On Sep 27, 12:28 pm, "Ms. Polly Ester" . wrote:

> http://news.yahoo.com/s/cmp/20070927/tc_cmp/202101921_ylt=AiieE0MGKY...

>

> Fearing the restrictions it places on their work, the majority of open

> source software developers do not plan to publish code in the next year

> under a controversial new license authored by the main governing body for

> open source and free software, according to a survey released Wednesday.

>

> In addition, more than 40% of those surveyed said they won't ever publish

> their work under Version 3 of the General Public License, which was released

> earlier this year by the Free Software Foundation. "GPLv3 is controversial

> because it imposes restrictions on what you can do with programs," said John

> Andrews, CEO of survey taker Evans Data, in a statement.

 

 

More fragmentation to put some more nails in the Linux coffin.

At some point the Linux loons will figure out that all of these spin

offs are not a good thing for Linux.

 

With 700+ different versions of Linux and now new GPL3 it's just more

confusion for the suits that make the decisions.

Microsoft makes it easy for those types.

Linux makes it a clusterfsck.

Re: Open Source Developers Shun Micoshaft Corporation

 

pus.boy99@gmail.com wrote:

> On Sep 27, 12:28 pm, "Ms. Polly Ester" . wrote:

>> http://news.yahoo.com/s/cmp/20070927/tc_cmp/202101921_ylt=AiieE0MGKY...

>>

>> Fearing the restrictions it places on their work, the majority of open

>> source software developers do not plan to publish code in the next year

>> under a controversial new license authored by the main governing body for

>> open source and free software, according to a survey released Wednesday.

>>

>> In addition, more than 40% of those surveyed said they won't ever publish

>> their work under Version 3 of the General Public License, which was

>> released earlier this year by the Free Software Foundation. "GPLv3 is

>> controversial because it imposes restrictions on what you can do with

>> programs," said John Andrews, CEO of survey taker Evans Data, in a

>> statement.

>

>

> More fragmentation to put some more nails in the Linux coffin.

> At some point the Linux loons will figure out that all of these spin

> offs are not a good thing for Linux.

>

> With 700+ different versions of Linux and now new GPL3 it's just more

> confusion for the suits that make the decisions.

> Microsoft makes it easy for those types.

> Linux makes it a clusterfsck.

 

 

There are more Linux clusters that windopws clusters.

There are more open source developers than Micoshaft developers.

75% of all new projects are open source.

Its time to switch to Linux and be done with.

See the advanced technology in action here

http://www.livecdlist.com

Just download and boot from CD.

All your drivers automagically configured.

No amount of Pistification of your Pista PC will

compare with a Linux PC.

http://www.distrowatch.com for more in depth reviews.

Re: Open Source Developers Shun Micoshaft Corporation

 

"7" <website_has_email@www.enemygadgets.com> wrote in message

news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

 

 

> See the advanced technology in action here

> http://www.livecdlist.com

> Just download and boot from CD.

 

You must be joking.. nobody in their right mind would download a self

booting CD recommended by anyone they didn't know.

It could do absolutely anything to the machine you boot it on.

Its just the sort of thing a hacker would try to get you to do.

It would be a damn good way to root Linux boxes BTW.

Re: Open Source Developers Shun Micoshaft Corporation

 

In comp.os.linux.advocacy, 7

<website_has_email@www.enemygadgets.com>

wrote

on Thu, 27 Sep 2007 20:25:36 GMT

<4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk>:

> pus.boy99@gmail.com wrote:

>

>> On Sep 27, 12:28 pm, "Ms. Polly Ester" . wrote:

>>> http://news.yahoo.com/s/cmp/20070927/tc_cmp/202101921_ylt=AiieE0MGKY...

>>>

>>> Fearing the restrictions it places on their work, the majority of open

>>> source software developers do not plan to publish code in the next year

>>> under a controversial new license authored by the main governing body for

>>> open source and free software, according to a survey released Wednesday.

>>>

>>> In addition, more than 40% of those surveyed said they won't ever publish

>>> their work under Version 3 of the General Public License, which was

>>> released earlier this year by the Free Software Foundation. "GPLv3 is

>>> controversial because it imposes restrictions on what you can do with

>>> programs," said John Andrews, CEO of survey taker Evans Data, in a

>>> statement.

>>

>>

>> More fragmentation to put some more nails in the Linux coffin.

>> At some point the Linux loons will figure out that all of these spin

>> offs are not a good thing for Linux.

>>

>> With 700+ different versions of Linux and now new GPL3 it's just more

>> confusion for the suits that make the decisions.

>> Microsoft makes it easy for those types.

>> Linux makes it a clusterfsck.

>

>

> There are more Linux clusters that windopws clusters.

 

True, but I'm not sure as to its relevance. Most users

won't play "build the grid". Of course, most users use

Microsoft (unfortunately for them), so there's some issues

there... :-)

> There are more open source developers than Micoshaft developers.

 

I wish I knew how to verify that. It's probably true, though

a lot of freeware / shareware source code is targeted at Windows.

> 75% of all new projects are open source.

 

Ditto.

> Its time to switch to Linux and be done with.

 

Conquering all of the world's desktop ... one user at a time. :-)

> See the advanced technology in action here

> http://www.livecdlist.com

> Just download and boot from CD.

 

One of the things Windows cannot do. (At least legally! :-) )

> All your drivers automagically configured.

> No amount of Pistification of your Pista PC will

> compare with a Linux PC.

 

Oh, but gotta love the hypnotically pretty backdrops... :-)

> http://www.distrowatch.com for more in depth reviews.

>

 

 

--

#191, ewill3@earthlink.net

Useless C++ Programming Idea #8830129:

std::set<...> v for(..:iterator i = v.begin() i != v.end() i++)

if(*i == thing) {...}

 

--

Posted via a free Usenet account from http://www.teranews.com

Re: Open Source Developers Shun Micoshaft Corporation

 

Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:

>

> "7" <website_has_email@www.enemygadgets.com> wrote in message

> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>

>

>

>> See the advanced technology in action here

>> http://www.livecdlist.com

>> Just download and boot from CD.

>

> You must be joking.. nobody in their right mind would download a self

> booting CD recommended by anyone they didn't know.

