In comp.os.linux.advocacy, [H]omer
<spam@xxxxxxx>
wrote
on Sat, 13 Oct 2007 18:02:55 +0100
<2ba7u4-3eo.ln1@xxxxxxxxxx>:
> For those not paying attention, here's the sequence of events over the
> last two weeks:
>
> . eBay makes the unsubstantiated claim that "the vast majority of the
> threats [eBay] saw were rootkitted Linux boxes". No evidence has been
> offered to support that allegation, which was made publicly at a
> Microsoft sponsored security symposium. [1]
That claim is probably not unsubstantiated. It may be
(and most likely is) false ten times over, but I for one
would think that eBay would not be so stupid as to omit
such things as weblogs and headers in a detailed response
to a challenge of their claims. To be sure, there's not
a lot in such weblogs and headers; in most cases, one gets
a line that indicates:
xx.xx.xx.xx - user [date] request_path 200 length
One can attempt a back-correlation to the IP address in
the first column if one really wants to get silly, but in
most cases it's going to point back to either a NAT router
(access through business, .gov, or .edu firewall) or a
DHCP-maintained system pool (access from home account or
DSL-using business account). If one can catch it quickly
enough one might be able to partially verify the sending
machine's OS -- but there's a fair number of issues,
not the least of which the machine's disconnect and some
other machine reconnecting (the D in DHCP is very clear
on this!) between the time the request was sent, and the
time eBay attempts to verify the OS/identity thereof.
And of course the OS doesn't normally broadcast its
identity through the TCP or IP layer. One might deduce
it from various sequencing artifacts, perhaps; see
for instance http://uptime.netcraft.com/up/accuracy.html .
Proxies can be even more entertaining. Presumably,
Netcraft might see a Squid proxy in front of an IIS system
as an IIS system running on Unix. An erstwhile hacker and
a naive IT department could do some weird stuff in this
area, if a department's Windows machines are infected.
Or one can route a bot army through an outside proxy for
some reason, bombarding eBay (and the proxy); eBay might
count that as an attack from the doomed proxy just before
they shut off access therefrom. Clever sabotage of Linux's
reputation, if done right -- and extremely embarrassing if
discovered, of course.
I'd have to look in the case of Apache but it is
possible if unwieldly in theory to dump the User-Agent:
header somewhere. Since that is easily spoofed (Opera
in particular used to have an option to mimic IE, and
probably still does) the worthfulness of that information
is highly questionable.
Since eBay is known to use unreliable equipment, at least
in the IIS/5.0 portion of their system, the veracity of
these weblogs is further strained. Granted, there are
webservers that can stay up indefinitely using Windows.
(There are Linux and FreeBSD webservers that can stay up
indefinitely, also.)
So who knows? Somebody in Ebay's either lying through
their teeth, being duped, or is hopelessly confused.
>
> . Ballmer claims Red Hat users have "an obligation to compensate [MS]"
> "...with respect to [Microsoft's] intellectual property.", although he
> has yet to demonstrate precisely what Microsoft-held patents Red Hat,
> or any other GNU/Linux vendor, violates. [2] [3]
*IF* RedHat has infringed on intellectual property owned by
IP Innovation LLC (and that's questionable in itself, even
outside the actual patent dispute; RedHat is generally a
collector, not an instigator, of software, except perhaps
for JBoss and some of its RPM installation stuff) *THEN*
RedHat has an obligation to pay. That has yet to be
proven anywhere.
>
> . A shell company operating as a patent Troll, called IP Innovation LLC,
> files a patent lawsuit against Red Hat and Novell, for infringing a
> patent issued to Xerox *16 years ago*. This same type of technology is
> probably used in every operating system currently available, including
> Windows (MSVDM) and the Mac (Spaces).
I wish I could be sure either way on that. I remember
some stuff in a system a co-worker was using in 1989 or
thereabouts -- a precursor to Nautilus, to some extent,
actually, though at the time restricted to that particular
documentation management system. Might have been earlier
than that, even...I moved to another job in late 1989 so
it has to be before that, though.
> It has yet to be established
> whether or not this patent is valid, or even if the X Window System
> implementation is indeed in violation of that patent.
