similar to: Fedora change that will probably affect RHEL

On Tue, Jul 28, 2015 at 1:06 PM, Chris Adams <linux at cmadams.net> wrote: > Once upon a time, Warren Young <wyml at etr-usa.com> said: >> Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. > > Since most of that crap comes from

On Jul 25, 2015, at 6:22 PM, Bob Marcan wrote: > > 1FuckingPrettyRose > "Sorry, you must use no fewer than 20 total characters." > 1FuckingPrettyRoseShovedUpYourAssIfYouDon'tGiveMeAccessRightFuckingNow! > "Sorry, you cannot use punctuation." > 1FuckingPrettyRoseShovedUpYourAssIfYouDontGiveMeAccessRightFuckingNow > "Sorry, that password is

On 07/28/2015 02:06 PM, Chris Adams wrote: > Once upon a time, Warren Young <wyml at etr-usa.com> said: >> Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. > > Since most of that crap comes from Windows hosts, the security of Linux

On Jul 28, 2015, at 1:06 PM, Chris Adams <linux at cmadams.net> wrote: > > Once upon a time, Warren Young <wyml at etr-usa.com> said: >> Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. > > Since most of that crap comes

Once upon a time, Warren Young <wyml at etr-usa.com> said: > Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. Since most of that crap comes from Windows hosts, the security of Linux SSH passwords seems hardly relevant. > Your freedom to use

On Tue, Jul 28, 2015 at 11:27 AM, Warren Young <wyml at etr-usa.com> wrote: > Much of the evil on the Internet today ? DDoS armies, spam spewers, phishing botnets ? is done on pnwed hardware, much of which was compromised by previous botnets banging on weak SSH passwords. > > Your freedom to use any password you like stops at the point where exercising that freedom creates a risk

> On Jul 28, 2015, at 11:27, Warren Young <wyml at etr-usa.com> wrote: > > On Jul 25, 2015, at 6:22 PM, Bob Marcan wrote: >> >> 1FuckingPrettyRose >> "Sorry, you must use no fewer than 20 total characters." >> 1FuckingPrettyRoseShovedUpYourAssIfYouDon'tGiveMeAccessRightFuckingNow! >> "Sorry, you cannot use punctuation."

On Sat, 25 Jul 2015 11:16:18 -0600 Chris Murphy <lists at colorremedies.com> wrote: > On Sat, Jul 25, 2015 at 9:40 AM, Scott Robbins <scottro at nyc.rr.com> wrote: > > This might show up twice, I think I sent it from a bad address previously. > > If so, please accept my apologies. > > > > > > In Fedora 22, one developer (and only one) decided that if

On Thu, July 30, 2015 14:20, Warren Young wrote: > > Did you see my exchange with James Byrne? His bogus counter to my > claim that iPads can???t be turned into botnet conscripts was to point > (very indirectly) to a paper where some researchers found a way to > jump through a whole bunch of hoops to bypass all the security Apple > had placed in the path of app sideloading.

On 02/05/2015 10:34 AM, Always Learning wrote: > On Thu, 2015-02-05 at 09:51 -0500, Lamar Owen wrote: > >> Those crackers who build these botnets are the ones who rent out >> botnet time to people who just was to get the work done. There is a >> large market in botnet time. > Surely its time for the Feds to arrest and change them ? The Feds in which country? >

On Tue, July 28, 2015 19:46, Warren Young wrote: > > iPads can???t be coopted into a botnet. The rules for iPad passwords > must necessarily be different than for CentOS. > http://www.tomsguide.com/us/ios-botnet-hacking,news-19253.html -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail James B. Byrne

On Jul 28, 2015, at 4:37 PM, Nathan Duehr <denverpilot at me.com> wrote: > >> On Jul 28, 2015, at 11:27, Warren Young <wyml at etr-usa.com> wrote: >> >> So no, your local password quality policy is not purely your own concern. > > Other than DDoS which is a problem of engineering design of how the network operates (untrusted anything can talk to untrusted

On Tue, Jul 28, 2015 at 6:32 PM, Warren Young <wyml at etr-usa.com> wrote: > On Jul 28, 2015, at 4:37 PM, Nathan Duehr <denverpilot at me.com> wrote: >> Equating this to ?vaccination? is a huge stretch. > > Why? It's not just an imperfect analogy it really doesn't work on closer scrutiny. Malware itself is not a good analog to antigens. Vaccinations provide

On Jul 29, 2015, at 5:40 PM, Chris Murphy <lists at colorremedies.com> wrote: > > On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: > >> Security is *always* opposed to convenience. > > False. OS X by default runs only signed binaries, and if they come > from the App Store they run in a sandbox. User gains significant > security

> On Jul 28, 2015, at 6:32 PM, Warren Young <wyml at etr-usa.com> wrote: > > On Jul 28, 2015, at 4:37 PM, Nathan Duehr <denverpilot at me.com> wrote: >> >>> On Jul 28, 2015, at 11:27, Warren Young <wyml at etr-usa.com> wrote: >>> >>> So no, your local password quality policy is not purely your own concern. >> >> Other than

On Thu, Jul 30, 2015 at 12:20 PM, Warren Young <wyml at etr-usa.com> wrote: > On Jul 29, 2015, at 5:40 PM, Chris Murphy <lists at colorremedies.com> wrote: >> >> On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: >> >>> Security is *always* opposed to convenience. >> >> False. OS X by default runs only signed

On 07/30/2015 12:35 PM, Chris Murphy wrote: > No fail2ban, no firewall rules, sshd by default, challengeresponseauth > by default, ChallengeResponseAuth is not on by default, on Red Hat derived systems. I'm pretty sure that was already clarified, much earlier in this thread. > and a 9 character (even random) passphrase, and that shit > is going to get busted into. Against a

On Jul 28, 2015, at 2:27 PM, Chris Murphy <lists at colorremedies.com> wrote: > > On Tue, Jul 28, 2015 at 11:27 AM, Warren Young <wyml at etr-usa.com> wrote: > >> Your freedom to use any password you like stops at the point where exercising that freedom creates a risk to other people?s machines. > > Your freedom to have sshd enabled by default stops at the point

On Wed, Jul 29, 2015 at 4:37 PM, Warren Young <wyml at etr-usa.com> wrote: > Security is *always* opposed to convenience. False. OS X by default runs only signed binaries, and if they come from the App Store they run in a sandbox. User gains significant security with this, and are completely unaware of it. There is no inconvenience. What is the inconvenience of encrypting your device

On Tue, Jul 28, 2015 at 5:29 PM, Warren Young <wyml at etr-usa.com> wrote: > On Jul 28, 2015, at 2:27 PM, Chris Murphy <lists at colorremedies.com> wrote: >> >> On Tue, Jul 28, 2015 at 11:27 AM, Warren Young <wyml at etr-usa.com> wrote: >> >>> Your freedom to use any password you like stops at the point where exercising that freedom creates a risk to