Forgot your password?
typodupeerror

+ - Firefox 33 gets Cisco's OpenH264->

Submitted by NotInHere
NotInHere (3654617) writes "As promised, version 33 of the Firefox browser will fetch the OpenH264 module from Cisco, which enables Firefox to decode and encode H.264 video, for both the <video> tag and WebRTC, which has a codec war on this matter. The module won't be a traditional NPAPI plugin, but a so-called Gecko Media Plugin (GMP), Mozilla's answer to the disliked Pepper API. Firefox had no cross-platform support for H.264 before."
Link to Original Source

Comment: OK you CAN take down onion addresses (Score 1) 121

but no one wants to do that. Doing it would mean to be responsible for subsequent takedowns, and what is seen as illegal in one country may be the opposite in another country, and you would need to establish a system for takedown, which can be misused for censorship.

Comment: Re:You conceded my point on rogue DNS @ least (Score 1) 121

To bring this back to the original topic: you know what a command and control is? I hope so. My posts only have covered the time the malware already was installed on the device. Not before. Of course you won't get the virus when you click a link "download here" which leads into nothingness. And yes, you are true, single ips are easier to fight than dns entries in remote countries, spread over the world. I just said that IPs cannot be blocked by a host file, and I say that it makes no sense to give a DNS server a DNS entry, which would have to be resolved first using a dns server, but the only one available needs a dns lookup before working, and so on and so on.

The only cause that justifies this /. story is that this malware was the first ransomware that used an onion address for C&C, not just only "tor alone". It would gain almost no advantage when it then exited the tor network again through an exit node. It would still have needed some DNS entry somewhere. onion addresses are almost impossible to take down.

Please explain: what are hardcodes?

TOR isn't slow anymore. try it. today. then come back and tell me your opinion about the speed of tor but don't yell tor *is* slow while not having tried it recently (you may yell tor *was* slow though).

Comment: Re:Block rogue DNS servers via hosts (Score 1) 121

Blocking ips using a hosts file... I'm sorry but I don't know of any way of doing this.
Even it it were possible, there tor uses no "rogue DNS" servers, and not using any DNS directly, the DNS is tunneled to the exit relay which then invokes the DNS request. Any block by any firewall or ISP DNS fails here -- not just DNS request blocks like the hosts files, but also IP level blocks. This is what TOR was invented for.

Comment: Re:soviet era crypto (Score 5, Insightful) 129

by NotInHere (#47499109) Attached to: Snowden Seeks To Develop Anti-Surveillance Technologies

As long as it's not the latest curve, privacy preserving crypto can be written by NSA itself, and still be secure for you. SELinux was written by NSA, and I don't have a problem using it. Your security model shouldn't rely on the party your software came from. It should rely on the software itself, idependent reviews, and, if you can't afford your own review, the many-eyes-principle (which has chilling effects).
The russians could only say "this is too secure, design something that can be broken more easily".

Comment: Re:Hosts override ANY DNS (even local)... apk (Score 1) 121

That might be true if the application is using the OS provided network stack, e.g. with DnsQuery. However AFAIK nothing prevents an application to bring its own DNS stack which queries external DNS, ignoring the host file. Does the OS block outgoing requests on port 53?
And, as I've said before, the DNS in TOR doesn't use the OS provided DNS. It uses its own one.
Blocking the C&C perhaps stops communication to the hq, but that doesn't help when the virus is written to first encrypt the HDD and then wait for further commands from C&C.

Comment: Re:Angler PC malware? (Score 1) 121

The ldpreload attack is not a problem of the compositor, but the configuration of apparmor or SELinux:
http://mupuf.org/blog/2014/02/...
http://blog.siphos.be/2011/04/...
The transparent window attack doesn't work, does it? It seems that it is possible to make a transparent window, but then I doubt the events will be passed on onto the below applications. The keylogger would need to fake user input, which isn't possible AFAIK.

