Attackers Target New Zero-day Vulnerability in Word

Discussion in 'Computer Support' started by Au79, Feb 17, 2007.

  1. Au79

    Au79 Guest

    Au79, Feb 17, 2007
    #1
    1. Advertisements

  2. Au79

    Fuzzy Logic Guest

    If you are opening unsolicited attachments you deserve whatever you get.
     
    Fuzzy Logic, Feb 20, 2007
    #2
    1. Advertisements

  3. Au79

    Au79 Guest

    People are not perfect, so systems need to be designed from the ground up
    with this in mind and provide all the built-in security that is required
    for safe computing- something that Linux does brilliantly and effectively.

    Microsoft, on the other hand, must have the world's most incompetent
    programmers ever.
     
    Au79, Feb 21, 2007
    #3
  4. Au79

    Fuzzy Logic Guest

    So you are saying that you can open any email attachment in *nix and you have nothing to fear? If you believe
    that you are even dumber then I thought.

    No amount of 'security' can prevent people from doing dumb things and in addition too much security can
    CAUSE people to do dumb things because they believe the system will protect them. Do a search on "Offset
    Hypothesis" for more info.
    Based on what?
     
    Fuzzy Logic, Feb 21, 2007
    #4
  5. Au79

    Au79 Guest

    Exactly. I've open thousands of emails and have yet to catch any maladies. I
    don't have spyware or anti-virus programs installed because my Linux
    computer does not need them.
    I believe that because it is a fact.
    Here's the dumb thing:

    "We find that safety-conscious drivers are more likely than other drivers to
    acquire airbags and antilock brakes [Well, duh!] but these safety devices
    do not have a significant effect on collisions or injuries [except that
    they only increase your chance of survival in the event of a collision],
    suggesting drivers trade off enhanced safety for speedier trips.â€

    What nonsense.
    Based on the fact that they cannot code a reliable, safe and cool operating
    system. Windos, from 3.1 to Vista OS X, has historically been the most
    bug-ridden and vulnerable system ever.

    Vista shows that even copying Apple cannot advert producing a pathetically
    compromiseable system.

    Conclusion: Unix based operating systems, such as Linux and Mac OS X, will
    continue to be the safest, most reliable (and coolest) systems for
    industry, academia, and the consumer.
     
    Au79, Feb 22, 2007
    #5
  6. Au79

    Fuzzy Logic Guest

    Supply your email address and I will gladly send you a nice 'friendly' attachment that I am sure you should
    be able to open without any problems.
    It's not nonsense. Here in North America SUV's are involved in a higher proportion of winter accidents
    becuase the drives believe their vehicle is safer in these types of conditions (it's not).
    I see you want a COOL OS. This of course is entirely subjective.
    Even I will concede Vista is a pig.
    You apparently missed the Month of Apple Bugs campaign. I am awaiting the same for *nix
     
    Fuzzy Logic, Feb 22, 2007
    #6
  7. Au79

    Au79 Guest

    Since I am not immune to spam, I will not expose my email; however, you can
    just say plainly and publicly state what the attachment is all about and if
    it is a potential threat to my system (which of course it will not be).

    Obviously, SUV's have a higher center of gravity that undermines whatever
    safety features they are built with. For a period of time, there seemed to
    be a Ford fatality just about every week.

    But your logic does not translate well for other vehicles such as sedans,
    minivans, etc. Automobile Technology has reduced the number of fatalities
    attributed to design issues, to be sure, however I would be hard pressed to
    believe that this same technology may be the indirect (influential) cause
    of the accidents.

    So, even if this dumb theory could be taken at face value, there is
    absolutely no correlation to our discussion on operating systems. Linux
    provides a safer and sane computer environment for the consumer, which
    means that users migrating away from windos will not "suffer" the atrocious
    maladies they are accustomed; and certainly it is absurd to infer that a
    safer computing environment means a greater risk.
    Microsoft WANTS a cool OS. That's why they spent millions aping OS X, of
    course, over a fragile and vulnerable platform.

    You go right ahead and get a nice cup of coffee and wait.

    And wait...

    .... and wait.


    ....and...
     
    Au79, Feb 22, 2007
    #7
  8. Even *if* it did any damage, it's more than likely it will *only* affect
    your user. The rest of the system will carry on regardless, as it wouldn't
    have any permissions to change anything. If the attachment required you to
    'sudo' it before it opened, then you just delete it.

    <snip BS>

    AFAIC he's just taking out of his arse, it's been explained to him
    before, but he just prefers not to know (so I binned him, I know when you
    can't educate a brick). 90% of the internet runs on linux, with no spyware
    or anti-virus problems. I've run linux distros for 10 years, & never
    bothered about spyware or anti-virus because i don't need to. However I do
    run a rootkit checker regularly.
     
