• Re: SSHD rootkit heads up

    From Lusotec@110:300/1.1 to All on Fri Feb 22 17:22:42 2013
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD rootkit
    hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples of the
    rootkit. The rootkit is actually a trojanized library that links with
    SSHD and does *a lot* of nasty things to the system.

    Here are some more interesting information on that. http://www.webhostingtalk.com/showthread.php?t=1235797

    Regards.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.10 (GNU/Linux)

    iF4EAREIAAYFAlEnm1IACgkQGQjO2ccW76rL6wD/e+qRAoDmQNPCe56mSXDKjlRU n7cJK7APUrztJX4lbKUA/2Ik111ZBdvWIGeSR12g52W6hFmaZjpS2Fi0qP6ILHKQ
    =1zP1
    -----END PGP SIGNATURE-----


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: A noiseless patient Spider (110:300/1.1@linuxnet)
  • From Cola Zealot@110:300/1.1 to All on Fri Feb 22 19:27:09 2013
    Lusotec wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD rootkit
    hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples of
    the rootkit. The rootkit is actually a trojanized library that
    links with SSHD and does *a lot* of nasty things to the system.

    Here are some more interesting information on that. http://www.webhostingtalk.com/showthread.php?t=1235797

    Yup, maybe Linux is insecure by design?
    Just repeat after me what has often been said in COLA:
    "The OS can't be blamed"
    "The user has to be blamed"
    "There is NO Linux malware"
    Are these claims still valid?. Lusrtec!


    Regards.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.10 (GNU/Linux)

    iF4EAREIAAYFAlEnm1IACgkQGQjO2ccW76rL6wD/e+qRAoDmQNPCe56mSXDKjlRU n7cJK7APUrztJX4lbKUA/2Ik111ZBdvWIGeSR12g52W6hFmaZjpS2Fi0qP6ILHKQ
    =1zP1
    -----END PGP SIGNATURE-----

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: CNNTP (110:300/1.1@linuxnet)
  • From JEDIDIAH@1:0/0 to All on Fri Feb 22 20:50:34 2013
    On 2013-02-22, Cola Zealot <Cola_Zealot@fuckoff.com> wrote:
    Lusotec wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD rootkit
    hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples of
    the rootkit. The rootkit is actually a trojanized library that
    links with SSHD and does *a lot* of nasty things to the system.

    Here are some more interesting information on that.
    http://www.webhostingtalk.com/showthread.php?t=1235797

    Yup, maybe Linux is insecure by design?

    So that's why we're talking about rootkits here and not
    malformed JPEG documents or bad websites...

    [deletia]

    You're like Typhoid Mary over there trying to screech that someone
    else is some sort of biohazard.

    --
    "If I give you a pfennig, you will be one pfennig richer and
    I'll be one pfennig poorer. But if I give you an idea, you will |||
    have a new idea, but I shall still have it, too." / | \
    ~ Albert Einstein

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Homer@110:300/1.1 to All on Sat Feb 23 04:57:10 2013
    Verily I say unto thee that Lusotec spake thusly:

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD rootkit
    hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples of the
    rootkit. The rootkit is actually a trojanized library that links with
    SSHD and does *a lot* of nasty things to the system.

    Here are some more interesting information on that. http://www.webhostingtalk.com/showthread.php?t=1235797

    From the available evidence it seems this security breach was cause by a proprietary application called CPanel, a notoriously insecure Web
    interface for configuring servers.

    Yet another good reason to choose Free Software.

    (Subject corrected.)

    --
    K. | "You see? You cannot kill me. There is no flesh http://slated.org | and blood within this cloak to kill. There is Fedora 8 (Werewolf) on šky | only an idea. And ideas are bulletproof." kernel 2.6.31.5, up 122 days | ~ V for Vendetta.

