timbrown - Slashdot User

Comment Re:Application developers fault (Score 1) 178

by timbrown on Tuesday August 24, 2010 @05:58PM (#33362380) Attached to: Windows DLL Vulnerability Exploit In the Wild

You can check out a blog post I wrote on a similar attack that could be used against Linux (and other POSIX-alikes):

http://www.nth-dimension.org.uk/blog.php?id=87

The two big differences are that in this attack I can't exploit it as easily over the network and that the default case is secure on Linux so developer have to go out of their way to make themselves insecure (although a lot do, because it is the most "obvious" way to change the location from which libraries are loaded).

Comment Re:Keep beating that horse (Score 3, Interesting) 73

by timbrown on Thursday July 16, 2009 @06:47PM (#28724037) Attached to: Nmap 5.00 Released, With Many Improvements

Disclosure: I am an OpenVAS developer...

Nmap does what it does very well. It would be a strange day that I stop using it for pentesting, in fact more likely I'll adopt some of the other tools the project has developed. Ncat in particular sounds great simply because it unifies multiple functions I currently use from other tools. The other thing I like is the NSE, great for quickly cooking up a scanner for 0day threats as we saw with Conficker check they produced.

If you want a Free Software vulnerability scanner, then support OpenVAS. The project is making quiet progress (cleaning up the code base, redesigning the architecture and most importantly adding new NVTs) and has just had a second DevCon in Germany with 16 developers from 4 continents making the trip. Nothings ever perfect but it now has NVT that are not in Nessus so if you're not using it, you're probably missing out. It's worth noting that we at OpenVAS like the nmap developments so much that a couple of the OpenVAS developers are looking to actively contribute and we're considering libnmap as a replacement for the rather fragile port / service discovery functionality we inherited.

Comment An analogy (Score 1) 528

by timbrown on Monday January 26, 2009 @06:04AM (#26605517) Attached to: Indymedia Server Seized By UK Police, Again

Imagine if /. servers got seized everytime someone saw fit to post comments with the addresses related to the "bad guy" in response to a story. Indymedia had already pulled said comments, does /. even have such a facility? I find some of what gets put on Indymedia to be massively disagreeable, OTOH I'm not a big fan of servers being pulled at random either.

Submission + - Indymedia Server Seized by UK Police (again!) (indymedia.org.uk)

Submitted by

timbrown

on Saturday January 24, 2009 @12:50PM

timbrown writes: "On 22 January 2009, Kent Police seized an Indymedia server hosted by Manchester-based colocation facility UK Grid and run by the alternative news platform Indymedia UK. The server was taken in relation to comments on an article regarding the convictions in the recent Stop Huntingdon Animal Cruelty (SHAC) trial. Seven activists were sentenced to a total of 50 years in prison.

In the morning, Kent Police had emailed Indymedia UK, an independent online news platform, requesting that personal information about Justice Neil Butterfield, the trial judge, be removed from the Indymedia website and that details of the poster be retained.

Indymedia UK volunteers had already removed the information in line with the projects own privacy policy. Indymedia UK was unable to comply with Kent Police's request to retain data relating to poster. As an open publishing project, Indymedia UK has set up Apache to not log IP addresses. Furthermore, the Police had been informed that the server in question was a mirror server and therefore not the machine that the comments were posted to. Nevertheless, Police seized the machine which was handed over by the management of UK Grid. No warrant was shown.

Dr. Lee Salter, a senior lecturer in journalism at the University of the West of England, told Indymedia "Journalistic material is protected by law, and the police should not gather more information than is relevant for their investigation — by seizing this server they are not only getting information on Indymedia but also on wholly unrelated groups. The police should know that Indymedia does not hold personal information on its participants, so it is a concern is that the police are collecting random information on participants".

The loss of a server represents serious damage to the Indymedia infrastructure in the UK. Several websites including the global Indymedia documentation project, the new website of Indymedia London, la Soja Mata (an anti-GM soya campaign focusing on South American development), Transition Sheffield and a Canadian campaign against the 2010 Olympics were affected. Most of these websites could be restored.

The present case is not the first time that Indymedia servers were seized in the UK. Shortly before the opening of the European Social Forum in 2004 in London, a main Indymedia server was seized from the hosting company Rackspace in an operation which involved an Italian Judge, an American District Court and the FBI.

In 2005, the server of Indymedia Bristol was seized under a search warrant. One Indymedia Bristol volunteer was arrested on suspicion of incitement to criminal damage, but was never charged.

As with previous cases, Indymedia UK stayed online this time. This was possible due to a system of "mirrors", which was set up to protect the technical infrastructure of the alternative media project. Despite the resource intensive interruptions caused by server seizures, the DIY-media activists continue to provide a platform for "news straight from the streets".

Info Sheet 24.01.2009 by: imc-uk press group

Notes to the editor, for further information, contact Imc-uk-contact at lists.indymedia.org.

---

I'm posting this as a concerned UK administrator who hosts a number of sites. The message appears to be clear, the UK establishment does not want political content, legitimate or otherwise hosted from these shores. The message has been noted, however free speech must be supported even where it may not be agreeable."

Slashdot Top Deals