<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article10_03_02_0047249</id>
	<title>Aurora Attack &mdash; Resistance Is Futile, Pretty Much</title>
	<author>kdawson</author>
	<datestamp>1267540560000</datestamp>
	<htmltext>eldavojohn writes <i>"Do you have branch offices in China? iSec has published <a href="https://www.isecpartners.com/files/iSEC\_Aurora\_Response\_Recommendations.pdf">a new report</a> (PDF) outlining the severity of the attacks on Google.cn, allegedly by the Chinese government, dubbed 'Aurora' attacks. Up to 100 companies were victims, and some are speculating that <a href="http://www.theregister.co.uk/2010/03/01/aurora\_resistence\_futile/">resistance to such attacks is futile</a>. The report lays out the shape of the attacks &mdash; which were customized per-company based on installed vulnerable software and antivirus protection: '1. The attacker socially engineers a victim, often in an overseas office, to visit a malicious website. 2. This website uses a browser vulnerability to load custom malware on the initial victim's machine. 3. The malware calls out to a control server, likely identified by a dynamic DNS address. 4. The attacker escalates his privilege on the corporate Windows network, using cached or local administrator credentials. 5. The attacker attempts to access an Active Directory server to obtain the password database, which can be cracked onsite or offsite. 6. The attacker uses cracked credentials to obtain VPN access, or creates a fake user in the VPN access server. 7. At this point, the attack varies based upon the victim. The attacker may steal administrator credentials to access production systems, obtain source code from a source repository, access data hosted at the victim, or explore Intranet sites for valuable intellectual property.' The report also has pages of recommendations as well as lessons learned, which any systems administrator &mdash; even those inside the US &mdash; should read and take note of."</i></htmltext>
<tokenext>eldavojohn writes " Do you have branch offices in China ?
iSec has published a new report ( PDF ) outlining the severity of the attacks on Google.cn , allegedly by the Chinese government , dubbed 'Aurora ' attacks .
Up to 100 companies were victims , and some are speculating that resistance to such attacks is futile .
The report lays out the shape of the attacks    which were customized per-company based on installed vulnerable software and antivirus protection : '1 .
The attacker socially engineers a victim , often in an overseas office , to visit a malicious website .
2. This website uses a browser vulnerability to load custom malware on the initial victim 's machine .
3. The malware calls out to a control server , likely identified by a dynamic DNS address .
4. The attacker escalates his privilege on the corporate Windows network , using cached or local administrator credentials .
5. The attacker attempts to access an Active Directory server to obtain the password database , which can be cracked onsite or offsite .
6. The attacker uses cracked credentials to obtain VPN access , or creates a fake user in the VPN access server .
7. At this point , the attack varies based upon the victim .
The attacker may steal administrator credentials to access production systems , obtain source code from a source repository , access data hosted at the victim , or explore Intranet sites for valuable intellectual property .
' The report also has pages of recommendations as well as lessons learned , which any systems administrator    even those inside the US    should read and take note of .
"</tokentext>
<sentencetext>eldavojohn writes "Do you have branch offices in China?
iSec has published a new report (PDF) outlining the severity of the attacks on Google.cn, allegedly by the Chinese government, dubbed 'Aurora' attacks.
Up to 100 companies were victims, and some are speculating that resistance to such attacks is futile.
The report lays out the shape of the attacks — which were customized per-company based on installed vulnerable software and antivirus protection: '1.
The attacker socially engineers a victim, often in an overseas office, to visit a malicious website.
2. This website uses a browser vulnerability to load custom malware on the initial victim's machine.
3. The malware calls out to a control server, likely identified by a dynamic DNS address.
4. The attacker escalates his privilege on the corporate Windows network, using cached or local administrator credentials.
5. The attacker attempts to access an Active Directory server to obtain the password database, which can be cracked onsite or offsite.
6. The attacker uses cracked credentials to obtain VPN access, or creates a fake user in the VPN access server.
7. At this point, the attack varies based upon the victim.
The attacker may steal administrator credentials to access production systems, obtain source code from a source repository, access data hosted at the victim, or explore Intranet sites for valuable intellectual property.
' The report also has pages of recommendations as well as lessons learned, which any systems administrator — even those inside the US — should read and take note of.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325838</id>
	<title>Re:oh for the love of \_\_\_\_!</title>
	<author>Anonymous</author>
	<datestamp>1267459260000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>As some one who has worked in various places that are of extreme interest to China, I can honestly say that you have do not have a FUCKING clue of what you are talking about. All you are doing is talking out side of your mouth. The simple fact is, that China is spying in a large number of areas. And yes, some of it is very much targeting the WEST's vulnerable areas.</htmltext>
<tokenext>As some one who has worked in various places that are of extreme interest to China , I can honestly say that you have do not have a FUCKING clue of what you are talking about .
All you are doing is talking out side of your mouth .
The simple fact is , that China is spying in a large number of areas .
And yes , some of it is very much targeting the WEST 's vulnerable areas .</tokentext>
<sentencetext>As some one who has worked in various places that are of extreme interest to China, I can honestly say that you have do not have a FUCKING clue of what you are talking about.
All you are doing is talking out side of your mouth.
The simple fact is, that China is spying in a large number of areas.
And yes, some of it is very much targeting the WEST's vulnerable areas.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327074</id>
	<title>Social engineering</title>
	<author>Anonymous</author>
	<datestamp>1267472100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>"The attacker socially engineers a victim, often in an overseas office, to visit a malicious website."</p><p>Hire people with a triple digit IQ...<br>"Why is the page blank?"<br>"Oh, the page I sent you won't work unless you load it in 'x' turn off 'y'"<br>"Ok"</p></htmltext>
<tokenext>" The attacker socially engineers a victim , often in an overseas office , to visit a malicious website .
" Hire people with a triple digit IQ... " Why is the page blank ?
" " Oh , the page I sent you wo n't work unless you load it in 'x ' turn off 'y ' " " Ok "</tokentext>
<sentencetext>"The attacker socially engineers a victim, often in an overseas office, to visit a malicious website.
"Hire people with a triple digit IQ..."Why is the page blank?
""Oh, the page I sent you won't work unless you load it in 'x' turn off 'y'""Ok"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326132</id>
	<title>Though I wish that MacOS were safer,</title>
	<author>Anonymous</author>
	<datestamp>1267462200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><i>The initial route of infection for all of the known attacks has been through exploiting flaws in Internet Explorer or Adobe Acrobat using content hosted on external servers.</i>
<br> <br>
My box has no IE, no Acrobat.  I even use Skim instead of Preview.  Flash is turned off by default in the browsers that I do use.  Back when I worked for someone who needed to use Windows, we would delete IIS from the system, just to be careful.
<br> <br>
On the other hand, if it's an skilled, targeted attack, I would expect a custom exploration of my particular software vulnerabilities.</htmltext>
<tokenext>The initial route of infection for all of the known attacks has been through exploiting flaws in Internet Explorer or Adobe Acrobat using content hosted on external servers .
My box has no IE , no Acrobat .
I even use Skim instead of Preview .
Flash is turned off by default in the browsers that I do use .
Back when I worked for someone who needed to use Windows , we would delete IIS from the system , just to be careful .
On the other hand , if it 's an skilled , targeted attack , I would expect a custom exploration of my particular software vulnerabilities .</tokentext>
<sentencetext>The initial route of infection for all of the known attacks has been through exploiting flaws in Internet Explorer or Adobe Acrobat using content hosted on external servers.
My box has no IE, no Acrobat.
I even use Skim instead of Preview.
Flash is turned off by default in the browsers that I do use.
Back when I worked for someone who needed to use Windows, we would delete IIS from the system, just to be careful.
On the other hand, if it's an skilled, targeted attack, I would expect a custom exploration of my particular software vulnerabilities.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326178</id>
	<title>Asymmetric Warfare</title>
	<author>Anonymous</author>
	<datestamp>1267462620000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p>I read a paper about a decade ago (which I found thanks to Slashdot) describing how China would "hypothetically" wage a war against the US and win without firing a shot. I can't find the paper any more, but it was written by four Chinese generals. Over the last decade things have pretty much played out exactly like the paper laid things out: an economic assault, a propaganda assault, and an electronic assault. If anyone knows the paper I would love to see it again -- I think it even got turned into a book.</p><p>One day, long from now, will people wonder why we didn't see the attack coming until it was way too late?</p></htmltext>
<tokenext>I read a paper about a decade ago ( which I found thanks to Slashdot ) describing how China would " hypothetically " wage a war against the US and win without firing a shot .
I ca n't find the paper any more , but it was written by four Chinese generals .
Over the last decade things have pretty much played out exactly like the paper laid things out : an economic assault , a propaganda assault , and an electronic assault .
If anyone knows the paper I would love to see it again -- I think it even got turned into a book.One day , long from now , will people wonder why we did n't see the attack coming until it was way too late ?</tokentext>
<sentencetext>I read a paper about a decade ago (which I found thanks to Slashdot) describing how China would "hypothetically" wage a war against the US and win without firing a shot.
I can't find the paper any more, but it was written by four Chinese generals.
Over the last decade things have pretty much played out exactly like the paper laid things out: an economic assault, a propaganda assault, and an electronic assault.