    William Poaster, Feb 22, 2007
    #8
  9. Au79

    Fuzzy Logic Guest

    It doesn't work that way. Feel free to send me you real address to and while reply in
    kind with a nice attachment. Otherwise you will simply deny that what I sent had any effect.
    Here is another article:

    http://news.uns.purdue.edu/html4ever/2006/060927ManneringOffset.html

    This is not my logic. It's been shown in many cases that improved safety measure (aka security) are often
    thwarted by the user feeling more confident and therefore being less cautious.
    The correlation is that if a user has a 'safer' OS or browser they believe they don't have to do the things
    that less 'safe' OS's or browsers might require such as applying patches or practicing safe surfing.
    How do you know what Microsoft wants?
    So it's only going to take me the time to finish my coffee before a new *nix bug is found? That's even
    quicker than I imagined. You have to admit there are bugs in *nix or you really are beyond hope.

    Here is some fun reading for you:

    http://groups.google.ca/group/comp.os.linux.advocacy/browse_thread/thread/36f95df0e727a930/112639a4
    9b61c770?lnk=st&q=vista+is+bad+but+linux+is+horrendous&rnum=1#112639a49b61c770

    Also you may pick up a few pointers from the Linux Advocacy FAQ:

    http://forums.fedoraforum.org/showthread.php?t=9838

    Especially sections 7 and 8
     
    Fuzzy Logic, Feb 22, 2007
    #9
  10. Au79

    Au79 Guest

    Yes, it does work that way. Your obscurity about some anti-Linux WMD that
    you are able to propragate via attachments gives you away as a charlattan
    since this has only been known to work for windos. If you had any knowledge
    at all about the reality of such thing, you would have obliged and
    disclosed your attachment.
    Which does not mean that the safest technology is conducive to greater
    number of fatalities or accidents.
    Here's a fact: When Linux distros are called to provide a patch, for
    whatever reason, they respond swiftly. When a patch is deployed, it is the
    final one, unlike MS which has such latent response time on top of having
    to patch and re-patch their legion of patches, which will invariably break
    something else in the system.

    Alas, even with both camps dispensing patches, Linux remains the safest
    choice for consumers since MS cannot seem to attain a decent level of
    design integrity.

    But I like your stance that MS garbage of OS forces users to be paranoid and
    resigned to live in an endless cycle of unremedied vulnerabilities and
    'safety' measures.
    They have spent millions cloning Mac OS X and using "WoW" as the selling
    point.
    And you do seem to imagine a lot, to the point of hallucination.
    Bugs and all, Unix and its variants remain the safest and most reliable
    platform for consumers. Bar-none.
    9b61c770?lnk=st&q=vista+is+bad+but+linux+is+horrendous&rnum=1#112639a49b61c770

    All opinionated bullshit from some wintard that has circulated COLA for
    ages.
    More pointless nonsense. Are insults your last recourse?

    Honestly, if Linux wasn't the threat that MS believes it to be, none of this
    anti-Linux crap would be floating around. Instead, it would be largely
    ignored... ala OS/2.
    It does not change the realities that will go down in computing history:
    Microsoft really does have incompetent teams that churn out garbage and
    feed it to the consumer; Windos really is the worst most insecure and
    unreliable OS ever made that does not stack against OSX and Linux; MS
    really is one evil business entity that has no ethical backbone.
     
    Au79, Feb 23, 2007
    #10
  11. Au79

    Fuzzy Logic Guest

    [edited for brevity]
    It's hardly a WMD. A simple script will suffice. In any case your lack of confidence has been noted.
    It is a hypothesis but has been shown in many cases to hold true. Of course it may not apply under all
    circumstances.
    There is no such thing as a final patch. Often additional problems are found later in the same component.
    Yes *nix patches generally arrive sooner than MS patches but workarounds are generally available
    immediatly.
    How exactly did you come to that conclusion? Again it only takes on hole to sink a ship. Ultimately it's up to
    the user to maintain their system regardless of the OS. If the user fails to install a patch they will be sunk in
    no time.
    What insults? The Linux advocacy people wrote it. You could learn from them. I am not against Linux. I am
    against people such as yourself who believe it to be a panacea and anything else is simply rubbish
    (especially if it's from Microsoft).
    I'll wait for the book...I'm sure it will be a good read!

    I believe that ultimately some form of *nix will be quite common (no thanks to people like you...the equivalent
    of a car salesman for *nix).
     
