funsec mailing list archives
Re: dumb. Comcast pop-ups
From: Michael Collins <mcollins () aleae com>
Date: Sat, 10 Oct 2009 21:17:39 -0400
Heh, One of the fun exercises I like to spring on people is to play out the following scenario: assume you've got an embedded system of some kind being controlled by a windows 3.1 box. Let's say it's doing something like wrapping candybars or stamping plaques or wahtever, it's piecework payment. The machine gets 0wned, and while it's not doing anything that's impacting you personally, it's contributing a couple of kb/s to spamming or ddosing or other fun things. Is it in your interest to sacrifice the day, and the consequent profits involved in fixing your box, to solve the problem or better to just let it run? The problem was given a more concrete example by a colleague who pointed out that most medical hardware running on windows boxes is not only certified for windows only, but specific *patchlevels*, and that consequently these machines can get restored, taken down, reinstalled, and put back on the net with known vulnerabilities because their software is certified with vulnerabilities intact. On Oct 10, 2009, at 9:06 PM, Jon Kibler wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Toralv_Dirro () mcafee com wrote:And prevent their customers from some activity on the internet that may be extremely urgent and important? As much as I would prefer such an approach personally, I'm afraid this is not a realistic option in the real world.Exactly!! All users with infected computers should be BANNED from the Internet until their boxes are clean!! Access to an ISP sandbox would be semi-okay, but allow infected computers access to the Internet in general? Not only "NO!", but "HELL NO!!". Denying access to the few -- those with infected computers -- to protect the greater masses is EXACTLY the right move! We do not allow individuals who have highly contagious diseases to randomly wander in public spreading their infection, so why should we allow their computers to do the same? There is absolutely no "life critical" event that requires immediate Internet access by an infected system! Despite what millions of CrackBerry users may claim, not having instant email access is *not* a "life critical" event!! "Quarantine to few to protect the many!" That should be the operational mantra of all ISPs. Jon - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkrRL5sACgkQUVxQRc85QlOUgwCfUMli1gRRFmo1QcFhXIhsxa+a JvYAn19AxBUqNZ/DNMpecOo92EARWm12 =5hLe -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups), (continued)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Rich Kulawiec (Oct 19)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Nick FitzGerald (Oct 19)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) chris (Oct 19)
- Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Rich Kulawiec (Oct 17)
- Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups) Michael Collins (Oct 13)
- Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups) Rich Kulawiec (Oct 13)
- Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups) Michael Collins (Oct 13)
- Re: dumb. Comcast pop-ups Rich Kulawiec (Oct 10)
- Re: dumb. Comcast pop-ups Toralv_Dirro (Oct 10)
- Re: dumb. Comcast pop-ups Jon Kibler (Oct 10)
- Re: dumb. Comcast pop-ups Michael Collins (Oct 10)
- Re: dumb. Comcast pop-ups Jim Murray (Oct 11)
- Re: dumb. Comcast pop-ups Jon Kibler (Oct 11)
- Re: dumb. Comcast pop-ups Michael Collins (Oct 11)
- Re: dumb. Comcast pop-ups Larry Seltzer (Oct 10)
- Re: dumb. Comcast pop-ups der Mouse (Oct 10)
- Re: dumb. Comcast pop-ups Dave Dennis (Oct 10)
- Re: dumb. Comcast pop-ups der Mouse (Oct 10)
- Re: dumb. Comcast pop-ups Rich Kulawiec (Oct 11)
- Re: dumb. Comcast pop-ups Paul Vixie (Oct 11)
- Re: dumb. Comcast pop-ups Valdis . Kletnieks (Oct 11)