IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Well, just for starters . .
  • Windows XP Home automatically assigns the first (and most often only) user login as an administrator. On other versions of Windows the user assigns themselves as an administrator the first time they try to install some software and it won't let them.

  • A strong set of exploitable automation tools all guaranteed to be there on every machine and be exactly the same on every machine.

  • Tight integration among applications and the operating system, so if you're in at one point, you have it all.

  • 99.73% of users haven't one clue in hell how to secure their computers and wouldn't take the trouble if they did.

  • A huge percentage of the users are easily fooled by even the most simplistic ploys.

  • A huge number of users are kids who haven't the slightest suspicion of the word "free" because everything has always been free.

  • Firewalls are pretty much useless since the malware comes in by user action and does all its dirty work from the inside with the users (administrator) privileges.

  • There are enough systems out there that aren't patched up to date to make it economical to exploit flaws as they are found, even if Microsoft has already issued a patch. Actually, I haven't seen a Windows machine yet that was patched up to date.

  • A vast number of systems on completely unprotected DSL and Cable connections. They get new IP addresses periodically, but most modern scumware doesn't need a static IP, it's automated and works from inside.

[link|http://www.aaxnet.com|AAx]
New Apart from the first point
it's all a function of user base, not of the OS. And if MS doesn't address the first point in the next release, they are even worse morons than I thought they were.

The problem boils down to the fact that 90% of people who want to use computers should not be using computers, at least not unsupervised. Yes, Gates can be blamed for that, but only in some indirect way.
--


And what are we doing when the two most powerful nations on earth -- America and Israel -- stomp on the elementary rights of human beings?

-- letter to the editor from W. Ostermeier, Liechtenstein

New Let's see, point #3
"Tight integration among applications and the operating system, so if you're in at one point, you have it all."

How exactly is that a function of the user base? Sounds more like a function of the MSFT dept. responsible for MS Office.
--\n-------------------------------------------------------------------\n* Jack Troughton                            jake at consultron.ca *\n* [link|http://consultron.ca|http://consultron.ca]                   [link|irc://irc.ecomstation.ca|irc://irc.ecomstation.ca] *\n* Kingston Ontario Canada               [link|news://news.consultron.ca|news://news.consultron.ca] *\n-------------------------------------------------------------------
New Sounds like the OS/2 WPS (ducks, runs)
--
Chris Altmann
New Nah, Office has users.
Dives over you into trench.


Peter
[link|http://www.ubuntulinux.org|Ubuntu Linux]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home]
Use P2P for legitimate purposes!
New :)
Of course, we all know the difference between Dos*, Win*, PM*, and WP* API calls, don't we:)

Though the point is reasonably well taken for the WPS stuff, though some progress has been made on that front by the user community over the last couple of years.
--\n-------------------------------------------------------------------\n* Jack Troughton                            jake at consultron.ca *\n* [link|http://consultron.ca|http://consultron.ca]                   [link|irc://irc.ecomstation.ca|irc://irc.ecomstation.ca] *\n* Kingston Ontario Canada               [link|news://news.consultron.ca|news://news.consultron.ca] *\n-------------------------------------------------------------------
New Sounds like Gnome
And, the 90% really want integration. Makes life easier.
--


And what are we doing when the two most powerful nations on earth -- America and Israel -- stomp on the elementary rights of human beings?

-- letter to the editor from W. Ostermeier, Liechtenstein

Expand Edited by Arkadiy March 14, 2005, 07:35:05 PM EST
New No, another disagreement here.
Sounds like Gnome and, the 90% really want integration. Makes life easier.
No, GNOME has a very good abstraction of Privs, it is called "only has the privs of the user using the environment"

Which effectively removes the possibility of system exploits, causing heartache for the whole machine. Restore you User $HOMEDIR and you are golden. Of just re-populate with /etc/skel setup and you'll be working in no time.

The Integration is vastly different in comparison of WindowsXP and GNOME.

