Comment Re:It would be so easy. (Score 1) 223
Well, it won't change much will it? The DDOS will just follow the DNS update? You probably should invest in load-balancing across multiple connections instead. Or Akamai.
Well, it won't change much will it? The DDOS will just follow the DNS update? You probably should invest in load-balancing across multiple connections instead. Or Akamai.
Note however that it's possible to detect contemporary rootkits in situ on a live system, even if any process that runs in ring0 obviously has the upper hand in a pure theoretical sense. One technique for this is to compare data returned from API calls with raw reads of the data (this is the technique used by "RootkitRevealer".)
Yeah, that's all true, but the point is you'd think *someone* should have done it by now. It only takes one person and one worm.
Many (most) bot servers include standalone mail/web server code, usually ripped from sendmail and the like.
Take a look at Schneier's arguments against this: http://www.schneier.com/blog/archives/2008/02/benevolent_worm_1.html. One additional point is that stack/heap overflows and other memory-corrupting vulnerabilities often can't be made to be 100% reliable, and can be difficult to code for different service packs and such. This can be, and is, coded around as a matter of course, but a bug in the exploitation process can have disastrous and unpredictable results (in this case, interruption of a large swath of critical internal office file sharing networks.) This doesn't matter to the criminals, but it presumably matters to any prospective "grey hat" worm authors.
Every time i see one of these high-yield Windows remote execution holes, I'm tempted to couple a timed network-stack-erasing payload to it (24 hours should be enough for it to be able to infect through vpn-connected laptops and such) and send it cracking. Then i always begin to wonder why this hasn't been done already; is the combination of narcissistic recklessness and technical competence really that rare? It could be argued that it's more fun to play pranks and infiltrate corporate and government networks, but we don't even see things like that (I know it was more common up to the early 90s, when the "criminal prankster hacker scene" still existed outside of small tight groups...)? Or do people just cover it up? You sysadmins out there, have you ever had anything like that happen to you, or anyone you know?
Aerith's Theme from FFVII. To think that something so simple on a grand scale can lodge itself so deeply in the soul.
The whole point of this new method is that you can cauterize a wound without charring the flesh, instead just melting it. The optimal temperature for this is, apparently, 60-70 deg. C., and this is maintained using feedback from an infrared sensor on the "soldering pen". They apparently also use a water soluble protein as "solder". The scars on in the TFA pictures look real nice. Wonder if the wound will hurt more or less than a conventionally sealed wound?
You can hate and love something at the same time, for different reasons.
No, sorry. I am however quite certain that it is *much smaller* relative to the population (It's difficult to be homeless if you don't fit into one of the categories above), but saying that it is *nonexistent* would be an outright lie. Remember, Sweden has a large "problem" with our illegal immigrants, in that we deport women and children back to warzones, so they're forced to go underground and cut all ties with society, living on the mercy of underground humanitarian networks. Our immigration policy is a disaster that US leftists tend to be ignorant of.
I live in Sweden, and we have a non-insignificant population of homeless people in the major cities, mainly consisting of uneducated immigrants, druggies and runaway kids. A few "normal" citizens down on their luck too. You get an apartment from the social services if you are drug-free, but some people just can't quit, and i guess some people are too sane to be in an asylum but too insane to live on their own. Remember, illegal immigrants don't get those benefits, if they don't manage to find hostpital staff willing to look the other way.
Port john the ripper/aircrack-ng? Buy a few terabyte drives and start generating hash tables?
The thing with spyware is that it's included in legitimate apps, typically, and the user has to click through an EULA. Also, all software sold with the intended purpouse of large-scale crime have to be explicitly designed for the fraud in question (code for capturing credit card numbers and passwords from browser sessions/committing various forms of DDOS attacks for example.) The purpose of the software is obvious from it's construction (which conveniently also sets it apart from how commercial pen testing tools are constructed, which have no need for the above features, not to mention how they are marketed.) Relatively benign hacking software not explicitly designed for large-scale economic crime (phearbot, phatbot, poison ivy) would certainly slip under the pen-test or remote administration heading while actually being used in a very large amount of semi-skilled targeted attacks, but on the other hand these are not at all as dangerous given the assumption that the attacker simply acts as a passive consumer that cannot modify the tools he has bought (which is the load-bearing point of first post), and that the crimes we are looking to prevent are DDOS/data encryption extortion and large-scale credit card fraud.
Only through hard work and perseverance can one truly suffer.