> It could do absolutely anything to the machine you boot it on.

> Its just the sort of thing a hacker would try to get you to do.

> It would be a damn good way to root Linux boxes BTW.

 

100% wrong!!!

 

Linux distributions come with source code.

If you don't trust a distro, you can make it yourself

with the original source code.

 

Begs the question which corporation is gonna trust a micoshaft CD that has

no accompanying source code?

Micoshaft recommend their install CDs which are self booting

and you have no access to their source code to know

whats in a Micoshaft CD!!!

 

All Linux CDs come *WITH* source code so that you can be sure

that no viruses or other crap spyware and adware has been put into it.

 

That is a fundmantal distinction between open source Linux

and closed source untrustworthy Micoshaft sponsored products.

Re: Open Source Developers Shun Micoshaft Corporation

 

dennis@home wrote:

>

> "7" <website_has_email@www.enemygadgets.com> wrote in message

> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>

>

>

>> See the advanced technology in action here

>> http://www.livecdlist.com

>> Just download and boot from CD.

>

> You must be joking.. nobody in their right mind would download a self

> booting CD recommended by anyone they didn't know.

> It could do absolutely anything to the machine you boot it on.

> Its just the sort of thing a hacker would try to get you to do.

> It would be a damn good way to root Linux boxes BTW.

 

Idiot.

 

--

Operating systems:

FreeBSD 6.2, Debian 4.0

PCLinuxOS 2007, (K)Ubuntu 7.04

Ubuntu 7.10 "Gutsy" alpha - Tribe 5

Re: Open Source Developers Shun Micoshaft Corporation

 

On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:

>

> "7" <website_has_email@www.enemygadgets.com> wrote in message

> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>

>

>

>> See the advanced technology in action here

>> http://www.livecdlist.com

>> Just download and boot from CD.

>

> You must be joking.. nobody in their right mind would download a self

> booting CD recommended by anyone they didn't know.

 

Strangely enough, though 7 is a loon, he's not the sort of loon to

recommend you trash your machine from some roague CD. The list is genuine.

> It could do absolutely anything to the machine you boot it on.

 

Actually, no. Some don't even make it easy or possible to have write

access to your drives

> Its just the sort of thing a hacker would try to get you to do.

> It would be a damn good way to root Linux boxes BTW.

 

Well, I've used dozens of LiveCDs over the past few years, and not one has

ever harmed my PCs. On the contrary, they've helped me save data when

hardware went tit's-up.

 

--

Kier

Re: Open Source Developers Shun Micoshaft Corporation

 

dennis@home wrote:

>

> "7" <website_has_email@www.enemygadgets.com> wrote in message

> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>

>

>

>> See the advanced technology in action here

>> http://www.livecdlist.com

>> Just download and boot from CD.

>

> You must be joking.. nobody in their right mind would download a self

> booting CD recommended by anyone they didn't know.

> It could do absolutely anything to the machine you boot it on.

> Its just the sort of thing a hacker would try to get you to do.

> It would be a damn good way to root Linux boxes BTW.

 

Idiot

--

Who the fuck is General Failure, and why is he reading my harddisk?

Re: Open Source Developers Shun Micoshaft Corporation

 

"7" <website_has_email@www.enemygadgets.com> wrote in message

news:dOVKi.21730$c_1.2486@text.news.blueyonder.co.uk...

> Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:

>

>>

>> "7" <website_has_email@www.enemygadgets.com> wrote in message

>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>>

>>

>>

>>> See the advanced technology in action here

>>> http://www.livecdlist.com

>>> Just download and boot from CD.

>>

>> You must be joking.. nobody in their right mind would download a self

>> booting CD recommended by anyone they didn't know.

>> It could do absolutely anything to the machine you boot it on.

>> Its just the sort of thing a hacker would try to get you to do.

>> It would be a damn good way to root Linux boxes BTW.

>

> 100% wrong!!!

 

You shouldn't be so certain, the Internet is full of nasty clever people

that will eat you for breakfast.

> Linux distributions come with source code.

> If you don't trust a distro, you can make it yourself

> with the original source code.

>

> Begs the question which corporation is gonna trust a micoshaft CD that has

> no accompanying source code?

> Micoshaft recommend their install CDs which are self booting

> and you have no access to their source code to know

> whats in a Micoshaft CD!!!

>

> All Linux CDs come *WITH* source code so that you can be sure

> that no viruses or other crap spyware and adware has been put into it.

 

Rubbish.

They don't all come with source, and you will find it hard to compile it and

make your own.

You have no way to actually know a live CD is safe unless you know where it

came from and you know they can be trusted.

>

> That is a fundmantal distinction between open source Linux

> and closed source untrustworthy Micoshaft sponsored products.

 

You are letting irrational hate get in the way of logic.

You would make an ideal target for a hacker.

Re: Open Source Developers Shun Micoshaft Corporation

 

William Poaster wrote:

> dennis@home wrote:

>

>> "7" <website_has_email@www.enemygadgets.com> wrote in message

>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>>

>>

>>

>>> See the advanced technology in action here

>>> http://www.livecdlist.com

>>> Just download and boot from CD.

>> You must be joking.. nobody in their right mind would download a self

>> booting CD recommended by anyone they didn't know.

>> It could do absolutely anything to the machine you boot it on.

>> Its just the sort of thing a hacker would try to get you to do.

>> It would be a damn good way to root Linux boxes BTW.

>

> Idiot.

>

 

<Are all the Linux Lunatic trolls posting to the Vista NG now? You and 7

are jokes. You two have been in bed with each other too many times.

Please, no one wants to see you two with your sloppy seconds sex act.>

Re: Open Source Developers Shun Micoshaft Corporation

 

7 wrote:

> pus.boy99@gmail.com wrote:

>

>

>>On Sep 27, 12:28 pm, "Ms. Polly Ester" . wrote:

>>

>>>http://news.yahoo.com/s/cmp/20070927/tc_cmp/202101921_ylt=AiieE0MGKY...

>>>

>>>Fearing the restrictions it places on their work, the majority of open

>>>source software developers do not plan to publish code in the next year

>>>under a controversial new license authored by the main governing body for

>>>open source and free software, according to a survey released Wednesday.

>>>

>>>In addition, more than 40% of those surveyed said they won't ever publish

>>>their work under Version 3 of the General Public License, which was

>>>released earlier this year by the Free Software Foundation. "GPLv3 is

>>>controversial because it imposes restrictions on what you can do with

>>>programs," said John Andrews, CEO of survey taker Evans Data, in a

>>>statement.

>>

>>

>>More fragmentation to put some more nails in the Linux coffin.

>>At some point the Linux loons will figure out that all of these spin

>>offs are not a good thing for Linux.

>>

>>With 700+ different versions of Linux and now new GPL3 it's just more

>>confusion for the suits that make the decisions.

>>Microsoft makes it easy for those types.

>>Linux makes it a clusterfsck.

>

>

>

> There are more Linux clusters that windopws clusters.

> There are more open source developers than Micoshaft developers.

> 75% of all new projects are open source.

> Its time to switch to Linux and be done with.

> See the advanced technology in action here

> http://www.livecdlist.com

> Just download and boot from CD.

> All your drivers automagically configured.

> No amount of Pistification of your Pista PC will

> compare with a Linux PC.

> http://www.distrowatch.com for more in depth reviews.

>

 

 

So that what...just makes linux a bigger pile of crap?

Frank

Re: Open Source Developers Shun Micoshaft Corporation

 

In comp.os.linux.advocacy, 7

<website_has_email@www.enemygadgets.com>

wrote

on Thu, 27 Sep 2007 22:04:57 GMT

<dOVKi.21730$c_1.2486@text.news.blueyonder.co.uk>:

> Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:

>

>>

>> "7" <website_has_email@www.enemygadgets.com> wrote in message

>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>>

>>

>>

>>> See the advanced technology in action here

>>> http://www.livecdlist.com

>>> Just download and boot from CD.

>>

>> You must be joking.. nobody in their right mind would download a self

>> booting CD recommended by anyone they didn't know.

>> It could do absolutely anything to the machine you boot it on.

>> Its just the sort of thing a hacker would try to get you to do.

>> It would be a damn good way to root Linux boxes BTW.

>

> 100% wrong!!!

>

> Linux distributions come with source code.

> If you don't trust a distro, you can make it yourself

> with the original source code.

 

Two words: compiler hack. While such are nowadays very

unlikely (especially since GCC builds itself using the

system's native compiler, then builds itself again using

itself -- and with Microsoft Windows far easier methods of

compromise are available, sad to say (!)), they're still

theoretically possible. Of course an audit of GCC's source

code might see the hack -- since GCC builds itself using

itself, a hack placed in the native compiler would most

likely vanish.

 

An urban legend has cc being hacked so that /bin/login

miscompiles in a subtle fashion, opening a hole

for an erstwhile hacker to wander in. Whether this

has actually ever occurred, I don't know offhand.

Snopes knows nothing about that particular

issue. Google coughed up a "baby_doe" attack:

http://www.mines.edu/fs_home/dlarue/cc/baby-doe.html .

This attack is fairly modern (1996), but was more of a

rootkit than a /bin/login recompile hack. (baby_doe

was the hostname of the machine that was compromised.)

A far more disturbing page (to Windows website

administrators) is

http://johnny.ihackstuff.com/ghdb.php?function=detail&id=327 .

Fortunately, that information is now over 3 years old.

Unfortunately, one wonders. Gentoo's package database

http://packages.gentoo.org/ is still down, reporting

a vaguely similar injection problem.

 

If I were feeling ultra-paranoid, I'd take a hex

keypad, some static RAM, a floppy controller chip

[*], a display system (probably some LEDs and a

driver chip), and a floppy drive, and key in the

hexcodes myself. Of course, since the actual compiler

is at least 11 kB (spread out over several files in

/usr/libexec/gcc/i686-pc-linux-gnu/<version>)), not to

mention libc and a few other things, that might take

awhile....

>

> Begs the question which corporation is gonna trust a

> micoshaft CD that has no accompanying source code?

 

What CD? Most OEM systems are preloaded. At best, one

might get either an image CD prepared by the OEM, or a

Microsoft install kit, along with the preloaded system.

> Micoshaft recommend their install CDs which are self booting

> and you have no access to their source code to know

> whats in a Micoshaft CD!!!

 

Not quite true...though most people won't want to sign

NDAs. :-) I'm frankly not sure if money has to change

hands or not.

>

> All Linux CDs come *WITH* source code so that you can

> be sure that no viruses or other crap spyware and adware

> has been put into it.

 

Well...not quite true either, unless one goes through

all the trouble to compile the CD from scratch --

possible but would take some doing. (On Gentoo, I see

hints of options one might use while doing so I've not

done sufficient research there to know precisely how

it's done. There is a Gentoo Linux LiveUSB HOWTO at

http://www.gentoo.org/doc/en/liveusb.xml , for those so

inclined however, this is little more than copying the

CD image to the USB device.)

>

> That is a fundmantal distinction between open source Linux

> and closed source untrustworthy Micoshaft sponsored products.

>

 

At least with Linux one has a chance, if one's sufficiently

competent/technically inclined.

 

[*] one of the more interesting capabilities of the Amiga

was its ability to read and write somewhat arbitrary

floppy formats (including the IBM PC's), at least of

the 720kB-880kB era (the Manchester encoding was done by

the blitter). A Chinon modification is available to

read 1.44 MB diskettes (at half speed) but I don't think

I have such. The Amiga's native format can store up

to 880 kB, by mostly eliminating the inter-sector gap.

Since the Amiga is virtually immune to IBM PC viruses

(it's a different microprocessor!), it might be useful

here, and old Amigas are probably still flitting about.

Of course 720 kB isn't that big anymore...

 

--

#191, ewill3@earthlink.net

Conventional memory has to be one of the most UNconventional

architectures I've seen in a computer system.

 

--

Posted via a free Usenet account from http://www.teranews.com

Re: Open Source Developers Shun Micoshaft Corporation

 

7 wrote:

> Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:

>

>> "7" <website_has_email@www.enemygadgets.com> wrote in message

>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>>

>>

>>

>>> See the advanced technology in action here

>>> http://www.livecdlist.com

>>> Just download and boot from CD.

