Overclockers Australia Forums

OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > Specific Hardware Topics > Business & Enterprise Computing

Notices

Reply
 
Thread Tools
Old 25th January 2015, 11:21 AM   #7501
PabloEscobar
Member
 
Join Date: Jan 2008
Posts: 9,779
Default

Quote:
Originally Posted by Daemon View Post
Windows has by far had the most critical vulnerabilities over the last 10/5/3/1 year period compared to Linux. The most oversight's I've seen come from the Windows world. Have a look at the cryptolocker thread as a perfect example. If you don't believe me, go and check CERT.
Cryptolocker is a terrible example... In most cases, its simple user stupidity as the entry point, in other cases, its vulnerabilites in Flash/Java/Adobe that are exploited.

A case may be made that windows users are stupid users, but that is a function of its widespread desktop adoption. I've worked in a call center that had a linux desktop, I could have e-mailed any of them a script that would hose their home directories and any other places they have write access to. Tthe same amount of people that launched cryptolocker, would have launched it, and the results would have been the same.

I've not seen a single variant of Cryptolocker that is delivered by *windows* vulnerabilites.

Because windows desktop windows is popular, and because there is tonnes of low hanging fruit available (In both users, and out-of-date software), it becomes the defacto target, it offers people the best bang for their buck in terms of exploit kits.

As IT shifts away from the windows desktop, I'm expecting to see a corresponding rise in Malware targeting mobile devices, and because windows has (almost) no marketshare in this place, It won't be a prime target.


Quote:
Originally Posted by elvis View Post
I have always seen Samba as a tool that could be a game changer. That SMB (Small to Medium Business, not Server Message Block - conflicting acronyms are conflicting) market is the one that seems to be perpetually a Windows-only affair for all the reasons people mention here (big enough to need centralised authentication and domain management, not big enough to afford pricey Linux sysadmins). I'm still waiting for the penny to drop, and some mob to come out with a simple appliance (virtual or otherwise) that instantly deploys a supported Samba4 domain via a few clicks. Hell, Amazon are doing it for their cloud customers (type in domain name and a few other details, next, next, next, finish wizard, have AD domain ready to go, either managed via web or a Windows box with the admin tools installed).
$LoBAppVendor: You've got Active Directory, great, here, use our software, no worries
$Business: Oh, hey $LoBAppVendor, we've got an issue with your software, for some reason $User can't access $Module
$LoBAppVendor: No worries, lets take a look and some of the groups, what OS is your domain controller?
$Business: Samba4
$LoBAppVendor: I'm sorry $business, Samba4 is not a supported authentication method, please call use back when you've got a Windows 2008R2+ Domain controller in place, Also, No Refunds
$BusinessIT: For all intents and purposes, Samba4 is indistinguishable from a Windows Domain Controller
$BusinessSuits: We should have stuck with Windows, we wouldn't have this problem if we didn't mess around with this *free* piece of shit
$LoBAppVendor: I'm an utter bastard, I look for any excuse to screw people over.

Its very much a chicken and egg problem, App Vendors won't support Samba, until it becomes widespread, and Samba won't become wide spread until app vendors support it. That being said, it will all be a moot point soon, as Auth gets shifted to cloud based SAML/Oauth2 type setups... Which the vendors will be driven to support, simply because marketshare.

Last edited by PabloEscobar; 25th January 2015 at 11:34 AM.
PabloEscobar is offline   Reply With Quote
Old 25th January 2015, 12:41 PM   #7502
Daemon
Member
 
Daemon's Avatar
 
Join Date: Jun 2001
Location: qld.au
Posts: 4,915
Default

Quote:
Originally Posted by PabloEscobar View Post
Cryptolocker is a terrible example... In most cases, its simple user stupidity as the entry point, in other cases, its vulnerabilites in Flash/Java/Adobe that are exploited.
The reference was more meant to highlight how custom doesn't leave something vulnerable, which is what it was in response to. It highlights that doing the "norm" leaves you vulnerable to exploits and malware.
Quote:
Originally Posted by PabloEscobar View Post
A case may be made that windows users are stupid users, but that is a function of its widespread desktop adoption. I've worked in a call center that had a linux desktop, I could have e-mailed any of them a script that would hose their home directories and any other places they have write access to. Tthe same amount of people that launched cryptolocker, would have launched it, and the results would have been the same.
Except in a Linux environment you can easily have the /home and /tmp mounted with noexec permissions. Issue 99% prevented

Quote:
Originally Posted by PabloEscobar View Post
Because windows desktop windows is popular, and because there is tonnes of low hanging fruit available (In both users, and out-of-date software), it becomes the defacto target, it offers people the best bang for their buck in terms of exploit kits.

