On Fri, February 6, 2015 9:19 am, Always Learning wrote: > > On Fri, 2015-02-06 at 08:40 -0600, mshinn wrote: > >> I recommend reading up on kreb's site: >> >> http://krebsonsecurity.com/2015/02/china-to-blame-in-anthem-hack/ >> >> Not sure the "hack" was an issue with their platforms per se. >> >> " >> â??On January 27, 2015, an Anthem associate, a database administrator, >> discovered suspicious activity â?? a database query running using the >> associateâ??s logon information. He had not initiated the query and >> immediately stopped the query and alerted Anthemâ??s Information >> Security >> department. It was also discovered the logon information for additional >> database administrators had been compromised.â?? > > Flash has always been banned from all my machines, without exception and > regardless of any resulting "hardship". I wonder why so-called Computer > Experts continue to use third-party closed source software which > secretly, and it always has, deposits information on the user's hard > disk. > > Another Lesson to learn: > > *NO* Flash > stronger passwords for SQL > encrypt all the data that is not required for indexed searches. > > There is a war going-on out there and we are the targets ! > At least this I would change in your list: Do not use crappy software, no matter how nicer your life with it becomes. (Except maybe piece of junk computer you are not using for anything of value). Not just flash but any poorly written software. Flash was piece of crap code when it was originally written. Even before original programmers were wrestled out of owning it. I didn't see closed source code, but there always are indications you can observe. One of the indications of poorly written code was: it was written not portably, just for 32 bit (i386) systems. Why I'm saying that? Remember how long flash player/plugin was purely 32 bit binary, even though everything was 64 bit for quite long time already? Adobe even admitted they have to significantly re-write it before they can release 64 bit? and first 64 bit binaries were bad, they didn't re--write code from scratch, but tried to modify... Of course there is more about flash media file standard itself... For those who doesn't program, portable in this case means: you can define sizes of variables (in bytes) using plain numbers (valid for given architecture, say, i386) when defining variables. Alternatively instead of number, you can use (sizeof(integer)) or (sizeof(string). Then the code can be compiled on different architectures and will have correct sizes of variables for given architecture/ CPU word length (sorry, if name CPU word is not correct - that is what we called it back then...). I just randomly searched and this may give you good feeling of what I meant: http://www.delphibasics.co.uk/RTL.asp?Name=SizeOf Anyway, one more lesson: avoid using poorly written software (even if these are only indications of it being written poorly that you can observe). Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos