Author Topic: Directly running a .zip, kinda  (Read 23917 times)

0 Members and 2 Guests are viewing this topic.

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Directly running a .zip, kinda
« Reply #30 on: February 20, 2006, 10:54:18 pm »
I have no idea what the hell you mean, if you want me to address the argument (As irrelevant as it is) I will. While we're at it let's talk about how MacOSX has a shiny bar since we're in the mood to discuss things offtopic!

Windows Vista has improved security, things like this wouldn't happen since now the shell features more information than before per file so simple exploits like this are irrelevant. Now others exploits most of them are either fixed each month or completely squashed with Vista's new permission system.

I was under the impression that Vista was still going to use NTFS?  Sorry if I'm incorrect.

Concurrently, I'd like to point out I'm talking about Windows XP, not Vista.

NTFS has been updated if that's what you mean. NTFS has always had user permissions on files if that's what you mean as well.

Since you're talking about Windows XP and not Vista whenever I argue against Linux I'll use 0.99 instead of 2.6 to make it fair, okay?

Additionally like I've said THREE OF FOUR TIMES, Linux/Unix are the hackers main target. Who the hell wants to target a windows box? Yes let's attack home users! We may get some vacation pictures and we can post them on our hacker sites1!!!1331321312!!!!. Shutup.
One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #31 on: February 20, 2006, 11:03:06 pm »
NTFS has been updated if that's what you mean. NTFS has always had user permissions on files if that's what you mean as well.

I know it's always had user permissions; I help manage my school's network.  I've worked with it lots.  It's nice to know they're going to update it, though.

Since you're talking about Windows XP and not Vista whenever I argue against Linux I'll use 0.99 instead of 2.6 to make it fair, okay?

Since Windows Vista isn't publically available yet, no.  That argument would be totally irrational.

Additionally like I've said THREE OF FOUR TIMES, Linux/Unix are the hackers main target. Who the hell wants to target a windows box? Yes let's attack home users! We may get some vacation pictures and we can post them on our hacker sites1!!!1331321312!!!!. Shutup.

HAHAHAAH!!  Here, I'll quote ink:

Windows IS most definately the target of many hackers. to say otherwise would be rediculous

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #32 on: February 20, 2006, 11:03:51 pm »
That's why several european hackers have been caught with botnet's of over a million infected PC's, WINDOWS PC'S
Not every computer that uses Windows is a home computer either, if you recall when the PnP exploit came out not too long ago, CNN and New York Times both got owned because they failed to do the critical update soon enough.

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #33 on: February 20, 2006, 11:06:27 pm »
And vacation pics is hardly what they look for, but maybe you are unaware of that.
Let me enlighten you, ever heard of financial statement's, perhaps password retrievers that pickup email, ebay, and paypal passwords? Maybe JUST MAYBE they also use windows PC's to make a fortune uploading adware and spyware to their victims for companies?
Food for thought.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #34 on: February 20, 2006, 11:15:38 pm »
ink: great points.

Learn to use the edit button, though. :)

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #35 on: February 20, 2006, 11:23:33 pm »
Sorry, I usually do, completely forgot that I had posted right before, ah well.
If it happens again, just so you know in advance, it's not on purpose  :-X

Actually, I think I may have meant to hit Modify but spaced out and hit reply instead then completely didn't noticed the absense of my previous post. Oh well.

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Directly running a .zip, kinda
« Reply #36 on: February 21, 2006, 12:49:45 am »
Since you're talking about Windows XP and not Vista whenever I argue against Linux I'll use 0.99 instead of 2.6 to make it fair, okay?

Since Windows Vista isn't publically available yet, no.  That argument would be totally irrational.

To you, no? It's availible to me and anyone else with an MSDN subscription.
Unless I'm so exclusive I forgot I'm no longer part of the public.

Additionally like I've said THREE OF FOUR TIMES, Linux/Unix are the hackers main target. Who the hell wants to target a windows box? Yes let's attack home users! We may get some vacation pictures and we can post them on our hacker sites1!!!1331321312!!!!. Shutup.

HAHAHAAH!!  Here, I'll quote ink:

Windows IS most definately the target of many hackers. to say otherwise would be rediculous

Who is he to say what? Show me some proof besides what you can type on a monitor. I can show you proof by stating which OS most servers use. You can't.

@ink: The home user isn't going to have that much on his PC, enough to make the hacker go out of his way to exploit his machine, and risk his freedom? I don't think so.

Now as for the bottleneck crap: You're again, blaming the ignorance of users on the OS. What I'd like to know is more details about this and I think the reason those big companies came down is obvious and you stated it yourself...they didn't patch. No fucking shit, a linux box'd go down too if I had an exploit and it was unpatched. See, thats the feeling of invulnerability I talk about.

One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #37 on: February 21, 2006, 12:56:56 am »
rofl stop acting like a newb man, havnt you ever heard of bots? whenever a new exploit comes out its added to the bots, and the bots scan their own ranges for vulnerable computers and do the exploiting themselves.

i'd say most servers use fendora personally. maybe freebsd

Also I find it cute when you make up your own statistics to prove a point:
Quote
Additionally like I've said THREE OF FOUR TIMES, Linux/Unix are the hackers main target.

and actually have the nerve to then say:
Quote
Who is he to say what? Show me some proof besides what you can type on a monitor. I can show you proof by stating which OS most servers use. You can't.
rofl...seriously...


And just for the heck of it, here's some of that proof you was looking for:
http://www.cnn.com/2006/TECH/internet/01/23/hacker.ap/index.html
http://www.cnn.com/2006/TECH/internet/01/31/furst/index.html
http://www.addict3d.org/index.php?page=viewarticle&type=news&ID=3031
http://www.addict3d.org/index.php?page=viewarticle&type=news&ID=11287
« Last Edit: February 21, 2006, 01:08:07 am by ink »

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #38 on: February 21, 2006, 01:07:53 am »
To you, no? It's availible to me and anyone else with an MSDN subscription.
Unless I'm so exclusive I forgot I'm no longer part of the public.

Publically available means you can download or buy the product by itself.  Vista is not publically available.

Who is he to say what? Show me some proof besides what you can type on a monitor. I can show you proof by stating which OS most servers use. You can't.

He's an informed person.  Go find virus reports on Norton or something to that affect.  I'm sure you'll find the data you're looking for.  It's not really my fault that you're stupid enough to believe that Linux is more commonly attacked than Windows.  Even if the same proportion of them were attacked, Windows would still have a significant factor more.

Once again: you're under the impression that the only targets for hackers are servers.  Wrong.

@ink: The home user isn't going to have that much on his PC, enough to make the hacker go out of his way to exploit his machine, and risk his freedom? I don't think so.

Hackers are stupid.  You'd be surprised.

Now as for the bottleneck crap: You're again, blaming the ignorance of users on the OS. What I'd like to know is more details about this and I think the reason those big companies came down is obvious and you stated it yourself...they didn't patch. No fucking shit, a linux box'd go down too if I had an exploit and it was unpatched. See, thats the feeling of invulnerability I talk about.

No, I'm blaming what the OS does when they know most of their users are ignorant.

The difference between unpached Linux boxes and unpached Windows boxes is this: there's almost always a patch for a given exploit on a Linux box.  This is not true on a Windows server or computer.  Sometimes it takes weeks for them to release a patch.  Other times Microsoft completly disregards the issue.

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #39 on: February 21, 2006, 01:09:38 am »
I'd have to say the average intelligence of a Linux user is greater than the average intelligence of a Windows user. Thats just my opinion though, not an actual fact.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #40 on: February 21, 2006, 01:14:19 am »
I'd have to say the average intelligence of a Linux user is greater than the average intelligence of a Windows user. Thats just my opinion though, not an actual fact.

Wrong word.  Intelligence is defined as a person's ability to retain and understand knowledge.  I would say that a Linux user's knowledge on the subject of technology is much greater than the average Windows user for sure, though. :)

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #41 on: February 21, 2006, 01:15:43 am »
I stand by the word intelligence, which I feel still applies.

SEE: Definition of average.