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: Slated.org (110:300/1.1@linuxnet)
  • From Snit@1:0/0 to All on Sat Feb 23 05:11:58 2013
    On 2/22/13 12:50 PM, in article slrnkifj0a.ldk.jedi@nomad.mishnet,
    "JEDIDIAH" <jedi@nomad.mishnet> wrote:

    On 2013-02-22, Cola Zealot <Cola_Zealot@fuckoff.com> wrote:
    Lusotec wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD rootkit
    hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples of
    the rootkit. The rootkit is actually a trojanized library that
    links with SSHD and does *a lot* of nasty things to the system.

    Here are some more interesting information on that.
    http://www.webhostingtalk.com/showthread.php?t=1235797

    Yup, maybe Linux is insecure by design?

    So that's why we're talking about rootkits here and not
    malformed JPEG documents or bad websites...

    [deletia]

    You're like Typhoid Mary over there trying to screech that someone
    else is some sort of biohazard.

    The point is that if this were on Windows the "advocate" reaction would be
    to blame the OS.

    Not that it should be ignored that the only two OSs with *major* malware concerns are Windows and Android, *any* OS can get malware, even iOS, OS X,
    and desktop Linux.


    --
    "In fact, the main goal of Linux might be called usability... the most important thing is that it works well and people ... want to use it."
    -- Linus Torvalds


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Snit@1:0/0 to All on Sat Feb 23 18:04:02 2013
    On 2/22/13 8:57 PM, in article m9rlv9-rrv.ln1@sky.matrix, "Homer" <usenet@slated.org> wrote:

    Verily I say unto thee that Lusotec spake thusly:

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD rootkit
    hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples of the
    rootkit. The rootkit is actually a trojanized library that links with >>> SSHD and does *a lot* of nasty things to the system.

    Here are some more interesting information on that.
    http://www.webhostingtalk.com/showthread.php?t=1235797

    From the available evidence it seems this security breach was cause by a proprietary application called CPanel, a notoriously insecure Web
    interface for configuring servers.

    Yet another good reason to choose Free Software.

    And yet you choose G+ which is a proprietary solution.

    So funny!


    --
    "When making pornography involves real abuse of real children ... that does
    not excuse censorship. No matter how disgusting published works might be, censorship is more disgusting." -- Richard Stallman


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Cola Zealot@110:300/1.1 to All on Sat Feb 23 22:39:40 2013
    Snit wrote:
    On 2/22/13 8:57 PM, in article m9rlv9-rrv.ln1@sky.matrix, "Homer" <usenet@slated.org> wrote:

    Verily I say unto thee that Lusotec spake thusly:

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD
    rootkit hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples of
    the rootkit. The rootkit is actually a trojanized library that
    links with SSHD and does *a lot* of nasty things to the system.

    Here are some more interesting information on that.
    http://www.webhostingtalk.com/showthread.php?t=1235797

    From the available evidence it seems this security breach was cause
    by a proprietary application called CPanel, a notoriously insecure
    Web interface for configuring servers.

    Yet another good reason to choose Free Software.

    And yet you choose G+ which is a proprietary solution.

    No problem for Homer.
    As long as Microsoft is not involved, proprietary solutions are fine with
    him, since he's a raging hypocrite who hoarded money from proprietary
    software his entire career.


    So funny!

    Indeed, this fanatic loon makes you laugh!


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: CNNTP (110:300/1.1@linuxnet)
  • From Snit@1:0/0 to All on Sat Feb 23 23:25:21 2013
    On 2/23/13 2:39 PM, in article 512936e2$0$12000$6e1ede2f@read.cnntp.org,
    "Cola Zealot" <Cola_Zealot@fuckoff.com> wrote:

    Snit wrote:
    On 2/22/13 8:57 PM, in article m9rlv9-rrv.ln1@sky.matrix, "Homer"
    <usenet@slated.org> wrote:

    Verily I say unto thee that Lusotec spake thusly:

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD
    rootkit hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples of
    the rootkit. The rootkit is actually a trojanized library that
    links with SSHD and does *a lot* of nasty things to the system.

