0694: "Retro Virus"

This forum is for the individual discussion thread that goes with each new comic.

Moderators: Moderators General, Prelates, Magistrates

User avatar
Tualha
Posts: 69
Joined: Wed Dec 12, 2007 12:18 pm UTC

Re: "Retro Virus" Discussion

Postby Tualha » Thu Jan 28, 2010 11:50 am UTC

There are probably a lot more people with infected Windows boxen these days than there are people who realize they're infected. Used to be, malware would make itself known by messing with you. Lately, it just sits there and quietly serves up porn, sends out spam, or participates in a DDOS, depending on the latest orders it's gotten. There's gold in them thar botnets now, and professionals have taken over.

The other kind do pop up sometimes, though. Our network at work got infected with something last year. It popped up porn images on one person's screen, two of us had to ship our computers out for reinstalls, and a box in another office out west somewhere kept sending multi-hundred-page garbage to our color printer. That got expensive fast.

Michael of Lucan
Posts: 35
Joined: Wed Sep 02, 2009 3:32 pm UTC

Re: "Retro Virus" Discussion

Postby Michael of Lucan » Thu Jan 28, 2010 12:03 pm UTC

WE ARE ARMED POLICE. HALT. YOU ARE SURROUNDED.

All of you, stop fighting. Put down your weapons, now. Slowly place them on the ground at your feet. I said slowly ... Now stand back against the wall and raise your hands.

No, dear, I don't care who started it. The above crap, the hundred line posts, with quotes, is the point of the comic. Stupid bragging ######s sneering at Microsoft and getting all paranoid about it. Normal people trying to explain everyday commercial reality.

The guy in the comic is using a PC. Not a server, not Deep Thought. This is what real people do, not elitist big swinging d###ks with IT training. Real people buy the box, and oddly enough, the box works. If you don't leave the side window open for burglars, no one normally breaks in.

It works. You write the letter, and print it. You send emails and chat to your friends. The spreadsheet works and you get a nice chart of the data. Your slide show looks good for the presentation. Unless you are stupid, you don't get virused. And life goes on happily.

If you want to buy a car, you take what's available. You know that Lamborghinis are available, but they are not rational expectations for normal people.

Someday there may be a better system for everyone, when the elitists get the finger out and actually do something. Then everyone will use that. Until then, people like the guy in the comic will use what's available.

And the idiots sneering at him should just grow up and get a life like the rest of us.

Now, play nice and no fighting.

User avatar
jacog
Posts: 56
Joined: Tue Dec 15, 2009 9:55 am UTC

Re: "Retro Virus" Discussion

Postby jacog » Thu Jan 28, 2010 1:08 pm UTC

My AmigaOS will crush all your puny modern operating systems! *nod*

Altourus
Posts: 6
Joined: Wed Aug 27, 2008 1:56 pm UTC

Re: "Retro Virus" Discussion

Postby Altourus » Thu Jan 28, 2010 2:18 pm UTC

Comic JK wrote:
Alsadius wrote:Am I the only one who thinks that this smacks of bragging about using an OS too unpopular for people to bother writing viruses for it?

It is authentically harder to write viruses for Linux machines, partly because of design differences and partly because with open source more of the hackers are on your side.

Bragging it certainly is, but not unjustified.


http://dvlabs.tippingpoint.com/blog/200 ... nd-wrap-up

Results from Pwn To Own tend to disagree...

User avatar
BioTube
Posts: 362
Joined: Sat Apr 11, 2009 2:11 am UTC

Re: "Retro Virus" Discussion

Postby BioTube » Thu Jan 28, 2010 2:45 pm UTC

Michael of Lucan wrote:WE ARE ARMED POLICE. HALT. YOU ARE SURROUNDED.

All of you, stop fighting. Put down your weapons, now. Slowly place them on the ground at your feet. I said slowly ... Now stand back against the wall and raise your hands.

No, dear, I don't care who started it. The above crap, the hundred line posts, with quotes, is the point of the comic. Stupid bragging ######s sneering at Microsoft and getting all paranoid about it. Normal people trying to explain everyday commercial reality.

The guy in the comic is using a PC. Not a server, not Deep Thought. This is what real people do, not elitist big swinging d###ks with IT training. Real people buy the box, and oddly enough, the box works. If you don't leave the side window open for burglars, no one normally breaks in.

It works. You write the letter, and print it. You send emails and chat to your friends. The spreadsheet works and you get a nice chart of the data. Your slide show looks good for the presentation. Unless you are stupid, you don't get virused. And life goes on happily.

If you want to buy a car, you take what's available. You know that Lamborghinis are available, but they are not rational expectations for normal people.

Someday there may be a better system for everyone, when the elitists get the finger out and actually do something. Then everyone will use that. Until then, people like the guy in the comic will use what's available.

And the idiots sneering at him should just grow up and get a life like the rest of us.

Now, play nice and no fighting.
Because nobody prefers KDE or GNOME to Explorer(which can't even manage more than a SINGLE PANEL!). Linux is a viable desktop OS for those who want it; stop pretending otherwise.
Frédéric Bastiat wrote:Government is the great fiction through which everybody endeavors to live at the expense of everybody else.

kg333
Posts: 7
Joined: Thu Nov 05, 2009 10:47 pm UTC

Re: "Retro Virus" Discussion

Postby kg333 » Thu Jan 28, 2010 3:01 pm UTC

BioTube wrote:Because nobody prefers KDE or GNOME to Explorer(which can't even manage more than a SINGLE PANEL!). Linux is a viable desktop OS for those who want it; stop pretending otherwise.


The only people I know who prefer, or even know what KDE and GNOME are, happen to be computer and IT people. He's right, the average person just wants something that does the basic stuff they need without fiddling with or prompting. Right now Windows just does a better job of keeping basic things working, be it due to Windows being more fool-proof or developers simply putting more effort into their Windows programs. I'm a computer person, and I still can't get any sound through Flash in Firefox in a nearly out-of-the-box Ubuntu install.

KG

User avatar
jacog
Posts: 56
Joined: Tue Dec 15, 2009 9:55 am UTC

Re: "Retro Virus" Discussion

Postby jacog » Thu Jan 28, 2010 3:16 pm UTC

kg333 wrote:
BioTube wrote:Because nobody prefers KDE or GNOME to Explorer(which can't even manage more than a SINGLE PANEL!). Linux is a viable desktop OS for those who want it; stop pretending otherwise.


The only people I know who prefer, or even know what KDE and GNOME are, happen to be computer and IT people. He's right, the average person just wants something that does the basic stuff they need without fiddling with or prompting. Right now Windows just does a better job of keeping basic things working, be it due to Windows being more fool-proof or developers simply putting more effort into their Windows programs. I'm a computer person, and I still can't get any sound through Flash in Firefox in a nearly out-of-the-box Ubuntu install.

KG


Tell that to my girlfriend's mother. A newly-converted Linux user, and FAR from being a "computer person".

Example: One day she alled us with "AMAGAD!!! I must have done something to the computer. I pressed something, a little green light came on and now it won't let me access my email!!!" ... us: "Did you press Caps Lock maybe?" ... "Um, yeah."

Anyway, she has not called us with any Linux-related issues. Her usual day to day activities are basically to use the browser, Skype, instant messaging, managing her photos (and she's learning GIMP on her own also), and some document writing.

User avatar
phillipsjk
Posts: 1213
Joined: Wed Nov 05, 2008 4:09 pm UTC
Location: Edmonton AB Canada
Contact:

Re: Viruses on Unix systems?