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Directly running a .zip, kinda
« Reply #42 on: February 21, 2006, 01:20:02 am »
rofl stop acting like a newb man, havnt you ever heard of bots? whenever a new exploit comes out its added to the bots, and the bots scan their own ranges for vulnerable computers and do the exploiting themselves.

i'd say most servers use fendora personally. maybe freebsd

Also I find it cute when you make up your own statistics to prove a point:
Quote
Additionally like I've said THREE OF FOUR TIMES, Linux/Unix are the hackers main target.

and actually have the nerve to then say:
Quote
Who is he to say what? Show me some proof besides what you can type on a monitor. I can show you proof by stating which OS most servers use. You can't.
rofl...seriously...

Cute, however common typo. That was meant to say "THREE OR FOUR TIMES", else that would have been a pretty nice argument there.

And just for the heck of it, here's some of that proof you was looking for:
http://www.cnn.com/2006/TECH/internet/01/23/hacker.ap/index.html
http://www.cnn.com/2006/TECH/internet/01/31/furst/index.html
http://www.addict3d.org/index.php?page=viewarticle&type=news&ID=3031
http://www.addict3d.org/index.php?page=viewarticle&type=news&ID=11287

Hm, the first two are of the same guy the second last has no useful information and the last is of another group of people.
Hmm two people really make us a target. Holy fuck someone fetch Norton and ZoneAlarm we're under motherfucking attack!!!!!@!!111111

@Sidoh:

You pay for MSDN subscription then you have access to Vista, what are you getting at?

Also, I'm not going to take him "being an informed person" from you unless I see some degrees in the feilds of security coming out because anything else is just another user stating something withought information to back it up. It isn't my fault you can't backup your claims so you both resort to personal attacks to feel like you're worth something

I could easily call you both fucking retards for even touching Linux.

One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #43 on: February 21, 2006, 01:24:32 am »
rofl. I was pasting a few links as documentation to the fact that Windows machines ARE targeted.
And enough of your sarcastic OMG RUN FOR COVER remarks, unless your just saying that shit because you can't provide a SINGLE source supporting your arguement.
I'll be willing to bet those hundreds of thousands of computers were running the one, the only, Windows!

Plus those are only two people who have been caught, I can assure you there are many more out there.
« Last Edit: February 21, 2006, 01:26:42 am by ink »

Offline mc0

  • Newbie
  • *
  • Posts: 8
    • View Profile
Re: Directly running a .zip, kinda
« Reply #44 on: February 21, 2006, 01:26:32 am »
Linux boxes aren't the main target for quite a few reasons.

1. Persons running *nix usually have much more experience than your average windows user.  This in turn means that they usually have more experience implementing better security than your average windows user. 

2. Most major exploits for *nix are local, this means that you must already have some kind of access to a command line on the box to even try to execute the vulnerability. Sure more and more rce (remote code execution) exploits appear everyday, but this only gives the hacker access to a make-shift shell, and as I stated in point one, the average *nix administrator has more experience w/security, meaning most *nix boxes today have hardening patches installed (these tend to keep hackers out).

3. It is much harder to hide things on a *nix system.  If you haven't noticed, there are many different flavors of *nix.  This being true, it is much harder to develop a standard rootkit.  Sure shv5 works on a portion, but there are hardly any for freebsd.  In retrospect, if you look at windows there are numerous rootkits, backdoors, and ways to hide things away from the administrator.  Ever hear of ntfs streams?  So simple yet almost completey undetectable to the average user.

Also, if most 'hackers' targeted *nix so much it would get much more attention from the government.  I guess you've never seen what 17 kaitens can do compared to a couple thousand bots.  There are so many more reasons why *nix is a lesser target than windows to hackers, including one huge one that I didn't bother to mention.

EDIT:

To show how ridiculously insecure windows really is, here are a few public exploits:

http://milw0rm.com/id.php?id=1505
http://milw0rm.com/id.php?id=1504
http://milw0rm.com/id.php?id=1506
http://milw0rm.com/id.php?id=1502
http://milw0rm.com/id.php?id=1466
http://milw0rm.com/id.php?id=1420
http://milw0rm.com/id.php?id=1391
http://milw0rm.com/id.php?id=1352
http://milw0rm.com/id.php?id=1260

aww hell, there's too many to list so I'll just link the whole thing. http://milw0rm.com/parse.php?platform=windows
« Last Edit: February 21, 2006, 01:33:19 am by mc0 »