    Here are some more interesting information on that.
    http://www.webhostingtalk.com/showthread.php?t=1235797

    From the available evidence it seems this security breach was cause
    by a proprietary application called CPanel, a notoriously insecure
    Web interface for configuring servers.

    Yet another good reason to choose Free Software.

    And yet you choose G+ which is a proprietary solution.

    No problem for Homer.
    As long as Microsoft is not involved, proprietary solutions are fine with him, since he's a raging hypocrite who hoarded money from proprietary software his entire career.

    MS of Apple - the two companies who he envies the success of.

    So funny!

    Indeed, this fanatic loon makes you laugh!




    --
    "I have never, ever cared about really anything but the Linux desktop."
    -- Linus Torvalds


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Cola Zealot@110:300/1.1 to All on Sun Feb 24 11:34:22 2013
    Snit wrote:
    On 2/23/13 2:39 PM, in article
    512936e2$0$12000$6e1ede2f@read.cnntp.org, "Cola Zealot" <Cola_Zealot@fuckoff.com> wrote:

    Snit wrote:
    On 2/22/13 8:57 PM, in article m9rlv9-rrv.ln1@sky.matrix, "Homer"
    <usenet@slated.org> wrote:

    Verily I say unto thee that Lusotec spake thusly:

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD
    rootkit hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples
    of the rootkit. The rootkit is actually a trojanized library
    that links with SSHD and does *a lot* of nasty things to the
    system.

    Here are some more interesting information on that.
    http://www.webhostingtalk.com/showthread.php?t=1235797

    From the available evidence it seems this security breach was cause
    by a proprietary application called CPanel, a notoriously insecure
    Web interface for configuring servers.

    Yet another good reason to choose Free Software.

    And yet you choose G+ which is a proprietary solution.

    No problem for Homer.
    As long as Microsoft is not involved, proprietary solutions are fine
    with him, since he's a raging hypocrite who hoarded money from
    proprietary software his entire career.

    MS of Apple - the two companies who he envies the success of.

    Creepy Ahlstrom, Homer, Rexford kingmaker and Peter Kohlmann have many
    things in common.
    They envy the success of (former) CEO's and huge innovators like Ballmer, Jobs, Cook, Gates because these linturds have never achieved anything even a tiny bit similar in life and never will.
    This has turned them in angry old men and raving anti-corporate trolls.
    Poor Linturds with their failed crap careers!


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: CNNTP (110:300/1.1@linuxnet)
  • From fuyang@1:0/0 to All on Sun Feb 24 14:00:18 2013
    On 24.02.2013 11:34, Cola Zealot wrote:
    Snit wrote:
    On 2/23/13 2:39 PM, in article
    512936e2$0$12000$6e1ede2f@read.cnntp.org, "Cola Zealot"
    <Cola_Zealot@fuckoff.com> wrote:

    Snit wrote:
    On 2/22/13 8:57 PM, in article m9rlv9-rrv.ln1@sky.matrix, "Homer"
    <usenet@slated.org> wrote:

    Verily I say unto thee that Lusotec spake thusly:

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD
    rootkit hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples
    of the rootkit. The rootkit is actually a trojanized library
    that links with SSHD and does *a lot* of nasty things to the
    system.

    Here are some more interesting information on that.
    http://www.webhostingtalk.com/showthread.php?t=1235797

    From the available evidence it seems this security breach was cause
    by a proprietary application called CPanel, a notoriously insecure
    Web interface for configuring servers.

    Yet another good reason to choose Free Software.

    And yet you choose G+ which is a proprietary solution.

    No problem for Homer.
    As long as Microsoft is not involved, proprietary solutions are fine
    with him, since he's a raging hypocrite who hoarded money from
    proprietary software his entire career.

    MS of Apple - the two companies who he envies the success of.

    Creepy Ahlstrom, Homer, Rexford kingmaker and Peter Kohlmann have many
    things in common.
    They envy the success of (former) CEO's and huge innovators like
    Ballmer, Jobs, Cook, Gates because these linturds have never achieved anything even a tiny bit similar in life and never will.
    This has turned them in angry old men and raving anti-corporate trolls.
    Poor Linturds with their failed crap careers!

    You defend companies, that let things like this happen?

    http://www.theregister.co.uk/2013/02/23/microsoft_azure_back_online/

    You obey "huge innovators" that sell stolen ideas? You prefer to use
    software that keeps users imprisonated?

    --
    fuyang

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Cola Zealot@110:300/1.1 to All on Sun Feb 24 16:42:47 2013
    An idiot who calls himself fuyang wrote:
    On 24.02.2013 11:34, Cola Zealot wrote:
    Snit wrote:
    On 2/23/13 2:39 PM, in article
    512936e2$0$12000$6e1ede2f@read.cnntp.org, "Cola Zealot"
    <Cola_Zealot@fuckoff.com> wrote:

    Snit wrote:
    On 2/22/13 8:57 PM, in article m9rlv9-rrv.ln1@sky.matrix, "Homer"
    <usenet@slated.org> wrote:

    Verily I say unto thee that Lusotec spake thusly:

    Chris Ahlstrom wrote:

    https://isc.sans.edu/diary/SSHD+rootkit+in+the+wild/15229

    SSHD rootkit in the wild
    Published: 2013-02-21,
    Last Updated: 2013-02-22 09:23:59 UTC

    There are a lot of discussions at the moment about a SSHD
    rootkit hitting mainly RPM based Linux distributions.
    Thanks to our reader unSpawn, we received a bunch of samples >>>>>>>> of the rootkit. The rootkit is actually a trojanized library >>>>>>>> that links with SSHD and does *a lot* of nasty things to the >>>>>>>> system.

    Here are some more interesting information on that.
    http://www.webhostingtalk.com/showthread.php?t=1235797

    From the available evidence it seems this security breach was
    cause by a proprietary application called CPanel, a notoriously
    insecure Web interface for configuring servers.

    Yet another good reason to choose Free Software.

    And yet you choose G+ which is a proprietary solution.

    No problem for Homer.
    As long as Microsoft is not involved, proprietary solutions are
    fine with him, since he's a raging hypocrite who hoarded money from
    proprietary software his entire career.

    MS of Apple - the two companies who he envies the success of.

    Creepy Ahlstrom, Homer, Rexford kingmaker and Peter Kohlmann have
    many things in common.
    They envy the success of (former) CEO's and huge innovators like
    Ballmer, Jobs, Cook, Gates because these linturds have never achieved
    anything even a tiny bit similar in life and never will.
    This has turned them in angry old men and raving anti-corporate
    trolls. Poor Linturds with their failed crap careers!

    You defend companies, that let things like this happen?

    http://www.theregister.co.uk/2013/02/23/microsoft_azure_back_online/

    You obey "huge innovators" that sell stolen ideas? You prefer to use
    software that keeps users imprisonated?

    And of course you obey your masters at Google "a Linux Company" who sells a crappy £1049 / $1604 / € 1216 laptop like this!
    <quote>
    Google is offering Pixel buyers an unprecedented 1 terabyte of cloud storage for three years. The catch - and it's a big one - is that after those three years, you're paying $50 per month to keep photos, GIFs, or whatever else
    you right-click on stored in Google's cloud. That's a lot of money if you don't plan on buying a replacement within that three-year window.
    </quote>


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: CNNTP (110:300/1.1@linuxnet)
  • From Hadron@110:300/1.1 to All on Sun Feb 24 16:48:00 2013
    "Cola Zealot" <Cola_Zealot@fuckoff.com> writes:


    And of course you obey your masters at Google "a Linux Company" who sells a crappy £1049 / $1604 / € 1216 laptop like this!
    <quote>
    Google is offering Pixel buyers an unprecedented 1 terabyte of cloud storage
    for
    three years. The catch - and it's a big one - is that after those three
    years,
    you're paying $50 per month to keep photos, GIFs, or whatever else you right-click on stored in Google's cloud. That's a lot of money if you don't
    plan
    on buying a replacement within that three-year window.
    </quote>



    50 a MONTH!?!?!??!?!? Holy shit.


    --
    A certain COLA "advocate" faking his user-agent in order to pretend to be a Linux
    user: User-Agent: Outlook 5.5 (WinNT 5.0), User-Agent: slrn/0.9.8.0
    (Linux), Message-ID: <wPGdnd3NnOM0ACfdRVn-hw@comcast.com>

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: gnu (110:300/1.1@linuxnet)
  • From Ezekiel@110:300/1.1 to All on Sun Feb 24 16:55:14 2013
    "Hadron" <hadronquark@gmail.com> wrote in message news:qvy5edd87j.fsf@news.eternal-september.org...
    "Cola Zealot" <Cola_Zealot@fuckoff.com> writes:


    And of course you obey your masters at Google "a Linux Company" who sells >> a
    crappy 1049 / $1604 / ? 1216 laptop like this!
    <quote>
    Google is offering Pixel buyers an unprecedented 1 terabyte of cloud
    storage for
    three years. The catch - and it's a big one - is that after those three
    years,
    you're paying $50 per month to keep photos, GIFs, or whatever else you
    right-click on stored in Google's cloud. That's a lot of money if you
    don't plan
    on buying a replacement within that three-year window.
    </quote>



    50 a MONTH!?!?!??!?!? Holy shit.


    Here's a comment from a article about this lower laptop:

    <quote>
    "I'm staggered at the depths of stupid Google displays with this thing. Basically, you pay Google a snazzy premium for a snazzy dumb terminal to
    suck up personal data so Google can mine it and make more money off you." </quote>

    In other words, you get to pay Google $50 a month for the privilege of them sucking in every bit of personal data you have and then using your data to make them money.

    --
    Just picked up the 8-gig model (iPhone)

    Yeah, fine, cute toy and all, but some gimboid up there is trying to fob it off as a "wowee" when in fact, it's more of a "gee whiz" - as in "Gee whiz, now I can store phone numbers for 180 million people... and the two friends
    I actually have."

    Kelsey Bjarnason - Failing to understand smartphone basics <dn0pn4-8vs.ln1@spanky.localhost.net>




    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: A noiseless patient Spider (110:300/1.1@linuxnet)
  • From GreyCloud@1:0/0 to All on Sun Feb 24 17:34:31 2013
    On 2/24/2013 8:55 AM, Ezekiel wrote:
    "Hadron" <hadronquark@gmail.com> wrote in message news:qvy5edd87j.fsf@news.eternal-september.org...
    "Cola Zealot" <Cola_Zealot@fuckoff.com> writes:


    And of course you obey your masters at Google "a Linux Company" who sells >>> a
    crappy 1049 / $1604 / ? 1216 laptop like this!
    <quote>
    Google is offering Pixel buyers an unprecedented 1 terabyte of cloud
    storage for
    three years. The catch - and it's a big one - is that after those three
    years,
    you're paying $50 per month to keep photos, GIFs, or whatever else you
    right-click on stored in Google's cloud. That's a lot of money if you
    don't plan
    on buying a replacement within that three-year window.
    </quote>



    50 a MONTH!?!?!??!?!? Holy shit.


    Here's a comment from a article about this lower laptop:

    <quote>
    "I'm staggered at the depths of stupid Google displays with this thing. Basically, you pay Google a snazzy premium for a snazzy dumb terminal to
    suck up personal data so Google can mine it and make more money off you." </quote>

    In other words, you get to pay Google $50 a month for the privilege of them sucking in every bit of personal data you have and then using your data to make them money.

