Full Disclosure mailing list archives
Re: need help in managing administrators
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 5 Dec 2007 23:57:19 -0500
On Dec 5, 2007 11:10 PM, <Valdis.Kletnieks () vt edu> wrote:
On Wed, 05 Dec 2007 22:45:39 EST, Dude VanWinkle said:You are right, thanks for all the careful planning and well thought out infrastructure. I mean, who could have thought that the ability to reach into the homes of every tom dick and harry as well as every company on the planet would be used for swindling cash?I'd like to see you find *any* evidence that the guys who did the original design work had *any* serious reason to expect that 15 years later, somebody would change all the AUPs and let Joe Sixpack on the net.
Isn't a majority of abuse from internal users? You should design a system to be independent of the users, maybe I will just file that under "lessons learned"
For that matter, you're welcome to come up with security protocols that would have been acceptable on the hardware of the time, or in the computer culture of the time.
Good argument. I now just throw massive equations at the processor and expect them to be done ASAP. I guess my digital watch has more processing power than MULTIVAC (the Internet USED to be tubes, as MULTIVAC will attest to).
Remember - we're talking about a time when you really *could* get all the TCP/IP users on the planet around one table in a conference room, and picking up the phone, dialing a number you knew already, and saying "Hey Bernie, will you smack your user upside the head?" and know that Bernie would do it, because Bernie was expecting you to do it if he called you.
Thats what i am saying, if it was that easy... damn, you could (and probably did to some extent) have affected the entire thing with one phone call. Do you realize what it takes now-a-days to have that same effect? I would have to subpoena all the governments, educational institutes, and businesses on the planet; then wait 50 years for the measures to be implemented
Some dude at MIT called Stallman was even running machines that didn't have passwords, and everybody logged in as "system admin" - and the world didn't end.
I recommend pb/pmrun ;-)
Now tell me how you would have imposed the sort of security needed today on that environment. ;)
try this "hey boss, you will cause regulation, expose national secrets to commies, cause billions of lost dollars, and develop an infrastructure that will destroy the worlds economy if taken down that subsists on 13 servers, enable women to vote, and Africans will be treated as equals" ;-) Just kidding about the women and african comment, but man, the past asked for that one... :-)
The tech was different, the culture was different. The amazing thing is that it still works as well as it does in today's tech and culture.
Agreed, just amazing.
So you knew this 30 years ago, and didn't change squat, and we are still dealing with it now.A lot of us understood all this 30 years ago, but some vendors made conscious choices regarding the usual security/bling/ease-use trade-offs that in retrospect, were not in the community's best interests.
Profit, sweet profit...
How fuscking hard is it to design a system with separate processors|memory for command|data channels?It's not hard - it's called a Harvard architecture (as opposed to the Von Neumann architecture we know and love, where one memory has both program and data in it). The problem is that *loading* program code into such an architecture requires some finesse, because almost by definition, the program loader is treating some other program's code as data, and thus shouldn't be allowed to do a "data store" operation into "program storage" memory locations (Go ahead - *try* to write even a simple program loader that doesn't treat the loaded program's bytes as data - it *is* fsck'ing hard.. ;)
Well say: proc 1=commands and can be but anywhere on proc1/memory1 proc2=data:can be put anywhere that will display on video cards, or a process that is used to enter data (only No Exec, Stack Cookies, Heap Cookies, SafeSEH.. just data) Easy in hindsight :-) JK Joke, AFAIK we wouldn't need these things with separate memory spaces and processors (EIP=1, not 2)
Or you could go the EEPROM/CDROM route like most game consoles did. That's easier on the practicality side, but still isn't as flexible as a general-purpose PC.
Dumb Terminals are the future. End users and corps are tired of SW upgrade, losing info, backing up, viri, etc -JP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: need help in managing administrators, (continued)
- Re: need help in managing administrators T Biehn (Dec 02)
- Re: need help in managing administrators Valdis . Kletnieks (Dec 02)
- Re: need help in managing administrators Paul Schmehl (Dec 02)
- Re: need help in managing administrators Dude VanWinkle (Dec 02)
- Re: need help in managing administrators T Biehn (Dec 02)
- Re: need help in managing administrators Dude VanWinkle (Dec 03)
- Re: need help in managing administrators Valdis . Kletnieks (Dec 05)
- Re: need help in managing administrators T Biehn (Dec 05)
- Re: need help in managing administrators Dude VanWinkle (Dec 05)
- Re: need help in managing administrators Valdis . Kletnieks (Dec 05)
- Re: need help in managing administrators Dude VanWinkle (Dec 05)
- Re: need help in managing administrators Valdis . Kletnieks (Dec 05)
- Re: need help in managing administrators Dude VanWinkle (Dec 05)
- Re: need help in managing administrators Nick FitzGerald (Dec 05)
- Re: need help in managing administrators Valdis . Kletnieks (Dec 05)
- Re: need help in managing administrators T Biehn (Dec 05)
- unsubscribe full-disclosure Makousky, Steve C (Dec 03)
- Re: need help in managing administrators happy nino (Dec 05)