As IT shifts away from the windows desktop, I'm expecting to see a corresponding rise in Malware targeting mobile devices, and because windows has (almost) no marketshare in this place, It won't be a prime target.
Windows has the combined issue of being a popular target as well as a system that has a lot of critical vulnerabilities (which home users especially may not be protected against). Windows has a hell of a lot of technical debt, which is why we see vulnerabilities still popping up which go back to the NT days.

Malware targeting mobiles is going to be much harder. Despite all of the hype about malware on Android, it's only an issue if you're loading apps from outside the play store. For 99.999% of users, this means it isn't a problem. The same issue exists with downloading pirated software via torrents for your PC. The integrity of the files isn't verified.

Mobiles (both iOS and Android) have a much more secure operating environment to start with. Unlike desktop OS's, permissions are quite explicit and the app needs approval to get these. Microsoft tried to lock this down with UAC but mostly just succeeded in annoying users (who just click yes anyway).
__________________
Fixing the internet... one cloud at a time.
Daemon is offline   Reply With Quote
Old 25th January 2015, 1:37 PM   #7503
elvis Thread Starter
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 29,716
Default

Quote:
Originally Posted by PabloEscobar View Post
$LoBAppVendor: You've got Active Directory, great, here, use our software, no worries
$Business: Oh, hey $LoBAppVendor, we've got an issue with your software, for some reason $User can't access $Module
$LoBAppVendor: No worries, lets take a look and some of the groups, what OS is your domain controller?
$Business: Samba4
$LoBAppVendor: I'm sorry $business, Samba4 is not a supported authentication method, please call use back when you've got a Windows 2008R2+ Domain controller in place, Also, No Refunds
$BusinessIT: For all intents and purposes, Samba4 is indistinguishable from a Windows Domain Controller
$BusinessSuits: We should have stuck with Windows, we wouldn't have this problem if we didn't mess around with this *free* piece of shit
$LoBAppVendor: I'm an utter bastard, I look for any excuse to screw people over.

Its very much a chicken and egg problem, App Vendors won't support Samba, until it becomes widespread, and Samba won't become wide spread until app vendors support it. That being said, it will all be a moot point soon, as Auth gets shifted to cloud based SAML/Oauth2 type setups... Which the vendors will be driven to support, simply because marketshare.
While I don't disagree that these scenarios happen, the fact of the matter is Amazon are backing Samba as their AD solution (as you've alluded to toward the end of that post). That's your tipping point right there.

If $LoBAppVendor doesn't support Samba, they miss out on every single customer currently using AWS. And there's a hell of a lot of people and services.

I see a similar thing for Microsoft Office pretty soon too. There's already a lot of governments and public sector groups in charge of archiving that will only support ODF, and over in the commercial and educational sectors, Google Apps continues to explode in popularity. The "We don't support anything but MS Office" trope is one that is going to wither and die in coming years.
elvis is offline   Reply With Quote
Old 25th January 2015, 1:54 PM   #7504
fredhoon
Member
 
fredhoon's Avatar
 
Join Date: Jun 2003
Location: Brisbane
Posts: 2,067
Default

Quote:
Originally Posted by Diode View Post
Once again I think the prevalence of the Windows desktop is what puts many aspiring sys admins down the path of becoming entry level Windows sysadmins. They in tern become familiar with Microsoft server products. I know of admins that began on Windows then turned to Linux, but by the time they are searching for Linux jobs they are after jobs in more senior roles or in companies that already have a Linux environment.
I disagree (based on personal experience). While I had literally grown up with windows (MSDOS 5, Win3.1 and onwards) I found that Linux was far more accessible than Windows NT, Windows for Workgroups and Novell to tinker around at home and learn "enough to be dangerous" with a 10 gallon hat and spurs.

Despite the prevalence of Windows desktop and applications for very small business (<10 staff), linux was the best bang for buck to move a business forward from the everything saved in My Documents and @bigpond email. However beyond this into the SMB segment where a business would benifit from Exchange functionality, I found SBS had the best price over 3-5yrs compared to a supported RedHat or SUSE enviornment (such that the business was not dependant on the hard to replace linux admin).

