Loading ...
Sorry, an error occurred while loading the content.

Re: [midatlanticretro] Fwd:

Expand Messages
  • David Riley
    ... Bear in mind the aforementioned possibility that someone may have just hacked your webmail, if you use webmail. Otherwise, yes, it happens on Linux just
    Message 1 of 17 , May 15, 2013
    • 0 Attachment
      On May 15, 2013, at 11:30 AM, "Evan Koblentz" <evan@...> wrote:

      > Damnit ... this stuff shouldn't happen on Linux.

      Bear in mind the aforementioned possibility that someone may have just hacked your webmail, if you use webmail. Otherwise, yes, it happens on Linux just like it happens on the Mac; as both platforms increase their marketshare relative to Windows, they start to become more attractive targets to misanthropes. It's still a far less frequent occurrence, but it's a non-zero probability now.


      - Dave
    • Dave McGuire
      ... I ve never really bought into that argument. It s more a matter of configuration management and crazy features being added to mail clients. My network
      Message 2 of 17 , May 15, 2013
      • 0 Attachment
        On 05/15/2013 11:43 AM, David Riley wrote:
        >> Damnit ... this stuff shouldn't happen on Linux.
        >
        > Bear in mind the aforementioned possibility that someone may have
        > just hacked your webmail, if you use webmail. Otherwise, yes, it
        > happens on Linux just like it happens on the Mac; as both platforms
        > increase their marketshare relative to Windows, they start to become
        > more attractive targets to misanthropes. It's still a far less
        > frequent occurrence, but it's a non-zero probability now.

        I've never really bought into that argument. It's more a
        matter of configuration management and crazy features being added to
        mail clients. My network sees *daily* attacks on its outward-facing
        machines...that has been the case as long as I can remember. No issues
        here.

        I wonder what actually did happen to Evan's setup.

        -Dave

        --
        Dave McGuire, AK4HZ
        New Kensington, PA
      • Cory Smelosky
        ... I should check logfiles more often just to see what attackers try.,, ... I wonder too... In my case, attackers grabbed access to one of my gmail accounts
        Message 3 of 17 , May 15, 2013
        • 0 Attachment
          On Wed, 15 May 2013, Dave McGuire wrote:

          >
          > On 05/15/2013 11:43 AM, David Riley wrote:
          >>> Damnit ... this stuff shouldn't happen on Linux.
          >>
          >> Bear in mind the aforementioned possibility that someone may have
          >> just hacked your webmail, if you use webmail. Otherwise, yes, it
          >> happens on Linux just like it happens on the Mac; as both platforms
          >> increase their marketshare relative to Windows, they start to become
          >> more attractive targets to misanthropes. It's still a far less
          >> frequent occurrence, but it's a non-zero probability now.
          >
          > I've never really bought into that argument. It's more a
          > matter of configuration management and crazy features being added to
          > mail clients. My network sees *daily* attacks on its outward-facing
          > machines...that has been the case as long as I can remember. No issues
          > here.
          >

          I should check logfiles more often just to see what attackers try.,,

          > I wonder what actually did happen to Evan's setup.

          I wonder too...

          In my case, attackers grabbed access to one of my gmail accounts from a
          year or two ago. It took them over a year to start spoofing my email and
          spamming people in my address book.

          >
          > -Dave
          >
          > --
          > Dave McGuire, AK4HZ
          > New Kensington, PA
          >
          >
          > ------------------------------------
          >
          > Yahoo! Groups Links
          >
          >
          >
          >

          --
          Cory Smelosky
          http://gewt.net/ Personal stuff
          http://gimme-sympathy.org Experiments
        • David Riley
          ... I was talking more about vulnerabilities in client machines, especially in terms of vulnerable Flash, Java, etc. which are increasingly popular targets for
          Message 4 of 17 , May 15, 2013
          • 0 Attachment
            On May 15, 2013, at 12:42, Dave McGuire <Mcguire@...> wrote:

             

            On 05/15/2013 11:43 AM, David Riley wrote:
            >> Damnit ... this stuff shouldn't happen on Linux.
            >
            > Bear in mind the aforementioned possibility that someone may have
            > just hacked your webmail, if you use webmail. Otherwise, yes, it
            > happens on Linux just like it happens on the Mac; as both platforms
            > increase their marketshare relative to Windows, they start to become
            > more attractive targets to misanthropes. It's still a far less
            > frequent occurrence, but it's a non-zero probability now.

            I've never really bought into that argument. It's more a
            matter of configuration management and crazy features being added to
            mail clients. My network sees *daily* attacks on its outward-facing
            machines...that has been the case as long as I can remember. No issues
            here.

            I was talking more about vulnerabilities in client machines, especially in terms of vulnerable Flash, Java, etc. which are increasingly popular targets for t3h h4x0rz.