That's what courts are for. ;-)
> It is then
> discovered that the parent company (Acacia) is manned by ex-Microsoft
> personnel, including Brad Brunell, Former Microsoft General Manager of
> Intellectual Property Licensing, who only joined Acacia two weeks ago.
> [4]
>
> . Today, eBay Australia depicts phishers as GNU/Linux users, thus
> promoting the idea that GNU/Linux is illegal and its users are
> criminals. [5]
>
> There is no question that this series of events represents an extremely
> well planned and coordinated attack against GNU/Linux instigated by
> Microsoft.
Not sure how well-planned it is, but certainly it's
somewhat coordinated.
> The more Microsoft see that they are losing (the EU
> commission and CFI's judgements, the OOXML fiasco, the Vista disaster,
> OEMs capitulating to customers' demands for GNU/Linux, the ridiculous
> Zune, the massively loss-making and dangerous Xbox, their failed efforts
> in search and advertising) the nastier they get, and this last couple of
> weeks they have been behaving like cornered rats. They know they can't
> win, so they're going to try to inflict as much damage as possible on
> their way down.
>
> Microsoft and their henchmen can shut down every commercial GNU/Linux
> vendor in the world, but they can never shut down the Free Software that
> powers those distributions, and so GNU/Linux will go on, despite
> Microsoft's best efforts to "fsking kill" it by "tipping it into a death
> spiral". It won't work ... ultimately they're going to lose, it's just a
> question of time. The pervasiveness of Free Software is inevitable.
I'm not 100% sure of that. Free Software will survive
as long as the transference costs thereof are much
less than the creation costs thereof. Software is the
perfect communistic good: take what one needs, give what
one wills. (This is not a bad thing, of course; the
main problems in realpolitik were not communism per se,
but the autocratic/socialistic implementations necessary
in the late, unlamented USSR, exacerbated by bad central
planning.) Change the playing field -- e.g., by somehow
requiring that software copying requires verification and
remuneration -- and Free Software might eventually vanish,
though given the current wiring it would take awhile as
the routers are physical implements that need upgrading.
There's also a rebel "freenet" running around -- the general
idea is to use wifi routers in a rather creative fashion.
Or one can go via various cruder routes: nuclear war
destroying all industry and humans on Earth, an irredemable
power crunch when the oil and coal runs out and the
powers-that-be neglected to replace them at the time
(hello, Al Gore, 2007 Nobel Peace Prize winner, wakeup
call, line 4), an invasion by space aliens that wipes
out all life a la Bret Saberhagen, etc. etc. Of course
these scenarios get progressively weirder, but the true
scientists never say never (at least, almost never!),
and even those that say "Never Again!" in relation to such
widespread atrocities as those committed in the Holocaust,
Nanking, Pol Pot, etc. have to be wondering as to what's
going on in Darfur, Iraq, Tibet, and other places.
And then there's the Chinese, attempting (and to a large
extent, though not 100%, succeeding) to ensure that the
government's side of the story is "fairly" represented
-- by suppressing dissent, sometimes rather ruthlessly.
There was at least one page way back suggesting a similar
censorship of non-Christian ideas, though thankfully
I think that particular one has fallen by the wayside,
along with far more notable efforts such as "Minsky's
Worst Of The Web".
Saudi Arabia is also reputed to ensure decency on the
Internet. Can't be too careful with the kiddies about,
I guess.
Welcome to the New World Order. I hope this gets out.
(Not being paranoid. TeraNews is being sickly again.)
>
> [1] http://news.yahoo.com/s/infoworld/20071004/tc_infoworld/92338
> [2]
> http://www.theinquirer.net/gb/inquirer/news/2007/10/09/ballmer-threatens-red-hat-users
> [3] http://uk.youtube.com/watch?v=5B0GTYfPoMo
> [4] http://www.groklaw.net/article.php?story=20071011205044141
> [5]
> http://www.linuxlookup.com/2007/oct/12/ebay_using_tux_as_a_symbol_for_internet_fraud
>
--
#191, ewill3@xxxxxxxxxxxxx
Useless C/C++ Programming Idea #10239993:
char * f(char *p) {char *q = malloc(strlen(p)); strcpy(q,p); return q; }
--
Posted via a free Usenet account from http://www.teranews.com
|
|
