | (#41837611)

"Aight, bitch, show me the linux botnets. Show me any linux virus that isn't somebody's proof-of-concept research project" - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

Linux problems? See ANDROID getting NUKED daily by exploits and yes, it IS a Linux!

(Lmao, too easy)...

Also, please:

Cut the "wannabe nigga" stuff, BOY - I eat scumbags like that ALIVE where I live & have for decades... the "real" kind, not some wannabe "plastic imitation" like you!

(In fact - So much so, they're AFRAID of me, & ought to be)

Unlike a "suburban punk" like you? I grew up in & LIVE in an "inner urban" environment and in one of the MOST violent cities (#3 last I checked) there is, bar-none. The "plastic fake" crap YOU use? Please...

I am NOT what you & "your kind", the "not-men online" are... whimps, & deceitful 1/2 truth spouting weasels... lol, ONES LIKE YOU THAT HAD TO "EAT THEIR WORDS" - > http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835589

Oh, lol, "the SHAME of it" (but then again, THAT is "nothing new" to wormish little geek/nerd weasels, now is it? Nope!)

LMAO!

---

"Show me that you know anything about securing a server of any kind." - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

LMAO - I'll do BETTER than that: I WRITE "industrial-strength"/"mission-critical" enterprise-class systems, & been adminning them for DECADES, professionally...

Also - based on your screwups here?

I'd even wager LONGER THAN YOU'VE BEEN ALIVE & running + setting them up since the 1996 Olympics in Atlanta, which I did for BellSouth... boy!

(Most people here KNOW this... you? Evidently don't, but then again?? You've shown us "how much you know" already, lol... nearly nothing, and so much so, you "shot your mouth off" only to have to "eat your words", vs. myself... lol!)

LOL, techies & admins? MY opinion of them (those that limit themselves to "menial" tasks only like admin 'work')??

They are SELF-LIMITING (or rather LIMITED) dolts, who without guys like myself (programmer-analysts/software engineers & architects) WOULDN'T HAVE A THING TO RUN, without us... & yes, to do OUR jobs? WE HAVE TO BE FULL AD-WIDE ADMINISTRATORS!

Of course, If you had ANY skills or know-how in professional environs? You'd KNOW THAT, too... & obviously? You don't... lol!

---

"Nothing is invulnerable. If someone (besides Oracle) had claimed that, this would be news. You're a lying fuckwad for claiming otherwise.." - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

This only tells ME that YOU either are NEW here OR are full of it (you forgot APPLE & their "we don't get viruses" b.s. & you noted BSD too? LMAO - there you are, "phool"... you got "NOOKED" again! You only do it, to yourself, every single time!) - that kind of CRAP has been spouted here for years now (not so much anymore though... gosh, "wonder why" (not), since MacOS X has been 'burned' repeatedly for their "we get no viruses" etc./et al lies, AND of course, my data posted here to YOU!)

No, your "train ride" is ending... you're just to DUMB to know it!

---

"What is true, is that most Linux distros have some sort of default role-based security, and that you can crank that up to 11 if you have time. You can further use chroot to separate processes, and for the ultra-paranoid, there is Qubes OS. Also, if you have lots and lots of time, you can personally inspect every line of code in your entire fucking system, and let me know when *any* of that is true for Windows. If you don't know what the words mean, google them..." - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

Yes, you're STUPID again... because you don't know WHO you are speaking to... but, ok!

Can you do ANY of those things to Windows? Sure...

I practically "wrote the book" (1st security guide for Windows there EVER WAS from 1996-2001 -> http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text & from as far back as 1997 -> http://web.archive.org/web/20020205091023/www.ntcompatible.com/article1.shtml which Neowin above picked up on & rated very highly.)

That has evolved more currently, into the MOST viewed & highly rated one there is for years now since 2008 online in the 1st URL link above...

Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:

---

1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))

---

Across 15-20 or so sites I posted it on back in 2008... & here is the IMPORTANT part, in some sample testimonials to the "layered security" methodology efficacy:

---

SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier. Sandboxing was great. Getting my host file updated, setting services to system service, rather than system local. (except AVG updater, needed system local)" - THRONKA, user of my guide @ XTremePcCentral

---

That's only a TINY sampling... I've done a HELL OF A LOT BETTER THAN THAT @ Ms TechEd 2000-2002 as a finalist there in its hardest category, for improving an ALREADY great ware by up to 40% via my works on it... have you? LOL, hell no... & I know it (so do you).

