View Single Post
Old 31 July 2015, 12:48   #103
son of 68k
meynaf's Avatar
Join Date: Nov 2007
Location: Lyon / France
Age: 45
Posts: 2,893
Originally Posted by kolla View Post
When I hacked remote Amigas (it happened), it was client software I exploited (AmIRC for example, all those scripts people use without thinking of the consequences). If an Amiga had TCP: mounted, executing remote scripts was a breeze. One funny game was to have remote amiga export ram: with netfs, so I could mount it from my amiga, assign my env: to remote env: and play around with system prefs and see confused owners rambling on IRC as their pallette changed or whatever. Back in the days people didn't have NAT to hide behind, today it requires a wee bit more effort. Astonishingly many use default admin passwords on their routers, or the same password for admin user as for their wifi.
Well, let's admit i connect some Amiga and you hack it. What would you do exactly ? Even if I don't close ports in MiamiDx, you will NOT pass.
And should you pass nevertheless, you'd be ejected (by me) as quickly as you entered ! If you can enter - which i seriously doubt - you can not do anything unnoticed.

Originally Posted by kolla View Post
Bottom line is, if you let anything from remote source run on your Amiga, your entire system may be owned within seconds.
... IF you let anything run.
But, boy, if you let anything from a remote source run, your entire system may be owned within seconds... regardless of the machine you use.

... and for me it can also be un-owned within seconds. I disconnect, or even perform ctrl-A-A. Then you lose all control.

Originally Posted by kolla View Post
Maynaf, memory protection helps a lot in terms of limiting what an exploiter can perform on a system, if you think otherwise, then please explain.
Nah, this is reversing the charge of the proof. I don't see any attack done without memory protection, that can not also be done with it.
Remember that all the zombie peecees sending spam all have memory protection. A good firewall does a lot more than memory protection ever did.

Anyway as I said earlier, it's pointless to have "security" when you have no risk of being attacked ! We're in a market niche, remember.

My point of view on memory protection is that it should be an OPTION. What's wrong in that ???
meynaf is offline  
Page generated in 0.04064 seconds with 10 queries