First of, the integratoin in GNOME does not have the ability to run as another user, unless specifically configured to run different from default. Second, GNOME is seperate from the GUI, which is seperate from the OS, which runs the GUI outside priv'd ring-0. Which then again operates everything as a file. *NIX does exactly what you tell it. *NIX is also tremendously more predictable when the integration actually is working. Documentation, sure there ar a scribbles here and there. But sometimes that is really all you need. I figure it is better to have the facts rather than REEMS of fluff-in-stuff.

Windows, the integration can be exploited to run as a priv'd user without any configuration required. Second the Integration and the GUI both run in the priv'd Ring-0. Windows running things directly in Ring-0 is dangerous. By default you can do things in Windows you should NEVER be able to do period as any user. Windows second guessses you all the time. Therfore Windows is tough to predict with any certainty. Documentation, sure plethora of Docs that were written by people that are paid by the Line. Yeap. Perfect.
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey

[link|http://it.slashdot.org/comments.pl?sid=134485&cid=11233230|"Microsoft Security" is an even better oxymoron than "Military Intelligence"]
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
New On our network...
all computers have had their administrator account name changed, administrator accounts have been locked down with strong passwords, and full administrative rights have been disabled on normal users (work group managers and LAN administrators have full rights still of course).

But still we find this kind of adware on computers where the user has browsed the wrong places and clicked the wrong ads. To make things worse, some of these can only be removed by logging into that administrator account even though the user couldn't have been signed into that account.

Tell me that's anywhere near as secure as a Unix box.
~~~)-Steven----

"I want you to remember that no bastard ever won a war by dying for his country.
He won it by making the other poor dumb bastard die for his country..."

General George S. Patton
     Undetectable VX2!!!!!! - (Andrew Grygus) - (39)
         Maybe because it isn't the traditional one? - (folkert) - (3)
             This one was real VX2 . . - (Andrew Grygus) - (2)
                 Is there even room to fit one more nail? ;-) -NT - (n3jja) - (1)
                     Depends on how many infections a given machine has. -NT - (ben_tilly)
         Re: Undetectable VX2!!!!!! - (andread) - (3)
             Of course. -NT - (Andrew Grygus) - (2)
                 Yeap, just like that. - (folkert) - (1)
                     My root post for this thread did refer to . . - (Andrew Grygus)
         Assuming that I am a complete dolt, - (Arkadiy) - (29)
             Rootkit worms for windows abound - (jake123)
             Well, just for starters . . - (Andrew Grygus) - (8)
                 Apart from the first point - (Arkadiy) - (7)
                     Let's see, point #3 - (jake123) - (5)
                         Sounds like the OS/2 WPS (ducks, runs) -NT - (altmann) - (2)
                             Nah, Office has users. - (pwhysall)
                             :) - (jake123)
                         Sounds like Gnome - (Arkadiy) - (1)
                             No, another disagreement here. - (folkert)
                     On our network... - (Steven A S)
             Win32 message service - (inthane-chan) - (18)
                 If you're not an admin, you don't have - (Arkadiy) - (17)
                     Nope. I have a machine at work. - (folkert) - (16)
                         I don't know :( - (Arkadiy) - (13)
                             I don't agree with your assessment. - (folkert) - (12)
                                 That I don't understand - (Arkadiy) - (11)
                                     That's where messaging comes in. - (inthane-chan)
                                     Not like Windows... - (folkert) - (6)
                                         It was quite helpful - (Arkadiy) - (5)
                                             It isn't documneted the way you'd think. - (folkert) - (4)
                                                 Well, the only things that grant access to file system - (Arkadiy) - (3)
                                                     Then how do you explain the fact that it happens? - (folkert) - (2)
                                                         I have no explanation that I am sure of. - (Arkadiy) - (1)
                                                             Thank you. (new thread) - (folkert)
                                     Re: That I don't understand - (andread) - (2)
                                         Are they members of other groups? - (Arkadiy) - (1)
                                             Domain Users -NT - (andread)
                         There is a way. - (static) - (1)
                             It's LocalSystem - (Arkadiy)
         VX2 on 2 servers - (andread)

Only Olaf Stapledon ever succeeded on this kind of scale, and Olaf Stapledon is dead.
136 ms