* So, as anyone reading can see, YET AGAIN?

YOU are "eating your words", yet again... how do they taste?

APK

P.S.=> Yes folks, just as I said before (and predicted the worthless little bigmouth nerd would *try* to "hide" my posts that put him in his place & shut his mouth on @ the termination of my post here he downmodded -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835701 )

QUOTING MYSELF ON THAT MUCH in fact, as to my "prediction" that you'd "downmod" my posts to *try* to "hide them" and, your blatant stupidity!

(Didn't take a brain, I know these little worm weasel *NIX heads better than they know themselves, ala "V")...

"P.S.=> Of course, when you DO that to these little nerdy wannabes? They merely access their other "alternate registered 'luser'" accounts, and downmod facts in some VAIN ATTEMPT @ "hiding them" (and their stupidity from the public eye)... ... apk" -

FROM -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835701

Which you tried to downmod, just like the post of mine that shut you the "f" up easily -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835701 & which also elicited one hell of a "FoAmiNg @ tHe MouTh" raging rant which I "shot down in flames" easily here -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41836535

Simply by my pointing out there was ONLY LINUX &/or WINDOWS INVOLVED & your "wormish nerd" PUNY ATTEMPT @ "mincing words"? BLOWN THE "F" AWAY, easily... lol!

Anyone's FREE to examine this, & make their own determinations... but facts I used go a LONG WAYS to blowing YOU & "your kind" (wormish weasels) clean away... easily!

... apk

Re:Ah, I just GOTTA do this too... apk (0)

Anonymous Coward | about 2 years ago | (#41838247)

I think someone should do a kickstarter to get APK a talk radio show. The last twenty minutes he can read us 20 more entries for our host files.

Off-topic b.s., nothing more... apk (0)

Anonymous Coward | about 2 years ago | (#41841843)

Typical "Pro-*NIX trolls" in action, as per your usuals, having to go "off-topic" when you're outta ammo (not that you ever HAD any vs. this -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835589 or this -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41836535 )

* :)

APK

P.S.=> Too bad all you have's that by this point, eh? You "FAILED", boys... when will you EVER learn that you can't match wits with me: I'll blow you away, & that's that (Proof's in the Pudding here, as "yet another example thereof"...)

... apk

Re:Ah, I just GOTTA do this too... apk (0)

Anonymous Coward | about 2 years ago | (#41845637)

I think you should attempt to be on topic troll.

Re:There were only 2 types involved... apk (1)

Desler (1608317) | about 2 years ago | (#41838471)

Aight, bitch, show me the linux botnets.

Ok [theregister.co.uk] . Happy?

Thanks for the data... apk (0)

Anonymous Coward | about 2 years ago | (#41842109)

I didn't have that one, & I can use it in the future!

* Especially vs. the "Pro-*NIX" trolls around here, and their UTTER b.s. ...

APK

P.S.=> Surprising to FIND a botnet on Linux systems, actually - why? NOBODY USES LINUX by comparison to Windows on PC Desktops (& it's about a 50/50 "split" on servers worldwide too)...

... apk

Now the "coup de grace"/icing on the cake (0)

Anonymous Coward | about 2 years ago | (#41842813)

"most Linux distros have some sort of default role-based security" - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

New NEWS/NewFlash: SO DOES WINDOWS, & it's BETTER via Group Policies & Active Directory than what Linux does via scripts for "enmasse" enterprise-wide deployment of security!

---

" and that you can crank that up to 11 if you have time." - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

Again, New NEWS/NewsFlash: Once more - I practically "wrote the book" on how to secure Windows & it goes to "12"... see here:

http://tech.slashdot.org/comments.pl?sid=3222433&cid=41837611

(See 4th quote of your b.s. there... "eat your words" again!)

---

"You can further use chroot to separate processes" - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

LMAO - you can do UAC Virtualization on Windows via taskmgr.exe & ISOLATE PROCESSES INTO A SINGLE PROFILE too... you fail, again!

---

"and for the ultra-paranoid, there is Qubes OS." - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

That's from my fellow "polish person" & she uses VM's to achieve it... good job on HER part (not yours)...

