[CentOS] anthem details

Valeri Galtsev galtsev at kicp.uchicago.edu
Fri Feb 6 16:07:53 UTC 2015


On Fri, February 6, 2015 9:19 am, Always Learning wrote:
>
> On Fri, 2015-02-06 at 08:40 -0600, mshinn wrote:
>
>> I recommend reading up on kreb's site:
>>
>> http://krebsonsecurity.com/2015/02/china-to-blame-in-anthem-hack/
>>
>> Not sure the "hack" was an issue with their platforms per se.
>>
>> "
>> “On January 27, 2015, an Anthem associate, a database administrator,
>> discovered suspicious activity – a database query running using the
>> associate’s logon information. He had not initiated the query and
>> immediately stopped the query and alerted Anthem’s Information
>> Security
>> department. It was also discovered the logon information for additional
>> database administrators had been compromised.”
>
> Flash has always been banned from all my machines, without exception and
> regardless of any resulting "hardship". I wonder why so-called Computer
> Experts continue to use third-party closed source software which
> secretly, and it always has, deposits information on the user's hard
> disk.
>
> Another Lesson to learn:
>
> 	*NO* Flash
> 	stronger passwords for SQL
> 	encrypt all the data that is not required for indexed searches.
>
> There is a war going-on out there and we are the targets !
>

At least this I would change in your list:

Do not use crappy software, no matter how nicer your life with it becomes.
(Except maybe piece of junk computer you are not using for anything of
value). Not just flash but any poorly written software.

Flash was piece of crap code when it was originally written. Even before
original programmers were wrestled out of owning it. I didn't see closed
source code, but there always are indications you can observe. One of the
indications of poorly written code was: it was written not portably, just
for 32 bit (i386) systems. Why I'm saying that? Remember how long flash
player/plugin was purely 32 bit binary, even though everything was 64 bit
for quite long time already? Adobe even admitted they have to
significantly re-write it before they can release 64 bit? and first 64 bit
binaries were bad, they didn't re--write code from scratch, but tried to
modify... Of course there is more about flash media file standard
itself...

For those who doesn't program, portable in this case means: you can define
sizes of variables (in bytes) using plain numbers (valid for given
architecture, say, i386) when defining variables. Alternatively instead of
number, you can use (sizeof(integer)) or (sizeof(string). Then the code
can be compiled on different architectures and will have correct sizes of
variables for given architecture/ CPU word length (sorry, if name CPU word
is not correct - that is what we called it back then...). I just randomly
searched and this may give you good feeling of what I meant:

http://www.delphibasics.co.uk/RTL.asp?Name=SizeOf

Anyway, one more lesson: avoid using poorly written software (even if
these are only indications of it being written poorly that you can
observe).

Valeri

++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++



More information about the CentOS mailing list