Postby phillipsjk » Thu Jan 28, 2010 3:23 pm UTC

NeoThermic wrote:
phillipsjk wrote: I have noticed many terms in the agreement are not defined. Did you link to the full agreement? Section 23. (ENTIRE AGREEMENT) re-iterates the section that says certain parts of the agreement will be superseded by updates and printed "agreements."


For reference, section 23:

23. ENTIRE AGREEMENT. This agreement (including the warranty below), additional terms (including any printed-paper license terms that accompany the software and may modify or replace some or all of these terms), and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.


Nowhere in section 23 does it say that updates to the licence supersede the current one, except in the case of printed paper license terms that might come with the software.


I know it is one long run-on sentence, but you should have read it more carefully after I brought up the point twice.

NeoThermic wrote:As for the terms being defined, sections 1 to 7 define terms used in the licence. They might appear to be terms themselves, but sections 1 to 7 are really just definitions.


How did you determine that? Is section 4 (mandatory activation) just a definition now?
NeoThermic wrote:
phillipsjk wrote:Because this is off topic (we don't know what OS the dismissive assholes are using), I think we are going to have to agree to disagree.


Granted, all we know is that they're using a windows-based OS.



Now you are just trolling, aren't you?

I think the fact we don't know what OS they are using makes the comic funnier.
Did you get the number on that truck?

Myrddin
Posts: 6
Joined: Fri May 16, 2008 10:24 am UTC

Re: "Retro Virus" Discussion

Postby Myrddin » Thu Jan 28, 2010 3:54 pm UTC

Altourus wrote:
Comic JK wrote:
Alsadius wrote:Am I the only one who thinks that this smacks of bragging about using an OS too unpopular for people to bother writing viruses for it?

It is authentically harder to write viruses for Linux machines, partly because of design differences and partly because with open source more of the hackers are on your side.

Bragging it certainly is, but not unjustified.


http://dvlabs.tippingpoint.com/blog/200 ... nd-wrap-up

Results from Pwn To Own tend to disagree...


I would say they tend to agree, since the Vista laptop was compromised, whilst the Ubuntu laptop was not.

Admittedly the heading "7:30pm PST Update - Vista Laptop was Won!" appears misleading,
but since the idea of the contest is that you keep the machine you broke, this clearly means the Vista box was hacked.
This is even stated explicitly later on, along with the line
So at the end of the last day of the contest, only the Sony VAIO laptop running Ubuntu was left standing.

I'm not sure what a post on an obscure website almost two years old proves anyway, (especially as the exploit was down to Adobe rather than Microsoft), but whatever it is, it certainly isn't that Windows is more secure.

Grumpy Code Monkey
Posts: 99
Joined: Tue Feb 19, 2008 4:10 pm UTC
Location: Blue Texas

Re: "Retro Virus" Discussion

Postby Grumpy Code Monkey » Thu Jan 28, 2010 4:48 pm UTC

=sigh=

Some days, I really miss VMS.

The linux-heads forget that the old Morris worm played hell with Unix systems but didn't affect VMS or MPE or any IBM systems. Too bad Dijkstra didn't follow up his "GOTO Considered Harmful" paper with a "suid Considered Harmful", but, c'est la logiciel.

And, to refer back to some of the comments on the first page, some people really need to grab some perspective. Using Windows (or any proprietary OS) is in no way, shape, or form in the same universe as "slavery".

User avatar
Monika
Welcoming Aarvark
Posts: 3641
Joined: Mon Aug 18, 2008 8:03 am UTC
Location: Germany, near Heidelberg
Contact:

Re: "Retro Virus" Discussion

Postby Monika » Thu Jan 28, 2010 5:15 pm UTC

Michael of Lucan wrote:Real people buy the box, and oddly enough, the box works.

You point to bug #1: Most computers are still sold with the MS Windows OS.

If you don't leave the side window open for burglars, no one normally breaks in.

Except they do. See the posting above yours.

It works. You write the letter, and print it. You send emails and chat to your friends. The spreadsheet works and you get a nice chart of the data. Your slide show looks good for the presentation.

All of which works just fine with Linux, too. There are a couple of reasons to use the Windows OS, e.g. gaming, or you are used to a certain CAD program (there is great CAD for Linux, too, but it takes so long to learn each CAD program that nobody ever wants to switch to a different one), or you are running a company that requires some specific commercial software that is not available for Linux. But the examples you cite, office, e-mail, instant messaging, certainly do not belong into this category. Neither does "it just works". Linux just works, too, and has so for years. Not quite as many years as the Windows OS has, but years nevertheless.

Unless you are stupid, you don't get virused.

Except you do. But as long as the viruses don't delete your music and video files and don't reduce the speed of your PC too much you don't care. You don't bother to find out that you are sending out spam, unintentionally serving child porn, or DDOSing websites. This is true for Linux users, too - many of use have the cheapest SOHO router available and never bother to run a firmware update. Just as the vast majority of private Windows computers are infected, so are most cheap SOHO routers. And so they join the botnet.

I find it very pretentious of you to call people to lay down their weapons but pour oil into the fire yourself. Especially as you seem to have no knowledge of the area. Either you are not using Linux at all, or you only use "extreme" Linuxes like let's say Gentoo or LFS and are not aware that there are distributions available that are very much suitable for non-tech users.

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

kg333 wrote:The only people I know who prefer, or even know what KDE and GNOME are, happen to be computer and IT people.

You mention the cause and problem: People don't know it. So how can they prefer one over the other if they only know one? They can't. They use the only thing they know.

My mom uses Linux (Xubuntu). My husband, a very untechy person by his own claim, uses Linux (Kubuntu). Sure, they didn't install it. They never installed Windows, either. And the main reason they didn't install it themselves was that they didn't dare, not that it would have been difficult. (The saying that a chicken could install Linux if some grains were put on the Enter key is mostly true. The chicken would additionally have to be educated to choose a user name and password.) Sure, they have problems and questions. The same as on Windows. "What do I need to click again before removing a USB stick?" "I downloaded a file and I can't find it" "How can I move a Firefox favorite to its favorites toolbar?" They have less problems than on Windows: no antivirus software to update, no firewall to harass them, no viruses to remove that got through the protection.

He's right, the average person just wants something that does the basic stuff they need without fiddling with or prompting. Right now Windows just does a better job of keeping basic things working, be it due to Windows being more fool-proof or developers simply putting more effort into their Windows programs.

Actually by now Linux does a better job. Didn't you hear about the security hole in Acrobat Reader during the last weeks? Opening a PDF file, previously thought of as safe, was sufficient. And the giant one in Internet Explorer very recently? Windows is just not suitable for non-tech users. It should only be run in companies where knowledgeable sys admins ensure the proper protection so that the normal users will not have to care about it, and by private users who are willing to acquire in-depth technical knowledge and invest significant amounts of their free time to keep their system safe.

I'm a computer person, and I still can't get any sound through Flash in Firefox in a nearly out-of-the-box Ubuntu install.

In a out-of-the-box Ubuntu install there is first no Flash at all, as well as no mp3, Sun Java, unrar and the like, for legal reasons. After installing the package ubuntu-restricted-extras you should have all of this, including sound in Flash (as well as full-screen Flash). Actually I have never heard of anyone having Flash working, but not the sound in it, while other sound worked. You should bring this issue up on the Ubuntu forums or on Launchpad.
#xkcd-q on irc.foonetic.net - the LGBTIQQA support channel
Please donate to help these people e.g. Ragna needs these items and Frances needs money for food

User avatar
Simon17
Posts: 63
Joined: Fri May 22, 2009 4:45 am UTC

Re: "Retro Virus" Discussion

Postby Simon17 » Thu Jan 28, 2010 5:45 pm UTC

jacog wrote:Anyway, she has not called us with any Linux-related issues.