---

"Also, if you have lots and lots of time, you can personally inspect every line of code in your entire fucking system" - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

SO CAN HACKER/CRACKERS (that sword cuts BOTH ways)... & I will tell you, POINT-BLANK, that IF I were a hacker/cracker? I'd rather trace sourcecode looking for holes than trying to "fuzz" or dissassemble a binary executable &/or closed source code...

---

"and let me know when *any* of that is true for Windows." - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

I just did here in THIS VERY POST, and here, earlier -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41837611 also!

"YOU FAIL!"

APK

P.S.=>

"If you don't know what the words mean, google them." - by Anonymous Coward on Wednesday October 31, @08:03PM (#41836893)

LMAO, please - after this:

http://tech.slashdot.org/comments.pl?sid=3222433&cid=41835589

and this:

http://tech.slashdot.org/comments.pl?sid=3222433&cid=41836535

and THIS (perhaps ESPECIALLY that since it 'blew away' your b.s. & illogical off-topic ad hominem attack attempts that failed directed MY way):

http://tech.slashdot.org/comments.pl?sid=3222433&cid=41837611

?

"YOU FAIL", badly... very badly!

When WILL you "Pro-*NIX" trolls EVER learn - you can NEVER, ever "get the best of" me... ever!

After all - It hasn't happened here in over 8++ yrs. now, & thus? Probably NEVER will, as long as you go off "1/2 cocked" operating on utter b.s. you heard HERE ON /. that's based on 1/2 truths & falsehoods (which is what KILLS your chances @ success - folks aren't dumb, despite your "wannabe geek" thinking you're "smart" (because you're not & it showed here) ... lol!

... apk

Re:Now the "coup de grace"/icing on the cake (0)

Anonymous Coward | about 2 years ago | (#41846383)

That would be great if everything you posted weren't counterfactual.

Android is Linux the way iOS is BSD. Related, not identical. Android's problems are not at the kernel level. Apples to apples, here.

Nice windows security howto. Notice how it doesn't include anything about Group Policy? Notice how group policy doesn't exist in the home versions of Windows? The role-based security in Linux is not scripts, but SELinux. You know, that thing the NSA designed?

Speaking of the NSA, I'm sure you know they publish security guidelines on how to secure OSes. So we could all give a fuck about the one you wrote, but keep sucking your own dick on that one. Would you be surprised to learn that none of the public-facing servers for the NSA, CIA, or FBI run Windows? Clearly they're all asking to get hacked. Again, who gives a fuck about some half-assed Certificate Authority? Verisign and Thawte both run linux, maybe you should let them know how fucked they are.

Qubes uses a hypervisor and the linux kernel. It could not be accomplished with Windows. You can do fuck-all with the NT kernel, in fact. Does it have bugs? Assuredly. Can you find out what they are? Nope!

Yes, crackers can see your source code. Why don't we have linux botnets again? The nice thing about hacking windows, their users have to wait for M$ to get off their ass to patch something. If the users are lucky it will only take months. Also, the black-hats have the Windows source code too. Microsoft will hand it out to practically anybody. [informationweek.com]

UAC virtualization is *not* chroot. It is also disabled for x64 processes. You don't even have a clue.

You have this idea that how much you post and how often are actually good measures of what your posts are worth. You're right, of course, but it's an inverse relationship. Testimonials are, of course, the least credible things you could post.

But I have to sympathize: it can't be easy living in a world that proves you wrong by its very existence. Linux beats Windows 2-1 in the server space, practically nothing else runs on supercomputers, and Windows phones aren't even a rounding error in Android sales -- to say nothing of the embedded space. Probably because you don't understand what "embedded" means. I hear that IIS has some great new features available to the 15% of sites that are actually using it though!

Nobody's buying what you're selling. Keep trying, maybe some day we'll all wake up and say, "APK was right all along!"

Does ANDROID use a Linux kernel? (0)

Anonymous Coward | about 2 years ago | (#41846731)

See my subject-line, & answer YES or NO... That's all, pretty simple, because (lmao) IT SURE ISN'T WINDOWS or MacOS X (or BSD etc.)... going to tell me it's OS/2 right?? Come on...

"Notice how it doesn't include anything about Group Policy?" - by Anonymous Coward on Thursday November 01, @04:32PM (#41846383)

Funny - you have to use GPEDIT.msc & SECPOL.msc to do what it entails, fully... you must not have read it AND note that its VERY OUTSET, it's noted to securing desktops (including LAN/WAN oriented ones if need be) for HOME PC Desktop end-users!

Please: LEARN TO READ!

---

"The role-based security in Linux is not scripts, but SELinux."?" - by Anonymous Coward on Thursday November 01, @04:32PM (#41846383)

Which is, AGAIN, copying what Windows had in DACL's (via SeLinux MAC, mandatory & inflexible, whereas DACL's ARE flexible)... not only that. but Linux keeps COPYING stuff from Windows!

E.G.:

---

1.) SMP, & thus, ENTERPRISE READY SERVERS for Linux couldn't happen until things very like:

      a.) Windows NT-based OS' had in completion ports in process scheduling
      b.) Re-entrant kernelmode code.

2.) True usermode threads (instead of a single 'round robin' to a single kernelmode thread as Linux had due to process fork type structuring in process mgt.)

3.) DFS (Distributed File System) was around way, Way, WAY before Linux had things like ZFS available/ported to it.

4.) Lastly but FAR FROM LEAST? What the NSA "bolted on" to Linux via SeLinux, in MAC (mandatory access control) which IS a copy of what Windows NT-based OS had LONG before Linux ever did, in ACL (access control lists) @ the filesystem, & registry levels...

---

"Why don't we have linux botnets again?."?" - by Anonymous Coward on Thursday November 01, @04:32PM (#41846383)

WRONG -> Linux webserver botnet pushes malware - Attack of the open source zombies

http://www.theregister.co.uk/2009/09/12/linux_zombies_push_malware/

I didn't post that, some other AC did, but it seems to be proving you wrong (I didn't read it though, admittedly so "go on now", try your "FUD SPIN" some more, lol...).

---

"UAC virtualization is *not* chroot. It is also disabled for x64 processes?."?" - by Anonymous Coward on Thursday November 01, @04:32PM (#41846383)

ARE YOU HIGH ON DRUGS?

I am using it RIGHT NOW ON MY 64-bit WEBBROWSERS!

---

"You don't even have a clue.?."?" - by Anonymous Coward on Thursday November 01, @04:32PM (#41846383)

After the above, & the rest of this exchange? I think everyone KNOWS who "doesn't have a clue" here... lol, & it's NOT me!

---

"it can't be easy living in a world that proves you wrong by its very existence. Linux beats Windows 2-1 in the server space" - by Anonymous Coward on Thursday November 01, @04:32PM (#41846383)

LMAO - Even GIVING AWAY Linux can't overtake Windows overall in marketshare defying common-sense & business logic, albeit, assuming Linux is as good as Windows is (clearly, that shows it still isn't OR I'd be on it like "white on rice" to be honest)... & you know it.

As you said?

The world itself proves that much...

Personally though, especially vs. you "Pro-*NIX" trolls & your YEARS of "Linux = invulnerable" b.s. on /. here?

I find it, immensely amusing...

Again - Since IF Linux was EVERY BIT AS GOOD AS WINDOWS, it should have blown it out a decade ago... & it hasn't!

(What's THAT fact tell everyone?)

By the way - It's also about a 50/50 split in lists I've seen, and on the desktop? Windows RULES over Linux by like, what?? 99:1 as the ratio for every 100?? & perhaps the FEDS like to use "security-by-obscurity" like you /. Pro-*NIX trolls did spreading your "FUD" here for years, albeit to NO AVAIL!

Look @ the marketshare overall on PC desktops + Servers combined... "Argue with the numbers"... lol!

Get real!

APK

P.S.=> Funniest part is, you'll HAVE to answer truthfully to that 1st question, & it alone will be your "undoing"... apk

Since ac troll won't answer? Wikipedia can... apk (0)

Anonymous Coward | about 2 years ago | (#41869633)

"Android is a Linux-based operating system" FROM -> http://en.wikipedia.org/wiki/Android_(operating_system)

* Too easy, as-per-my-usual, vs. "Pro-*NIX" trolls...

APK

P.S.=> The rest of my post annihilated him also, point-for-"so-called 'point'" that the little *NIX troll *tried* to vainly use, & failed on... lol!

... apk

Re:Now the "coup de grace"/icing on the cake (0)

Anonymous Coward | about 2 years ago | (#41846791)

Nobody's buying what you're selling. Keep trying, maybe some day we'll all wake up and say, "APK was right all along!"

If Linux is so great why is it in last place in marketshare on PC's and Servers combined versus Windows? Seems everyone is buying Windows despite Linux being free which says people will pay for Windows over a free operating system such as Linux even. That means Linux just is not as good in the eyes of users. Wake up troll.

GREAT QUESTION... apk (0)

Anonymous Coward | about 2 years ago | (#41847173)

Distills my thoughts exactly vs. the AC troll (who obviously isn't very "confident" in his responses considering I dust every "so-called 'point'" he makes with facts)... one of the "classics" so far, along with my showing 5/6 CA's hacked, was LINUX driven (hilarious) after that 1st trolls' post, but this one next quoted from him?? It's "up there" with it imo!:

"Why don't we have linux botnets again?" - by Anonymous Coward on Thursday November 01, @04:32PM (#41846383)

LOL, I am going to "unload" the ultimate 'burn' on him on that one (that I didn't get it in as well as I would have liked though, in that I only posted that Linux botnets DO indeed, exist, via the "register"'s article on them -> http://tech.slashdot.org/comments.pl?sid=3222433&cid=41838471 which another AC posted, not I ) &, hopefully, VERY shortly on that note, lol, once he replies.

Also - I have a "funny feeling" he's going to avoid YOUR question to NO END... lol, watch!

* Nicest part is, in order to HAVE a botnet in the 1st place on ANY OS platform?

Well - FIRST, YOU MUST HAVE USERS in order to justify even CREATING IT & fact: Linux has SO FEW USERS it is NOT FUNNY by comparison to Windows overall on PC Desktops + Servers combined!

APK

P.S.=> I actually enjoy "tearing up" this PESKY little AC troll, & funniest part of all is, he doesn't realize I like & use Linux (KUbuntu &/or MINT) @ times over the years, it's gotten better, but... like he said? The WORLD shows you what is #1, & it surely isn't Linux on personal computers!

... apk

Nobody will buy Linux, here is why (0)

Anonymous Coward | about 2 years ago | (#41869653)

http://linuxfonts.narod.ru/why.linux.is.not.ready.for.the.desktop.current.html

Chroot jail break anyone? apk (0)

Anonymous Coward | about 2 years ago | (#41869725)

Tell us about chroot jailbreaking. Oh, you won't? This can then -> http://www.bpfh.net/simes/computing/chroot-break.html

* It has been a SERIOUS PLEASURE, "tearing you up", point for "so-called 'point'" of yours each time...

APK

P.S.=> You're some wannabe computer guru, obviously, who isn't aware of that being possible...

... apk

For more info (1)

Citral (697965) | about 2 years ago | (#41836093)

The attacker's Pastebin posts can be found here: http://pastebin.com/u/ComodoHacker [pastebin.com] . The authenticity seems likely to me; in one post he links to a calculator.exe that you can download which is signed by a Diginotar certificate. When you inspect the file properties in Windows, it will indeed state that the file is certified.

And The Political Angle ? (0)

Anonymous Coward | about 2 years ago | (#41836621)

Why is "the hacker" talking politics ? If he is a single person, is he really an Iranian loyalist ? Or are we made to believe that ? Be careful...

Re:And The Political Angle ? (1)

Opportunist (166417) | about 2 years ago | (#41838143)

Just so I know: Why the heck should I care what he is?

8200 PSYOP (1)

Anonymous Coward | about 2 years ago | (#41836565)

First, very good hack - if the story is true. I would not be surprised to find out in ca 10 years that they had the inside help.

BUT, somebody is trying hard to attribute this to Irangov. They are the bad, evildoers and certainly - war must be brought to their land. This smells like a masterpiece in a huge PSYOP orchestration to inflame public opinion in the West.

Google for "8200" and check who builds the CP firewalls.

Re:8200 PSYOP (1)

mvdwege (243851) | about 2 years ago | (#41844665)

Since the attackers came in through an open port, the firewalls are irrelevant. Now, will someone please moderate this antisemitic bullshit down to -infinity?

old news? (0)

Anonymous Coward | about 2 years ago | (#41840235)

sorry but this company was hacked a year ago, and since then it's bankrupt and Dutch Gov is not using their CAs any more ...

Intruder personal IP erroneously used (0)

Anonymous Coward | about 2 years ago | (#41845773)

Im reading through the pdf report, and it notes "the intruder erroneously connected to the stepping stone without using the proxy..., " so it looks like they might be able to bring charges at some point, EXCEPT... the ip resolves to a DSL user in Iran.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?