    Any time they start touting the Cloud storage... don't buy and don't do
    it. Matter of fact... RUN!


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Denis McMahon@110:300/1.1 to All on Thu Mar 7 06:45:17 2013
    On Sun, 24 Feb 2013 09:34:31 -0700, GreyCloud wrote:

    Any time they start touting the Cloud storage... don't buy and don't do
    it. Matter of fact... RUN!

    I thought the whole point of cloud storage was to provide all government agencies globally with a single point of contact for a warrantless search
    of your complete life.

    Or did I miss something?

    --
    Denis McMahon, denismfmcmahon@gmail.com

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: A noiseless patient Spider (110:300/1.1@linuxnet)
  • From Jim Beard@1:0/0 to All on Thu Mar 7 16:05:23 2013
    On 03/07/2013 12:45 AM, Denis McMahon wrote:
    On Sun, 24 Feb 2013 09:34:31 -0700, GreyCloud wrote:

    Any time they start touting the Cloud storage... don't buy and don't do
    it. Matter of fact... RUN!

    I thought the whole point of cloud storage was to provide all government agencies globally with a single point of contact for a warrantless search
    of your complete life.

    Or did I miss something?

    You missed a few things.

    Probably the most important is backup, which few lusers do
    despite decades of experience demonstrating its importance.
    Depending on which cloud you store stuff in, you not only get
    off-site backup but will likely get multiple backups as well.

    Second, cracking and looting a home luser's machine is trivial in
    maybe 70-85 percent of cases. Storage in the cloud will not
    reduce vulnerability of the home machine, but storage in the
    cloud is certainly a minor increase in vulnerability (vulnerable
    to some extent in a second place, in addition to totally
    vulnerable in the first place, for most). Those who keep their
    important stuff in the cloud, deleting it from the home machine
    and getting it back when needed, have a means to minimize
    vulnerability to the amateurs and script kiddies.

    Third, while neither the cloud nor the home machine are safe from
    the pros, the bigger the cloud grows the greater the difficulty
    for the cracker when it comes time to sort and select from
    whatever was grabbed when a crack succeeds. There is simply more
    stuff they have to sort through.

    The only downside is that data once uploaded to the cloud could
    be kept forever, or until bit rot sets in. I sort of suspect the
    cost of keeping storage disks spinning forever once written to,
    and of shifting data to other forms of permanent storage, is
    enough to discourage cloud operators for keeping everything forever.

    Benefits to the government are incidental, and depend on the
    government involved. If the pros decide to target you, they will
    likely get what they want, regardless of cloud or home machine or
    whatever. Why increase the cost of government (and therefore the
    amount of taxes necessary to pay for it) by making government
    access to your data inconvenient?

    The goal in computer security (for most -- a few with special
    requirements excepted) is to make it costly in time, effort, and
    hopefully money to crack your machine(s), and thereby reduce the
    incentive to target them. Make it difficult enough, and the
    nasties will go after someone else. (You don't have to be the
    fastest gazelle to escape the lion, just faster than the slowest
    gazelle between the lion and you.)

    Don't be low-hanging fruit, easily available for the picking.

    Cheers!

    jim b.




    --
    UNIX is not user unfriendly; it merely
    expects users to be computer-friendly.

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From GreyCloud@1:0/0 to All on Thu Mar 7 20:36:46 2013
    On 3/6/2013 10:45 PM, Denis McMahon wrote:
    On Sun, 24 Feb 2013 09:34:31 -0700, GreyCloud wrote:

    Any time they start touting the Cloud storage... don't buy and don't do
    it. Matter of fact... RUN!

    I thought the whole point of cloud storage was to provide all government agencies globally with a single point of contact for a warrantless search
    of your complete life.

    Or did I miss something?

    No, you didn't miss a beat. I just won't have my backups on a cloud and
    then have it disappear. There really isn't any point to using a cloud.

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne