search for: conscript

...ts, the security of Linux > SSH passwords seems hardly relevant. > I happen to know from firsthand experience that SSH slow bruteforcers on Linux are a significant portion of the 'botnet' traffic out there. How do I know this? From a hacked Linux server which was brute-forced and conscripted into being a slow bruteforcer node back in 2009 or so. The particular payload that was dropped on that box was dropped into a normal user account with a moderately strong (but obviously not strong enough) password, and the code never even attempted to escalate privileges. It didn't need...

On Thu, July 30, 2015 14:20, Warren Young wrote: > > Did you see my exchange with James Byrne? His bogus counter to my > claim that iPads can???t be turned into botnet conscripts was to point > (very indirectly) to a paper where some researchers found a way to > jump through a whole bunch of hoops to bypass all the security Apple > had placed in the path of app sideloading. > http://www.theregister.co.uk/2015/06/17/apple_hosed_boffins_drop_0day_mac_ios_researc...

...ok my iPad up to my PC and browse it as just another filesystem, as I can with any other digital camera or MP3 player. Apple must do this in order to prevent sideloading malicious apps. Did you see my exchange with James Byrne? His bogus counter to my claim that iPads can?t be turned into botnet conscripts was to point (very indirectly) to a paper where some researchers found a way to jump through a whole bunch of hoops to bypass all the security Apple had placed in the path of app sideloading. Android doesn?t bother with most of this, and what security there is is bypassable with a checkbox in the...

On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: > Security is *always* opposed to convenience. False. OS X by default runs only signed binaries, and if they come from the App Store they run in a sandbox. User gains significant security with this, and are completely unaware of it. There is no inconvenience. What is the inconvenience of encrypting your device