Thursday, November 15, 2012

Skype and Adobe

It's been awhile since I've done this, but here it is:

First, Skype.  Apparently, Microsoft fixed an issue with Skype accounts being vulnerable to hijacking.  It only took them three (3) months to address the issue...

https://isc.sans.edu/diary/Skype+account+hijack+vulnerability+fixed/14512

http://countermeasures.trendmicro.eu/skype-vulnerability/

Next, there's been another password disclosure breach, this time affecting Adobe and connectusers.com users.  The compromise occurred via a SQL injection attack.

https://isc.sans.edu/diary.html?storyid=14515

http://arstechnica.com/security/2012/11/adobe-breach-reportedly-spills-easy-to-crack-password-hashes/ 


Note (LONG):

I posted the notifications on Facebook, as my friends and family use Skype.  I'm going to throw this out there right now:  I hate OSS zealots.  I had an acquaintance stir up some crap about "why are you using Skype", "why are you using Windows", "why are you giving the corporations your money/data".

Life is SHORT.  That goes for everyone, including the zealots.  I'm a fan of open source software, but I don't live the life of "down with M$".  Microsoft has a place in my life.  I game...a LOT.  I play the types of games that don't do well within virtual environments...there are no Linux equivalents of these games.  As well, complicated software that is difficult to keep running properly in Windows tends to be even more cumbersome on *nix.  

I know how to administer *nix and know it's strong points as well as weak points.  I know *nix very well.  I've never solely administered *nix for a living (I'm multi-disciplined), but I know it well enough to where I've been running *nix servers remotely without issue for YEARS.  I also tend to focus on security hardening on my *nix machines, moreso than the average *nix administrator (I'm a security consultant by trade).  So I know what I'm doing...I'm seasoned enough to know what to do and what not to do.

Now, I love *nix.  But there are different types of such love.  I love it but I also love gaming.  *nix won't do what I desire when it comes to the types of games I play, so in that regard it fails me.  You don't have to agree or disagree, because it won't matter what you think when it comes to *ME* and my computing usage.

As well, *nix can be high maintenance, depending on what's broken and your experience level.  I've told several of my relatives that have an interest in trying different operating systems that Linux could give them some freedom.  If they try it and find that it's not for them, I'm not going to continue pushing it down their throats.  That's not me.  I don't try to convince people (but I might nudge them if they're showing a serious interest)...that's the job of the product.  Also, the person doing the trying has to be open-minded and willing to learn new things.  I can help with that but I'm already pinged constantly, since most people think I'm a general tech support guy that they can call/e-mail at any time...I'm not going to administer their box for them. If you don't have the drive to help yourself a little and be willing to learn, *nix is NOT for you.

And, sometimes I just want stuff to work when I install it...without me fiddling with config files.  Remember, I've been working as a consultant the last 10 years in sometimes grueling or archaic work environments.  I do  NOT want to come home to the same crap.

Yes, I love smartphones.  Yes, I love Mac systems.  Yes, I'm OK with using Windows 7. 

This smacks of socialism (pushing people to adopt your version of the greater good...sharing everything, having extreme hate for commercialism).  Maybe I'm generalizing, but this is not the first time I've had someone berate me or try to push me to not use MS/this product/that company...like there's some code I'm supposed to be following as a *nix user.  For those that have issues with *nix guys using "M$" software, are you really going to bust a blood vessel worrying about what I'm using on *MY* LAN?

Lastly, regarding the "corporations are bad and will share your data as well as backdoor all apps and even the OS".  Bullshit.  Believe that crap if you want.  While I won't willingly give out my private data, I'm not going to live like an Amish person.  I won't live like I'm in a cave.  I'll lock down my data as much as I can, but I will not believe that all corporations are bad.  If you believe that, I guess you keep your life savings in your mattress....good for you if you do, but that's not me.