FIL: "Damn it. There's something wrong with the computer again. I'm gonna call jacog"

MIL: "Don't call jacog any more. The last time he tried fixing it, everything turned shit brown and the wifi and sound wouldn't work."
Randall, get out of my trunk!

DesSidDes
Posts: 18
Joined: Mon Aug 04, 2008 6:50 am UTC

Re: "Retro Virus" Discussion

Postby DesSidDes » Thu Jan 28, 2010 6:46 pm UTC

Hilarious, but I'm a little ashamed to admit that I was expecting an HIV/XMRV joke...

Wummi
Posts: 14
Joined: Thu Jul 02, 2009 8:38 pm UTC

Re: "Retro Virus" Discussion

Postby Wummi » Thu Jan 28, 2010 7:03 pm UTC

jacog wrote:My AmigaOS will crush all your puny modern operating systems! *nod*


a challenger appears:

Image

User avatar
Mr. Burke
Posts: 99
Joined: Wed Feb 04, 2009 4:56 pm UTC

Re: "Retro Virus" Discussion

Postby Mr. Burke » Thu Jan 28, 2010 10:00 pm UTC

Wummi wrote:
jacog wrote:My AmigaOS will crush all your puny modern operating systems! *nod*


a challenger appears:
[Picture of OS/2]


You, Sir or Madam, have just won yourself a free Internet!

BTW, I've got one of those lying around. Gotta fire up the VirtualBox ...

mszegedy
Posts: 42
Joined: Thu Jan 28, 2010 11:29 pm UTC

Re: "Retro Virus" Discussion

Postby mszegedy » Thu Jan 28, 2010 11:56 pm UTC

cjmcjmcjmcjm wrote:
e1000 wrote:Perhaps in a year we will be reading this on one of the many inexpensive linux or OSX powered tablets with 3G connectivity. Windows is slowly dying.

Inexpensive OS X machines? You must be joking! As Steve Jobs said (yes, this is a paraphrase)
I haven't found a way to make a sub-U$500 computer that isn't a piece of junk


BWAHAHAHA iPad AHAHAHAHAAHAHA

Man, you posted this a day before it came out! True, it's $499, but it's friggin' cheap, Steve Jabs holds it in a very high opinion (duh), and it's actually a fairly nice piece of technology.

User avatar
phillipsjk
Posts: 1213
Joined: Wed Nov 05, 2008 4:09 pm UTC
Location: Edmonton AB Canada
Contact:

Re: "Retro Virus" Discussion

Postby phillipsjk » Fri Jan 29, 2010 12:03 am UTC

But... the iPad isn't a computer: it runs the locked-down iPhone OS instead of the "standard" Mac OS X.
Did you get the number on that truck?

User avatar
williamager
Posts: 299
Joined: Wed Dec 27, 2006 9:32 am UTC
Location: Aldeburgh, Suffolk (actually US...)
Contact:

Re: "Retro Virus" Discussion

Postby williamager » Fri Jan 29, 2010 2:15 am UTC

Since, in this gigantic OS flamewar of a thread, no one has yet mentioned them, I feel it necessary to make a few points about Linux security. While I'm a major supporter of Ubuntu and Linux in general, the OS is hardly impervious to hacking attempts.

Most importantly, one major reason why there aren't viruses and worms for Linux is because the culture surrounding attacks on Linux systems is different. As others have pointed out, many Linux systems are high value targets—among other things, that means that attackers will often be specifically and manually targeting individual systems, which is much harder to defend against than viruses. There are automated attacks as well—you'll know about these if you check a server's sshd logs—but once successful in logging in, the attacks often proceed manually rather than via a botnet-style system. The uses of hacked servers are not the same as hacked desktops: the systems are usually reliable and high-bandwidth, and can be used for things like illicit file-servers.

Does anyone here remember the Debian server incident of a few years ago? That's the usual sort of attack that takes place against Linux systems. I've seen it happen to a number of other systems, and most of those systems had administrators.


As for desktop systems: privilege separation when users will do whatever random people on the internet tell them to do. For example, I was closely involved (we discussed the matter beforehand, and I told him it was a good idea) with an incident involving private apt repositories in Ubuntu. There was a particular developer with, much like many other developers, a small private apt repository he was using to test very unstable snapshots of some software, including (if I recall correctly) potentially system-breaking packages of graphics drivers. A random blogger and Ubuntu enthusiast decided to make a "superior" apt repository list, and included hundreds of these very unstable repositories. Within days, thousands of people had installed the list, and the developer found his server being overrun. Now, his innocent test server that was supposed to break systems from time to time would, if he continued using it, break thousands of Ubuntu systems.

The solution, of course, was to inform users of their stupidity, which he did by replacing and locking their desktop background to a strong, but polite warning about the dangers of unknown apt repositories. Amazingly, this demonstration that he and hundreds of other people around the world had complete root access to the Ubuntu systems of thousands of users caused only a few of those people to reconsider their sources.list. Most, including the blogger, just called him a jerk, removed that particular line, left the rest there, and wondered why their systems kept strangely breaking. After all, Linux is secure, even if you give permission for hundreds of random repositories to install anything they want at any time you upgrade in the future.

If someone really wanted to, it would be a relatively simple matter to install a rootkit on thousands of Linux systems with a bit of social engineering. Just because viruses are passé doesn't mean that systems are secure.
Do I dare
Disturb the universe?
In a minute there is time
For decisions and revisions which a minute will reverse

Your.Master
Posts: 52
Joined: Mon Jan 08, 2007 10:03 pm UTC

Re: Viruses on Unix systems?

Postby Your.Master » Fri Jan 29, 2010 3:21 am UTC

almafuerte wrote:Ok, I'll explain it as simply as possible:

On any REAL operating system you have a filesystem, with directories that have different permissions. DIfferent directories serve different purposes. You have a unified, secure login mechanism. When logged in, you are one user and one user only belonging to a given group. That user/group has a given set of permissions on each directory (each directory has an owner, and permissions for the owner, group of owner, and rest of the world). Those permissions are: Read, write and execute.


Stop right there. Windows has these and more. Modify, Read Attributes, Write Attributes, Delete, etc. Take a gander here: http://www.windowsecurity.com/articles/ ... sions.html. Continue.

almafuerte wrote:ANYTHING that you execute directly is executed under your current user no matter what.


There are three possible complaints you have here with Windows, really. The first is about auto-elevation in Windows 7, but that doesn't make sense because a User doesn't auto-elevate, only an admistrator.

The second is that UAC can come up after program-start to elevate permissions. I would argue that this is a more secure model than executing only at one permission, expecially when you only have read / write / execute to choose from at each point, because you can de-elevate again afterward. Otherwise, you have to run the whole program, possibly the entire OS session, in a privileged context in order to complete an action, thus exposing yourself to many other vectors that no longer have to elevate privileges. With all that said, it's possible to implement on-demand elevation in Linux, it just isn't built in to any distro I'm aware of and so would have to be done at the application level using a custom broker process.

The third is that an admin user, by default, runs programs using a split token, and is thus running as user by default unless specifically choosing admin, thus bringing up the UAC from the second point (but with no password fill because you do have the admin portion of the split token). This is more secure than admin.

Also, it's a part of all sane security models that you can execute under something LESS than your current user.

almafuerte wrote:Then, you have a SINGLE secure way of executing programs under other users.


You emphasize that as though any major OS other than Windows had a SINGLE secure way of doing so. The other major OS's have multiple secure ways of doing so.

almafuerte wrote:All of that is true for all modern operating systems, except windows.


Not true.

almafuerte wrote:Also, all modern operating systems are POSIX compliant (MacOSX, GNU/Linux, FreeBSD, OpenBSD, NetBSD, HPUX, etc, etc, etc.).


Obviously Windows isn't fully POSIX compliant by default, although Interix and its moral descendents are pretty good (and the NT kernel is POSIX capable). I'm not sure why you think POSIX is such magic awesomesauce that this is important. The thing that POSIX has going for it is that it has free-as-in-beer implementations that others can work off of (OSX and many other POSIX variants).

almafuerte wrote:The only "operating system" that is NOT POSIX compliant is windows.


WTF are the scare quotes for? Also, look and you will find non-proprietary non-POSIX systems. Scroll around and you'll see proprietary ones too. VMS came instantly to mind. Not all of these are modern. But not all modern are POSIX. And even if they were, POSIX wasn't pounded into a tablet and chucked onto a mountain for a bearded (?) man to bring to the people.

almafuerte wrote:All of that means that whatever it is you execute in your computer is executed under your regular user. That user has NO WRITE PERMISSIONS outside it's own home directory and /tmp. That means, that you can download and execute ANY program on your computer, as destructive as you want, and it won't be able to do anything outside your home directory. You CAN just kill that process. There's nowhere to hide. Or you can just easily log out. That's it. The system is running normally, and the malicious code is GONE. Off course, you can execute that program with root permissions. But that means intentionally running it with sudo and typing in your administrator password.


You act like this is different from Windows? Aside from the different directory names, it isn't (barring ancient versions which, while they happened and XP is still used somewhat, aren't germane without a time machine).

almafuerte wrote:So, the only way to get a Virus on a working POSIX system is to manually install it. Off course, there's another way: A vulnerability. That means that there must be a vuln on your system that can allow for a real permissions scalability. Such a bug is nowdays VERY rare on Unix systems, and when one does popup, it's usually a) extremely hard to exploit b) very quickly patched.


Also true of Windows (it depends what you mean by very rare. Unix-type systems have many vulnerabilities reported per year, as does Windows. It does depend on how you separate out apps from the OS, though). The one possible exception is "very quickly patched", because Microsoft (and Apple, who provide a Unix-like system) make an interesting tradeoff on patch speed vs. patch test comprehensiveness & regular deployment. You can disagree with them on that issue, but it's an issue far too complicated to wave away as instant truth.

almafuerte wrote:On the other hand, on windows systems, there are no real permissions (windows never had real permissions, and it probably never will. Here is a link on a WORKING code to TOTALLY BYPASS user permissions on WINDOWS 7 http://www.istartedsomething.com/200906 ... erability/) That code is still working today, and the same has been true for all published windows versions.


Windows NT has always had real permissions, and at a finer level of granularity as POSIX. From the start. The 9x line did not. Your "exploit" only works on admin users. Those are users who, according to YOU, should execute everything as admin because that's the type of user they are. This "exploit" is about how an admin user expects Windows to de-elevate the split-token and treat it like a user token, but in this case, because of their security settings, it got re-elevated back to admin according to their security permissions and some other code that they, an administrator with a split-token, ran. The same type of token you said it should use in the first place, and the same type it would have on POSIX systems in this case. This isn't a bypass.

almafuerte wrote:So, the issue is NOT that there is more malware for windows than for other systems.


Even if everything you said were true, it doesn't prove this point. It is just another cause. In fact, this point is very real and quite obvious -- roll your own simple OS (it's surprisingly easy for a competent programmer, actually, if it doesn't have to do much). BOOM! No viruses. Don't release it, never any viruses.

It's unclear what the relationship is between marketshare and virus-maker attractiveness. All else being equal, the one with the highest plurality of share would get 100% of malware authors. But of course, malware is in competition, and the amount of money of OS consumers isn't equal, and there's glory, and there's, as you're pointing out, the inherent difficulty, and there's opportunity (people without Macs can't write viruses for Macs easily -- maybe a Hackintosh virus only works on Hackintosh's, right?). So all will have some attackers. The guy who won the latest PwnToOwn (after they addressed the "this prize is more attractive because the computer is better") made the claim that he did Mac because it was easiest. Might have just been easiest for him. Or maybe people'll No True Scotsman it and say it's not a proper *Nix. Or maybe it's just bullshit. But there it is.

almafuerte wrote:Actually, it would be MORE profitable to exploit other systems. Think about this: over 65% of all public internet servers run on Unix. It would be way more profitable to gain access to servers than to gain access to shitty user computers.


Unclear that public internet servers represent more dollars or more DDOS-happy impact than user machines (which are far, far, far, far more than public Internet servers anyway). Unclear that public internet servers are, on average, better than user computers in significant ways. Unclear that a public internet server running Unix or Windows has the same vulnerability profile as home-user Unix or Windows. Actually, it's rather clear that a public internet server tends to be more secure, both by running Server SKUs like Redhat or Windows Server 2008, and by being administrated by tech-savvy people instead of by a grandparent who cannot operate a TV remote control.

almafuerte wrote:I am a Sysadmin. I have many Unix systems that are public and live, serving 24/7. You wouldn't believe my logs. I receive thousands of attack attempts daily. From SSH brute-force attacks, to attempts at SQL injection and apache-related exploits. And my servers have never been compromised, not even one.


Good for you?

almafuerte wrote:So, there's a bigger market in attacking Unix servers than there is on attacking windows desktops. Actually, the more popular reason windows systems get attacked is to add them to spam-sending botnets. If it were just as easy to compromise a Unix system, the spammers would be attacking postfix/qmail/sendmail servers (That server most of the email traffic in the world) and just placing mails there. Instead, they are attacking millions of windows machines, just to put mail on a few thousand servers.


Again, unclear that this has more to do with Unix vs. Windows than well-administrated vs. not-really-administrated-at-all.

almafuerte wrote:So, stop the bullshit. Windows is a totally insecure platform.


"totally insecure" doesn't really have a strict meaning.

almafuerte wrote:It also violates your rights, your privacy, and it keeps you a slave of a huge corporation.


You're going to have to explain the privacy one. Your rights are very likely not violated (likely you're deliberately misinterpreting something somewhere along the line) -- that doesn't mean you have to like the conditions of sale of Windows. "Slave" is absurd hyperbole, and kind of insulting.

almafuerte wrote:Unix systems, whether privative or Free aren't perfect. No system is. But they are reasonably secure. The install base of POSIX-compliant systems is probably way bigger than you think, if you take into account all the OSX desktops + all the GNU/Linux desktops + all other other Unix Desktops + All the Unix servers. And all those systems are secure.


"Privative" is an interesting way of describing a system :). I would argue that a large number of the POSIX systems under the umbrella you listed are not secure, if only because the user was a moron and made them unsecure. But also because of failure-to-patch.

POSIX-compliant systems go way bigger than that when you count systems that cannot connect to the Internet at all, although those are far less relevant in terms of modern security. And custom OSs dominate at very low levels.

Alsadius wrote:The idea that all OSes are equally secure just doesn't hold water, either historically or logically. Do you really think there's no one who wants to hack into the Air Force's servers?


History doesn't reflect on the present, since all of them are changing rapidly. Logically, no, it doesn't hold water, but the actual case is that they're all more secure in different ways and have weak points in different ways. You can go high level and compare Vista and later's ASLR implementation with everybody else's and see that it's more comprehensive, or go bug-by-bug and notice SELinux's NULL-deref arbitrary-code exploit, and you can also rightly point to certain Windows defaults like still making the first user a split-token admin rather than a true user account (but only for consumer SKUs -- server SKUs have long enforced strict user accounts). The idea that security is a scalar value where you can put strict greater-than signs between two competitors doesn't hold water -- there are tradeoffs and there are advantages, but usually the only thing you can say with any sort of confidence is "OS A is less secure than OS A plus this patch which fixes the <hyper-complicated vulnerability that has never actually been exploited>".