    Fuzzy Logic, Feb 23, 2007
    #11
  12. Au79

    Au79 Guest

    I will not be spammed just because some morron thinks he can disable a linux
    machine with a simple script; This really displays your sheer ignorance on
    how Unix OS's work in general.
    Shown by whom? And in what cases? I don't see how you intend to support such
    bullshit with verifiable facts.
    Post proof.
    And that's the world of windos: Inevitable and continuous cycles of patching
    and 'working around'.
    By the fact that windos remains to this day the least secure and least
    reliable of all available operating systems.
    Again, it takes a hole the size of a dime to sink windos.
    That's an obvious observation applicable to any environment, but a system
    that requires a great number of patches at an equal great frequency cannot
    be trusted.
    That's a lie and you well know it (or maybe not), you have no knowledge of
    the author and his intentions (which you seem to have inferred from reading
    the content). It was written by some aggravating Linux foe who just posted
    it to COLA.
    What, exactly, do you think anyone could learn from "them", when you are to
    obtuse to differentiate between an authentic post and a farce?
    Given the long history of MS incompetence and the shoddy products people
    have had to suffer from, Linux really is a panacea.
    Actually, there's plenty of literature out there already that will help you
    get a better grip on reality.
    Good. You've finally seen the light.
     
    Au79, Feb 24, 2007
    #12
  13. Au79

    Fuzzy Logic Guest

    Use a disposable address. They are easy to get. FWIW I have a fair bit of *nix experience.
    There is one reference listed above to Purdue University. A simple Google search for "Offset Hypothesis"
    will find you many more.
    Here are two patches for the SuSE Kernel released within 3 months of each other:

    http://www.linuxsecurity.com/content/view/127226/170/
    http://www.linuxsecurity.com/content/view/126321/170/

    There are numerous others involving the same components.
    This is a fact of life for ALL modern software.
    As you would say "Post proof"

    Here is a recent article quoting a security expert from eEye on Microsoft and Vista security:

    But Mr Maiffret does not blame the software giant for the mismatch between the market's expectations
    about Vista's security and the less palatable reality. "There's no other software company that does more to
    secure their code than Microsoft," Mr Maiffret says. "It's weird to me that a lot of people think there should
    be this thing that we reach at some point where the operating system is impenetrable... I don't think that is
    ever going to happen."

    Source http://www.smh.com.au/news/security/vista-still-vulnerable/2007/02/26/1172338546822.html

    No OS is totally secure and it's level of security changes from patch to patch. If your OS is not getting
    patched it's likely very insecure.
    It's irrelevant what the 'size' is. A critical hole is just that. This is why ultimately how well you maintain your
    system as well as your computer practices that will ultimately determine your security.

    A well patched OS trumps a poorly patched one when it comes to security (regardless of the OS). If you
    are not maintaining your OS you ARE vulnerable regardless of the OS.
    Ahh...insults...the last resort for someone who cannot come up with a intelligent argument.
     
    Fuzzy Logic, Feb 27, 2007
    #13
  14. Au79

    Au79 Guest

    I don't know how you can attempt to define "fair bit" when you argue,
    contrary to overwhelming evidence, that windos is as secure or more secure
    than Unix.

    I would certainly believe that anyone with a passing knowledge of both
    architectures could plainly see the obvious differences that put Unix above
    windos for security and reliability.
    A simple Google search for "Offset Hypothesis" simply regurgitated what you
    have been proposing all along. However, this nonsense simply does not
    translate into any applicable form for computing platforms.

    You argue that a rock-solid and secure system, such as Linux, will
    inevitably lead to users being more careless about maintaining their
    systems, while the frailty of windos will force users to always stay on
    their toes- or else pay the consequences.

    This sheer silliness.
    Two patches in three months... mhhh... I wonder how it compares with
    microsoft's patching cycles.
    There is no comparison if you are trying to present Linux as being equal to
    windos when it comes to vulnerabilities, patching, and the quality of the
    fix.

    MS has spent millions trying to stave off vulnerabilities and exposures in
    their systems. Their patching program, by sheer volume and re-patching
    frequencies, underlines the shoddiness of their OS.
    But not ALL modern software is equal. Linux is an engineering success by the
    academics and programmers that form the OSS community; in contrast, windos
    is a proprietary monstrosity that fails to meet the criteria of good
    design, proven by the endless vulnerabilities that keep cropping up.
    Read my posts. I have posted numerous articles showcasing the frailty of a
    system touted to be the "safest" yet.
    The reality, of course, that there are no legions of viruses, trojans, and
    spyware for Linux or Mac OSX.
    He's right, there is not other company that does more to TRY to secure their
    poor, hopless product.
    For Windos anyways. Today, right now (even with your so-called script
    running around all over the internet assaulting poor unsuspecting Linux) I
    feel much safer and tranquil in my computing environment just because I'm
    using Linux.
    Speaking in relative terms, compared to windos, Linux really is totally
    secure. Of course there will be threats for all systems, but the level of
    vulnerability of the windos platform is just too laughable.

