Re: [Wikimedia-l] Anti-viruses [was Re: Information on "Multiple failed attempts to log in" emails]

2018-05-07 Thread Gabriel Thullen
The main reason we have virus outbreaks is the way a lot of users click on
email attachments and on programs they have just downloaded from the net.
Users are warned time and time again, but they do it anyway. Once we get a
large enough base of desktop linux users, we will have the same problems.

We are safe for now...

On Mon, May 7, 2018 at 5:53 PM, Thyge  wrote:

> "Imagine a world, where all windows installations have turned off their
> antivirus protection"!
>
> Regards,
> Thyge
>
> Den man. 7. maj 2018 kl. 17.09 skrev Shlomi Fish :
>
> > Hi Gabriel,
> >
> > On Mon, 7 May 2018 14:02:44 +0100
> > Gabriel Thullen  wrote:
> >
> > > I am also a Linux advocate, and have been so for years (decades?). That
> > > been said, I imagine that there are still more people using Windows XP
> > than
> > > there are people using Linux. Last time I checked (october 2017) it was
> > > something like 5% using XP and less than 1% using linux, all distros
> > > included. We can safely predict that virus outvreaks will be a problem
> > for
> > > linux once it reaches 5% or 10% market share...
> > >
> >
> > Most linux viruses have never outbroke and never caused much harm. Linux
> > can be
> > susceptible to other forms of malware such as worms or rootkits, but it
> > hasyet
> > to exhibit a large scale virus epidemic and it isnt because it wasn't
> > tried.
> > Linux is an attractive target because many servers run on it. See also
> > https://duckduckgo.com/?q=linux+viruses=web
> >
> > Regards,
> >
> > Shlomi
> >
> > > Gabe
> > >
> > > On Mon, May 7, 2018 at 1:51 PM, Shabab Mustafa <
> shabab.must...@gmail.com
> > >
> > > wrote:
> > >
> > > > I have been a Linux advocate for almost a decade now and from 'my
> past
> > > > experience', I can tell you have opened a topic of a huge discussion
> > about
> > > > people should switch to Linux Desktops (which is off-topic here).
> But I
> > > > respectfully disagree with your statement, "anti-virus programs
> > usually do
> > > > more harm than good".
> > > >
> > > > From a conservative viewpoint, some protection is still better to
> have
> > than
> > > > no protection at all. And the example you gave here, an anti-virus
> > > > mistakenly classified your domain as a potential threat, makes a
> weaker
> > > > point. By a few mistakes, we cannot cancel out a million of other
> > > > successes. A false alarm is yet favourable than no alarm at all.
> > > >
> > > > ---
> > > > Shabab Mustafa
> > > > President
> > > > Wikimedia Bangladesh
> > > >
> > > > ​
> > > >
> > > > On Mon, May 7, 2018 at 5:56 PM Shlomi Fish 
> > wrote:
> > > >
> > > > > On Thu, 3 May 2018 19:27:16 -0500
> > > > > John Bennett  wrote:
> > > > >
> > > > > > Hello,
> > > > > >
> > > > > > Many of you may have been receiving emails in the last 24 hours
> > > > > > warning
> > > > > you
> > > > > > of "Multiple failed attempts to log in" with your account. I
> > wanted to
> > > > > let
> > > > > > you know that the Wikimedia Foundation's Security team is aware
> of
> > the
> > > > > > situation, and working with others in the organization on steps
> > to
> > > > > decrease
> > > > > > the success of attacks like these.
> > > > > >
> > > > > > The exact source is not yet known, but it is not originating from
> > our
> > > > > > systems. That means it is an external effort to gain unauthorized
> > > > access
> > > > > to
> > > > > > random accounts. These types of efforts are increasingly common
> for
> > > > > > websites of our reach. A vast majority of these attempts have
> been
> > > > > > unsuccessful, and we are reaching out personally to the small
> > number of
> > > > > > accounts which we believe have been compromised.
> > > > > >
> > > > > > While we are constantly looking at improvements to our security
> > > > > > systems
> > > > > and
> > > > > > processes to offset the impact of malicious efforts such as
> these,
> > the
> > > > > best
> > > > > > method of prevention continues to be the steps each of you take
> to
> > > > > > safeguard your accounts. Because of this, we have taken steps in
> > the
> > > > past
> > > > > > to support things like stronger password requirements,[1] and we
> > > > continue
> > > > > > to encourage everyone to take some routine steps to maintain a
> > secure
> > > > > > computer and account. That includes regularly changing your
> > > > passwords,[2]
> > > > > > actively running antivirus software on your systems, and keeping
> > your
> > > > > > system software up to date.
> > > > > >
> > > > >
> > > > > From my experience, anti-virus programs usually do more harm than
> > good.
> > > > For
> > > > > example, https://en.wikipedia.org/wiki/Norton_AntiVirus recently
> > blocked
> > > > > my
> > > > > entire shlomifish.org domain because it apparently misclassified
> an
> > > > > executable
> > > > > download as problematic (and it was built from source using
> > 

Re: [Wikimedia-l] Anti-viruses [was Re: Information on "Multiple failed attempts to log in" emails]

2018-05-07 Thread Thyge
"Imagine a world, where all windows installations have turned off their
antivirus protection"!

Regards,
Thyge

Den man. 7. maj 2018 kl. 17.09 skrev Shlomi Fish :

> Hi Gabriel,
>
> On Mon, 7 May 2018 14:02:44 +0100
> Gabriel Thullen  wrote:
>
> > I am also a Linux advocate, and have been so for years (decades?). That
> > been said, I imagine that there are still more people using Windows XP
> than
> > there are people using Linux. Last time I checked (october 2017) it was
> > something like 5% using XP and less than 1% using linux, all distros
> > included. We can safely predict that virus outvreaks will be a problem
> for
> > linux once it reaches 5% or 10% market share...
> >
>
> Most linux viruses have never outbroke and never caused much harm. Linux
> can be
> susceptible to other forms of malware such as worms or rootkits, but it
> hasyet
> to exhibit a large scale virus epidemic and it isnt because it wasn't
> tried.
> Linux is an attractive target because many servers run on it. See also
> https://duckduckgo.com/?q=linux+viruses=web
>
> Regards,
>
> Shlomi
>
> > Gabe
> >
> > On Mon, May 7, 2018 at 1:51 PM, Shabab Mustafa  >
> > wrote:
> >
> > > I have been a Linux advocate for almost a decade now and from 'my past
> > > experience', I can tell you have opened a topic of a huge discussion
> about
> > > people should switch to Linux Desktops (which is off-topic here). But I
> > > respectfully disagree with your statement, "anti-virus programs
> usually do
> > > more harm than good".
> > >
> > > From a conservative viewpoint, some protection is still better to have
> than
> > > no protection at all. And the example you gave here, an anti-virus
> > > mistakenly classified your domain as a potential threat, makes a weaker
> > > point. By a few mistakes, we cannot cancel out a million of other
> > > successes. A false alarm is yet favourable than no alarm at all.
> > >
> > > ---
> > > Shabab Mustafa
> > > President
> > > Wikimedia Bangladesh
> > >
> > > ​
> > >
> > > On Mon, May 7, 2018 at 5:56 PM Shlomi Fish 
> wrote:
> > >
> > > > On Thu, 3 May 2018 19:27:16 -0500
> > > > John Bennett  wrote:
> > > >
> > > > > Hello,
> > > > >
> > > > > Many of you may have been receiving emails in the last 24 hours
> > > > > warning
> > > > you
> > > > > of "Multiple failed attempts to log in" with your account. I
> wanted to
> > > > let
> > > > > you know that the Wikimedia Foundation's Security team is aware of
> the
> > > > > situation, and working with others in the organization on steps
> to
> > > > decrease
> > > > > the success of attacks like these.
> > > > >
> > > > > The exact source is not yet known, but it is not originating from
> our
> > > > > systems. That means it is an external effort to gain unauthorized
> > > access
> > > > to
> > > > > random accounts. These types of efforts are increasingly common for
> > > > > websites of our reach. A vast majority of these attempts have been
> > > > > unsuccessful, and we are reaching out personally to the small
> number of
> > > > > accounts which we believe have been compromised.
> > > > >
> > > > > While we are constantly looking at improvements to our security
> > > > > systems
> > > > and
> > > > > processes to offset the impact of malicious efforts such as these,
> the
> > > > best
> > > > > method of prevention continues to be the steps each of you take to
> > > > > safeguard your accounts. Because of this, we have taken steps in
> the
> > > past
> > > > > to support things like stronger password requirements,[1] and we
> > > continue
> > > > > to encourage everyone to take some routine steps to maintain a
> secure
> > > > > computer and account. That includes regularly changing your
> > > passwords,[2]
> > > > > actively running antivirus software on your systems, and keeping
> your
> > > > > system software up to date.
> > > > >
> > > >
> > > > From my experience, anti-virus programs usually do more harm than
> good.
> > > For
> > > > example, https://en.wikipedia.org/wiki/Norton_AntiVirus recently
> blocked
> > > > my
> > > > entire shlomifish.org domain because it apparently misclassified an
> > > > executable
> > > > download as problematic (and it was built from source using
> > > > https://en.wikipedia.org/wiki/CMake and
> > > > https://en.wikipedia.org/wiki/AppVeyor
> > > > so it is unlikely that that is the case.). MS Windows' poor
> resistance to
> > > > malware and the fact that Windows Update is so dysfunctional (see
> > > > http://www.shlomifish.org/humour/bits/facts/Windows-Update/ ) are
> the
> > > > reasons
> > > > why I cannot recommend running it as a desktop, and instead one
> should
> > > use
> > > > https://en.wikipedia.org/wiki/Linux#Desktop - desktop linux or
> similar.
> > > >
> > > > A little off topic perhaps, but needs to be said.
> > > >
> > > > > My team will continue to investigate this incident, and report

