search for: conscripted

...ts, the security of Linux > SSH passwords seems hardly relevant. > I happen to know from firsthand experience that SSH slow bruteforcers on Linux are a significant portion of the 'botnet' traffic out there. How do I know this? From a hacked Linux server which was brute-forced and conscripted into being a slow bruteforcer node back in 2009 or so. The particular payload that was dropped on that box was dropped into a normal user account with a moderately strong (but obviously not strong enough) password, and the code never even attempted to escalate privileges. It didn't need t...

On Thu, July 30, 2015 14:20, Warren Young wrote: > > Did you see my exchange with James Byrne? His bogus counter to my > claim that iPads can???t be turned into botnet conscripts was to point > (very indirectly) to a paper where some researchers found a way to > jump through a whole bunch of hoops to bypass all the security Apple > had placed in the path of app sideloading.

On Jul 29, 2015, at 5:40 PM, Chris Murphy <lists at colorremedies.com> wrote: > > On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: > >> Security is *always* opposed to convenience. > > False. OS X by default runs only signed binaries, and if they come > from the App Store they run in a sandbox. User gains significant > security

On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: > Security is *always* opposed to convenience. False. OS X by default runs only signed binaries, and if they come from the App Store they run in a sandbox. User gains significant security with this, and are completely unaware of it. There is no inconvenience. What is the inconvenience of encrypting your device