Berkeley CSUA MOTD:Entry 29359
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/24 [General] UID:1000 Activity:popular
5/24    

2003/8/15-16 [Computer/SW/Security, Computer/SW/Unix] UID:29359 Activity:low
8/15    D00DZ GN00 WUZ 0WNZ!
        http://csua.org/u/3xw (story.news.yahoo.com)
        http://www.cert.org/advisories/CA-2003-21.html
        \_ rms:rms
2025/05/24 [General] UID:1000 Activity:popular
5/24    

You may also be interested in these entries...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil
7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...
2012/4/23-6/1 [Computer/SW/WWW/Browsers] UID:54360 Activity:nil
4/19    My Firefox 3.6.28 pops up a Software Update box that reads "Your
        version of Firefox will soon be vulnerable to online attacks."  Are
        they planning to turn off some security feature in my version of
        Firefox?
        \_ Not as such, no, but they're no longer developing this version,
           so if a 3.6.x-targeted hack shows up, you're not going to get
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2011/11/11-30 [Computer/SW/Security] UID:54224 Activity:nil
11/11   MacOSX's Sandbox security hole:
        http://preview.tinyurl.com/7ph2wtg [arstechnica]
	...
Cache (68 bytes)
csua.org/u/3xw -> story.news.yahoo.com/news?tmpl=story&cid=74&ncid=74&e=1&u=/cmp/20030815/tc_cmp/13100280
Advanced Document Not Found The document you requested is not found.
Cache (2097 bytes)
www.cert.org/advisories/CA-2003-21.html
Overview The CERT/CC has received a report that the system housing the primary FTP servers for the GNU software project was compromised. Description The 27 GNU Project, principally sponsored by the 28 Free Software Foundation (FSF), produces a variety of freely available software. The compromise is reported to have occurred in March of 2003. The FSF has released an 29 announcement describing the incident. Because this system serves as a centralized archive of popular software, the insertion of malicious code into the distributed software is a serious threat. As the above announcement indicates, however, no source code distributions are believed to have been maliciously modified at this time. Impact The potential exists for an intruder to have inserted back doors, Trojan horses, or other malicious code into the source code distributions of software housed on the compromised system. Solution We encourage sites using the GNU software obtained from the compromised system to verify the integrity of their distribution. Sites that mirror the source code are encouraged to verify the integrity of their sources. We also encourage users to inspect any and all other software that may have been downloaded from the compromised site. Note that it is not always sufficient to rely on the timestamps or file sizes when trying to determine whether or not a copy of the file has been modified. Verifying checksums The FSF has produced PGP-signed lists of known-good MD5 hashes of the software packages housed on the compromised server. As a matter of good security practice, the CERT/CC encourages users to verify, whenever possible, the integrity of downloaded software. As vendors report new information to the CERT/CC, we will update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments. It is theoretically possible that downloads between March 2003 and July 2003 might have been source-compromised, so we encourage everyone to re-download sources and compare with the current copies for files on the site.
Cache (1645 bytes)
story.news.yahoo.com
Photo Highlight Slideshow A model of a steel starburst sculpture entitled 'The B of the Bang'. The new sculpture, which at 56 meters will be 10 meters taller than the Statue of Liberty, will be installed beside the City of Manchester football stadium in Manchester, England. Oil at $41 All-Time High on Supply Fear Reuters - 1 hour, 10 minutes ago Oil prices hit an all-time record on Friday fueled by global economic growth and enduring worries that gasoline supplies will struggle to meet peak summer demand in the United States. Photo SKorea's Roh Returns Stronger After Court Rules Reuters - 2 hours, 21 minutes ago South Korean President Roh Moo-hyun returned to work in a stronger position on Friday after the Constitutional Court reinstated him by overturning parliament's unprecedented vote to impeach him. Kerry Says He Offers Veterans More AP - Fri May 14,12:38 AM ET Democratic presidential candidate John Kerry said Thursday he offers more to military veterans than "wrapping yourself in the flag," pledging to mandate funding for veterans health care in response to what he said were broken promises by President Bush. Cholesterol Drugs Promising in Multiple Sclerosis Reuters - Thu May 13, 7:11 PM ET Cholesterol-lowering drugs, widely used to reduce the risk of heart attack, could also be effective in treating multiple sclerosis, according to new research published on Friday. Fugitive Who Faked Suicide Is Found Alive Reuters - Thu May 13, 3:53 PM ET A Tennessee man who faked his suicide 13 years ago to avoid fraud and burglary charges has been found alive and well in California, a law enforcement official said on Thursday.