Re: [Wikimedia-l] Anti-viruses [was Re: Information on "Multiple failed attempts to log in" emails]

2018-05-07 Thread Shlomi Fish
Hi Gabriel,

On Mon, 7 May 2018 14:02:44 +0100
Gabriel Thullen  wrote:

> I am also a Linux advocate, and have been so for years (decades?). That
> been said, I imagine that there are still more people using Windows XP than
> there are people using Linux. Last time I checked (october 2017) it was
> something like 5% using XP and less than 1% using linux, all distros
> included. We can safely predict that virus outvreaks will be a problem for
> linux once it reaches 5% or 10% market share...
> 

Most linux viruses have never outbroke and never caused much harm. Linux can be
susceptible to other forms of malware such as worms or rootkits, but it hasyet
to exhibit a large scale virus epidemic and it isnt because it wasn't tried.
Linux is an attractive target because many servers run on it. See also
https://duckduckgo.com/?q=linux+viruses=web

Regards,

Shlomi

> Gabe
> 
> On Mon, May 7, 2018 at 1:51 PM, Shabab Mustafa 
> wrote:
> 
> > I have been a Linux advocate for almost a decade now and from 'my past
> > experience', I can tell you have opened a topic of a huge discussion about
> > people should switch to Linux Desktops (which is off-topic here). But I
> > respectfully disagree with your statement, "anti-virus programs usually do
> > more harm than good".
> >
> > From a conservative viewpoint, some protection is still better to have than
> > no protection at all. And the example you gave here, an anti-virus
> > mistakenly classified your domain as a potential threat, makes a weaker
> > point. By a few mistakes, we cannot cancel out a million of other
> > successes. A false alarm is yet favourable than no alarm at all.
> >
> > ---
> > Shabab Mustafa
> > President
> > Wikimedia Bangladesh
> >
> > ​
> >
> > On Mon, May 7, 2018 at 5:56 PM Shlomi Fish  wrote:
> >  
> > > On Thu, 3 May 2018 19:27:16 -0500
> > > John Bennett  wrote:
> > >  
> > > > Hello,
> > > >
> > > > Many of you may have been receiving emails in the last 24 hours
> > > > warning  
> > > you  
> > > > of "Multiple failed attempts to log in" with your account. I wanted to  
> > > let  
> > > > you know that the Wikimedia Foundation's Security team is aware of the
> > > > situation, and working with others in the organization on steps to  
> > > decrease  
> > > > the success of attacks like these.
> > > >
> > > > The exact source is not yet known, but it is not originating from our
> > > > systems. That means it is an external effort to gain unauthorized  
> > access  
> > > to  
> > > > random accounts. These types of efforts are increasingly common for
> > > > websites of our reach. A vast majority of these attempts have been
> > > > unsuccessful, and we are reaching out personally to the small number of
> > > > accounts which we believe have been compromised.
> > > >
> > > > While we are constantly looking at improvements to our security
> > > > systems  
> > > and  
> > > > processes to offset the impact of malicious efforts such as these, the  
> > > best  
> > > > method of prevention continues to be the steps each of you take to
> > > > safeguard your accounts. Because of this, we have taken steps in the  
> > past  
> > > > to support things like stronger password requirements,[1] and we  
> > continue  
> > > > to encourage everyone to take some routine steps to maintain a secure
> > > > computer and account. That includes regularly changing your  
> > passwords,[2]  
> > > > actively running antivirus software on your systems, and keeping your
> > > > system software up to date.
> > > >  
> > >
> > > From my experience, anti-virus programs usually do more harm than good.  
> > For  
> > > example, https://en.wikipedia.org/wiki/Norton_AntiVirus recently blocked
> > > my
> > > entire shlomifish.org domain because it apparently misclassified an
> > > executable
> > > download as problematic (and it was built from source using
> > > https://en.wikipedia.org/wiki/CMake and
> > > https://en.wikipedia.org/wiki/AppVeyor
> > > so it is unlikely that that is the case.). MS Windows' poor resistance to
> > > malware and the fact that Windows Update is so dysfunctional (see
> > > http://www.shlomifish.org/humour/bits/facts/Windows-Update/ ) are the
> > > reasons
> > > why I cannot recommend running it as a desktop, and instead one should  
> > use  
> > > https://en.wikipedia.org/wiki/Linux#Desktop - desktop linux or similar.
> > >
> > > A little off topic perhaps, but needs to be said.
> > >  
> > > > My team will continue to investigate this incident, and report back if  
> > we  
> > > > notice any concerning changes. If you have any questions, please  
> > contact  
> > > > the Support and Safety team (susa{{@}}wikimedia.org).
> > > >
> > > > John Bennett
> > > > Director of Security, Wikimedia Foundation
> > > >
> > > > [1] https://meta.wikimedia.org/wiki/Password_strength_requirements
> > > > [2] 

Re: [Wikimedia-l] Anti-viruses [was Re: Information on "Multiple failed attempts to log in" emails]

2018-05-07 Thread Shlomi Fish
Hi,

On Mon, 07 May 2018 13:20:22 +
Eduardo Testart  wrote:

> Shlomi,
> 
> I believe that the problem is with your particular brand of antivirus,
> eventhough they all block a bit more or less to prevent certain risks.
> 
> Nevertheless, making an extrapolation to every antivirus from the
> experience with only one brand, and concluding "they do more harm than
> good" based on that, seems a bit off.
> 

this was just one example. I have heard of many similar problems with others.
Just try subscribing to gimp-user ( https://www.gimp.org/mail_lists.html ) or
chatting on freenode for a while and you will see.


> 
> Cheers!
> 
> El lun., may. 7, 2018 10:02, Gabriel Thullen  escribió:
> 
> > I am also a Linux advocate, and have been so for years (decades?). That
> > been said, I imagine that there are still more people using Windows XP than
> > there are people using Linux. Last time I checked (october 2017) it was
> > something like 5% using XP and less than 1% using linux, all distros
> > included. We can safely predict that virus outvreaks will be a problem for
> > linux once it reaches 5% or 10% market share...
> >
> > Gabe
> >
> > On Mon, May 7, 2018 at 1:51 PM, Shabab Mustafa 
> > wrote:
> >  
> > > I have been a Linux advocate for almost a decade now and from 'my past
> > > experience', I can tell you have opened a topic of a huge discussion  
> > about  
> > > people should switch to Linux Desktops (which is off-topic here). But I
> > > respectfully disagree with your statement, "anti-virus programs usually  
> > do  
> > > more harm than good".
> > >
> > > From a conservative viewpoint, some protection is still better to have  
> > than  
> > > no protection at all. And the example you gave here, an anti-virus
> > > mistakenly classified your domain as a potential threat, makes a weaker
> > > point. By a few mistakes, we cannot cancel out a million of other
> > > successes. A false alarm is yet favourable than no alarm at all.
> > >
> > > ---
> > > Shabab Mustafa
> > > President
> > > Wikimedia Bangladesh
> > >
> > > ​
> > >
> > > On Mon, May 7, 2018 at 5:56 PM Shlomi Fish   
> > wrote:  
> > >  
> > > > On Thu, 3 May 2018 19:27:16 -0500
> > > > John Bennett  wrote:
> > > >  
> > > > > Hello,
> > > > >
> > > > > Many of you may have been receiving emails in the last 24 hours  
> > warning  
> > > > you  
> > > > > of "Multiple failed attempts to log in" with your account. I wanted  
> > to  
> > > > let  
> > > > > you know that the Wikimedia Foundation's Security team is aware of  
> > the  
> > > > > situation, and working with others in the organization on steps to  
> > > > decrease  
> > > > > the success of attacks like these.
> > > > >
> > > > > The exact source is not yet known, but it is not originating from our
> > > > > systems. That means it is an external effort to gain unauthorized  
> > > access  
> > > > to  
> > > > > random accounts. These types of efforts are increasingly common for
> > > > > websites of our reach. A vast majority of these attempts have been
> > > > > unsuccessful, and we are reaching out personally to the small number  
> > of  
> > > > > accounts which we believe have been compromised.
> > > > >
> > > > > While we are constantly looking at improvements to our security  
> > systems  
> > > > and  
> > > > > processes to offset the impact of malicious efforts such as these,  
> > the  
> > > > best  
> > > > > method of prevention continues to be the steps each of you take to
> > > > > safeguard your accounts. Because of this, we have taken steps in the  
> > > past  
> > > > > to support things like stronger password requirements,[1] and we  
> > > continue  
> > > > > to encourage everyone to take some routine steps to maintain a secure
> > > > > computer and account. That includes regularly changing your  
> > > passwords,[2]  
> > > > > actively running antivirus software on your systems, and keeping your
> > > > > system software up to date.
> > > > >  
> > > >
> > > > From my experience, anti-virus programs usually do more harm than
> > > > good.  
> > > For  
> > > > example, https://en.wikipedia.org/wiki/Norton_AntiVirus recently  
> > blocked  
> > > > my
> > > > entire shlomifish.org domain because it apparently misclassified an
> > > > executable
> > > > download as problematic (and it was built from source using
> > > > https://en.wikipedia.org/wiki/CMake and
> > > > https://en.wikipedia.org/wiki/AppVeyor
> > > > so it is unlikely that that is the case.). MS Windows' poor resistance  
> > to  
> > > > malware and the fact that Windows Update is so dysfunctional (see
> > > > http://www.shlomifish.org/humour/bits/facts/Windows-Update/ ) are the
> > > > reasons
> > > > why I cannot recommend running it as a desktop, and instead one should  
> > > use  
> > > > https://en.wikipedia.org/wiki/Linux#Desktop - desktop linux or  
> > similar.  

Re: [Wikimedia-l] Anti-viruses [was Re: Information on "Multiple failed attempts to log in" emails]

2018-05-07 Thread Eduardo Testart
Shlomi,

I believe that the problem is with your particular brand of antivirus,
eventhough they all block a bit more or less to prevent certain risks.

Nevertheless, making an extrapolation to every antivirus from the
experience with only one brand, and concluding "they do more harm than
good" based on that, seems a bit off.


Cheers!

El lun., may. 7, 2018 10:02, Gabriel Thullen  escribió:

> I am also a Linux advocate, and have been so for years (decades?). That
> been said, I imagine that there are still more people using Windows XP than
> there are people using Linux. Last time I checked (october 2017) it was
> something like 5% using XP and less than 1% using linux, all distros
> included. We can safely predict that virus outvreaks will be a problem for
> linux once it reaches 5% or 10% market share...
>
> Gabe
>
> On Mon, May 7, 2018 at 1:51 PM, Shabab Mustafa 
> wrote:
>
> > I have been a Linux advocate for almost a decade now and from 'my past
> > experience', I can tell you have opened a topic of a huge discussion
> about
> > people should switch to Linux Desktops (which is off-topic here). But I
> > respectfully disagree with your statement, "anti-virus programs usually
> do
> > more harm than good".
> >
> > From a conservative viewpoint, some protection is still better to have
> than
> > no protection at all. And the example you gave here, an anti-virus
> > mistakenly classified your domain as a potential threat, makes a weaker
> > point. By a few mistakes, we cannot cancel out a million of other
> > successes. A false alarm is yet favourable than no alarm at all.
> >
> > ---
> > Shabab Mustafa
> > President
> > Wikimedia Bangladesh
> >
> > ​
> >
> > On Mon, May 7, 2018 at 5:56 PM Shlomi Fish 
> wrote:
> >
> > > On Thu, 3 May 2018 19:27:16 -0500
> > > John Bennett  wrote:
> > >
> > > > Hello,
> > > >
> > > > Many of you may have been receiving emails in the last 24 hours
> warning
> > > you
> > > > of "Multiple failed attempts to log in" with your account. I wanted
> to
> > > let
> > > > you know that the Wikimedia Foundation's Security team is aware of
> the
> > > > situation, and working with others in the organization on steps to
> > > decrease
> > > > the success of attacks like these.
> > > >
> > > > The exact source is not yet known, but it is not originating from our
> > > > systems. That means it is an external effort to gain unauthorized
> > access
> > > to
> > > > random accounts. These types of efforts are increasingly common for
> > > > websites of our reach. A vast majority of these attempts have been
> > > > unsuccessful, and we are reaching out personally to the small number
> of
> > > > accounts which we believe have been compromised.
> > > >
> > > > While we are constantly looking at improvements to our security
> systems
> > > and
> > > > processes to offset the impact of malicious efforts such as these,
> the
> > > best
> > > > method of prevention continues to be the steps each of you take to
> > > > safeguard your accounts. Because of this, we have taken steps in the
> > past
> > > > to support things like stronger password requirements,[1] and we
> > continue
> > > > to encourage everyone to take some routine steps to maintain a secure
> > > > computer and account. That includes regularly changing your
> > passwords,[2]
> > > > actively running antivirus software on your systems, and keeping your
> > > > system software up to date.
> > > >
> > >
> > > From my experience, anti-virus programs usually do more harm than good.
> > For
> > > example, https://en.wikipedia.org/wiki/Norton_AntiVirus recently
> blocked
> > > my
> > > entire shlomifish.org domain because it apparently misclassified an
> > > executable
> > > download as problematic (and it was built from source using
> > > https://en.wikipedia.org/wiki/CMake and
> > > https://en.wikipedia.org/wiki/AppVeyor
> > > so it is unlikely that that is the case.). MS Windows' poor resistance
> to
> > > malware and the fact that Windows Update is so dysfunctional (see
> > > http://www.shlomifish.org/humour/bits/facts/Windows-Update/ ) are the
> > > reasons
> > > why I cannot recommend running it as a desktop, and instead one should
> > use
> > > https://en.wikipedia.org/wiki/Linux#Desktop - desktop linux or
> similar.
> > >
> > > A little off topic perhaps, but needs to be said.
> > >
> > > > My team will continue to investigate this incident, and report back
> if
> > we
> > > > notice any concerning changes. If you have any questions, please
> > contact
> > > > the Support and Safety team (susa{{@}}wikimedia.org).
> > > >
> > > > John Bennett
> > > > Director of Security, Wikimedia Foundation
> > > >
> > > > [1] https://meta.wikimedia.org/wiki/Password_strength_requirements
> > > > [2] https://meta.wikimedia.org/wiki/Special:ChangePassword
> > > > ___
> > > > Wikimedia-l mailing list, 

