How do you get shell access on your average Mac without physical access? SSH isn't enabled by default as has been pointed out. In fact, it's been a real PITA to get the versions of OS X I've configured to play nice on the network for the command line. I doubt one user in a thousand has done it -- slashdot mac users not being significantly representative of the average mac users, of course. My macs have SSH available, but the port isn't open to the Intertubes outside of my LAN, so it doesn't concern me very much.
So this essentially resolves to a "you have to be there" exploit.
Exactly so.
Clearly, that's not what I said.
Random data point == random data point
not
Random data point == confirmation of "there's no problem" stance
Try for comprehension next time. You'd be amazed what you can learn if you actually, you know, understand what you read.
It is becoming increasingly obvious to me that we have no idea how to secure information systems.
It's this kind of stuff that scares the crap out of people and there is no end in sight. As a matter of fact, this is only going to get worse as we migrate to an IoT.
I sometimes wonder if the technology bubble will someday be crushed under the weight of exploitation. A victim of its own complexity and insecurity.
Yep no one cares. Rather than just the potential murder of an annoying journalist few people know about or care about its probably going to take some complete ahole(s) with an exploit like this causing the first mass cyber fatality incident before anything really gets done and your average person cares.
Bees are all over the place at my home (basically at the center of a small town in rural Montana.) We have quite a few planters full of flowers on our largish deck (about 1000' sq), and it is not uncommon to go out there and see a very large number of bees going about their business. They are nearly zero threat. Well, unless you sit on one.
There are no obvious hives anywhere nearby, and they seem to come and go from all points of the compass.
Sortof-kinda related, there are local honey merchants, and the honey is just lovely.
What's so damned special about relationships? If it's about equality, then tell me, why does a childless married couple pay less in tax than a widow with a child who earns the same as the couple? I'd say the widow's relationship to the child matters to society, the couple's relationship doesn't matter to anyone but them.
Why is it legal to discriminate on the basis of marriage?
Why does any government in a secular country have anything at all to do with marriage?
A large proportion of the time it ends with MS sending patches. On Patch Tuesday the damned thing is useless for an hour sometimes. Other times I have to reboot it to make it usable.
Windows: "Quality? Why make a quality product when crap sells so well?"
Think of the football player from this planet! They would be about 3 feet high and enormously strong
Yeah, but if it did that to them, it'd do the same thing to the cheerleaders, then there would be no reason to watch the game -- unless you have a gnome fetish.
Seems like it is: "the attacker already has to have local access"
That's what I was working off of, anyway.
Network-imposed exploits are something else entirely.
Furthermore, local access pretty much is the end of the road anyway. Boot from the right CD with a custom filesystem that ignores HD filesystem permissions and yet allows you to set them any way you want, system is now wide open. Replace a few choice commands that you know are going to run, and bang, fully compromised. And that's just one of the many easy ways in to access as the system stands. You can also copy off the entire HD, or for that matter, erase it. Or both. You can compromise a command for a way in, copy an otherwise encrypted volume and walk off with it, break the encryption at your leisure, then use the previously installed compromise to get in and cause mayhem.
If you don't have physical security and there is any kind of local threat of compromise, you could become toast at any time. These kinds of "threats" are insignificant in the larger scheme of things. If you need local security, the only sufficient mechanism is to physically deny access to the computer.
HPV is listed as an STD, and really only becomes an issue when two or more incompatible strains interact - meaning, multiple partners within relatively short periods, again - a lifestyle choice.
Because you can quite easily get HPV sexually, that makes it an STD -- a "Sexually Transmitted Disease." But you can also get it via casual contact. Which you cannot control. Also, and rather finally, as you can't control other people's behavior or contacts, nor promise your behavior or contacts will keep you clear of this, it needs vaccination. Just the numbers alone tell you HPV needs vaccination: A 50% infection rate in the general population. No set of excuses can make that number go away. But vaccination can.
The flow chart is a most thoroughly oversold piece of program documentation. -- Frederick Brooks, "The Mythical Man Month"