Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Hosts override ANY DNS (even local)... apk (Score 1) 122

That might be true if the application is using the OS provided network stack, e.g. with DnsQuery. However AFAIK nothing prevents an application to bring its own DNS stack which queries external DNS, ignoring the host file. Does the OS block outgoing requests on port 53?
And, as I've said before, the DNS in TOR doesn't use the OS provided DNS. It uses its own one.
Blocking the C&C perhaps stops communication to the hq, but that doesn't help when the virus is written to first encrypt the HDD and then wait for further commands from C&C.

Comment Re:Angler PC malware? (Score 1) 122

The ldpreload attack is not a problem of the compositor, but the configuration of apparmor or SELinux:
http://mupuf.org/blog/2014/02/...
http://blog.siphos.be/2011/04/...
The transparent window attack doesn't work, does it? It seems that it is possible to make a transparent window, but then I doubt the events will be passed on onto the below applications. The keylogger would need to fake user input, which isn't possible AFAIK.

Comment Re:Angler PC malware? (Score 1) 122

I haven't reviewed the source code for every single application and update I install. Nor have my distro's packagers. And the software is compiled on some server I don't know, and the server is a single point of failure.
But still I trust this model more as randomly installing blobs from various websites.
When I randomly install software from my package repo no ads pop up from the taskbar, and I don't see CPU constantly at 100%. Don't have tried it for randomly downloading windows software from the internet.

Comment Re:Correct me *IF* I am wrong, but... apk (Score 1) 122

The C&C Servers are what is communicated back against (as well as serving up exploits payloads etc. @ times also & IF they don't? Blocking out the payloads servers does the job... which hosts CAN do) - IF/WHEN I block that, should it NOT be disabled for communication, even via TOR?

blocking C&C can at least stop the bad guys from integrating your computer into a botnet. correct me if I'm wrong, but hosts only changes the host file? The host file blocks a website only when the OS' DNS is used, but tor has its own DNS, not even using the usual DNS port, but tunneling everything through a https-like connection.

* Fill me in...

(As far as "porting" it to Linux? I've thought about it... wouldn't be hard - & I WISH Borland didn't KILL Kylix (was Delphi for Linux for the most part) - however - there IS FreePascal & it's "Lazarus" IDE, which is VERY CLOSE to the Delphi IDE, & from what I understand, an ALMOST clone of its compiler commandset too! Thus, it IS, doable...)

APK

P.S.=> See - I guess I don't *fully* understand TOR (as I don't use it myself, tried it once - TOO damned slow, just like anonymous proxies are, same idea iirc for the most part afaik - correct me IF I am wrong/off here too... I can stand to learn by it as I *admit* I do NOT "know it all" & can learn as much as the next guy since this field changes so fast & dynamically)

... apk

The first time I've tried tor it was also very slow, but after some years I've tried again and now its usually fast enough even for videos. Sometimes (seldom) a relay is slow, then wait 10 minutes or choose another circuit.

Comment Re:They're using embedded resources... apk (Score 1) 122

I guess your host file program is very superior (it uses 64 bit, that is very future-proof) and so on and so on, but even *if* the C&C servers were known, they could only be defeated if your host program were installed on the tor exit relays. As I guess most run linux, you should port your host program to linux, and encourage its installation on the tor mailing list. Tor doesn't use "normal" DNS -- it uses its own which is routed through the tor network also. The exit relays do the DNS request for you. Otherwise it would be too simple to trace the traffic from the DNS usage.

Comment Re:Angler PC malware? (Score 1) 122

No, not at all. What you are referring to is that X server doesn't need uid 0 to run. But still there is, amongst others, the problem that every x application can keylog you: http://hamsterbaum.de/index.ph...
And taking screenshots from the whole screen or faking user input (also for the whole screen) is also possible for every X application.

Comment Re:Angler PC malware? (Score 1) 122

Most linux distros have software repositories, and when you only use them (no ppas) to install stuff, you are on the safe side. Windows store only includes metro apps. The lack of a proper software repository mechanism is nothing else than an invitation from microsoft to surf the web for software and download it from there. Another part of this problem is dice, which agrees to display "download here" ads on sourceforge, and google, which doesn't want to disable the "download here" ads.

Dice and Google make money from being used to spread malware, and tor is blamed for routing C&C? This is just stupid.
Of course, i've read this, but somehow their efforts were in vain, as I've tried today and got a "free trial windows drivers download now" ad on the vlc download page.

Submission + - Japan To Offer $20,000 Subsidy For Fuel-Cell Cars (reuters.com)

Submitted by Anonymous Coward
An anonymous reader writes: Toyota is on track to launch the first consumer fuel-cell car in Japan next year, and the country's Prime Mininster says the government wants to assist the new alternative to gas-driven vehicles. Shinzo Abe announced that Japan will offer subsidies of almost $20,000 for fuel cell cars, which will decrease the Toyota model's cost by about 28%. He said, "This is the car of a new era because it doesn't emit any carbon dioxide and it's environmentally friendly. The government needs to support this. Honda is also planning to release a fuel-cell car next year, but experts expect widespread adoption to take decades, since hydrogen fuel station infrastructure is still in its infancy.

Submission + - World Health Organization Calls For Decriminalisation of Drug Use (tdpf.org.uk)

Submitted by Anonymous Coward
An anonymous reader writes: We've known for a while: the War on Drugs isn't working. Scientists, journalists, economists, and politicians have all argued against continuing the expensive and ineffective fight. Now, the World Health Organization has said flat out that nations should work to decriminalize the use of drugs. The recommendations came as part of a report released this month focusing on the prevention and treatment of HIV. "The WHO's unambiguous recommendation is clearly grounded in concerns for public health and human rights. Whilst the call is made in the context of the policy response to HIV specifically, it clearly has broader ramifications, specifically including drug use other than injecting. In the report, the WHO says: 'Countries should work toward developing policies and laws that decriminalize injection and other use of drugs and, thereby, reduce incarceration. ...Countries should ban compulsory treatment for people who use and/or inject drugs." The bottom line is that the criminalization of drug use comes with substantial costs, while providing no substantial benefit.

Submission + - MicroxWin Creates Linux DIstribution That Runs Debian/Ubuntu & Android Apps (phoronix.com)

Submitted by Anonymous Coward
An anonymous reader writes: VolksPC who developed MicroXwin as a lightweight X Window Server has come up with their own Linux distribution. Setting apart VolksPC's distribution from others is that it's based on both Debian and Android and has the capability to run Debian/Ubuntu/Android apps together in a native ARM experience. The implementation doesn't depend on VNC or other similar solutions of the past that have tried to join desktop apps with mobile Android apps. This distribution is also reportedlby compatible with all Android applications. The distribution is expected to begin shipping on an ARM mini-PC stick.

Submission + - Amazon Isn't Killing Writing, The Market Is (techcrunch.com)

Submitted by Anonymous Coward
An anonymous reader writes: Amazon has been struggling for price control of the book and ebook markets for years, battling publicly and privately with publishers while making a lot of authors nervous. With yesterday's announcement of "Kindle Unlimited," a Netflix-like book subscription service, Amazon is reaching their endgame in disrupting the book-selling business. But there are other companies doing the same thing, and an article at TechCrunch makes the case that it's the general market, rather than any company in particular, that's making it harder for authors to make a living. "Driving the prices lower isn’t likely to expand the market of readers, since book prices don't seem to be the deciding factor on whether someone reads a book (time is). But those lower prices directly shrink the incomes of authors, who lack any other means of translating their sales into additional revenue. That’s why I don't think the big revolution for writers and other content producers will come from Amazon, but rather from startups like Patreon, which allow producers to build audiences directly and develop their own direct subscription model with their most fervent fans."

Slashdot Top Deals

Say "twenty-three-skiddoo" to logout.

Close