Re: [Wikimedia-l] Anti-viruses [was Re: Information on "Multiple failed attempts to log in" emails]

2018-05-07 Thread Gabriel Thullen
I am also a Linux advocate, and have been so for years (decades?). That
been said, I imagine that there are still more people using Windows XP than
there are people using Linux. Last time I checked (october 2017) it was
something like 5% using XP and less than 1% using linux, all distros
included. We can safely predict that virus outvreaks will be a problem for
linux once it reaches 5% or 10% market share...

Gabe

On Mon, May 7, 2018 at 1:51 PM, Shabab Mustafa 
wrote:

> I have been a Linux advocate for almost a decade now and from 'my past
> experience', I can tell you have opened a topic of a huge discussion about
> people should switch to Linux Desktops (which is off-topic here). But I
> respectfully disagree with your statement, "anti-virus programs usually do
> more harm than good".
>
> From a conservative viewpoint, some protection is still better to have than
> no protection at all. And the example you gave here, an anti-virus
> mistakenly classified your domain as a potential threat, makes a weaker
> point. By a few mistakes, we cannot cancel out a million of other
> successes. A false alarm is yet favourable than no alarm at all.
>
> ---
> Shabab Mustafa
> President
> Wikimedia Bangladesh
>
> ​
>
> On Mon, May 7, 2018 at 5:56 PM Shlomi Fish  wrote:
>
> > On Thu, 3 May 2018 19:27:16 -0500
> > John Bennett  wrote:
> >
> > > Hello,
> > >
> > > Many of you may have been receiving emails in the last 24 hours warning
> > you
> > > of "Multiple failed attempts to log in" with your account. I wanted to
> > let
> > > you know that the Wikimedia Foundation's Security team is aware of the
> > > situation, and working with others in the organization on steps to
> > decrease
> > > the success of attacks like these.
> > >
> > > The exact source is not yet known, but it is not originating from our
> > > systems. That means it is an external effort to gain unauthorized
> access
> > to
> > > random accounts. These types of efforts are increasingly common for
> > > websites of our reach. A vast majority of these attempts have been
> > > unsuccessful, and we are reaching out personally to the small number of
> > > accounts which we believe have been compromised.
> > >
> > > While we are constantly looking at improvements to our security systems
> > and
> > > processes to offset the impact of malicious efforts such as these, the
> > best
> > > method of prevention continues to be the steps each of you take to
> > > safeguard your accounts. Because of this, we have taken steps in the
> past
> > > to support things like stronger password requirements,[1] and we
> continue
> > > to encourage everyone to take some routine steps to maintain a secure
> > > computer and account. That includes regularly changing your
> passwords,[2]
> > > actively running antivirus software on your systems, and keeping your
> > > system software up to date.
> > >
> >
> > From my experience, anti-virus programs usually do more harm than good.
> For
> > example, https://en.wikipedia.org/wiki/Norton_AntiVirus recently blocked
> > my
> > entire shlomifish.org domain because it apparently misclassified an
> > executable
> > download as problematic (and it was built from source using
> > https://en.wikipedia.org/wiki/CMake and
> > https://en.wikipedia.org/wiki/AppVeyor
> > so it is unlikely that that is the case.). MS Windows' poor resistance to
> > malware and the fact that Windows Update is so dysfunctional (see
> > http://www.shlomifish.org/humour/bits/facts/Windows-Update/ ) are the
> > reasons
> > why I cannot recommend running it as a desktop, and instead one should
> use
> > https://en.wikipedia.org/wiki/Linux#Desktop - desktop linux or similar.
> >
> > A little off topic perhaps, but needs to be said.
> >
> > > My team will continue to investigate this incident, and report back if
> we
> > > notice any concerning changes. If you have any questions, please
> contact
> > > the Support and Safety team (susa{{@}}wikimedia.org).
> > >
> > > John Bennett
> > > Director of Security, Wikimedia Foundation
> > >
> > > [1] https://meta.wikimedia.org/wiki/Password_strength_requirements
> > > [2] https://meta.wikimedia.org/wiki/Special:ChangePassword
> > > ___
> > > Wikimedia-l mailing list, guidelines at:
> > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
> > > https://meta.wikimedia.org/wiki/Wikimedia-l New messages to:
> > > Wikimedia-l@lists.wikimedia.org Unsubscribe:
> > > https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> > > 
> >
> >
> > --
> > -
> > Shlomi Fish   http://www.shlomifish.org/
> > http://www.shlomifish.org/open-source/projects/fortune-mod/
> >
> > If a tree falls down in the middle of the forest, and there’s no one
> there
> > to
> > hear it… what colour 