Comment: Re:Angler PC malware? (Score 1) 121

I haven't reviewed the source code for every single application and update I install. Nor have my distro's packagers. And the software is compiled on some server I don't know, and the server is a single point of failure.
But still I trust this model more as randomly installing blobs from various websites.
When I randomly install software from my package repo no ads pop up from the taskbar, and I don't see CPU constantly at 100%. Don't have tried it for randomly downloading windows software from the internet.

Comment: Re:Correct me *IF* I am wrong, but... apk (Score 1) 121

The C&C Servers are what is communicated back against (as well as serving up exploits payloads etc. @ times also & IF they don't? Blocking out the payloads servers does the job... which hosts CAN do) - IF/WHEN I block that, should it NOT be disabled for communication, even via TOR?

blocking C&C can at least stop the bad guys from integrating your computer into a botnet. correct me if I'm wrong, but hosts only changes the host file? The host file blocks a website only when the OS' DNS is used, but tor has its own DNS, not even using the usual DNS port, but tunneling everything through a https-like connection.

* Fill me in...

(As far as "porting" it to Linux? I've thought about it... wouldn't be hard - & I WISH Borland didn't KILL Kylix (was Delphi for Linux for the most part) - however - there IS FreePascal & it's "Lazarus" IDE, which is VERY CLOSE to the Delphi IDE, & from what I understand, an ALMOST clone of its compiler commandset too! Thus, it IS, doable...)

APK

P.S.=> See - I guess I don't *fully* understand TOR (as I don't use it myself, tried it once - TOO damned slow, just like anonymous proxies are, same idea iirc for the most part afaik - correct me IF I am wrong/off here too... I can stand to learn by it as I *admit* I do NOT "know it all" & can learn as much as the next guy since this field changes so fast & dynamically)

... apk

The first time I've tried tor it was also very slow, but after some years I've tried again and now its usually fast enough even for videos. Sometimes (seldom) a relay is slow, then wait 10 minutes or choose another circuit.

Comment: Re:They're using embedded resources... apk (Score 1) 121

I guess your host file program is very superior (it uses 64 bit, that is very future-proof) and so on and so on, but even *if* the C&C servers were known, they could only be defeated if your host program were installed on the tor exit relays. As I guess most run linux, you should port your host program to linux, and encourage its installation on the tor mailing list. Tor doesn't use "normal" DNS -- it uses its own which is routed through the tor network also. The exit relays do the DNS request for you. Otherwise it would be too simple to trace the traffic from the DNS usage.

Comment: Re:Angler PC malware? (Score 1) 121

No, not at all. What you are referring to is that X server doesn't need uid 0 to run. But still there is, amongst others, the problem that every x application can keylog you: http://hamsterbaum.de/index.ph...
And taking screenshots from the whole screen or faking user input (also for the whole screen) is also possible for every X application.

Comment: Re:Angler PC malware? (Score 1) 121

Most linux distros have software repositories, and when you only use them (no ppas) to install stuff, you are on the safe side. Windows store only includes metro apps. The lack of a proper software repository mechanism is nothing else than an invitation from microsoft to surf the web for software and download it from there. Another part of this problem is dice, which agrees to display "download here" ads on sourceforge, and google, which doesn't want to disable the "download here" ads.

Dice and Google make money from being used to spread malware, and tor is blamed for routing C&C? This is just stupid.
Of course, i've read this, but somehow their efforts were in vain, as I've tried today and got a "free trial windows drivers download now" ad on the vlc download page.

+ - MicroxWin Creates Linux DIstribution That Runs Debian/Ubuntu & Android Apps ->

Submitted by Anonymous Coward
An anonymous reader writes "VolksPC who developed MicroXwin as a lightweight X Window Server has come up with their own Linux distribution. Setting apart VolksPC's distribution from others is that it's based on both Debian and Android and has the capability to run Debian/Ubuntu/Android apps together in a native ARM experience. The implementation doesn't depend on VNC or other similar solutions of the past that have tried to join desktop apps with mobile Android apps. This distribution is also reportedlby compatible with all Android applications. The distribution is expected to begin shipping on an ARM mini-PC stick."
Link to Original Source

No amount of careful planning will ever replace dumb luck.

Working...