>> You must be joking.. nobody in their right mind would download a self

>> booting CD recommended by anyone they didn't know.

>> It could do absolutely anything to the machine you boot it on.

>> Its just the sort of thing a hacker would try to get you to do.

>> It would be a damn good way to root Linux boxes BTW.

>

> 100% wrong!!!

>

> Linux distributions come with source code.

> If you don't trust a distro, you can make it yourself

> with the original source code.

>

> Begs the question which corporation is gonna trust a micoshaft CD that has

> no accompanying source code?

> Micoshaft recommend their install CDs which are self booting

> and you have no access to their source code to know

> whats in a Micoshaft CD!!!

>

> All Linux CDs come *WITH* source code so that you can be sure

> that no viruses or other crap spyware and adware has been put into it.

>

> That is a fundmantal distinction between open source Linux

> and closed source untrustworthy Micoshaft sponsored products.

>

>

<7 doesn't even know what it's talking about. The fool has no clue.

However, 7 likes to run its mouth. It was this one time 7 ran its mouth

about .Net in a neutral NG. 7 got its ass annihilated by developers who

were in that NG. It was another time 7 was in the Suse NG and needed to

open its mouth about something, and again, 7 got its ass annihilated in

the Suse NG. 7 no more knows what it's talking about than the man in the

Moon. And 7 should be ignored. :)>

On Thu, 27 Sep 2007 11:42:48 -0700, pus.boy99 wrote:

> On Sep 27, 12:28 pm, "Ms. Polly Ester" . wrote:

>> http://news.yahoo.com/s/cmp/20070927/

tc_cmp/202101921_ylt=AiieE0MGKY...

>>

>> Fearing the restrictions it places on their work, the majority of open

>> source software developers do not plan to publish code in the next year

>> under a controversial new license authored by the main governing body

>> for open source and free software, according to a survey released

>> Wednesday.

>>

>> In addition, more than 40% of those surveyed said they won't ever

>> publish their work under Version 3 of the General Public License, which

>> was released earlier this year by the Free Software Foundation. "GPLv3

>> is controversial because it imposes restrictions on what you can do

>> with programs," said John Andrews, CEO of survey taker Evans Data, in a

>> statement.

>

>

> More fragmentation to put some more nails in the Linux coffin. At some

> point the Linux loons will figure out that all of these spin offs are

> not a good thing for Linux.

>

> With 700+ different versions of Linux and now new GPL3 it's just more

> confusion for the suits that make the decisions. Microsoft makes it easy

> for those types. Linux makes it a clusterfsck.

 

pus.boy99 ....

aha hahaha HHA ha HA hAHh AHH AhHHAHAH Ah HA h HAH ...

 

 

 

--

Rick

Re: Open Source Developers Shun Micoshaft Corporation

 

"Kier" <vallon@tiscali.co.uk> wrote in message

news:pan.2007.09.27.22.10.39.759492@tiscali.co.uk...

> On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:

>

>>

>> "7" <website_has_email@www.enemygadgets.com> wrote in message

>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>>

>>

>>

>>> See the advanced technology in action here

>>> http://www.livecdlist.com

>>> Just download and boot from CD.

>>

>> You must be joking.. nobody in their right mind would download a self

>> booting CD recommended by anyone they didn't know.

>

> Strangely enough, though 7 is a loon, he's not the sort of loon to

> recommend you trash your machine from some roague CD. The list is genuine.

 

But I have no way to know that and I certainly aren't going to trust someone

shouting in a news group, anyone that does is being foolish.

It shows that people still don't understand the basics of security if they

do.

If you can't verify the source you may as well let the hacker sit at the

machine and give him the passwords.

>

>> It could do absolutely anything to the machine you boot it on.

>

> Actually, no. Some don't even make it easy or possible to have write

> access to your drives

 

You don't know how Unix works if you think that.

If you boot an entire OS it will be able to do anything it likes to your

drives unless you are running an encrypted file system that prompts you for

a password at boot before it can decrypt the drives. No Linux or windows

does that that I know of. You certainly can't do anything about it when the

source is available as if you store the password on the machine the rogue

software can use exactly the same mechanism to extract the password and

access the file system as the original OS. This is also true of windows but

someone has to disassemble the software and find the mechanism first so its

slightly more difficult.

>

>> Its just the sort of thing a hacker would try to get you to do.

>> It would be a damn good way to root Linux boxes BTW.

>

> Well, I've used dozens of LiveCDs over the past few years, and not one has

> ever harmed my PCs. On the contrary, they've helped me save data when

> hardware went tit's-up.

 

I have used live CDs too but not one that someone has been shouting about in

a news group.. you can't trust anyone these days.

 

Live CDs are one of the biggest security risks the average user is likely to

come across now floppies have gone (mostly).

(Any bootable device suffers from exactly the same security problems

whatever OS you are running on the machine.)

It doesn't take a lot of skill to put some malicious software on one and it

has total access to the machine be it windows or Linux or dos.

You have to be sure that it is what it claims before you boot it.

If it is malicious and you boot it the average user will never know anything

bad has happened.

They could easily be the Linux (and everything else) equivalent of the boot

sector virus that dos suffers from and there is no easy way for a user to be

sure other than from where they download it from.

 

Where is the definitive list of live CDs that have been verified and the

checksums and software to verify the cd before use? Who exactly is

responsible for doing that and do they have the skills to do it are a couple

of questions I would ask if I put a security hat on.

Re: Open Source Developers Shun Micoshaft Corporation

 

On Fri, 28 Sep 2007 08:47:26 +0100, dennis@home wrote:

>

> "Kier" <vallon@tiscali.co.uk> wrote in message

> news:pan.2007.09.27.22.10.39.759492@tiscali.co.uk...

>> On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:

>>

>>>

>>> "7" <website_has_email@www.enemygadgets.com> wrote in message

>>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>>>

>>>

>>>

>>>> See the advanced technology in action here

>>>> http://www.livecdlist.com

>>>> Just download and boot from CD.

>>>

>>> You must be joking.. nobody in their right mind would download a self

>>> booting CD recommended by anyone they didn't know.

