Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

DHS wants you patch your Windows computer

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Archives » General Discussion (01/01/06 through 01/22/2007) Donate to DU
 
raysr Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 04:47 PM
Original message
DHS wants you patch your Windows computer
"The Department of Homeland Security (DHS) issued the rare advisory after Microsoft announced a dozen patches for vulnerablities in the Windows software. One of the flaws opens a back door to a computer without any action by the user."

--more--http://www.cio-today.com/news/U-S--Warns-of-Windows-Sec...


Time switch OS's my friends. If DHS is recommending a patch, I would run, not walk, away as fast as I can. Bite the bullet and switch to Linux, it's not nearly as hard as you think.
Printer Friendly | Permalink |  | Top
bobbolink Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 04:49 PM
Response to Original message
1. back door on PC, error... back door on voting machine, just hunkey dorey
got it.

:argh:
Printer Friendly | Permalink |  | Top
 
CountAllVotes Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 04:49 PM
Response to Original message
2. really?
How easy? I was told I needed to be "very sophisticated" to be able to use Linux.

I'm using Firefox/Thunderbird now. No more IE.
Printer Friendly | Permalink |  | Top
 
salvorhardin Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 04:56 PM
Response to Reply #2
3. You don't need to be "sophisticated" to run Linux
Edited on Thu Aug-10-06 04:56 PM by salvorhardin
The first thing I recommend for people who don't think they're technically capable of using Linux is to download and burn a copy of Knoppix onto a CD. Then reboot your computer with the new Knoppix CD in your CD drive. Within two minutes you will be running a full Linux based operating system and able to do everything you were capable of doing before, and maybe some things you never thought yourself capable of. When you want to go back to Windows just reboot your machine and eject your Knoppix CD. Nothing ever gets installed on your hard drive. It's 100% free.
http://www.knoppix.org

Printer Friendly | Permalink |  | Top
 
Cronus Protagonist Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 05:06 PM
Response to Reply #3
6. I actually tried that
I figure it would be good for my repair work and handy to have in my toolkit. Knoppix would not boot from the CD and was never able to run at all, on THREE different computers - didn't like the hardware, as far as I can tell. So much for that idea. I still hang onto the CD just in case I can find a computer on which it will run, but one more failure and it's into the trash can. Your mileage may vary.



Educate Your Local Freepers!
Flaunt Your Opinions With Buttons, Stickers and Magnets from BrainButtons.com
>

Printer Friendly | Permalink |  | Top
 
lindisfarne Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 05:12 PM
Response to Reply #3
7. Yes, but when you have a problem with Linux, it can be a real pain.
I know people who run Linux and have seen them spend hours trying to deal with some problem. Fewer people can help with Linux problems which is the real issue for me.

Mind you, I'll probably be running Linux on my laptop in a couple of years - I'm just waiting for a fairly user-friendly version. (I know it's gotten a lot better in the last few years but figure it can get even better). Right now, I use it, but on a computer that's maintained by someone else - who has spent some time dealing with problems when they've occurred (and he's quite knowledgeable about Linux).
Printer Friendly | Permalink |  | Top
 
salvorhardin Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 05:29 PM
Response to Reply #7
9. Here's your fairly user-friendly version
Printer Friendly | Permalink |  | Top
 
lindisfarne Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:01 PM
Response to Reply #9
12. The problem comes when you try to run some program designed for
one version of Linux on another version of Linux. I know someone who spent days trying to work out one such issue with one program. That's what I need Linux for. I can't use it for things like Word Processing because I need to be compatible with people using Windows.
Printer Friendly | Permalink |  | Top
 
salvorhardin Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:23 PM
Response to Reply #12
13. It sounds to me like you're making excuses
You complain about Microsoft's practices and lax security, but when presented with a viable alternative you whine that it's not Microsoft. You deserve what you get.
Printer Friendly | Permalink |  | Top
 
lindisfarne Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:28 PM
Response to Reply #13
14. I don't think I was whining. I don't believe I complained about Microsoft
practices or lax security. And I suspect, that just as is turning out to be the case with Apple computers now that hackers are targeting them a bit more) there are security holes with Linux, too. Whether or not they're as bad remains to be seen.

I was discussing user-friendliness.
Printer Friendly | Permalink |  | Top
 
Feron Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:48 PM
Response to Reply #12
20. Openoffice
It's a free office suite that allows you to open MS Office documents and also save in that format.

Frankly, I think it is better than MS Office and there is a Windows and Mac port of the software as well.

openoffice.org
Printer Friendly | Permalink |  | Top
 
lindisfarne Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Aug-11-06 04:58 PM
Response to Reply #20
27. It's not perfectly compatible. You lose formatting. I know people who
used to use it but had to switch to be compatible with Microsoft word users. (For publishing, formatting is crucial).
Printer Friendly | Permalink |  | Top
 
CountAllVotes Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 09:22 PM
Response to Reply #3
25. thanks - I'll give it a try!
Thank you for the link!

:kick:
Printer Friendly | Permalink |  | Top
 
salvorhardin Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 09:37 PM
Response to Reply #25
26. That's the neat thing about Knoppix
Is it makes it really easy to try out a Linux based O/S without any real cost. So yeah, give it a try. It can't hurt and you might enjoy it. Good luck!
Printer Friendly | Permalink |  | Top
 
skids Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 05:01 PM
Response to Reply #2
4. Depends on what you use it for.
Most preconfigured linux systems are adequate for web browsing, email, and document editing. If you have special needs like gaming, high-end DTP, high-end multimedia editing, or advanced telephony then some tweaking or additional software installation might be needed.