Re: [Wikimedia-l] Anti-viruses [was Re: Information on "Multiple failed attempts to log in" emails]

2018-05-07 Thread Shabab Mustafa
I have been a Linux advocate for almost a decade now and from 'my past
experience', I can tell you have opened a topic of a huge discussion about
people should switch to Linux Desktops (which is off-topic here). But I
respectfully disagree with your statement, "anti-virus programs usually do
more harm than good".

From a conservative viewpoint, some protection is still better to have than
no protection at all. And the example you gave here, an anti-virus
mistakenly classified your domain as a potential threat, makes a weaker
point. By a few mistakes, we cannot cancel out a million of other
successes. A false alarm is yet favourable than no alarm at all.

---
Shabab Mustafa
President
Wikimedia Bangladesh

​

On Mon, May 7, 2018 at 5:56 PM Shlomi Fish  wrote:

> On Thu, 3 May 2018 19:27:16 -0500
> John Bennett  wrote:
>
> > Hello,
> >
> > Many of you may have been receiving emails in the last 24 hours warning
> you
> > of "Multiple failed attempts to log in" with your account. I wanted to
> let
> > you know that the Wikimedia Foundation's Security team is aware of the
> > situation, and working with others in the organization on steps to
> decrease
> > the success of attacks like these.
> >
> > The exact source is not yet known, but it is not originating from our
> > systems. That means it is an external effort to gain unauthorized access
> to
> > random accounts. These types of efforts are increasingly common for
> > websites of our reach. A vast majority of these attempts have been
> > unsuccessful, and we are reaching out personally to the small number of
> > accounts which we believe have been compromised.
> >
> > While we are constantly looking at improvements to our security systems
> and
> > processes to offset the impact of malicious efforts such as these, the
> best
> > method of prevention continues to be the steps each of you take to
> > safeguard your accounts. Because of this, we have taken steps in the past
> > to support things like stronger password requirements,[1] and we continue
> > to encourage everyone to take some routine steps to maintain a secure
> > computer and account. That includes regularly changing your passwords,[2]
> > actively running antivirus software on your systems, and keeping your
> > system software up to date.
> >
>
> From my experience, anti-virus programs usually do more harm than good. For
> example, https://en.wikipedia.org/wiki/Norton_AntiVirus recently blocked
> my
> entire shlomifish.org domain because it apparently misclassified an
> executable
> download as problematic (and it was built from source using
> https://en.wikipedia.org/wiki/CMake and
> https://en.wikipedia.org/wiki/AppVeyor
> so it is unlikely that that is the case.). MS Windows' poor resistance to
> malware and the fact that Windows Update is so dysfunctional (see
> http://www.shlomifish.org/humour/bits/facts/Windows-Update/ ) are the
> reasons
> why I cannot recommend running it as a desktop, and instead one should use
> https://en.wikipedia.org/wiki/Linux#Desktop - desktop linux or similar.
>
> A little off topic perhaps, but needs to be said.
>
> > My team will continue to investigate this incident, and report back if we
> > notice any concerning changes. If you have any questions, please contact
> > the Support and Safety team (susa{{@}}wikimedia.org).
> >
> > John Bennett
> > Director of Security, Wikimedia Foundation
> >
> > [1] https://meta.wikimedia.org/wiki/Password_strength_requirements
> > [2] https://meta.wikimedia.org/wiki/Special:ChangePassword
> > ___
> > Wikimedia-l mailing list, guidelines at:
> > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
> > https://meta.wikimedia.org/wiki/Wikimedia-l New messages to:
> > Wikimedia-l@lists.wikimedia.org Unsubscribe:
> > https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> > 
>
>
> --
> -
> Shlomi Fish   http://www.shlomifish.org/
> http://www.shlomifish.org/open-source/projects/fortune-mod/
>
> If a tree falls down in the middle of the forest, and there’s no one there
> to
> hear it… what colour is the tree?
> — Monkey Island 2: LeChuck’s Revenge
>
> Please reply to list if it's a mailing list post - http://shlom.in/reply .
>
> ___
> Wikimedia-l mailing list, guidelines at:
> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
> https://meta.wikimedia.org/wiki/Wikimedia-l
> New messages to: Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 
___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and 