As for the Air Force thing, you act like that's the only military target. And also like public-facing Red Hat servers have never been cracked into.

User avatar
Alsadius
Posts: 102
Joined: Thu Jun 14, 2007 2:14 am UTC

Re: "Retro Virus" Discussion

Postby Alsadius » Fri Jan 29, 2010 5:25 am UTC

Hoodlum wrote:
Alsadius wrote:Surely you can see the difference between a home system run by my kindly but tech-clueless mother and a server farm that routes literally trillions of dollars of business through itself. For one, the NYSE has sysadmins.
I can. I can also see the "popularity" arguement holds no water when you look at all the famous IIS exploits / viruses (for an example).
Yes people write viruses that target servers - there is a history of this.
Yes a lot of servers run *nix.
My objection with the assertion you made about low popularity giving little incentive was that it is simply false. The entire premise of it is just wrong.


We're talking about completely different types of viruses. ILOVEYOU could never have been targeted at anything other than Windows, even if Linux looked like Swiss cheese in comparison. A targeted attack on a single major server is a completely different situation. Unpopularity won't save you there. But the comic was about a random guy with a desktop computer, not the guy who runs the computer system for the Pentagon or the NYSE. The bug he got, he got because nobody bothers with viruses targeted at the average user on any OS that isn't Windows. I wasn't talking about viruses/attacks in general, I was talking about ones a normal user would get, because that's what the comic was about.

neoliminal wrote:
Spoiler:
Watch this:

Ahem...

I guess you can't get any viruses running an iPad.


That s literally true, yes. However, when one is actually available for sale, that might change ;)

Also, it's 20 minutes after midnight. Where's my new comic? :shock:

/me twitches, starts shaking

Ghona
Posts: 246
Joined: Mon May 21, 2007 1:28 am UTC

Re: "Retro Virus" Discussion

Postby Ghona » Fri Jan 29, 2010 8:06 am UTC

Why no love for OS/2?
If you're taking me too seriously, you probably are making a mistake.

User avatar
jacog
Posts: 56
Joined: Tue Dec 15, 2009 9:55 am UTC

Re: "Retro Virus" Discussion

Postby jacog » Fri Jan 29, 2010 10:56 am UTC

Simon17 wrote:
jacog wrote:Anyway, she has not called us with any Linux-related issues.


FIL: "Damn it. There's something wrong with the computer again. I'm gonna call jacog"

MIL: "Don't call jacog any more. The last time he tried fixing it, everything turned shit brown and the wifi and sound wouldn't work."


That is rather funny little jab there. ;)

But no, it's not shit brown since it's not Ubuntu, wifi works fine, else I imagine she's not be online so much, and sound works fine, since she Skypes with us regularly. (They live in Wales, we are in South Africa)

User avatar
00Davo
Posts: 36
Joined: Sun Sep 27, 2009 8:46 am UTC

Re: "Retro Virus" Discussion

Postby 00Davo » Fri Jan 29, 2010 12:50 pm UTC

jacog wrote:Loosely related, here's an article entitled "What Would Life Be Like Without Windows?"

http://www.pcworld.com/article/187703/what_would_life_be_like_without_windows.html

It's hilarious. He's basically saying "Yes, Microsoft is out Lord and Master, we must obey, and all will be well. Amen." He says it like it's a good thing.


EDIT: And for context, I actually do spend a fair amount of time in Winders since my day-job demands it, and I play an inhuman amount of PC games, so for lack of availability in Linux this usually ends up being an XP endeavour.

That article is indeed hilarious. My favourite part is that, apparently, device drivers will no longer exist once Microsoft is gone. It seems hardware manufacturers will, for some arbitrary reason, completely change the way devices interface with the rest of the system, rendering all existing drivers incompatible.

Oh, and also that when Windows is gone, we can only turn to the Internet. Never mind the dozens of other operating systems which remain completely cloudless (or only optionally clouded - go go, freedom of self-compiling!) .
Image

User avatar
Raptortech97
Posts: 61
Joined: Sat Sep 05, 2009 9:39 pm UTC

Re: "Retro Virus" Discussion

Postby Raptortech97 » Fri Jan 29, 2010 8:39 pm UTC

Concept2 wrote:When i read it i thought of that virus that hit a weak ago that no anti-virus software was able to block except for one. like a quarter of people got it who still used XP. Also, what was the Howard Dean Friendster comment at the end about?


Really? I run XP without Antivirus... whenever McAfee dares to show an alert box I quickly kill it...
Image
Keldaran wrote:The Church assents to the Creation of House RaptorTech97

05e90f00779bcbe450a05c4c6c044787 Please crack this NTLM hash
In case anyone cares, I am looking for the "share your proofs" thread. I knew it used to be around somewhere...

User avatar
Raptortech97
Posts: 61
Joined: Sat Sep 05, 2009 9:39 pm UTC

Re: "Retro Virus" Discussion

Postby Raptortech97 » Fri Jan 29, 2010 9:59 pm UTC

Michael of Lucan wrote:Ordinary users have no IT training, and Linux is not available in useful form off-the-shelf. If they could use it with no extra IT training, they would buy it and use it. If not, they can't use it - and they don't need it.

1) Most forms of Linux do not require money, so don't buy them.
2) I used XP, until I learned of Ubuntu. I decided to try it out, so I grabbed a CD and followed instructions. And it worked. And it works fine to this day. Guess what? I'm thirteen. If the average teenager is smarter than the average adult, there's a problem. Most people don't use it simply because they haven't heard of it.
Image
Keldaran wrote:The Church assents to the Creation of House RaptorTech97

05e90f00779bcbe450a05c4c6c044787 Please crack this NTLM hash
In case anyone cares, I am looking for the "share your proofs" thread. I knew it used to be around somewhere...

User avatar
Simon17
Posts: 63
Joined: Fri May 22, 2009 4:45 am UTC

Re: Viruses on Unix systems?

Postby Simon17 » Sat Jan 30, 2010 6:25 am UTC

Your.Master wrote:
almafuerte wrote:Ok, I'll explain it as simply as possible:

On any REAL operating system you have a filesystem, with directories that have different permissions. DIfferent directories serve different purposes. You have a unified, secure login mechanism. When logged in, you are one user and one user only belonging to a given group. That user/group has a given set of permissions on each directory (each directory has an owner, and permissions for the owner, group of owner, and rest of the world). Those permissions are: Read, write and execute.


Stop right there. Windows has these and more. Modify, Read Attributes, Write Attributes, Delete, etc. Take a gander here: http://www.windowsecurity.com/articles/ ... sions.html. Continue.

almafuerte wrote:ANYTHING that you execute directly is executed under your current user no matter what.


There are three possible complaints you have here with Windows, really. The first is about auto-elevation in Windows 7, but that doesn't make sense because a User doesn't auto-elevate, only an admistrator.

The second is that UAC can come up after program-start to elevate permissions. I would argue that this is a more secure model than executing only at one permission, expecially when you only have read / write / execute to choose from at each point, because you can de-elevate again afterward. Otherwise, you have to run the whole program, possibly the entire OS session, in a privileged context in order to complete an action, thus exposing yourself to many other vectors that no longer have to elevate privileges. With all that said, it's possible to implement on-demand elevation in Linux, it just isn't built in to any distro I'm aware of and so would have to be done at the application level using a custom broker process.

The third is that an admin user, by default, runs programs using a split token, and is thus running as user by default unless specifically choosing admin, thus bringing up the UAC from the second point (but with no password fill because you do have the admin portion of the split token). This is more secure than admin.

Also, it's a part of all sane security models that you can execute under something LESS than your current user.

almafuerte wrote:Then, you have a SINGLE secure way of executing programs under other users.


You emphasize that as though any major OS other than Windows had a SINGLE secure way of doing so. The other major OS's have multiple secure ways of doing so.

almafuerte wrote:All of that is true for all modern operating systems, except windows.


Not true.

almafuerte wrote:Also, all modern operating systems are POSIX compliant (MacOSX, GNU/Linux, FreeBSD, OpenBSD, NetBSD, HPUX, etc, etc, etc.).


Obviously Windows isn't fully POSIX compliant by default, although Interix and its moral descendents are pretty good (and the NT kernel is POSIX capable). I'm not sure why you think POSIX is such magic awesomesauce that this is important. The thing that POSIX has going for it is that it has free-as-in-beer implementations that others can work off of (OSX and many other POSIX variants).

almafuerte wrote:The only "operating system" that is NOT POSIX compliant is windows.


WTF are the scare quotes for? Also, look and you will find non-proprietary non-POSIX systems. Scroll around and you'll see proprietary ones too. VMS came instantly to mind. Not all of these are modern. But not all modern are POSIX. And even if they were, POSIX wasn't pounded into a tablet and chucked onto a mountain for a bearded (?) man to bring to the people.

almafuerte wrote:All of that means that whatever it is you execute in your computer is executed under your regular user. That user has NO WRITE PERMISSIONS outside it's own home directory and /tmp. That means, that you can download and execute ANY program on your computer, as destructive as you want, and it won't be able to do anything outside your home directory. You CAN just kill that process. There's nowhere to hide. Or you can just easily log out. That's it. The system is running normally, and the malicious code is GONE. Off course, you can execute that program with root permissions. But that means intentionally running it with sudo and typing in your administrator password.


You act like this is different from Windows? Aside from the different directory names, it isn't (barring ancient versions which, while they happened and XP is still used somewhat, aren't germane without a time machine).

almafuerte wrote:So, the only way to get a Virus on a working POSIX system is to manually install it. Off course, there's another way: A vulnerability. That means that there must be a vuln on your system that can allow for a real permissions scalability. Such a bug is nowdays VERY rare on Unix systems, and when one does popup, it's usually a) extremely hard to exploit b) very quickly patched.


Also true of Windows (it depends what you mean by very rare. Unix-type systems have many vulnerabilities reported per year, as does Windows. It does depend on how you separate out apps from the OS, though). The one possible exception is "very quickly patched", because Microsoft (and Apple, who provide a Unix-like system) make an interesting tradeoff on patch speed vs. patch test comprehensiveness & regular deployment. You can disagree with them on that issue, but it's an issue far too complicated to wave away as instant truth.

almafuerte wrote:On the other hand, on windows systems, there are no real permissions (windows never had real permissions, and it probably never will. Here is a link on a WORKING code to TOTALLY BYPASS user permissions on WINDOWS 7 http://www.istartedsomething.com/200906 ... erability/) That code is still working today, and the same has been true for all published windows versions.


Windows NT has always had real permissions, and at a finer level of granularity as POSIX. From the start. The 9x line did not. Your "exploit" only works on admin users. Those are users who, according to YOU, should execute everything as admin because that's the type of user they are. This "exploit" is about how an admin user expects Windows to de-elevate the split-token and treat it like a user token, but in this case, because of their security settings, it got re-elevated back to admin according to their security permissions and some other code that they, an administrator with a split-token, ran. The same type of token you said it should use in the first place, and the same type it would have on POSIX systems in this case. This isn't a bypass.

almafuerte wrote:So, the issue is NOT that there is more malware for windows than for other systems.


Even if everything you said were true, it doesn't prove this point. It is just another cause. In fact, this point is very real and quite obvious -- roll your own simple OS (it's surprisingly easy for a competent programmer, actually, if it doesn't have to do much). BOOM! No viruses. Don't release it, never any viruses.

It's unclear what the relationship is between marketshare and virus-maker attractiveness. All else being equal, the one with the highest plurality of share would get 100% of malware authors. But of course, malware is in competition, and the amount of money of OS consumers isn't equal, and there's glory, and there's, as you're pointing out, the inherent difficulty, and there's opportunity (people without Macs can't write viruses for Macs easily -- maybe a Hackintosh virus only works on Hackintosh's, right?). So all will have some attackers. The guy who won the latest PwnToOwn (after they addressed the "this prize is more attractive because the computer is better") made the claim that he did Mac because it was easiest. Might have just been easiest for him. Or maybe people'll No True Scotsman it and say it's not a proper *Nix. Or maybe it's just bullshit. But there it is.

almafuerte wrote:Actually, it would be MORE profitable to exploit other systems. Think about this: over 65% of all public internet servers run on Unix. It would be way more profitable to gain access to servers than to gain access to shitty user computers.


Unclear that public internet servers represent more dollars or more DDOS-happy impact than user machines (which are far, far, far, far more than public Internet servers anyway). Unclear that public internet servers are, on average, better than user computers in significant ways. Unclear that a public internet server running Unix or Windows has the same vulnerability profile as home-user Unix or Windows. Actually, it's rather clear that a public internet server tends to be more secure, both by running Server SKUs like Redhat or Windows Server 2008, and by being administrated by tech-savvy people instead of by a grandparent who cannot operate a TV remote control.

almafuerte wrote:I am a Sysadmin. I have many Unix systems that are public and live, serving 24/7. You wouldn't believe my logs. I receive thousands of attack attempts daily. From SSH brute-force attacks, to attempts at SQL injection and apache-related exploits. And my servers have never been compromised, not even one.


Good for you?

almafuerte wrote:So, there's a bigger market in attacking Unix servers than there is on attacking windows desktops. Actually, the more popular reason windows systems get attacked is to add them to spam-sending botnets. If it were just as easy to compromise a Unix system, the spammers would be attacking postfix/qmail/sendmail servers (That server most of the email traffic in the world) and just placing mails there. Instead, they are attacking millions of windows machines, just to put mail on a few thousand servers.


Again, unclear that this has more to do with Unix vs. Windows than well-administrated vs. not-really-administrated-at-all.

almafuerte wrote:So, stop the bullshit. Windows is a totally insecure platform.


"totally insecure" doesn't really have a strict meaning.

almafuerte wrote:It also violates your rights, your privacy, and it keeps you a slave of a huge corporation.


You're going to have to explain the privacy one. Your rights are very likely not violated (likely you're deliberately misinterpreting something somewhere along the line) -- that doesn't mean you have to like the conditions of sale of Windows. "Slave" is absurd hyperbole, and kind of insulting.

almafuerte wrote:Unix systems, whether privative or Free aren't perfect. No system is. But they are reasonably secure. The install base of POSIX-compliant systems is probably way bigger than you think, if you take into account all the OSX desktops + all the GNU/Linux desktops + all other other Unix Desktops + All the Unix servers. And all those systems are secure.


"Privative" is an interesting way of describing a system :). I would argue that a large number of the POSIX systems under the umbrella you listed are not secure, if only because the user was a moron and made them unsecure. But also because of failure-to-patch.

POSIX-compliant systems go way bigger than that when you count systems that cannot connect to the Internet at all, although those are far less relevant in terms of modern security. And custom OSs dominate at very low levels.

Alsadius wrote:The idea that all OSes are equally secure just doesn't hold water, either historically or logically. Do you really think there's no one who wants to hack into the Air Force's servers?


History doesn't reflect on the present, since all of them are changing rapidly. Logically, no, it doesn't hold water, but the actual case is that they're all more secure in different ways and have weak points in different ways. You can go high level and compare Vista and later's ASLR implementation with everybody else's and see that it's more comprehensive, or go bug-by-bug and notice SELinux's NULL-deref arbitrary-code exploit, and you can also rightly point to certain Windows defaults like still making the first user a split-token admin rather than a true user account (but only for consumer SKUs -- server SKUs have long enforced strict user accounts). The idea that security is a scalar value where you can put strict greater-than signs between two competitors doesn't hold water -- there are tradeoffs and there are advantages, but usually the only thing you can say with any sort of confidence is "OS A is less secure than OS A plus this patch which fixes the <hyper-complicated vulnerability that has never actually been exploited>".

As for the Air Force thing, you act like that's the only military target. And also like public-facing Red Hat servers have never been cracked into.


tldr
Randall, get out of my trunk!

User avatar
crush pill
Posts: 31
Joined: Sat Jan 30, 2010 5:25 am UTC

Re: "Retro Virus" Discussion

Postby crush pill » Sat Jan 30, 2010 6:34 am UTC

Raptortech97 wrote:
Michael of Lucan wrote:Ordinary users have no IT training, and Linux is not available in useful form off-the-shelf. If they could use it with no extra IT training, they would buy it and use it. If not, they can't use it - and they don't need it.

1) Most forms of Linux do not require money, so don't buy them.
2) I used XP, until I learned of Ubuntu. I decided to try it out, so I grabbed a CD and followed instructions. And it worked. And it works fine to this day. Guess what? I'm thirteen. If the average teenager is smarter than the average adult, there's a problem. Most people don't use it simply because they haven't heard of it.

I agree. My parents both had laptops running Vista and until I switched them over to Ubuntu, I was continually called over to fix their issues. Whether to connect to the network, the network printer, play a dvd/cd, etc... Now that they use Ubuntu, no more house calls. I'm not exaggerating either. Things just work as they're supposed to.

User avatar
phillipsjk
Posts: 1213
Joined: Wed Nov 05, 2008 4:09 pm UTC
Location: Edmonton AB Canada
Contact:

Re: Viruses on Unix systems?

Postby phillipsjk » Sat Jan 30, 2010 9:32 am UTC

Simon17 wrote:
Your.Master wrote:
almafuerte wrote:

(Windows (NTFS) supports comprehensive permissions)
almafuerte wrote:

(Windows permissions are screwed up because NT 6.x uses a "split token." This is a feature that is more secure IMO.)
almafuerte wrote:

almafuerte wrote:

almafuerte wrote:

. . . I'm not sure why you think POSIX is such magic awesomesauce that this is important. . . .
almafuerte wrote:

almafuerte wrote:

almafuerte wrote:

almafuerte wrote:

(Elevating your permissions as the Administrative user is no worse than being root in POSIX.)
almafuerte wrote:

(Viruses written for largest market)
almafuerte wrote:

(Internet-facing servers tend to be administered by competent people (when compared with home users).)
almafuerte wrote:

almafuerte wrote:

almafuerte wrote:

almafuerte wrote:

. . . "Slave" is absurd hyperbole, and kind of insulting.
almafuerte wrote:

. . .I would argue that a large number of the POSIX systems under the umbrella you listed are not secure, if only because the user was a moron and made them unsecure. But also because of failure-to-patch.
Alsadius wrote:

(The airforce uses Vista too..)

tldr


I sent a PM asking about the "Split Token" model NT 6.x uses. IMO, UAC causes more problems than it solves. (Why not emulate Windows 3.1 -> 9x -> Xp for difficult programs?)

Not sure what the relevance is to the comic though.
Did you get the number on that truck?

User avatar
hideki101
Posts: 342
Joined: Wed May 28, 2008 5:50 pm UTC
Location: everywhere and nowhere

Re: Viruses on Unix systems?

Postby hideki101 » Sat Jan 30, 2010 11:29 am UTC

Simon17 wrote:tldr

Question: Then why the hell did you even respond?
Albert Einistein wrote:"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."

User avatar
BioTube
Posts: 362
Joined: Sat Apr 11, 2009 2:11 am UTC

Re: Viruses on Unix systems?

Postby BioTube » Sat Jan 30, 2010 2:44 pm UTC

phillipsjk wrote:I sent a PM asking about the "Split Token" model NT 6.x uses. IMO, UAC causes more problems than it solves. (Why not emulate Windows 3.1 -> 9x -> Xp for difficult programs?)
At the very least there should be the option to have a program "bottled" in your user folder where the system pretends it's the real C:\. Especially egregious when you consider chroots have been around for decades.
Frédéric Bastiat wrote:Government is the great fiction through which everybody endeavors to live at the expense of everybody else.

User avatar
phillipsjk
Posts: 1213
Joined: Wed Nov 05, 2008 4:09 pm UTC
Location: Edmonton AB Canada
Contact:

Re: "Retro Virus" Discussion

Postby phillipsjk » Sat Jan 30, 2010 5:20 pm UTC

BioTube wrote:At the very least there should be the option to have a program "bottled" in your user folder where the system pretends it's the real C:\. Especially egregious when you consider chroots have been around for decades.


That is sort of how UAC works for legacy programs: Teach Your Apps To Play Nicely With Windows Vista User Account Control;Common Application Compatibility Issues (called "File Virtualization"). They (Mircosoft) decided the user was too stupid to decide when this should happen though. If an application really needs to write to a system-wide folder, they have extra hoops to jump through now.

A chroot also wouldn't work for those "copy protection" schemes that insist on replacing your drivers to prevent "cheating." The solution: build the "copy protection" right into the OS! Every developer will be willing to license WDRM, right?

Edit: Found a page that links to a variety of UAC articles: UAC: An introduction to User Account Control
Gordon Martin wrote:Had enough? Go forth into the world and play with UAC. See how you like it. I think you will quickly find that UAC impacts your life in some rather unexpected ways. As an enterprise administrator and scripter I have bumped into many of these undocumented "features" and behaviours.

How is that better than two accounts?
Mark Russinovich wrote:The bottom line is that elevations were introduced as a convenience that encourages users who want to access administrative rights to run with standard user rights by default. Users wanting the guarantees of a security boundary can trade off convenience by using a standard user account for daily tasks and Fast User Switching (FUS) to a dedicated administrator account to perform administrative operations. On the other hand, users who want to forgo security in favor of convenience can disable UAC on a system in the User Accounts dialog in the Control Panel, but should be aware that this also disables Protected Mode for Internet Explorer.

- Inside Windows Vista User Account Control

So, the annoying dialogs were introduced because users refuse to use a "Standard" user account. That sort of ignores that fact that many programs written with the Win9x security model in mind refuse to run in a limited user mode. Hence, my emulation suggestion.
Did you get the number on that truck?

User avatar
Tawnos
Posts: 67
Joined: Mon Mar 05, 2007 3:40 am UTC
Location: Sammamish, WA
Contact:

Re: "Retro Virus" Discussion

Postby Tawnos » Sun Feb 07, 2010 3:16 am UTC

Werewolf wrote:
Tawnos wrote:... I work at Microsoft, so I'm getting a kick out of these replies. Some of you are very good at making it sound like you know what you are talking about. But trust me, you don't. I think some of you are just trying to make yourself sound clever. This is how bad information gets passed around. Don't try to make yourself sound like you know what you're talking about when you don't. Because some xkcdenizens believe anything they read. ...

But I do work at Microsoft, so I am getting a kick, &c.

Congratulations. You are the 1000000000th user to post on the internet pretending to work for M$ in order to pull some pro Windows bullshit.

