Authored by: SkArcher on Friday, January 30 2004 @ 06:56 PM EST |
Can anyone translate the following?
Russian Security
Advisement
The Babelfish is not all that clear at
disecting Russian.
There are a few other articles on the site relating to
MyDoom, have a look there too please.
--- irc.fdfnet.net #groklaw [ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, January 30 2004 @ 07:08 PM EST |
SCO's
Weapons of Mass Destruction
Very very
funny reading :-)
John [ Reply to This | # ]
|
|
Authored by: mmcmonster on Friday, January 30 2004 @ 07:41 PM EST |
My question when I hear about where one of these things originate is: How can we
be sure about it? Someone that's good enough to write one of these things is
probably good enough to root into a system and (using remote access) use that
computer to distribute a virus. A particularly cautious virus writer may even
root into the computer of another hacker, in another country, to cover his
tracks better.
Just wondering how these guys can be so sure...[ Reply to This | # ]
|
|
Authored by: xtifr on Friday, January 30 2004 @ 07:49 PM EST |
Found this on Linux Today, an amazingly good article, written
for a mainstream audience, on Linux, OSDL and similar topics (including some
brief and non-controversial comments about SCO). This is from the "Williamette
Week Online," which bills itself as "Portland's News Weekly". (That's Portland,
Oregon.) Apparently, the new OSDL center in Portland has caused enough of an
invasion of "peguinistas" to pique media curiousity.
The article
includes some charming quotes from Linus and others, and is well worth a
gander. [ Reply to This | # ]
|
|
Authored by: Scriptwriter on Friday, January 30 2004 @ 07:51 PM EST |
(I can tell it's Mydoom.a because of the "sync.c" signature inside
the payload.) Of course it didn't affect my Linux system, but I found something
interesting in the SMTP headers.
I had heard that Mydoom.a passes itself around by mailing itself to everyone in
your address book. However, I got this copy directly from a server in Russia,
according to the traceroute on the address of the originating machine. It was
sent from there straight to my backup mail address:
Received: from inm.ras.ru ([213.59.246.55])
by webmail.example.com (8.12.8/8.12.8) with ESMTP id i0UDxito009437
for <scriptwriter@example.com>; Fri, 30 Jan 2004 07:59:47 -0600
(names have been changed to protect the innocent)
I only know one guy in Russia, and he doesn't know that address. So, I'm
wondering if maybe the original mail was seeded by a bunch of addresses
collected from somehwere else? I get plenty of spam at that address (which is
why it's a backup), and I'm wondering if maybe whoever kicked this off got
their initial address pool from one of those "50 Million Address for
$5!!" CDs.
What do y'all think? It would fit the idea that this was being done by
spammers.
---
He who sells / What isn't his'n / Is headed for / Some time / In prison /
Burma-Shave
irc.fdfnet.net #groklaw[ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, January 30 2004 @ 07:53 PM EST |
Netcraft is showing www.sco.com now served up by NetBSD/OpenBSD.
http://uptime.netcraft.com/perf/graph?site=www.sco.com[ Reply to This | # ]
|
|
Authored by: leeway00 on Friday, January 30 2004 @ 07:59 PM EST |
My question is how would you catch someone who writes a virus or a trojan, goes
to a wireless access point & uploads it to alt.yada.yada using a fake
handle? The MAC addresses can be spoofed & you pull a dynamic IP from the
DHCP server onsite.
Leeway[ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, January 30 2004 @ 09:03 PM EST |
<UL><I>"In a story that would completely exonerate the Linux
community, accused by SCO of perhaps being behind this week's e-mail virus, the
Moscow Times is carrying a story this morning that the first e-mails infected
with MyDoom [trace] back to addresses with Russian Internet
providers."</I></UL>
If I was a Russian Linux user, I'd be having very mixed feelings about this
paragraph. It implies that they aren't part of the Linux community. Surely
the community extends to all our worldly compatriots, including those in
Russia.
Therefore the fact that the virus originates from Russia, can't be any
indication that no Linux enthusiast was behind it. The only way it's ever
going to be proven one way or the other, is if they actually find the
programmer, or there's a confession.
Of course, that doesn't stop speculation one way or the other being treated as
fact (*cough* McBride ... *cough* LinuxWorld). But hey, politicians have used
that tactic for years, so it must be OK.[ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, January 30 2004 @ 10:04 PM EST |
We have no idea who it was, this author warns against making judgement and even
says other "experts" indicate the originator may very well be "an open-source
supporter".
http://www.businessweek.com/technology/content/jan2004/tc20040129_2898_
tc078.htm
[ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, January 30 2004 @ 10:16 PM EST |
Here's an InfoWorld article
that just came
out today. Here's a couple of quotes from
the author, Kevin McKean:
"First, Test Center Contributing Editor Paul Venezia
offers a deep and fascinating look inside the new Linux
kernel [..] the
new core quadruples the amount of RAM and
the
number of x86 CPUs that
Linux can handle. It also bumps
the maximum file-system size from 2TB to
16TB and expands
the permitted number of major devices [..] to a spacious
4,095
Venezia also offers first-hand insight into the
power of
the open source community. When he found bugs and posted
them
to the Linux mailing list, quick responses appeared
from both Linus
Torvalds, Linux creator, and Andrew
Morton [..] Within six hours, the
problem was pinpointed.
