-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So, all that the scriptkiddies out there need to do to evade the all mighty Gemini CDS malicious client user detection system is to not have Quicktime installed? And LL is letting all their users run around with their machines open to attack by anyone? That doesn't sound plausible at all...
On 1/3/2010 00:58, Maggie Leber (sl: Maggie Darwin) wrote: > On Sun, Feb 28, 2010 at 10:49 PM, Tigro Spottystripes > <tigrospottystri...@gmail.com> wrote: >> hm, i didn't thought he did collect IP addresses, but even if the system >> does catch IP addresses (which isn't such a big deal if you keep your >> machine safe) an IP address wouldn't be of any help identifying >> malicious clients, unless the malicious clients in question routed stuff >> thru a known proxy. > > Sounds to me like we're talking about a lot more than IP address. > There have been both remote file system reading and arbitrary code > execution vulnerabilities in Quicktime in the past. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkuLPFsACgkQ8ZFfSrFHsmUq9wCePU6qZ/B/9jnj2LiKp6eFu4/U fOEAnjyVKfKPB0S0BoJWo6t/pLCEGCnw =v4/s -----END PGP SIGNATURE----- _______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/OpenSource-Dev Please read the policies before posting to keep unmoderated posting privileges
