Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Microsoft Bash to the rescue (Score 1) 39

They're not, and suffer the same inherent vulnerability that Powershell or any other executable scripting language does; that even if you have core network and system resources ringfenced, malicious scripts can still play havoc with anything even regular users have access to (like shared file resources and the like).

The reality is, and this has been known for a couple of decades now, email and web clients simply should not be able to execute code. But since executable code, whether macros or scripts, show up in so many file formats it's all but impossible to fully enforce such a regime.

Comment Re:Replacing CMD (Score 1) 39

Some of the nastier scripts out there nowadays aren't really about gaining elevated privileges. Some of them, like the encrypting ransomware requires no special privileges at all, but simply access to user files, and to network files that the user has read/write access to. So while the critical aspects of a computer or a network are protected by execution and system resource access limitations, you need to prevent execution of unauthorized scripts completely.

I have to admit I've found signing Powershell scripts to be a mighty pain in the arse, but it does provide some protection against external scripts running when you maintain the blocking of execution of unsigned scripts. It isn't a complete protection, unfortunately, and Powershell is only one route by which this kind of ransomware could end up on a system. Vulnerabilities in Java, MS-Office files, and even the execution of Windows Scripting Host files (vbscript and jscript) seem more common from my experience.

The one bit of ransomware I saw got loose through a vbscript file attached to an email. For whatever reason, Outlook allowed it to be executed, and the user clicked the dialog that might have prevented it, and then the script went to town encrypting files on the user's own folders and the share. Fortunately there's a good backup regime in place, so there was very little actual loss, but it demonstrated that along with some vulnerabilities in Windows' execution protection schemes, the real weak link as always is users themselves.

Comment Re:I Would Rather Go To Theatres (Score 3, Interesting) 142

As would I. I actually prefer the theater experience, providing you don't have a theater full of assholes. When I went to The Force Awakens last year on its opening day, that old communal experience I remember from theaters when I was a kid came back. There was cheering and clapping when the Star Wars theme played and in general it really was a wonderful experience. My experience with Deadpool was even better, as people laughed at the jokes through the whole thing. And there's the big screen, which I really do love. Can't reproduce that at home.

Comment Re:Try a docking station (Score 1) 73

I've done it with a tablet and it works, but I own a notebook and have a desktop PC at work so I see little enough reason to do it. In theory I suppose the idea of using a mobile device as your primary computing device has its attractions, but this would also mean for me having a Windows device or a device capable of running the Windows software I do use, and the cost of Windows smart devices is fairly hefty.

Comment Re:Enough of this foolishness (Score 1) 112

I feel the same way. I can't imagine a reason I would want multiple wireless devices. Tethering serves the purpose well enough, and really, where I am, wireless data limits are low enough that I would never want my notebook just being able to connect to the wireless network willy nilly.

Comment Re:FX!32 (Score 1) 73

If there were lots of ARM desktop systems out there I could understand it, but as it is, ARM is almost solely still an embedded, tablet and smartphone ecosystem. Having used classic Windows apps on an 8" tablet, I can't imagine any sane person wanting to run them on a phone, or even an 8" tablet.

Slashdot Top Deals

God doesn't play dice. -- Albert Einstein

Working...