    For as long there are no real threats for Linux, to the point of causing
    irreparable damage to the system, it will always be "totally" secure when
    compared to the risks associated with windos.
    You are right only to a certian extent: A virus or some other parasite can
    bring your entire computer to a halt. This really happens to people. Even a
    little VB script can ruin anyone's day, and there are thousands of such
    holes in windos.
    Not true. A marginally patched Linux box will trump a fully patched windos
    box.
    Windos requires unreasonable maintenance, as I said before, it forces the
    user into an unholy loop of third-party solutions and absurd patching
    cycles.
    "I'll wait for the book...I'm sure it will be a good read!" was not an
    intelligent argument, therefore, by your own logic you deserve to be
    insulted.
     
    Au79, Mar 1, 2007
    #14
  15. Au79

    Fuzzy Logic Guest

    A systems security is a moving target as new vulnerbalities are found and fixed. What can be totally secure
    one day quickly becomes at risk when a new vulnerability is found. This is true regardless of the OS.

    My real world experience is that I have never had a Windows box compromised. I will certainly agree that
    older incarnations of Windows were less than reliable but have come a long way.
    You put words in my mouth. I simply said that it has been shown on more than one occaision that
    improvements in safety don't necessarily result in real world benefits as users tend to be less careful
    believing that these improvements will protect them.
    15 SuSe security patches in January vs 12 for Microsoft:

    http://www.linuxsecurity.com/content/blogcategory/100/112
    It's only good business. Windows currently has the largest market share and if I wish to get my 'product' out
    and make the most profit it only makes sense to go after that market. In case you haven't heard
    spyware/malware is all about making money.

    The Month of Apple Bugs projects showed that OSX is not a secure as Apple would like us to believe.
    Good for you. You are of course delusional because as Mr Maiffret says and pretty much any secure
    expert would agree no system is entirely secure.
    As I said above nothing is '"totally" secure. It's also very difficult to compare the OS's. There are multiple
    versions of Windows and we won't even get into the numerous *nix distros. As I have said before it only
    takes one unpatched critical flaw regardless of OS to make it totally insecure.
    If this was truly the case no one would be using Windows as it would be unusable. The reality is that a
    properly maintained Windows system is safe and reliable.
    ROTFL

    A critical flaw left unpatched is going to get you into trouble in short order regardless of the OS.
    That's a subjective view and I would disagree. Patching is a fact of life in our current, hostile, environment.
    If you wish to remain safe on the Internet you need to stay on top of the latest vulnerabilities and address
    them.
     
    Fuzzy Logic, Mar 1, 2007
    #15
  16. Au79

    Annette Guest

    *********************
    My experience showed me that no matter what protection software is
    protecting your machine, anything can happen, and this is not due to lack of
    diligence by many users:
    My former Gateway computer crashed, died and couldn't be revived,
    because of a file that bypassed the Norton Antivirus software, installed by
    Earthlink. I went straight to the top, and bitched about the problem
    because it wasn't an error due to my opening an e-mail....I had a spam
    blocker set to the highest. I was vigilant to the point of obsession, not
    allowing any spam into my inbox.
    Well, if you'll pardon this venting, I noticed a "spoof @paypal.com"
    entry which never could have gotten into the inbox, having deleted all of
    those bogus domain spam mail, on a weekly basis. I never touched the
    email....just deleted it...and Boom! the Norton window appears and tells me
    verbatim, " this *file* got in through the back door!"....There was nothing
    I could do, and I went nuts. The company VIP gave me a year's internet
    service for the trouble this caused, and I have been leery of any e-mail
    that I receive since. I got a Dell and am using McAfee Security suite,
    which seems pretty good. Only problem is that I use the computer for hours
    a day and have been learning much on my own.
    If any gurus know the technology re: routers, and uTorrent type
    applications, I'd appreciate some feedback. Hoping to catch "a short bit
    with HST before he blew his brains out", I had to first download the Torrent
    file. download a PFConfig.exe to setup a router download. Then given the
    option to choose a free version of Network Magic's setup download, had to
    configure the port, etc. All I want to know is if I will have trouble with
    my internet and firewall settings, having had to grant access to the film
    application, and go through all these steps since 2:00am? Will I be able to
    remove these files if necessary, without changing anything in my connections
    folder? It appears my mistake, because from what I gather, this is
    primarily a network system......and the only computer in the house is the
    one I'm typing on....Any comments?
    Annette
    **********************
     
    Annette, Mar 2, 2007
    #16
  17. Au79

    Au79 Guest

    You can install Linux in your computer or get a Mac. Either way, you will
    never escape the windos scourge unless you change platforms.
     
    Au79, Mar 3, 2007
    #17
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.