The fix has since been incorporated into the next
release."
This isn't a bash on Microsoft so much as it
is an
observation: is Microsoft able to respond and patch that
quick?
Given the levels of bureaucracy inside such a
behemoth of a corporation,
they couldn't respond this
fast if they wanted to.
Further proof that open source computing has some strong
advantages over
it's proprietary counterparts. This is
especially true when it comes to open
source OS's.
[ Reply to This | # ]
|
|
Authored by: blacklight on Friday, January 30 2004 @ 10:23 PM EST |
It is not the fact that MyDoom originated in Russia that exonerates the Linux
community, it is the fact that MyDoom was created as a spamming tool. Whether
the spamming tool was originally created in Russia or on the dark face of the
moon or on Main Street, USA is irrelevant in proving the Linux community's
innocence. Again, it is the fact that it is a spamming tool that clinches the
proof of the Linux community's innocence.[ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, January 30 2004 @ 10:57 PM EST |
SCO 404! [ Reply to This | # ]
|
|
Authored by: Kai on Saturday, January 31 2004 @ 12:05 AM EST |
Hehehe, I love that SCO 404 error page ! :P
I wanted to check out SCO's propaganda bullshit, I mean "press
release" about MyDoom but I can't browse to their website and Telnet
says...
telnet www.sco.com 80
Trying 216.250.128.12...
Connected to www.sco.com.
Escape character is '^]'.
Connection closed by foreign host.
---
Another (Western) Australian who is interested.[ Reply to This | # ]
|
|
Authored by: Scriptwriter on Saturday, January 31 2004 @ 12:35 AM EST |
I suppose that's a possibility, although wherever they got that address,
spammers were involved, suggesting either that there are more ways for this worm
to spread than searching someone's address book, or that the originator (or
someone other malicious sort) is helping it along.
---
He who sells / What isn't his'n / Is headed for / Some time / In prison /
Burma-Shave
irc.fdfnet.net #groklaw[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, January 31 2004 @ 05:57 AM EST |
Kaspersky is famous for its DOS/Windows antivirus product, however I am not
aware of any their achievements in network security, or network architecture
analysis. So unless they have something that no one else knows yet ("we
got a copy from a Russian address" doesn't cut it -- they ARE in Russia,
of course, they will get most of emails, with or without virus, from their local
users and partners), their statement most likely is far beyond their scope of
work and expertise, and should be taken with a grain of salt.[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, January 31 2004 @ 08:18 AM EST |
How would it 'exonerate' the Linux community ? Are they saying that if the
virus had been created in the US or Europe by a Linux user, then the entire
community would be collectiely responsible ?<p>That is playing their game
- linking the actions of an individual to a community, and holding the entire
community jointly responsible.<p>So I say - we need no exoneration,
because we (99.9999% of Linux users/developers) are not guilty.[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, January 31 2004 @ 01:44 PM EST |
I think SCO paid for the virus. Think about it, spammers for hire, SCO goes
through an intermediary (or 12). It makes too much sense to be false.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, January 31 2004 @ 02:42 PM EST |
Are you actualy trying to say that no one uses Linux in Russia? [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, January 31 2004 @ 04:08 PM EST |
Is everybody else also getting an 'error selecting database' error Today, when
trying to display Today's new
article, Groklaw Takes
A Closer Look at the ABI Files, by Frank Sorenson et al? For me, it hangs
for a long time before displaying this error message. [ Reply to This | # ]
|
|
Authored by: photocrimes on Saturday, January 31 2004 @ 09:25 PM EST |
Nice, can we be any more biased?
And why is SCO the target? Mikko
Hyppoenen, head of anti-virus research at the Finnish group F-Secure, told the
Agence France-Presse that some Linux users are mad at the Utah vendor for trying
to take Linux - a free operating system for personal computers - into a closed
system and to make a profit off of it.
So because a few computer users have a
beef with one company over some esoteric issue that 99 percent of computer users
couldn't care less about, some hacker or another attacks millions of innocent
computers, infecting hundreds of millions of e-mails.
The link to this great example of
journalism.--- //A picture is worth a thousand words// [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, January 31 2004 @ 10:19 PM EST |
As of a few minute ago, www.sco.com was unreachable.
As much as I dislike SCO's antics, I hope the #@$%@^%@^ who is responsible for
MyDoom gets to rot in jail. I hear Russian jails are nice this time of year -
NOT.
SCO doesn't deserve this (the deserve a lot of things, but not this). The
world's computer users don't either.[ Reply to This | # ]
|
|