As businesses grow from NT through the years or in size from SBS it makes sense that they are "Locked in" to MS products due to their (perceived) aversion to risk and reluctance towards change. Thus when the employment market is saturated with demand for windows admins, it would make sense that is where the bulk of people end up despite the experience in their formative years.
__________________
Quote:
Originally Posted by NSanity View Post
Does your Agile Full Stack Token Ring Dev role include your research into ideas that were stupid 30 years ago and are still stupid today?
go soothingly on the grease mud as they're lurks a skid demon
fredhoon is online now   Reply With Quote
Old 25th January 2015, 2:11 PM   #7505
Diode
Member
 
Diode's Avatar
 
Join Date: Jun 2011
Location: Melbourne
Posts: 1,658
Default

Quote:
Originally Posted by elvis View Post
Going way back, UNIX was big and expensive. Nobody had UNIX at home, and the only way to get experience in UNIX was to work for the biggest companies. Businesses that needed UNIX were massive, as were their requirements. Microsoft products made a lot of headway because of their price - not only the software, but the hardware too. Suddenly computing became affordable for smaller businesses.
Microsoft as you say carved out that home/small office computing space and made it a roaring success (Queue the crazy Steve Ballmer Ad). Unix was always always the big end of town and Linux was no where to be seen yet at the turn of the 90's.
Linux when it came took the DNA of UNIX which has proved itself on scale and made it work for peanuts.

Microsoft has progressively taken their desktop/server OS and built it with small business in mind and grown them over time. Not exactly the recipe for scalable success when you're carrying a lot legacy stuff not made to scale. Progressively over time though they seem to be dropping things of old that are holding them back.

Quote:
Originally Posted by elvis View Post
I genuinely believe that mainstream desktop use has absolutely nothing to do with software merit. It's entirely around who got to the market first.

Microsoft own the mainstream desktop. But in the same breath, Microsoft utterly failed to own the mainstream phone market. Are iOS and Android that superior to Windows phone? No, I don't think so. they just people to get used to them first.
I'd agree with this. It does tend to be what came first than what's better or cheaper.


Quote:
Originally Posted by elvis View Post
Likewise businesses stick with mainstream stuff to be safe.
Depends on who you talk to if this is a good or bad thing, it's probably more a balancing act. At some point there has to be some sort of mainstream of technology. No one company can leverage their own technology and be where we are today without building on top and sharing technology. Linux you can argue is mainstream. Without its communities and a large user base you would find Linux could have been one of niche' things that eventually withered away like other technologies that failed to get a mainstream audience.

Going back to your argument about OS of choice isn't so much about who's better or who's worse but who's first. So Windows is seen as a safe mainstream OS that's been around for a long time.
Diode is offline   Reply With Quote
Old 25th January 2015, 4:48 PM   #7506
elvis Thread Starter
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 29,716
Default

Quote:
Originally Posted by Diode View Post
Going back to your argument about OS of choice isn't so much about who's better or who's worse but who's first. So Windows is seen as a safe mainstream OS that's been around for a long time.
For the desktop, absolutely. As much of a business genius as Bill Gates was, his one failing was to recognise the power of the Internet in time. Linux carved itself out as the most prevalent platform for web hosting quite well, again thanks to the "right place, right time" combination that mad things like Windows and the iPhone so popular.

Now "Internet" scales to "cloud", and not only does Linux keep a lot of mindshare momentum, but it also makes at-scale, rapid, deploy-and-destroy type setups much easier to deal with thanks entirely to it's licensing model.

I wonder what happens when a generation of sysadmins all get far more opportunity to use Linux, and Linux skills become more commonplace? Were I to compare the number of sysadmins I worked with 15 years ago who had never once logged into a Linux box to the number of sysadmins I work with today who've installed Linux at home to tinker with, and it's no longer a case of Linux being that weird niche thing that nobody knows.

If Windows server exists in prevalence because "it's common" and "skills are easy to find", I dare say Microsoft's biggest problem in the SMB is the number of people tinkering with Amazon, Rackspace and similar deployments, skilling up on open source tools.

At the very least, Azure is in place now. I can't credit Ballmer for much at all, but at least he saw the obvious need for that.
elvis is offline   Reply With Quote
Old 25th January 2015, 10:42 PM   #7507
PabloEscobar
Member
 
Join Date: Jan 2008
Posts: 9,779
Default

Quote:
Originally Posted by Daemon View Post
Mobiles (both iOS and Android) have a much more secure operating environment to start with. Unlike desktop OS's, permissions are quite explicit and the app needs approval to get these.
I'm not sure they do... The walled garden approach is not a panacea, The volume is to great for any actual checking of applications to be occurring, and permissions are not granular enough to be relied upon for anything. (AND users are already trained to accept them, or I can't throw stupid birds at stupid pigs). Malware has been published on the Apple app store in the past.

Android and packaged apps are full of holes that will remain unfixed, and phone vendors having no incentive the backport fixes (or release newer android version for their old handsets) when it is in their best interests that you buy a new phone.


Quote:
Originally Posted by elvis View Post
At the very least, Azure is in place now. I can't credit Ballmer for much at all, but at least he saw the obvious need for that.
The writing is on the wall

Win10 free upgrade... SMB's jump on board, because they already use Retail licenses anyway, and "Heard from an IT friend that 8 was shit, but 10 is great"

Win10 offers great integration with services already available on Azure, SMB seamlessly moves from their existing setup, across Microsofts hosted service, for the most part, they don't realise anything has changed... but all of a sudden their documents (synced with whatever Skydrive is called now) are available on their phone (and the killer is, it doesn't need to be a windows phone).

Boom! The bleeding SMB customers stops almost overnight.
PabloEscobar is offline   Reply With Quote
Old 26th January 2015, 10:06 AM   #7508
Daemon
Member
 
Daemon's Avatar
 
Join Date: Jun 2001
Location: qld.au
Posts: 4,915
Default

Quote:
Originally Posted by PabloEscobar View Post
I'm not sure they do... The walled garden approach is not a panacea, The volume is to great for any actual checking of applications to be occurring, and permissions are not granular enough to be relied upon for anything. (AND users are already trained to accept them, or I can't throw stupid birds at stupid pigs). Malware has been published on the Apple app store in the past.
There's more than just a walled garden. Both Google and Apple scan in apps in the background for malicious behaviour and will automatically uninstall those known to be malicious (regardless of where it was installed from).

If you only install apps from the App Store / Play Store then you're 99.999% protected.

The mobile OS's are much more restrictive compared to Windows, so from a foundation perspective they're already secure. Then layer in the sandboxing, the security lockdowns both companies perform and now they'll also encrypt all data by default. It doesn't make it impenetrable but certainly secures it to a point where exploits are just about nil.

All of the hype about mobile malware is of course being driven by security companies. They want you to buy their app. They don't show the real threats nor the odds.
Quote:
Originally Posted by PabloEscobar View Post
Android and packaged apps are full of holes that will remain unfixed, and phone vendors having no incentive the backport fixes (or release newer android version for their old handsets) when it is in their best interests that you buy a new phone.
The only unpatched systems are the ones which are quite old. Generally these users fall into two groups. The first is those who just want a phone. They're the type of people who barely install apps, yet alone download apps outside of the App store. The risk is virtually nil to them.

The second group are developing nations who run old hardware and therefore old phones. Many of these bootleg phones aren't running legitimate software in the first place, and have sideloaded apps. These phones are no doubt infected already.
__________________
Fixing the internet... one cloud at a time.
Daemon is offline   Reply With Quote
Old 26th January 2015, 11:09 AM   #7509
PabloEscobar
Member
 
Join Date: Jan 2008
Posts: 9,779
Default

Quote:
Originally Posted by Daemon View Post
There's more than just a walled garden. Both Google and Apple scan in apps in the background for malicious behaviour and will automatically uninstall those known to be malicious (regardless of where it was installed from).
To use your cryptolocker example, how does the phone know if you want all your files encrypted? or if its a program doing it without your knowledge?

Quote:
Originally Posted by Daemon View Post
All of the hype about mobile malware is of course being driven by security companies. They want you to buy their app. They don't show the real threats nor the odds.
Hells yeah, gots to up the scare factor to 11.

