Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Umm... just WMVs? (Score 1) 150

How do you do that in Windows? I never saw any ability to do firewalling by network adaptor.

You can limit any firewall rule to work on one or more interface types on the Advanced tab of the rule's properties. This isn't quite as good as specifying the adaptor if you have really complicated networks, but it does the trick for 99.9% of cases. The three interface types are (as copied from the help file for the firewall):

Local area network
The rule applies only to communications sent through wired local area network (LAN) connections that you have configured on the computer.

Remote access
The rule applies only to communications sent through remote access, such as a virtual private network (VPN) connection or dial-up connection that you have configured on the computer.

Wireless
The rule applies only to communications sent through wireless network adapters that you have configured on the computer.

So for my example, if I don't want Steam to download updates through my work's VPN then I would turn off the remote access interface on its rule. This does not change the routing, so if I have connected the VPN then Steam simply stops being able to access the Internet. This suits me fine, but if you wanted Steam to continue downloading with the local network while the VPN was active then you would have to fiddle with the routing. Unfortunately, I don't know of any way of doing this on a per-application basis. You would have to set the routing for the Steam servers by IP address.

When the VPN disconnects, any application that was only allowed to access the remote access interface would similarly lose the ability access the net, preventing those pesky leaks. This is not as easy as you described on Linux, as you can't change the default settings for the interface. This means you have to manually change each rule to disable the local area network interface to ensure everything has to go through the VPN. This isn't so bad, because Powershell comes with a lot of firewall manipulation commands. I haven't needed to use them yet, but I do see interface types mentioned when I did a man *firewall* (which shows all help topics containing the name firewall). You can use this to make a bulk change and then manually set the VPN rules to allow the LAN interface.

Comment Re:Umm... just WMVs? (Score 1) 150

But how does the hardware firewall block specific applications from accessing the Internet?

By granting internet access on a per application basis with the software firewall, I don't have to worry about bugs or unintended consequences of some program have network access that I didn't expect. My media player only ever plays files from my computer, so I have never needed to grant it permission to talk to arbitrary servers, so this trick would never have affected me. It's a great way of neutering malware and backdoors/telemetry in programs.

Comment Re:Umm... just WMVs? (Score 4, Informative) 150

And of course, to do that, you would have to trust the windows firewall, which doesn't show everything.

If you run "Windows Firewall with Advanced Security" it shows absolutely everything. I have yet to find anything that bypasses the firewall. Even Windows 10's agressive updates don't work if you block by default, although I have no evidence of the telemetry one way or the other.

That said, if you have an application that runs with elevated security then it can add its own firewall rules. The way around that is to create a special user that just for editing the firewall entries, grant it access to the registry setting and revoke administrator rights. That's only required if you are paranoid though, or if you have a specific requirement. I did this to stop Steam from constantly creating firewall entries for itself and all games. I needed to lock it down to only work over my local connection to prevent it from downloading via my work when I set up a VPN to access the servers.

Comment Re:Yawn, I should be a security researcher (Score 1) 60

Why? In what way does it seem implausible? If this malware has only been seen at a certain type of place, what other conclusion is more likely to you? That it is all some giant coincidence and that we should pay no attention to where it was found?

Surely the alarmist thing would be to say that everybody is likely to be attacked by this malware. Or maybe that it was a terrorist plot to release some biological agent into the atmosphere by remote control. But no, it just says that it is probably just everyday industrial espionage with no suggestion of a further agenda. That is not alarmism. In fact, the take home message that I got from the article is that I don't have to worry about my system being infected with this malware; now or in the future. The only reason why it was even reported here was that it was the first malware that he has examined for the year. Considering how old it appears to be, it's not even being portrayed as if it was the first that was written this year.

Comment Re:Mac OS based espionage malware (Score 1) 60

The article makes it clear that in order to extract and run the malware, you have to extract and install other malware named "Java".

So the article is correct; the malware doesn't have to be authorised with the admin password. The fact that it requires Java just means that it only works on machines with Java installed. Given that it seems to be targeted to a specific industry then it's not an unusual requirement as they are probably using some Java controller software.

You also need to have a Mac for it to run, but that doesn't make people claim that you need to buy the malware from an Apple store.

Comment Re:Yawn, I should be a security researcher (Score 3, Interesting) 60

Are you seriously trying to claim that he is some sort of alarmist? From the link that you provided, it concludes:

Adwind is, overall, a fairly weak effort on the Mac.

And where did the blogger claim the perpetrator of this malware was the boogeyman-du-jour? All I could find was things like:

Although there is no evidence at this point linking this malware to a specific group, the fact that it's been seen specifically at biomedical research institutions certainly seems like it could be the result of exactly that kind of espionage.

This could also signify that the hackers behind it really don't know the Mac very well and were relying on old documentation.

That doesn't paint the picture of an uber-hacker! At no point was it claimed that this was going to affect us all. In fact, it was said that this has already been fixed by Apple:

Apple calls this malware Fruitfly and has released an update that will be automatically downloaded behind the scenes to protect against future infections.

If he is trying to "get some limelight" then aren't you also doing the same thing by posting here? Just talking about something is not the same as getting some limelight. This was just another post about the latest malware to be investigated by them. At no point was it hyped as anything new. It discussed the parts of the malware that seemed to be ancient code, as well as the parts that were new. However, I will admit that the headline of "the first Mac malware of 2017" is pretty inflammatory considering that it seems to have been deployed for a while. I think it would have been better said as the first malware of 2017 that he had looked at.

Comment Re:Mac OS based espionage malware (Score 2) 60

It doesn't. Someone has to authorize it with the admin password.

Is this based on anything, or are you just guessing? If you read the comment section of the article someone asked how it spread, and "Does running as a standard user as opposed to an admin account prevent its installation?"

To which the malwarebytes.com blogger said:

We still don't know how it gets installed. All samples so far have been observed installed in user space, so running in a standard user account will not protect against this.

That seems to contradict what you have claimed.

Comment Re:Anyone use it? (Score 3, Informative) 24

Any reason Microsoft picked Intel's chosen distro, as opposed to one from Oracle, Debian, Red Hat or Suse?

This is one of those RTFA moments. They are adding Intel's distro to their selection. It is not the only one. From the article:

Microsoft already supports CentOS, CoreOS, Debian, Oracle Linux, Red Hat Enterprise Linux, SUSE Enterprise Linux, OpenSUSE and Ubuntu in Azure instances.

The operating system that run Azure is actually called Microsoft Azure. It is specifically designed to run virtual machines and other cloud services.

Comment Re:Subscription for online multiplayer (Score 4, Interesting) 167

You're dead to me, Nintendo.

I said the same thing when they introduced region locking with the Nintendo 3DS. I think I only bought one or two games from overseas for the DS, but I just don't want to have any worry when buying a game from a website which region it is for. And dammit, it's the principle.

I don't play multiplayer games, so it will be interesting to see how tempting the Switch is to see if I will stand on principle there too.

Comment There is no meaningful change (Score 1) 183

Having looked at the small amount of information that we have been given (including the one screenshot), I don't see anything that we could not already change. All the settings listed in the screenshot are currently under the Privacy section of the Windows 10 settings right now.

Location: Privacy->Location
Speech Recognition: Privacy->Speech, inking & typing
Diagnostics: Privacy->Feedback & diagnostics
Tailored experiences with diagnostic data: Personalization->Start (and maybe Privacy->General)
Relevent ads: Privacy->General

In fact, the new dashboard is worse than the current settings in regards to the diagnostics. In the current settings you diagnostic and usage data can be one of three settings: Basic, Enhanced, and Full. The dashboard only allows two settings: Full and ????. It certainly isn't On/Off so this doesn't prevent the telemetry that made us lose trust in Windows 10 in the first place.

Comment Re:Shocking example (Score 1) 183

My guess was that by "health activity" they mean the health of the computer (diagnostics), since there currently isn't any ability to track the user's health. Or maybe it is something that is only on the phone version of Windows. The iPhone has a health app which has privacy settings to allow apps to read and write the data. When you first run it asks for a bunch of personal information (which I won't tell them so I have no idea what it looks like after that point). Perhaps Windows Phone has the same thing.

Comment Re:Umm...no, they're not (Score 2) 183

For example, the first time you hit the start menu, it can show you a balloon: "Would you like to see customized content here?....They could something similar in other places where they think there might be a benefit to the users.

God no! I hate it when you have to hunt around and try everything out when you set up a computer to make sure that you found all the settings. It's much better to have one single place that has all the configuration options. Given that you can set these options at install time, I fail to see how scattering the privacy settings all over the place makes it any more convenient or "proof that they are taking things seriously".

Comment Re: This is why most people are skeptical (Score 5, Interesting) 436

All of that is based on the premise that the economy will tank if do anything to address global warming. But that is the same argument that has been leveled at every attempt to fix an environmental or social problem, like banning CFCs to stop destroying the ozone layer, or stopping the dumping harmful chemicals in any old place without a care for the health effects, or improving safety in factories to prevent workers dying from the chemicals they use, or the abolition of slavery, etc.

And yet here were are after all those changes. The economy wasn't destroyed, and scientific research is still being funded. That is because the economy adapted, as it always does. In this case we might have some short-term pain with the cost of converting to cleaner energy sources and technologies, but that will get forgotten once we find that we can save money by being smart about taking the energy from the air and sunlight around us. While coal miners won't be happy about the reduction of coal use, solar panel manufacturers will delight as their industry booms. While some things might cost us more as we have to find environmentally friendly ways of manufacturing goods, the work we do to reduce greenhouse gas emissions will have the effect of lowering levels of all pollutions. This will lead to a reduction in pollution-related diseases lowering the health care costs.

We will soon forget about what we had to do to fix climate change just as we have with all the other changes that I mentioned above. Eventually, some other problem will occur and nay-sayers will predict the ruin of the economy yet again.

Comment Re:It is Inevitable (Score 4, Insightful) 436

If I disagreed with it and was certain (with proof) that I was right, then I would falsify your statement with references, right then and there

Why bother going to all that trouble for someone who made some pretty bold claims without references themselves. The most likely outcome would be that when the next climate-related story comes out the OP will simply ignore any evidence posted to the contrary (since all scientists are corrupt frauds) and repeat the same nonsense again.

A down-mod is my nice, easy, comfortable, anonymous "screw you" that faces no danger of me being personally questioned for choosing it. So there. Ha-ha!

Says the Anonymous Coward. Nice one.

Slashdot Top Deals

The reason why worry kills more people than work is that more people worry than work.

Working...