William, Am going to install the modem-manger GUI. I need it for sending USSD codes(that's loading data and so forth) with using the buggy mobile partner software. Been looking for something like that.
On Tue, Aug 20, 2013 at 10:38 AM, Phillip Simbwa <[email protected]> wrote: > Hehehe... > > To start with, the dude (sorry, read as researcher) was having a crude > setup of the whole thing. The PoC will be out in 3 months. Let see what it > looks like. > > Meanwhile, the success of any such exploit will depend on the forethought > of the Linux user in question. > See, less security sensitive linux users believe a freshly installed linux > system is safe by default. They are right to some extent and as the attack > surface is quite narrow then. But if you want to do anything productive > with your cool distro, you end up widening the attack surface -- and that > is where the problem is. > Fore thought would help you stay safe and sane, for instance; > > 1. The choice of your linux/unix distro. A few examples here. > If am running openSuSE, Yast comes with a simple interface to hardening my > security (I don't have to be a security geek). And there is a basic > interface to App-armour as well, let alone good security documentation. > See, even for a linux newbie, I get to survive afew attacks!! > > Anyone on this list using Qubes linux?* http://qube*s-os.org/ > Everything is a VM. And such an exploit will be sandboxed away on my > behalf without me jumping through hoops!! My attacker will have to work > harder to get me and my data. > But on the flipside, this is relatively a new distro and security updates > may not be high on their priority list as of now... > > And some distros ship with Selinux preconfigured... Hehe > > 2. Your cushions to shock. > Ok, I use my modem in a VM running squid. This primarily serves to > conserve to some extent, my data bundle and keep track of my usage. > But, basically, any external attack surface is narrowed to my VM which has > a clean snapshot (i.e I can rollback things... hehe). > And SSH is one way (from host to VM and not the other way round) > > > Lets end there for now.. > > -- > - Phillip. > > “Aoccdrnig to rscheearch at an Elingsh uinervtisy, it deosn't mttaer in > waht > oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist > and lsat ltteer are in the rghit pclae. > The rset can be a toatl mses and > you can sitll raed it wouthit a porbelm. Tihs is bcuseae we do not raed > ervey lteter by it slef but the wrod as a wlohe and the biran fguiers it > out aynawy." > > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: > [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. > -- David Okwii, Technology innovator/catalyst, analyst and blogger, Editor in Chief for the TechPost <http://www.techpost.ug>, Blogger/reporter for Mozilla Uganda <http://www.mozilla-uganda.org>, Systems & Solutions Administrator for Cured Ltd, Mobile(default): +256-791-040-262, Mobile(other): +256-778-706-301, Website: w <http://oquidave.blogspot.com>ww.techpost.ug LinkedIn:http://www.linkedin.com/in/oquidave Twitter: http://twitter.com/oquidave Christ in me the Hope of Glory(Col.1:27)
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