Quote:
Originally Posted by Daemon View Post
The only unpatched systems are the ones which are quite old. Generally these users fall into two groups. The first is those who just want a phone. They're the type of people who barely install apps, yet alone download apps outside of the App store. The risk is virtually nil to them.
As more and more information is either directly stored on, or accessed by phones, More and more people will look for, (and find) exploits like CVE-2014-6041
PabloEscobar is offline   Reply With Quote
Old 26th January 2015, 12:44 PM   #7510
Daemon
Member
 
Daemon's Avatar
 
Join Date: Jun 2001
Location: qld.au
Posts: 4,915
Default

Quote:
Originally Posted by PabloEscobar View Post
To use your cryptolocker example, how does the phone know if you want all your files encrypted? or if its a program doing it without your knowledge?
http://au.pcmag.com/android-apps-rev...-continual-app

Google has data on the behaviour of apps installed on over a billion devices. They're they king at data mining. This should make it fairly easy to quickly identify malicious behaviour, much like how centralised anti-spam systems work. The more data you have, the more anomalies stand out.
Quote:
Originally Posted by PabloEscobar View Post
As more and more information is either directly stored on, or accessed by phones, More and more people will look for, (and find) exploits like CVE-2014-6041
The better returns are going to be by targeting the "cloud" backups. Far more bandwidth and with weak passwords a far easier task. Hackers aren't dumb, they'll go for the easy targets first. Until TFA is standard across all systems, the cloud based components will always be easier.

The CVE-2014-6041 is a CORS exploit, so you still have to visit a malicious site with the stock browser in order for it to be effective. The malicious site could potentially then see what you're browsing, but not other data on the phone. Users on 4.4 or higher (about 40% of all devices) or those using Chrome aren't affected. It's a horrid bug that's for sure, but it still requires a user to view a malicious site and doesn't leave the entire system exposed.
__________________
Fixing the internet... one cloud at a time.
Daemon is offline   Reply With Quote
Old 27th January 2015, 8:25 AM   #7511
elvis Thread Starter
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 29,716
Default

118,000 IBM jobs to apparently be axed. Yikes.

http://www.theinquirer.net/inquirer/...al-restructure

http://www.theregister.co.uk/2015/01...s_speculation/

Claims are that IBM's services division isn't bringing home the bacon like it once did, and speculation is that competitor cloud-hosted services are eating into its revenue.
elvis is offline   Reply With Quote
Old 27th January 2015, 8:46 AM   #7512
Tinian
Member
 
Tinian's Avatar
 
Join Date: Jan 2009
Location: localhost
Posts: 12,018
Default

Quote:
Originally Posted by elvis View Post
118,000 IBM jobs to apparently be axed. Yikes.

http://www.theinquirer.net/inquirer/...al-restructure

http://www.theregister.co.uk/2015/01...s_speculation/

Claims are that IBM's services division isn't bringing home the bacon like it once did, and speculation is that competitor cloud-hosted services are eating into its revenue.
Both of which are true. IBMs revenues have decreased every quarter for a few years now. So they're concentrating on apps and analytics for businesses.

Services is a hole dug deeper and deeper by cost competition. As a company you might have been able to justify higher costs if you had a track record of delivery - but no big companies do. Partly because most PMs out there are useless muppets and any good technical resources are invariably too expensive, apparently...
__________________
Never underestimate the difficulty of changing false beliefs by facts - Henry Rosovsky

Nail in my hand, from my creator
You gave me life, now show me how to live
.
Tinian is offline   Reply With Quote
Old 27th January 2015, 9:07 AM   #7513
elvis Thread Starter
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 29,716
Default

Comments from folks either inside IBM now, or ex-IBMers are all the same: IBM is suffocating thanks to middle management blow out.

That seems to be the inevitable outcome for large companies lately - middle aged spread. Fat around the middle, too light on talent at either end. Private bureaucrats.
elvis is offline   Reply With Quote
Old 27th January 2015, 9:15 AM   #7514
idiot_child
Member
 
idiot_child's Avatar
 
Join Date: Jan 2003
Location: Sydney
Posts: 1,349
Default

I read this last week but the IBM response at the bottom is amusing. I didn't think official comms would use the word 'stupid'. Is ibmhkblog legit?
http://www.forbes.com/sites/robertcr...-real-problem/

The article does make a good point about who is going to work on these cloud contracts they're trying to win if they've just laid off all the guys who can do the job.
idiot_child is offline   Reply With Quote
Old 27th January 2015, 9:17 AM   #7515
NSanity
Member
 
NSanity's Avatar
 
Join Date: Mar 2002
Location: Canberra
Posts: 16,120
Default

Quote:
Originally Posted by elvis View Post
118,000 IBM jobs to apparently be axed. Yikes.
118,000 isn't "we're doing badly".

118,000 is "we're getting out of the services gig".
NSanity is online now   Reply With Quote
Reply

Bookmarks

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 5:50 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Micron21!