[Wikimedia-l] Anti-viruses [was Re: Information on "Multiple failed attempts to log in" emails]

2018-05-07 Thread Shlomi Fish
On Thu, 3 May 2018 19:27:16 -0500
John Bennett  wrote:

> Hello,
> 
> Many of you may have been receiving emails in the last 24 hours warning you
> of "Multiple failed attempts to log in" with your account. I wanted to let
> you know that the Wikimedia Foundation's Security team is aware of the
> situation, and working with others in the organization on steps to decrease
> the success of attacks like these.
> 
> The exact source is not yet known, but it is not originating from our
> systems. That means it is an external effort to gain unauthorized access to
> random accounts. These types of efforts are increasingly common for
> websites of our reach. A vast majority of these attempts have been
> unsuccessful, and we are reaching out personally to the small number of
> accounts which we believe have been compromised.
> 
> While we are constantly looking at improvements to our security systems and
> processes to offset the impact of malicious efforts such as these, the best
> method of prevention continues to be the steps each of you take to
> safeguard your accounts. Because of this, we have taken steps in the past
> to support things like stronger password requirements,[1] and we continue
> to encourage everyone to take some routine steps to maintain a secure
> computer and account. That includes regularly changing your passwords,[2]
> actively running antivirus software on your systems, and keeping your
> system software up to date.
> 

From my experience, anti-virus programs usually do more harm than good. For
example, https://en.wikipedia.org/wiki/Norton_AntiVirus recently blocked my
entire shlomifish.org domain because it apparently misclassified an executable
download as problematic (and it was built from source using
https://en.wikipedia.org/wiki/CMake and https://en.wikipedia.org/wiki/AppVeyor
so it is unlikely that that is the case.). MS Windows' poor resistance to
malware and the fact that Windows Update is so dysfunctional (see
http://www.shlomifish.org/humour/bits/facts/Windows-Update/ ) are the reasons
why I cannot recommend running it as a desktop, and instead one should use
https://en.wikipedia.org/wiki/Linux#Desktop - desktop linux or similar.

A little off topic perhaps, but needs to be said.

> My team will continue to investigate this incident, and report back if we
> notice any concerning changes. If you have any questions, please contact
> the Support and Safety team (susa{{@}}wikimedia.org).
> 
> John Bennett
> Director of Security, Wikimedia Foundation
> 
> [1] https://meta.wikimedia.org/wiki/Password_strength_requirements
> [2] https://meta.wikimedia.org/wiki/Special:ChangePassword
> ___
> Wikimedia-l mailing list, guidelines at:
> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
> https://meta.wikimedia.org/wiki/Wikimedia-l New messages to:
> Wikimedia-l@lists.wikimedia.org Unsubscribe:
> https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 


-- 
-
Shlomi Fish   http://www.shlomifish.org/
http://www.shlomifish.org/open-source/projects/fortune-mod/

If a tree falls down in the middle of the forest, and there’s no one there to
hear it… what colour is the tree?
— Monkey Island 2: LeChuck’s Revenge

Please reply to list if it's a mailing list post - http://shlom.in/reply .

___
Wikimedia-l mailing list, guidelines at: 
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and 
https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,