And if you do work for M$, then you obviously work at a shop selling Office.


You still around? I am hoping you are and read that I used a fark meme. I don't need to pretend to work there, though, I do (talk to me in #xkcd sometime ;) ). Fanboy rants like those in this thread amuse me greatly, so I used the classic "piss off the fanboy" response. Apparently it worked, as you pulled out your dollar sign and got all riled up.
If determinism is right, does it matter that I believe in free will?

User avatar
tastelikecoke
Posts: 1208
Joined: Mon Feb 01, 2010 7:58 am UTC
Location: Antipode of Brazil
Contact:

Re: "Retro Virus" Discussion

Postby tastelikecoke » Mon Feb 08, 2010 8:32 am UTC

People don't realize that hacking has no correlation with OS type, popularity, hacker siding, and stock market.

It has a correlation with the OS used by Your Mom.

project2051
Posts: 178
Joined: Fri Jan 29, 2010 2:20 pm UTC

Re: "Retro Virus" Discussion

Postby project2051 » Mon Feb 08, 2010 1:37 pm UTC

But... My mother doesn't even have a computer. :?

Kaijyuu
Posts: 101
Joined: Tue Oct 14, 2008 1:58 am UTC

Re: "Retro Virus" Discussion

Postby Kaijyuu » Mon Feb 08, 2010 2:38 pm UTC

- Uses Vista
- Doesn't have a firewall
- Hasn't used windows update in 2+ years
- Used Internet explorer for a good 4 years before switching to firefox about half a year ago
- Self proclaimed moron

- Never had a single virus


IS there a virus problem with windows? I mean, post year 2000. I saw a couple before that occasionally, though not on my computer.
The cake is a lie, but truth is in Pi.

tekk
Posts: 35
Joined: Wed Aug 12, 2009 5:48 am UTC

Re: Viruses on Unix systems?

Postby tekk » Mon Feb 08, 2010 5:33 pm UTC

Clamburger wrote:I would dismiss this however I have not read the EULA so I am cannot provide an informed viewpoint. Perhaps you could provide us with the relevant portion that backs up your claims?


Lemme see if I can find it...

1. GRANT OF LICENSE. Microsoft grants you the following rights provided that you comply with all terms and conditions of this EULA:

that's the okay, this is ours, but you can do these things if you follow our rules..
you may install it
you must tell us that you're using windows
with the understanding that...
we're allowed to kill your music/book/art/whatever library at any time
If the DRM Software's security has been compromised, owners of Secure Content ("Secure Content Owners") may request that Microsoft revoke the DRM Software's right to copy, display and/or play Secure Content.

the big one he talked about
3. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly granted to you in this EULA. The Software is protected by copyright and other intellectual property laws and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the Software. The Software is licensed, not sold.



some of these may not be up to date(A search sent me to the XP eula, but I doubt they've made it less restrictive

User avatar
Tawnos
Posts: 67
Joined: Mon Mar 05, 2007 3:40 am UTC
Location: Sammamish, WA
Contact:

Re: Viruses on Unix systems?

Postby Tawnos » Mon Feb 08, 2010 10:41 pm UTC

tekk wrote:
Clamburger wrote:I would dismiss this however I have not read the EULA so I am cannot provide an informed viewpoint. Perhaps you could provide us with the relevant portion that backs up your claims?


Lemme see if I can find it...

1. GRANT OF LICENSE. Microsoft grants you the following rights provided that you comply with all terms and conditions of this EULA:

that's the okay, this is ours, but you can do these things if you follow our rules..
you may install it
you must tell us that you're using windows
with the understanding that...
we're allowed to kill your music/book/art/whatever library at any time
If the DRM Software's security has been compromised, owners of Secure Content ("Secure Content Owners") may request that Microsoft revoke the DRM Software's right to copy, display and/or play Secure Content.

the big one he talked about
3. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly granted to you in this EULA. The Software is protected by copyright and other intellectual property laws and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the Software. The Software is licensed, not sold.



some of these may not be up to date(A search sent me to the XP eula, but I doubt they've made it less restrictive

To be fair, he responded to this claim:
The software you are using is not yours. You just a get a contract that says "ok, we'll let you use it, but your computer is ours. And we can terminate this contract anytime we want, and for any reason".


Nowhere in that EULA does it say "your computer is ours", nor does it say "we can terminate anytime for any reason", at least not in a manner that's been demonstrated here.
If determinism is right, does it matter that I believe in free will?

User avatar
phillipsjk
Posts: 1213
Joined: Wed Nov 05, 2008 4:09 pm UTC
Location: Edmonton AB Canada
Contact:

Re: "Retro Virus" Discussion

Postby phillipsjk » Tue Feb 09, 2010 12:18 am UTC

*sigh* I am not sure what the point of the last two posts was, but I wrote more about how Windows is tied to the computer in a PM. (to almafuerte and NeoThermic):

phillipsjk wrote:Hello,

Recently, my sister bought a new computer. Despite my objections, she does not feel the Microsoft agreements are evil enough to avoid. Her rationale: "Every computer comes with Windows!"

Anyway, as you may know, the "End-user" does not agree to the Microsoft version of the EULA directly. Rather, each manufacturer uses their own modified EULA that in turn, references the Microsoft EULA. The important thing is that they have changed the language from "by clicking agree..." to "by using the (computer)..." you agree to the license.

Contrary to what NeoThermic asserted in the "Retro Virus" thread, the Toshiba version of the Windows 7 license does use the term "termination" in the section titled "Reverse Engineering."

Toshiba wrote:. . . Any failure to comply with the above or any other terms and conditions contained herein will result in the automatic termination of this license and the reversion of the rights granted hereunder to TOSHIBA.

(GM9021074F10)

It is not clear if you are allowed to keep the computer in that case because, contrary to NeoThermic's assertion, the computer is explicitly bundled with Windows. You cannot buy the computer without Windows:

Toshiba wrote:. . . Notwithstanding anything to the contrary in the documentation accompanying your computer, TOSHIBA does not accept the return of components parts, or bundled software, which have been removed from the PC system. Pro-rata refunds on individual PC component or bundled software, including the operating system, will not be granted. If you wish to return a complete PC system, contact the TOSHIBA dealer where you purchased the product, and comply with the dealer's standard return policies and procedures.
Label sealing bag containing actual computer. (typo in original)

Regards,

James Phillips


Edit: Link to my first post in this discussion (quotes a link to the Windows 7 EULA).

It appears the Windows EULA for version 7 has been greatly simplified and re-worked. I think it is now shorter than the GPLv3 (I have started telling people to read the GPLv2 first).
Last edited by phillipsjk on Tue Feb 09, 2010 5:42 pm UTC, edited 1 time in total.
Did you get the number on that truck?

User avatar
Iridos
Posts: 80
Joined: Wed Jan 28, 2009 6:58 am UTC

Re: "Retro Virus" Discussion

Postby Iridos » Tue Feb 09, 2010 12:37 am UTC

Uh, I kind of dislike how this comic implies that anyone of consequence was still using windows in 2003... That's just preposterous...

User avatar
Monika
Welcoming Aarvark
Posts: 3641
Joined: Mon Aug 18, 2008 8:03 am UTC
Location: Germany, near Heidelberg
Contact:

Re: "Retro Virus" Discussion

Postby Monika » Tue Feb 09, 2010 3:22 pm UTC

The comic doesn't imply that.
#xkcd-q on irc.foonetic.net - the LGBTIQQA support channel
Please donate to help these people e.g. Ragna needs these items and Frances needs money for food


Return to “Individual XKCD Comic Threads”

Who is online

Users browsing this forum: No registered users and 38 guests