Algerian accent.

No explanation of SQL injection or how SQL injection played into this was provided.

That doesn't really explain anything except show you what happens if you're stupid enough to install it. Guess it's not surprising, coming from WebSense and all...

Yes, I vaguely recall having to be concerned about viruses...

/smug Linux user



(although of course SQL injection can affect any web server with inadequate user-input filtering.)

LizaMoon? Never heard of it .

>> ^arvana:

Yes, I vaguely recall having to be concerned about viruses...
/smug Linux user

(although of course SQL injection can affect any web server with inadequate user-input filtering.)

Why would anyone write a virus that targets less than a 5% desktop user base?

click on this
http://www.jupiterbroadcasting.com/?p=6816
look for show notes. there's plenty of stuff about the guts of the attack.

I'm willing to change title if suggested to me

Both Linux and OSX, which share a similar ancestry, are inherently secure. Regardless of the size of their user base, they are never likely to be affected by viruses — if they could be, they would have been long ago.>> ^Truckchase:

Why would anyone write a virus that targets less than a 5% desktop user base?

>> ^arvana:

Both Linux and OSX, which share a similar ancestry, are inherently secure. Regardless of the size of their user base, they are never likely to be affected by viruses — if they could be, they would have been long ago.>> ^Truckchase:
Why would anyone write a virus that targets less than a 5% desktop user base?

Arv, I generally agree with you, (you're a sharp guy! ) but in this case that's simply not true. Security lies in the specifics of a particular implementation, and even the base concepts of this implementation are comparatively untested against this sort of attack. (and rightfully so) I'd argue the point further but that's opening a can of worms that has been opened, discussed, and settled for quite awhile. Note the main reason I brought this up is because I'm a Linux user as well. (as well as all other major OSes) I don't think there is any reason to make (as you admitted) smug comments like that; that attitude has stood as an obstacle to the greater adoption of Linux in the desktop space for years. On top of that broad generalizations representing such a diverse technology environment make baby bunnies cry.

I'm glad you're coding good user input filtering though.

Tags for this video have been changed from 'LizaMoon' to 'LizaMoon, sql injection, malware' - edited by xxovercastxx

>> ^Truckchase:

Why would anyone write a virus that targets less than a 5% desktop user base?

Because it would also target about 80% of all web servers?

Why tamper with kitchen faucets when you can poison the water supply?

*talks

Adding video to channels (Talks) - requested by xxovercastxx.

>> ^xxovercastxx:

>> ^Truckchase:
Why would anyone write a virus that targets less than a 5% desktop user base?
Because it would also target about 80% of all web servers?
Why tamper with kitchen faucets when you can poison the water supply?
talks

Absolutely! That's a different attack vector though; this vid is addressing client side desktop infection. (DDOS bot, "security" blackmail, etc.)

Edit: That said though, great point. It is odd that so much effort goes into client infection. It's unfortunate that default firewalling tech on any client isn't to a L7 packet inspection level yet. It would seem to make any client an easier target. mmmmm..._Computers