            I wonder what actually did happen to Evan's setup.

            I've put my two cents in. Web mail hijacking, especially if he uses Gmail as a frontend, seems like a good possibility, but only if he uses web mail as a frontend for his personal mail (which I don't know and am not going to pry).


            - Dave
          • Evan Koblentz
            ... I very rarely do webmal. Usually POP3 via Thunderbird-on-Ubuntu and via my BlackBerry. Only webmail I do is once in a while via my (ahem) Degnanco account.
            Message 5 of 17 , May 15, 2013
            • 0 Attachment
              >> Bear in mind the aforementioned possibility that someone may have just hacked your webmail,

              I very rarely do webmal. Usually POP3 via Thunderbird-on-Ubuntu and via my BlackBerry. Only webmail I do is once in a while via my (ahem) Degnanco account.
            • Dave McGuire
              ... So did someone grab your password? What actually happened, any idea? The chances of that being a virus are pretty close to zero. -Dave -- Dave McGuire,
              Message 6 of 17 , May 15, 2013
              • 0 Attachment
                On 05/15/2013 02:36 PM, Evan Koblentz wrote:
                >>> Bear in mind the aforementioned possibility that someone may have just
                >>> hacked your webmail,
                >
                > I very rarely do webmal. Usually POP3 via Thunderbird-on-Ubuntu and via my
                > BlackBerry. Only webmail I do is once in a while via my (ahem) Degnanco
                > account.

                So did someone grab your password? What actually happened, any idea? The
                chances of that being a virus are pretty close to zero.

                -Dave

                --
                Dave McGuire, AK4HZ
                New Kensington, PA
              • Dave McGuire
                ... I agree, especially Flash. Java, not so much...but then who runs applets anymore anyway. For non-applet-based apps, there really aren t any vectors for
                Message 7 of 17 , May 15, 2013
                • 0 Attachment
                  On 05/15/2013 01:18 PM, David Riley wrote:
                  >> >> Damnit ... this stuff shouldn't happen on Linux.
                  >> >
                  >> > Bear in mind the aforementioned possibility that someone may have
                  >> > just hacked your webmail, if you use webmail. Otherwise, yes, it
                  >> > happens on Linux just like it happens on the Mac; as both platforms
                  >> > increase their marketshare relative to Windows, they start to become
                  >> > more attractive targets to misanthropes. It's still a far less
                  >> > frequent occurrence, but it's a non-zero probability now.
                  >>
                  >> I've never really bought into that argument. It's more a
                  >> matter of configuration management and crazy features being added to
                  >> mail clients. My network sees *daily* attacks on its outward-facing
                  >> machines...that has been the case as long as I can remember. No issues
                  >> here.
                  >>
                  > I was talking more about vulnerabilities in client machines, especially in
                  > terms of vulnerable Flash, Java, etc. which are increasingly popular targets
                  > for t3h h4x0rz.

                  I agree, especially Flash. Java, not so much...but then who runs applets
                  anymore anyway. For non-applet-based apps, there really aren't any vectors
                  for incursion.

                  >> I wonder what actually did happen to Evan's setup.
                  >>
                  > I've put my two cents in. Web mail hijacking, especially if he uses Gmail as
                  > a frontend, seems like a good possibility, but only if he uses web mail as a
                  > frontend for his personal mail (which I don't know and am not going to pry).

                  Yes, I agree here as well.

                  -Dave

                  --
                  Dave McGuire, AK4HZ
                  New Kensington, PA
                • Wesley Furr
                  I would have to disagree...every foggy morning lately there have been serious Java flaws revealed...and patches that don t seem to address them all. That,
                  Message 8 of 17 , May 15, 2013
                  • 0 Attachment
                    I would have to disagree...every foggy morning lately there have been
                    serious Java flaws revealed...and patches that don't seem to address them
                    all. That, coupled with an update process that is far from easy or
                    automatic for the average user, and you've got a serious security hole.
                    It's bad enough that at work we have stopped automatically installing it on
                    new PC's. Sure, most people may not use applets, but that doesn't mean they
                    don't have an old version installed in their browser that is riddled with
                    security holes, waiting on them to visit the wrong web site...

                    Wesley


                    -----Original Message-----

                    I agree, especially Flash. Java, not so much...but then who runs applets
                    anymore anyway. For non-applet-based apps, there really aren't any vectors
                    for incursion.
                  • Dave McGuire
                    ... Actual external-access security holes IN THE JVM...the JVM which, by the way, doesn t do any network communication unless the program it s running opens a
                    Message 9 of 17 , May 15, 2013
                    • 0 Attachment
                      On 05/15/2013 06:59 PM, Wesley Furr wrote:
                      > I would have to disagree...every foggy morning lately there have been
                      > serious Java flaws revealed...and patches that don't seem to address them
                      > all.

                      Actual external-access security holes IN THE JVM...the JVM which, by
                      the way, doesn't do any network communication unless the program it's
                      running opens a socket...seriously?

                      > That, coupled with an update process that is far from easy or
                      > automatic for the average user, and you've got a serious security hole.

                      It amounts to clicking two buttons on any release of Linux less than
                      maybe five years old. It even tells you when updates are needed. I
                      honestly hope I never meet the dolt for whom this is "far from easy".

                      > It's bad enough that at work we have stopped automatically installing it on
                      > new PC's. Sure, most people may not use applets, but that doesn't mean they
                      > don't have an old version installed in their browser that is riddled with
                      > security holes, waiting on them to visit the wrong web site...

                      Well I have to agree with you there. But people who manage a
                      network-connected system that poorly will get what they've got coming.
                      ;) I don't think Evan falls into that category.

                      -Dave

                      --
                      Dave McGuire, AK4HZ
                      New Kensington, PA
                    • Cory Smelosky
                      ... I GENERALLY don t fit in to that category. I DO use dictionary words or a known-compromised password for systems that are local where compromise is
                      Message 10 of 17 , May 15, 2013
                      • 0 Attachment
                        On Wed, 15 May 2013, Dave McGuire wrote:

                        >
                        > On 05/15/2013 06:59 PM, Wesley Furr wrote:
                        >> I would have to disagree...every foggy morning lately there have been
                        >> serious Java flaws revealed...and patches that don't seem to address them
                        >> all.
                        >
                        > Actual external-access security holes IN THE JVM...the JVM which, by
                        > the way, doesn't do any network communication unless the program it's
                        > running opens a socket...seriously?
                        >
                        >> That, coupled with an update process that is far from easy or
                        >> automatic for the average user, and you've got a serious security hole.
                        >
                        > It amounts to clicking two buttons on any release of Linux less than
                        > maybe five years old. It even tells you when updates are needed. I
                        > honestly hope I never meet the dolt for whom this is "far from easy".
                        >
                        >> It's bad enough that at work we have stopped automatically installing it on
                        >> new PC's. Sure, most people may not use applets, but that doesn't mean they
                        >> don't have an old version installed in their browser that is riddled with
                        >> security holes, waiting on them to visit the wrong web site...
                        >
                        > Well I have to agree with you there. But people who manage a
                        > network-connected system that poorly will get what they've got coming.
                        > ;) I don't think Evan falls into that category.
                        >

                        I GENERALLY don't fit in to that category.

                        I DO use dictionary words or a known-compromised password for systems that
                        are local where compromise is unlikely, or I really don't care if people
                        get in to them/I want them in to it.

                        > -Dave
                        >
                        > --
                        > Dave McGuire, AK4HZ
                        > New Kensington, PA
                        >
                        >
                        > ------------------------------------
                        >
                        > Yahoo! Groups Links
                        >
                        >
                        >
                        >

                        --
                        Cory Smelosky
                        http://gewt.net/ Personal stuff
                        http://gimme-sympathy.org Experiments
                      • B. Degnan
                        Guys please take this thread offline, thnaks. ... them ... hole. ... it on ... mean they ... with ... that
                        Message 11 of 17 , May 15, 2013
                        • 0 Attachment
                          Guys please take this thread offline, thnaks.

                          -------- Original Message --------
                          > From: "Cory Smelosky" <b4@...>
                          > Sent: Wednesday, May 15, 2013 8:07 PM
                          > To: "Dave McGuire" <Mcguire@...>
                          > Subject: Re: [midatlanticretro] Fwd:
                          >
                          > On Wed, 15 May 2013, Dave McGuire wrote:
                          >
                          > >
                          > > On 05/15/2013 06:59 PM, Wesley Furr wrote:
                          > >> I would have to disagree...every foggy morning lately there have been
                          > >> serious Java flaws revealed...and patches that don't seem to address
                          them
                          > >> all.
                          > >
                          > > Actual external-access security holes IN THE JVM...the JVM which, by
                          > > the way, doesn't do any network communication unless the program it's
                          > > running opens a socket...seriously?
                          > >
                          > >> That, coupled with an update process that is far from easy or
                          > >> automatic for the average user, and you've got a serious security
                          hole.
                          > >
                          > > It amounts to clicking two buttons on any release of Linux less than
                          > > maybe five years old. It even tells you when updates are needed. I
                          > > honestly hope I never meet the dolt for whom this is "far from easy".
                          > >
                          > >> It's bad enough that at work we have stopped automatically installing
                          it on
                          > >> new PC's. Sure, most people may not use applets, but that doesn't
                          mean they
                          > >> don't have an old version installed in their browser that is riddled
                          with
                          > >> security holes, waiting on them to visit the wrong web site...
                          > >
                          > > Well I have to agree with you there. But people who manage a
                          > > network-connected system that poorly will get what they've got coming.
                          > > ;) I don't think Evan falls into that category.
                          > >
                          >
                          > I GENERALLY don't fit in to that category.
                          >
                          > I DO use dictionary words or a known-compromised password for systems
                          that
                          > are local where compromise is unlikely, or I really don't care if people