What's really needed for folks to make the switch en-masse is for a good number of semi-sophisticated users to switch, because the missing ingredient is end-user-level self-help. Linux has it, but not in the mass quantity that Windows does. At some point a critical mass of this level of self-help needs to form. (There's already a thriving self-help community for the more sophisticated users.)

The best people in a position to take advantage of Linux right now are people who know longtime Linux users who will help them out while invited over for a beer, and those people who have a spare system so they can experiment without the safety net of their familiar environment.



Printer Friendly | Permalink |  | Top
 
Feron Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 07:13 PM
Response to Reply #2
21. You don't have to be a big-brained computer nerd.
I'm not going to lie, Linux can take some getting used to and does require some reading. Fortunately the newbie-friendly distros take a lot of that pain away with package managers and the like. If Knoppix doesn't work, then Ubuntu does have a live CD version of their distro as well.

I originally switched because of the DRM issue and all of the unnecessary crap that MS likes to push with their patches (Genuine Advantage anyone?). Frankly, I won't be going back. Linux is a lot less stressful than fighting with the Windows monster everyday.
Printer Friendly | Permalink |  | Top
 
unhappycamper Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 05:05 PM
Response to Original message
5. That link didn't work for me, but found the DHS release:
http://www.dhs.gov/dhspublic/display?content=5789

NFW will Microsoft M$06-040 security patch go on my machine.
Printer Friendly | Permalink |  | Top
 
LSK Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 05:13 PM
Response to Original message
8. im behind a linux firewall
Printer Friendly | Permalink |  | Top
 
KamaAina Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 05:32 PM
Response to Original message
10. And they won't tell you exactly what the flaw is, either
I don't think so. :scared:
Printer Friendly | Permalink |  | Top
 
MyNameGoesHere Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:38 PM
Response to Reply #10
16. Oh you mean like this?
What is the scope of the vulnerability?
This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

What causes the vulnerability?
An unchecked buffer in the Server service.

What is the Server service?
The Server service provides RPC support, file print support and named pipe sharing over the network. The Server service allows the sharing of your local resources (such as disks and printers) so that other users on the network can access them. It also allows named pipe communication between applications running on other computers and your computer, which is used for RPC.

What might an attacker use the vulnerability to do?
An attacker who successfully exploited this vulnerability could take complete control of the affected system.

Who could exploit the vulnerability?
Any anonymous user who could deliver a specially crafted message to the affected system could try to exploit this vulnerability.

How could an attacker exploit the vulnerability?
An attacker could try to exploit the vulnerability by creating a specially crafted message and sending the message to an affected system. The message could then cause the affected system to execute code.

What systems are primarily at risk from the vulnerability?
While all workstations and servers are at risk regarding this issue, Windows 2000 systems are primarily at risk due to the unique characteristics of the vulnerability and affected code path.

Yeah they don't say anything.
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
Printer Friendly | Permalink |  | Top
 
KamaAina Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:42 PM
Response to Reply #16
18. Yes, but how can I tell if I have it?
Does it install files? Which ones? Where? What about registry settings? Permissions, etc.?

All that says is, "Yes, there's a flaw, and someone might use it to hack into your system, but there's no way for you to tell if they have, so download our patch NOW!"

Printer Friendly | Permalink |  | Top
 
MyNameGoesHere Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 09:10 PM
Response to Reply #18
22. Oh boy
please then do not download the patch then.. Oh and by the way can i have your IP address? I mean really is this the plot against the world everyone is fearing or just a way to keep someones silly ass out of being compromised? It's your choice you do not have to download it. Oh and about your IP adress.....
Printer Friendly | Permalink |  | Top
 
ReadTomPaine Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 05:33 PM
Response to Original message
11. I don't know who I trust less. MS or DHS. n/t
Edited on Thu Aug-10-06 05:34 PM by ReadTomPaine
Printer Friendly | Permalink |  | Top
 
I_Make_Mistakes Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:29 PM
Response to Reply #11
15. I have been sick and sleeping all kinds of weird hours, so I
didn't disconnect my computer last night and around 3:00am was awoken to my computer shutting down and restarting. I did a search and I think the patch was downloaded. What a way to wake up.

Never leave your computer without shutting it down and turn off the power.
Printer Friendly | Permalink |  | Top
 
Rosco T. Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:39 PM
Response to Original message
17. Unbuntu - all you need to know for Linux n/m
Printer Friendly | Permalink |  | Top
 
karlrschneider Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 06:47 PM
Response to Original message
19. What the hell is the DHS doing expending resources on this shit?
Is a terist gonna jump outta my fucking monitor and toss a dirty bomb out the window???

:eyes:
Printer Friendly | Permalink |  | Top
 
MyNameGoesHere Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 09:11 PM
Response to Reply #19
23. Uh because federal govt
uses Windows servers? Maybe they don't want their systems taken over? I don't know you tell me.
Printer Friendly | Permalink |  | Top
 
karlrschneider Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Aug-10-06 09:13 PM
Response to Reply #23
24. The gov't uses Windows servers? That scares me more than Terists
:eyes:
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Sat Jul 26th 2014, 10:45 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (01/01/06 through 01/22/2007) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC