Date: Sun, 30 Dec 2001 09:08:34 +0800 From: Raymond <[EMAIL PROTECTED]> Subject: RE: [LIB] Re: Windows XP again
At 04:02 PM 29/12/2001 -0800, you wrote: >Date: Sat, 29 Dec 2001 18:02:05 -0600 >From: "phillip ramirez" <[EMAIL PROTECTED]> >Subject: RE: [LIB] Re: Windows XP again > >Well that’s one reason I have a hardware and software firewall as well >as a router.. They ain't going to do you no good if you run an infected program that compromises a trusted application and does its dirty work through port 80 (and there are a number of viruses and trojans that do exactly that, some of them actually infect system DLLs and block access to antivirus vendors' sites!). Its even less use if a 'legitimate' program has a backdoor that does the same (and given the number of M$ apps that access the internet such as WiMP, OE, IE and now XP with its activation stuff there's so much traffic that it'd be easy for a backdoor facility to get its data across and get replies without being noticed). A hardware firewall is only as secure as its configuration and patch level, just the same as any security measure. > And no they cant break into almost all systems.. You wanna make a bet? (besides which note the 'almost' qualifier anyway ;-) About the only system they can't break into is one thats never connected to the internet (but even for that look below). Never heard of HP JetDirect printer cards getting broken into? Besides which even if your computer ISN'T connected to the Internet, if a major corporation or government wanted your data there's always a TEMPEST attack (although I don't think it works on laptops no doubt they have SOMETHING). And if they have physical access to your computer then its gameover ... physical keyloggers can be secreted into keyboards or keyboard dongles and need dumping only every few months or so. Alternatively, no doubt the NSA already have transmitting versions of them available. In a corporate environment it'd be a piece of cake for an agent disguised as a cleaner to switch a keyboard or a keyboard dongle every few months. >They have >to infect the computer and it’s a keylogger is it out there?? You can gain a lot of information even without a keylogger. In fact, you can gain more useful info with other methods such as memory monitoring and so on because you have a context - with a keylogger you got no idea (especially if you log someone playing a game or something ;-) >Not at the >moment so they say.. I think they call it green lantern or something >like that.. And its part os the fbi deal.. The system you are talking >about listens to phone comunications and there are 3 of the super >computers one in canada one in the us and one in GB.. And no they cant >hack your computer.. Id like to see how this stuff will hold up in the >us courts Or rather the official or public reports of the system claim it only does that? IIRC Eschelon is the whole electronic monitoring bit (not that its anything new ... the NSA has been rumoured to be doing this sorta stuff for ages). Dunno how accurate it is now but its said that the US Government is the biggest buyer of computer hardware in the world and the NSA is the biggest government buyer of computing hardware ... they gotta do SOMETHING with it and I don't think they use them as heaters ... - Raymond --- /~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\ | | "Does fuzzy logic tickle?" | | ___ | "My HDD has no reverse. How do I backup?" | | /__/ +-------------------------------------------| | / \ a y b o t | [EMAIL PROTECTED] | | | HTTP://www.raybot.net | | ICQ: 31756092 | Need help? Visit #Windows98 on DALNet! | \~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/ ************************************************************** http://libretto.basiclink.com - Libretto mailing list http://libretto.basiclink.com/archive - Archives http://www.picante.com/~gtaylor/portable/faq.html - FAQ -------TO UNSUBSCRIBE------- Reply to any of the list messages. The reply mail should be addressed to: [EMAIL PROTECTED] - Then replace any text on the message's subject line: cmd:unsubscribe --------TO UNSUBSCRIBE DIGEST------ Do above but with this on subject line: cmd:unsubscribe digest **************************************************************