>>

>> Strangely enough, though 7 is a loon, he's not the sort of loon to

>> recommend you trash your machine from some roague CD. The list is genuine.

>

> But I have no way to know that and I certainly aren't going to trust someone

> shouting in a news group, anyone that does is being foolish.

> It shows that people still don't understand the basics of security if they

> do.

 

That would be a social engineering type hack, right? I do take your point

in that regard. One of my favourite books is a fascinating exploaration of

the art, called 'A Complete Hacker's Handbook'.

> If you can't verify the source you may as well let the hacker sit at the

> machine and give him the passwords.

 

How come we don't see this happening, then? I have *never* heard of such a

thing being done. Probably it *could* be, somehow, but I know of not one

instance.

>

>>

>>> It could do absolutely anything to the machine you boot it on.

>>

>> Actually, no. Some don't even make it easy or possible to have write

>> access to your drives

>

> You don't know how Unix works if you think that.

 

It's not impossible, certainly, but without root access it's not easy. Of

course, some LiveCDs are desighed to do partitioning and rescue work, so

they by definition must be able to write to disc. But if you have

physical access, no system is really safe, however well-protected.

 

The ordinary user, however, is not going to be able to break his sytem

using a LiveCD. That was my initial point. LiveCDs don't usually touch

the underlying OS at all - in fact, with sufficient memory you can run one

without a hard disk in the machine at all.

> If you boot an entire OS it will be able to do anything it likes to your

> drives unless you are running an encrypted file system that prompts you for

> a password at boot before it can decrypt the drives. No Linux or windows

> does that that I know of. You certainly can't do anything about it when the

> source is available as if you store the password on the machine the rogue

> software can use exactly the same mechanism to extract the password and

> access the file system as the original OS. This is also true of windows but

> someone has to disassemble the software and find the mechanism first so its

> slightly more difficult.

 

The source isn't usually available on a LiveCD, no mater what 7 said.

There usually isn't room.

>

>>

>>> Its just the sort of thing a hacker would try to get you to do.

>>> It would be a damn good way to root Linux boxes BTW.

>>

>> Well, I've used dozens of LiveCDs over the past few years, and not one has

>> ever harmed my PCs. On the contrary, they've helped me save data when

>> hardware went tit's-up.

>

> I have used live CDs too but not one that someone has been shouting about in

> a news group.. you can't trust anyone these days.

>

> Live CDs are one of the biggest security risks the average user is likely to

> come across now floppies have gone (mostly).

 

Yes, no problems like that have been detected, to my knowledge.

> (Any bootable device suffers from exactly the same security problems

> whatever OS you are running on the machine.)

> It doesn't take a lot of skill to put some malicious software on one and it

> has total access to the machine be it windows or Linux or dos.

 

Less easily with Linux, but essentially, yes.

> You have to be sure that it is what it claims before you boot it.

> If it is malicious and you boot it the average user will never know anything

> bad has happened.

> They could easily be the Linux (and everything else) equivalent of the boot

> sector virus that dos suffers from and there is no easy way for a user to be

> sure other than from where they download it from.

 

Yet there doesn't seem to be one, does there? If it's that easy, why

isn't it being done?

>

> Where is the definitive list of live CDs that have been verified and the

> checksums and software to verify the cd before use? Who exactly is

> responsible for doing that and do they have the skills to do it are a couple

> of questions I would ask if I put a security hat on.

 

Well, I don't deny it's always good to cultivate good security habits,

whtever OS you're using. But, like I said, nothing like that ever seems to

have happened. I do vaguely recall there was a case where some dodgy rpms

or something got into a reputable distro repo, but it was very quickily

discovered and stopped. The transparency of open source tends to make such

things more difficult to get away with.

 

--

Kier

Re: Open Source Developers Shun Micoshaft Corporation

 

"Kier" <vallon@tiscali.co.uk> wrote in message

news:pan.2007.09.28.08.40.43.637828@tiscali.co.uk...

> On Fri, 28 Sep 2007 08:47:26 +0100, dennis@home wrote:

>

>>

>> "Kier" <vallon@tiscali.co.uk> wrote in message

>> news:pan.2007.09.27.22.10.39.759492@tiscali.co.uk...

>>> On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:

>>>

>>>>

>>>> "7" <website_has_email@www.enemygadgets.com> wrote in message

>>>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>>>>

>>>>

>>>>

>>>>> See the advanced technology in action here

>>>>> http://www.livecdlist.com

>>>>> Just download and boot from CD.

>>>>

>>>> You must be joking.. nobody in their right mind would download a self

>>>> booting CD recommended by anyone they didn't know.

>>>

>>> Strangely enough, though 7 is a loon, he's not the sort of loon to

>>> recommend you trash your machine from some roague CD. The list is

>>> genuine.

>>

>> But I have no way to know that and I certainly aren't going to trust

>> someone

>> shouting in a news group, anyone that does is being foolish.

>> It shows that people still don't understand the basics of security if

>> they

>> do.

>

> That would be a social engineering type hack, right? I do take your point

> in that regard. One of my favourite books is a fascinating exploaration of

> the art, called 'A Complete Hacker's Handbook'.

>

>> If you can't verify the source you may as well let the hacker sit at the

>> machine and give him the passwords.

>

> How come we don't see this happening, then? I have *never* heard of such a

> thing being done. Probably it *could* be, somehow, but I know of not one

> instance.

>

>>

>>>

>>>> It could do absolutely anything to the machine you boot it on.

>>>

>>> Actually, no. Some don't even make it easy or possible to have write

>>> access to your drives

>>

>> You don't know how Unix works if you think that.

>

> It's not impossible, certainly, but without root access it's not easy. Of

> course, some LiveCDs are desighed to do partitioning and rescue work, so

> they by definition must be able to write to disc. But if you have

> physical access, no system is really safe, however well-protected.

>

> The ordinary user, however, is not going to be able to break his sytem

> using a LiveCD. That was my initial point. LiveCDs don't usually touch

> the underlying OS at all - in fact, with sufficient memory you can run one

> without a hard disk in the machine at all.

 

You have misunderstood.

You even know what I say is true from what you have said above and then you

ignore what you said and say it can't happen because its a live CD. It is

because its a live CD (i.e. bootable) that it can happen. Don't think I am

getting at Linux here because I am not it can happen with any bootable disk.

It has happened with windows.. people have released images on P2P with

malicious code built in. There is nothing to stop someone doing exactly the

same with a live CD and they are also on P2P from various sources too. Don't

think that Linux makes you secure.. nothing makes an idiot with a computer

secure.

 

While its true that many *real* live CDs can't access the disks, its only

because whoever put the CD together removed that ability.

Anyone could create a live CD that can access the disks and can do anything

they like including instaling root kits or emailing data or anything they

like.

Unless you can identify these disks you have a security problem and it is

not going away just by saying it hasn't been done yet.. the reality is that

you probably wouldn't know if it had been. To start with while people don't

believe it can happen who is going to look.

>

>> If you boot an entire OS it will be able to do anything it likes to your

>> drives unless you are running an encrypted file system that prompts you

>> for

>> a password at boot before it can decrypt the drives. No Linux or windows

>> does that that I know of. You certainly can't do anything about it when

>> the

>> source is available as if you store the password on the machine the rogue

>> software can use exactly the same mechanism to extract the password and

>> access the file system as the original OS. This is also true of windows

>> but

>> someone has to disassemble the software and find the mechanism first so

>> its

>> slightly more difficult.

>

> The source isn't usually available on a LiveCD, no mater what 7 said.

> There usually isn't room.

 

I know but it can fit on a DVD.

>>>> Its just the sort of thing a hacker would try to get you to do.

>>>> It would be a damn good way to root Linux boxes BTW.

>>>

>>> Well, I've used dozens of LiveCDs over the past few years, and not one

>>> has

>>> ever harmed my PCs. On the contrary, they've helped me save data when

>>> hardware went tit's-up.

>>

>> I have used live CDs too but not one that someone has been shouting about

>> in

>> a news group.. you can't trust anyone these days.

>>

>> Live CDs are one of the biggest security risks the average user is likely

>> to

>> come across now floppies have gone (mostly).

>

> Yes, no problems like that have been detected, to my knowledge.

 

Is anyone looking?

>> (Any bootable device suffers from exactly the same security problems

>> whatever OS you are running on the machine.)

>> It doesn't take a lot of skill to put some malicious software on one and

>> it

>> has total access to the machine be it windows or Linux or dos.

>

> Less easily with Linux, but essentially, yes.

 

There is another error, why is it less easy? I see no reason for it to be

less easy.. in fact I think it might be easier as I have the source i need

to modify it to do what *I* want.

>

>> You have to be sure that it is what it claims before you boot it.

>> If it is malicious and you boot it the average user will never know

>> anything

>> bad has happened.

>> They could easily be the Linux (and everything else) equivalent of the

>> boot

>> sector virus that dos suffers from and there is no easy way for a user to

>> be

>> sure other than from where they download it from.

>

> Yet there doesn't seem to be one, does there? If it's that easy, why

> isn't it being done?

>

>>

>> Where is the definitive list of live CDs that have been verified and the

>> checksums and software to verify the cd before use? Who exactly is

>> responsible for doing that and do they have the skills to do it are a

>> couple

>> of questions I would ask if I put a security hat on.

>

> Well, I don't deny it's always good to cultivate good security habits,

> whtever OS you're using. But, like I said, nothing like that ever seems to

> have happened. I do vaguely recall there was a case where some dodgy rpms

> or something got into a reputable distro repo, but it was very quickily

> discovered and stopped. The transparency of open source tends to make such

> things more difficult to get away with.

 

That is an illusion not backed up by logic.

There are so few people that really know what they are doing with open

source that they can't get all the bugs so they are unlikely to find

anything malicious unless it has a bug and an undesirable side effect. I can

just see someone sitting there and going through a "Ubuntu 7.1" live CD

looking for stuff that shouldn't be there.

Re: Open Source Developers Shun Micoshaft Corporation

 

On Fri, 28 Sep 2007 10:11:26 +0100, dennis@home wrote:

>

> "Kier" <vallon@tiscali.co.uk> wrote in message

> news:pan.2007.09.28.08.40.43.637828@tiscali.co.uk...

>> On Fri, 28 Sep 2007 08:47:26 +0100, dennis@home wrote:

>>

>>>

>>> "Kier" <vallon@tiscali.co.uk> wrote in message

>>> news:pan.2007.09.27.22.10.39.759492@tiscali.co.uk...

>>>> On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:

>>>>

>>>>>

>>>>> "7" <website_has_email@www.enemygadgets.com> wrote in message

>>>>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co.uk...

>>>>>

>>>>>

>>>>>

>>>>>> See the advanced technology in action here

>>>>>> http://www.livecdlist.com

>>>>>> Just download and boot from CD.

>>>>>

>>>>> You must be joking.. nobody in their right mind would download a self

>>>>> booting CD recommended by anyone they didn't know.

>>>>

>>>> Strangely enough, though 7 is a loon, he's not the sort of loon to

>>>> recommend you trash your machine from some roague CD. The list is

>>>> genuine.

>>>

>>> But I have no way to know that and I certainly aren't going to trust

>>> someone

>>> shouting in a news group, anyone that does is being foolish.

>>> It shows that people still don't understand the basics of security if

>>> they

>>> do.

>>

>> That would be a social engineering type hack, right? I do take your point

>> in that regard. One of my favourite books is a fascinating exploaration of

>> the art, called 'A Complete Hacker's Handbook'.

>>

>>> If you can't verify the source you may as well let the hacker sit at the

>>> machine and give him the passwords.

>>

>> How come we don't see this happening, then? I have *never* heard of such a

>> thing being done. Probably it *could* be, somehow, but I know of not one

>> instance.

>>

>>>

>>>>

>>>>> It could do absolutely anything to the machine you boot it on.

>>>>

>>>> Actually, no. Some don't even make it easy or possible to have write

>>>> access to your drives

>>>

>>> You don't know how Unix works if you think that.

>>

>> It's not impossible, certainly, but without root access it's not easy. Of

>> course, some LiveCDs are desighed to do partitioning and rescue work, so

>> they by definition must be able to write to disc. But if you have

>> physical access, no system is really safe, however well-protected.

>>

>> The ordinary user, however, is not going to be able to break his sytem

>> using a LiveCD. That was my initial point. LiveCDs don't usually touch

>> the underlying OS at all - in fact, with sufficient memory you can run one

>> without a hard disk in the machine at all.

>

> You have misunderstood.

 

No, I don't think so.

> You even know what I say is true from what you have said above and then you

> ignore what you said and say it can't happen because its a live CD. It is

 

Not 'can't', so much as 'is less likely to'.

> because its a live CD (i.e. bootable) that it can happen. Don't think I am

> getting at Linux here because I am not it can happen with any bootable disk.

 

Of course it can happen. The fact it, it doesn't seem to *be* happening,

at least not on a large enough scale that it can be detected.

> It has happened with windows.. people have released images on P2P with

> malicious code built in. There is nothing to stop someone doing exactly

> the same with a live CD and they are also on P2P from various sources

> too. Don't think that Linux makes you secure.. nothing makes an idiot

> with a computer secure.

 

We're a trifle more secure than Windows, though no system is 100% secure,

with a determined enough attacker.

>

> While its true that many *real* live CDs can't access the disks, its

> only because whoever put the CD together removed that ability. Anyone

> could create a live CD that can access the disks and can do anything

> they like including instaling root kits or emailing data or anything

> they like.

 

Anyone could, yes. But I've heard of no case of it happening. And since it

would be relatively easy, you would naturally expect it to have happened

often enough to have been noticed or detected.

> Unless you can identify these disks you have a security problem and it is

> not going away just by saying it hasn't been done yet.. the reality is that

> you probably wouldn't know if it had been. To start with while people don't

> believe it can happen who is going to look.

 

Someone may have done it somewhere, of course, and gone undetected. But

they will have crafted a LiveCD of their own, not placed it in the public

domain, as it were.

>

>>

>>> If you boot an entire OS it will be able to do anything it likes to your

>>> drives unless you are running an encrypted file system that prompts you

>>> for

>>> a password at boot before it can decrypt the drives. No Linux or windows

>>> does that that I know of. You certainly can't do anything about it when

>>> the

>>> source is available as if you store the password on the machine the rogue

>>> software can use exactly the same mechanism to extract the password and

>>> access the file system as the original OS. This is also true of windows

>>> but

>>> someone has to disassemble the software and find the mechanism first so

>>> its

>>> slightly more difficult.

>>

>> The source isn't usually available on a LiveCD, no mater what 7 said.

>> There usually isn't room.

>

> I know but it can fit on a DVD.

 

I can, yes. But even them, it usually won't be, though you can request it

as of right..

>

>>>>> Its just the sort of thing a hacker would try to get you to do.

>>>>> It would be a damn good way to root Linux boxes BTW.

>>>>

>>>> Well, I've used dozens of LiveCDs over the past few years, and not one

>>>> has

>>>> ever harmed my PCs. On the contrary, they've helped me save data when

>>>> hardware went tit's-up.

>>>

>>> I have used live CDs too but not one that someone has been shouting about

>>> in

>>> a news group.. you can't trust anyone these days.

>>>

>>> Live CDs are one of the biggest security risks the average user is likely

>>> to

>>> come across now floppies have gone (mostly).

>>

>> Yes, no problems like that have been detected, to my knowledge.

>

> Is anyone looking?

 

Probably. If you can think of this occurring, then someone else no doubt

has thought of it, and is watching for it.

>

>>> (Any bootable device suffers from exactly the same security problems

>>> whatever OS you are running on the machine.)

>>> It doesn't take a lot of skill to put some malicious software on one and

>>> it

>>> has total access to the machine be it windows or Linux or dos.

>>

>> Less easily with Linux, but essentially, yes.

>

> There is another error, why is it less easy? I see no reason for it to be

> less easy.. in fact I think it might be easier as I have the source i need

> to modify it to do what *I* want.

 

That's an argument often made to suggest Linux is less secure - yet it

doesn't seem to be, does it, despite the source code being freely

available to all? You'd think it would be an open invitation to every

hacket and cracker out there.

>>

>>> You have to be sure that it is what it claims before you boot it.

>>> If it is malicious and you boot it the average user will never know

>>> anything

>>> bad has happened.

>>> They could easily be the Linux (and everything else) equivalent of the

>>> boot

>>> sector virus that dos suffers from and there is no easy way for a user to

>>> be

>>> sure other than from where they download it from.

>>

>> Yet there doesn't seem to be one, does there? If it's that easy, why

>> isn't it being done?

>>

>>>

>>> Where is the definitive list of live CDs that have been verified and the

>>> checksums and software to verify the cd before use? Who exactly is

>>> responsible for doing that and do they have the skills to do it are a

>>> couple

>>> of questions I would ask if I put a security hat on.

>>

>> Well, I don't deny it's always good to cultivate good security habits,

>> whtever OS you're using. But, like I said, nothing like that ever seems to

>> have happened. I do vaguely recall there was a case where some dodgy rpms

>> or something got into a reputable distro repo, but it was very quickily

>> discovered and stopped. The transparency of open source tends to make such

>> things more difficult to get away with.

>

> That is an illusion not backed up by logic.

 

No, it's not an illusion, it's a fact. It's a lot harder to hide something

in Linux code, because it's available to all for inspection. Of course,

it's not *impossible*, but it's harder.

> There are so few people that really know what they are doing with open

> source that they can't get all the bugs so they are unlikely to find

 

Whao, there. So few There are thousands and thousands who know what

they're doing - and are doing it, daily.

> anything malicious unless it has a bug and an undesirable side effect. I

> can just see someone sitting there and going through a "Ubuntu 7.1" live

> CD looking for stuff that shouldn't be there.

 

They don't need to. What's on there is what's in the Ubuntu repos, which

is scrutinised by the whole community.

 

--

Kier

Re: Open Source Developers Shun Micoshaft Corporation

 

"Kier" <vallon@tiscali.co.uk> wrote in message

news:pan.2007.09.28.09.43.02.352391@tiscali.co.uk...