                          > get in to them/I want them in to it.
                          >
                          > > -Dave
                          > >
                          > > --
                          > > Dave McGuire, AK4HZ
                          > > New Kensington, PA
                          > >
                          > >
                          > > ------------------------------------
                          > >
                          > > Yahoo! Groups Links
                          > >
                          > >
                          > >
                          > >
                          >
                          > --
                          > Cory Smelosky
                          > http://gewt.net/ Personal stuff
                          > http://gimme-sympathy.org Experiments
                          >
                          >
                          > ------------------------------------
                          >
                          > Yahoo! Groups Links
                          >
                          >
                          >
                        • Brian Schenkenberger, VAXman-
                          ... DITTO! -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG Well I speak to machines with the voice of humanity.
                          Message 12 of 17 , May 15, 2013
                          • 0 Attachment
                            "B. Degnan" <billdeg@...> writes:

                            >Guys please take this thread offline, thnaks.

                            DITTO!

                            --
                            VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG

                            Well I speak to machines with the voice of humanity.
                          • Wesley Furr
                            In doing reading about some of the malware that is out there that I ve run across (we re talking Windows systems here), it has been noted that several of the
                            Message 13 of 17 , May 15, 2013
                            • 0 Attachment
                              In doing reading about some of the malware that is out there that I've run
                              across (we're talking Windows systems here), it has been noted that several
                              of the serious ones often use Java as an attack vector. I'm honestly not a
                              Java expert...but presumably it summons the java browser plugin and then
                              takes advantage of it that way...and all that takes is to get them to visit
                              a malware-ridden web page.

                              Again, I'm talking about Windows. To update in Windows, you have to
                              actually click the pop-up in the system tray that says "please update
                              me"...and most average users don't pay any attention to things like that.
                              Then after you click on it, you have to say yes, please install the update.
                              Then it disappears for a short time. Then it pops up in the system tray and
                              says "hey, now I'm ready to install that update you just let me download".
                              Then when you click on it (again, if the user does so) it comes up and goes
                              through a typical full install looking process...you know the ones, ok, yes,
                              sure ok, yep, next, yep, ok, whatever...finish. Perhaps easy...but still
                              cumbersome...and far from automatic...which is what it takes for probably
                              90% of the average users out there to actually do an update. Not talking
                              about the knowledgeable folks such as frequent this forum...think about your
                              mother or grandmother for a minute...are they likely to notice and act on
                              that process?

                              Wesley


                              -----Original Message-----

                              Actual external-access security holes IN THE JVM...the JVM which, by the
                              way, doesn't do any network communication unless the program it's running
                              opens a socket...seriously?

                              It amounts to clicking two buttons on any release of Linux less than
                              maybe five years old. It even tells you when updates are needed. I
                              honestly hope I never meet the dolt for whom this is "far from easy".
                            • Dave
                              ... You don t. There are three settings:- 1. As you describe 2. Download then prompt. This is what I have on mine. 3. Download and install. Modern windows
                              Message 14 of 17 , May 16, 2013
                              • 0 Attachment
                                On 16/05/2013 02:25, Wesley Furr wrote:
                                > In doing reading about some of the malware that is out there that I've run
                                > across (we're talking Windows systems here), it has been noted that several
                                > of the serious ones often use Java as an attack vector. I'm honestly not a
                                > Java expert...but presumably it summons the java browser plugin and then
                                > takes advantage of it that way...and all that takes is to get them to visit
                                > a malware-ridden web page.
                                >
                                > Again, I'm talking about Windows. To update in Windows, you have to
                                > actually click the pop-up in the system tray that says "please update
                                > me"...and most average users don't pay any attention to things like that.
                                > Then after you click on it, you have to say yes, please install the update.
                                You don't. There are three settings:-

                                1. As you describe
                                2. Download then prompt. This is what I have on mine.
                                3. Download and install. Modern windows systems set this by default. For
                                most "users" this is sensible. Recent versions set this as a default

                                However Java has its own updater which has similar options. These days I
                                run with Java disabled in the browser. It doesn't seem to break much...

                                Dave
                                G4UGM
                              Your message has been successfully submitted and would be delivered to recipients shortly.