There are no words to explain just how broken everything is. This post tries:
https://medium.com/message/everything-is-broken-81e5f33a24e1 but barely covers even a fraction of the breakage. Thanks goodness for anti-virus, right? One of the leading anti-virus vendors in the world, TrendMicro, has been opening their victims^W users' computers to trivially-discoverable remote execution attacks, exposing passwords to the internet, and running an old and insecure browser with security settings disabled (no sandbox). https://code.google.com/p/google-security-research/issues/detail?id=693 What's the worst security screw-up you've seen? The worst I've seen was a sys admin I used to work with who put a new Linux server on the internet with root ssh enabled. Guess what password he used for the root account? "test". Guess how long it took before it was broken into? Less than two hours. That is at the top of my list only because I can prove exactly what happened. Otherwise it would be an incident that I can't completely explain. I have my suspicions, but I'm not entire sure what happened. This was one of the last incidents that drove me off Windows. I was running Windows XP, protected behind a firewall, with commercial up-to-date anti- virus installed. I started up Windows update one day, and went out for a few hours, and came back to find the computer absolutely swarming with malware and the firewall turned off. I don't know what happened, I can only guess that the Windows update process turned off the firewall, but I don't really know. All I know is that whatever it was, it was a completely automated attack, as nobody was home to click on any buttons or visit any dubious websites. Took me three weeks to remove the last of the malware, and another two weeks to track down the cause of an annoying glitch where every 30 seconds the PC would freeze up for a fraction of a second. It was one of the anti-virus programs I had installed. -- Steve -- https://mail.python.org/mailman/listinfo/python-list
