Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: TheBoy on 28 May 2008, 21:10:52
-
Sorry, I don't normally do such posts, but I know we have a lot of You Tubers here, and this one is making waves in the IT circles.... ....just be cautious until Adobe patch it.
http://blogs.zdnet.com/security/?p=1189
-
Thanx TB :y
-
Cheers TB. Much appreciated. :y :y
-
that went right over my :-Xhead. will stick to pen/paper
-
I should add yesterday's outage was related to this issue.
-
I should add yesterday's outage was related to this issue.
Should we refrain from posting links to YT for a while :-/ :question
-
I should add yesterday's outage was related to this issue.
Should we refrain from posting links to YT for a while :-/ :question
I would be inclined to stay away from any sites that use Flash. Trouble is, a massive number of websites have been compromised in last few weeks using a very clever SQL injection script, and many of these compromised websites are being used to host Flash files that can exploit this vulnerability. Thats why its so serious.
-
<-------mac user.......don't get viruses
-
thanks TB :y
-
Love my LINUX
-
<-------mac user.......don't get viruses
The flaw exists in Mac versions, and Macs are vulnerable. You still need to run software to stop nasties - the Mac isn't any more inherently secure, its just not as popular.
-
Love my LINUX
LOL, same goes, Linux is equally vulnerable. Actually, probably more so, seeing as the kernel is rubbish ;D
-
Love my LINUX
LOL, same goes, Linux is equally vulnerable. Actually, probably more so, seeing as the kernel is rubbish ;D
The kernel is only as rubbish as the way its compiled :) One reason I stick with Gentoo and don't bother with genkernel, but go through it all myself, never had an issue!
Altho stuff like Ubu, Redhat and Fedora are built so modular (and bloated to cover many many architectures), they add to themselves in regards to problems and performance hits... Although out of those, Ubu does seem to be patched more often than the others.
The vulnerability though isn't down to kernel level, but purely down to the flash plugin itself. Windows will get patched earlier (as-is), Linux will get patched some other time, but this exploit has mainly taken off since it was used to hack Vista.
http://securitywatch.eweek.com/exploits_and_attacks/vista_hacked_with_adobe_flash_vulnerability.html
Even so, as long as people keep up with various patches and security fixes (regardless of OS), then they should have no issues.
Although I do like the way that it was an Ubu machine which was left standing after 3 days :) But then again, Linux never runs its environment or shell as root (unless its a complete cock-jockey of a sysadmin or inexperienced user running it as root and not another user, or they can't configure sudo properly)
-
Love my LINUX
LOL, same goes, Linux is equally vulnerable. Actually, probably more so, seeing as the kernel is rubbish ;D
The kernel is only as rubbish as the way its compiled :) One reason I stick with Gentoo and don't bother with genkernel, but go through it all myself, never had an issue!
Altho stuff like Ubu, Redhat and Fedora are built so modular (and bloated to cover many many architectures), they add to themselves in regards to problems and performance hits... Although out of those, Ubu does seem to be patched more often than the others.
The vulnerability though isn't down to kernel level, but purely down to the flash plugin itself. Windows will get patched earlier (as-is), Linux will get patched some other time, but this exploit has mainly taken off since it was used to hack Vista.
http://securitywatch.eweek.com/exploits_and_attacks/vista_hacked_with_adobe_flash_vulnerability.html
Even so, as long as people keep up with various patches and security fixes (regardless of OS), then they should have no issues.
Although I do like the way that it was an Ubu machine which was left standing after 3 days :) But then again, Linux never runs its environment or shell as root (unless its a complete cock-jockey of a sysadmin or inexperienced user running it as root and not another user, or they can't configure sudo properly)
^^ TWW
-
Love my LINUX
LOL, same goes, Linux is equally vulnerable. Actually, probably more so, seeing as the kernel is rubbish ;D
The kernel is only as rubbish as the way its compiled :) One reason I stick with Gentoo and don't bother with genkernel, but go through it all myself, never had an issue!
Altho stuff like Ubu, Redhat and Fedora are built so modular (and bloated to cover many many architectures), they add to themselves in regards to problems and performance hits... Although out of those, Ubu does seem to be patched more often than the others.
The vulnerability though isn't down to kernel level, but purely down to the flash plugin itself. Windows will get patched earlier (as-is), Linux will get patched some other time, but this exploit has mainly taken off since it was used to hack Vista.
http://securitywatch.eweek.com/exploits_and_attacks/vista_hacked_with_adobe_flash_vulnerability.html
Even so, as long as people keep up with various patches and security fixes (regardless of OS), then they should have no issues.
Although I do like the way that it was an Ubu machine which was left standing after 3 days :) But then again, Linux never runs its environment or shell as root (unless its a complete cock-jockey of a sysadmin or inexperienced user running it as root and not another user, or they can't configure sudo properly)
The design of Linux's kernel has issues, so compilation doesn't really make a difference to security, though does to performance and stability.
Its saving grace is it uses the Unix standard of nobody running as root (unless some dimwit does so as part of an ego trip), downside is *nix's way of all or nothing, so a number of common processes run with superuser rights, esp anyone daft enough to run X
Then added to the fact that Linux kernel tends to struggle at times to keep things running, and vital security processes stop running for no apparent reason, such as IPTABLES. Trust me, losing IPTABLES on a directly internet gigabit connected server results in a very useful zombie for somebody >:(
-
Is the Omega Map anything to do with flash?
-
Well, putting flash on a web site is an effective way of keeping me away from it anyway. Why should I sit through the tedium of all their sh!t "intros"? There are normally plenty more hits on google to follow.. Generally an indication that image is more important than content IME.
The kernel is only as rubbish as the way its compiled
Not running precisely the same object code as millions of others must make it an awful lot more difficult to successfully compromise too, at least if you're in the business of exploiting buffer overruns and the like. A bit of genetic diversity doesn't hurt.
Kevin