> On Fri, 28 Sep 2007 10:11:26 +0100, dennis@home wrote:

 

8<

> We're a trifle more secure than Windows, though no system is 100% secure,

> with a determined enough attacker.

 

Now you are getting it wrong again.

You are no more secure than windows with regards to this type of attack.

In fact you are probably less secure.

At least on windows there are a multitude of AV and anti spyware packages

that any hacker would have to overcome as well as the standard OS features.

On Linux there is just the standard stuff so one hack will work almost

anywhere.

Don't let any security features that are there to stop you running malware

give you the impression you are safe as a fake live CD doesn't have them and

the ones on your system don't matter.

>

>>

>> While its true that many *real* live CDs can't access the disks, its

>> only because whoever put the CD together removed that ability. Anyone

>> could create a live CD that can access the disks and can do anything

>> they like including instaling root kits or emailing data or anything

>> they like.

>

> Anyone could, yes. But I've heard of no case of it happening. And since it

> would be relatively easy, you would naturally expect it to have happened

> often enough to have been noticed or detected.

 

What is there to detect?

Are you looking for something?

You are secure so why are you looking?

Yes it is a social engineering hack and it sounds like you are a perfect

target (like most people).

You expect too much from your software.. something it cannot do.

You have also been luuled into a false sense of security by some of the

things it can do but have no relevance here.

>

>> Unless you can identify these disks you have a security problem and it is

>> not going away just by saying it hasn't been done yet.. the reality is

>> that

>> you probably wouldn't know if it had been. To start with while people

>> don't

>> believe it can happen who is going to look.

>

> Someone may have done it somewhere, of course, and gone undetected. But

> they will have crafted a LiveCD of their own, not placed it in the public

> domain, as it were.

 

P2P? That sounds public to me.

 

There were loads of them last time I looked and I expect some of them to be

dubious, one has to get herd controllers somewhere..

 

Anyway if the hackers hadn't thought of it they know now.

You can expect your first batch with the release of Ubuntu next week. -)

 

8<

Re: Open Source Developers Shun Micoshaft Corporation

 

dennis@home wrote:

>"Kier" <vallon@tiscali.co.uk> wrote:

>>

>> On Fri, 28 Sep 2007 10:11:26 +0100, dennis@home wrote:

>

>8<

>

>> We're a trifle more secure than Windows, though no system is 100% secure,

>> with a determined enough attacker.

>

>Now you are getting it wrong again.

>You are no more secure than windows with regards to this type of attack.

>In fact you are probably less secure.

 

You are a fscking idiot. If you're so paranoid, get your LiveCD ISO

from directly from the ubuntu (or whatever) Web site. Sheesh.

Re: Open Source Developers Shun Micoshaft Corporation

 

"chrisv" <chrisv@nospam.invalid> wrote in message

news:e71qf35sq1bt67vqp7v01v2sj0kouak1vr@4ax.com...

> dennis@home wrote:

>

>>"Kier" <vallon@tiscali.co.uk> wrote:

>>>

>>> On Fri, 28 Sep 2007 10:11:26 +0100, dennis@home wrote:

>>

>>8<

>>

>>> We're a trifle more secure than Windows, though no system is 100%

>>> secure,

>>> with a determined enough attacker.

>>

>>Now you are getting it wrong again.

>>You are no more secure than windows with regards to this type of attack.

>>In fact you are probably less secure.

>

> You are a fscking idiot. If you're so paranoid, get your LiveCD ISO

> from directly from the ubuntu (or whatever) Web site. Sheesh.

>

 

Another one that doesn't like the truth.

There is *nothing* in Linux (or most OSes) to protect a user from such a

simple attack and yet you think I am paranoid for not listening to some

troll posting download web sites in a news group. Do get a clue on what is

and isn't safe with the computer you are supposed to be in charge of.

Re: Open Source Developers Shun Micoshaft Corporation

 

On Fri, 28 Sep 2007 18:57:38 +0100, "dennis@home"

<dennis@killspam.kicks-ass.net> wrote:

 

>Another one that doesn't like the truth.

 

The truth is you're just another self-important, loud, uncouth windbag

that has some odd need to try to defend questionable Microsoft

practices. I should thank you, because you and about a half a dozen

other airheads make me and I'm guessing many others laugh every day

over the idiotic things you keep saying.

Re: Open Source Developers Shun Micoshaft Corporation

 

dennis@home wrote:

>"chrisv" <chrisv@nospam.invalid> wrote:

>>

>> You are a fscking idiot. If you're so paranoid, get your LiveCD ISO

>> from directly from the ubuntu (or whatever) Web site. Sheesh.

>

>Another one that doesn't like the truth.

 

The truth is, you're an idiot.

>There is *nothing* in Linux (or most OSes) to protect a user from such a

>simple attack

 

Idiot. Read my last post again.

Re: Open Source Developers Shun Micoshaft Corporation

 

Adam Albright wrote:

> On Fri, 28 Sep 2007 18:57:38 +0100, "dennis@home"

> <dennis@killspam.kicks-ass.net> wrote:

>

>

>

>>Another one that doesn't like the truth.

>

>

> The truth is you're just another self-important, loud, uncouth windbag

> that has some odd need to try to defend questionable Microsoft

> practices. I should thank you, because you and about a half a dozen

> other airheads make me and I'm guessing many others laugh every day

> over the idiotic things you keep saying.

>

 

 

OMG, that the most self-descriptive (or self-effacing) statement you've

yet to post!

That didn't hurt at all did it?

Frank

Re: Open Source Developers Shun Micoshaft Corporation

 

"Adam Albright" <AA@ABC.net> wrote in message

news:1thqf3lqr0cuou50t9s3c8f64t9ikk34pk@4ax.com...

> On Fri, 28 Sep 2007 18:57:38 +0100, "dennis@home"

> <dennis@killspam.kicks-ass.net> wrote:

>

>

>>Another one that doesn't like the truth.

>

> The truth is you're just another self-important, loud, uncouth windbag

> that has some odd need to try to defend questionable Microsoft

> practices. I should thank you, because you and about a half a dozen

> other airheads make me and I'm guessing many others laugh every day

> over the idiotic things you keep saying.

>

 

You are crazy. This has nothing to do with M$ or windows so shut up.