If anyone knows the paper I would love to see it again -- I think it even got turned into a book.One day, long from now, will people wonder why we didn't see the attack coming until it was way too late?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328588</id>
	<title>Re:Sounds like resistance is easy.</title>
	<author>ascari</author>
	<datestamp>1267538040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>More careful analysis of the exploit suggests a better mitigation strategy: "Don't use humans".</htmltext>
<tokenext>More careful analysis of the exploit suggests a better mitigation strategy : " Do n't use humans " .</tokentext>
<sentencetext>More careful analysis of the exploit suggests a better mitigation strategy: "Don't use humans".</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325878</id>
	<title>Re:oh for the love of \_\_\_\_!</title>
	<author>Anonymous</author>
	<datestamp>1267459620000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>There is nothing contradictory between your statement and a statement that China is marked by fascism, the panoptic state and low consideration for the propriety of others.</p><p>That IS the definition of a totalitarian state. Total surveillance in public, total surveillance of communication channels, and use of a variety of tiered methods against subversive elements.</p><p>It is also sufficient cause for putting a strangehold on Chinese international trade, including high tariffs. Why should a company that spends tens of millions developing a microprocessor and needs to recoup that cost in their prices have to compete with a Chinese company that got the plans for free?</p></htmltext>
<tokenext>There is nothing contradictory between your statement and a statement that China is marked by fascism , the panoptic state and low consideration for the propriety of others.That IS the definition of a totalitarian state .
Total surveillance in public , total surveillance of communication channels , and use of a variety of tiered methods against subversive elements.It is also sufficient cause for putting a strangehold on Chinese international trade , including high tariffs .
Why should a company that spends tens of millions developing a microprocessor and needs to recoup that cost in their prices have to compete with a Chinese company that got the plans for free ?</tokentext>
<sentencetext>There is nothing contradictory between your statement and a statement that China is marked by fascism, the panoptic state and low consideration for the propriety of others.That IS the definition of a totalitarian state.
Total surveillance in public, total surveillance of communication channels, and use of a variety of tiered methods against subversive elements.It is also sufficient cause for putting a strangehold on Chinese international trade, including high tariffs.
Why should a company that spends tens of millions developing a microprocessor and needs to recoup that cost in their prices have to compete with a Chinese company that got the plans for free?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31340350</id>
	<title>Nearly fell for it</title>
	<author>Anonymous</author>
	<datestamp>1267550100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Wha... ? Oh ! W - i - n -.... Man! You had me going for a moment, there !<nobr> <wbr></nobr>:)</p></htmltext>
<tokenext>Wha... ? Oh !
W - i - n -.... Man ! You had me going for a moment , there !
: )</tokentext>
<sentencetext>Wha... ? Oh !
W - i - n -.... Man! You had me going for a moment, there !
:)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326312</id>
	<title>but there are easier ways</title>
	<author>Anonymous</author>
	<datestamp>1267464060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Isn't google putting in backdoors to their apps per government requirements? Now bend over.</p></htmltext>
<tokenext>Is n't google putting in backdoors to their apps per government requirements ?
Now bend over .</tokentext>
<sentencetext>Isn't google putting in backdoors to their apps per government requirements?
Now bend over.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31330736</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Blakey Rat</author>
	<datestamp>1267549380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><i>Now, in 2010 the web experience "requires" a browser, Flash, Adobe Reader, Java run-time,</i></p><p>In what strange alternate reality does the web require Java in 2010?</p><p>Is Bill Joy President of the United States in your reality?</p></htmltext>
<tokenext>Now , in 2010 the web experience " requires " a browser , Flash , Adobe Reader , Java run-time,In what strange alternate reality does the web require Java in 2010 ? Is Bill Joy President of the United States in your reality ?</tokentext>
<sentencetext>Now, in 2010 the web experience "requires" a browser, Flash, Adobe Reader, Java run-time,In what strange alternate reality does the web require Java in 2010?Is Bill Joy President of the United States in your reality?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325950</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>symbolset</author>
	<datestamp>1267460220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>It's kind of funny because it was over five years ago that Microsoft "got it" and started reducing the attack surface in their operating systems.</p></div><p>Practicing your Monologue on slasdot, Jay?  You know normal people aren't going to get this joke.
</p><p><div class="quote"><p>Non-essential services were disabled by default for instance.</p></div><p>Stop it!  You're killing me!</p></div>
	</htmltext>
<tokenext>It 's kind of funny because it was over five years ago that Microsoft " got it " and started reducing the attack surface in their operating systems.Practicing your Monologue on slasdot , Jay ?
You know normal people are n't going to get this joke .
Non-essential services were disabled by default for instance.Stop it !
You 're killing me !</tokentext>
<sentencetext>It's kind of funny because it was over five years ago that Microsoft "got it" and started reducing the attack surface in their operating systems.Practicing your Monologue on slasdot, Jay?
You know normal people aren't going to get this joke.
Non-essential services were disabled by default for instance.Stop it!
You're killing me!
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326248</id>
	<title>Re:Even better, don't hire humans</title>
	<author>Opportunist</author>
	<datestamp>1267463280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Companies are way ahead of you. Hell, they'd even outsource their malware infections if<nobr> <wbr></nobr>... erh... they even did that it seems...</p></htmltext>
<tokenext>Companies are way ahead of you .
Hell , they 'd even outsource their malware infections if ... erh... they even did that it seems.. .</tokentext>
<sentencetext>Companies are way ahead of you.
Hell, they'd even outsource their malware infections if ... erh... they even did that it seems...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327666</id>
	<title>Re:So for this attack to work.</title>
	<author>Bert64</author>
	<datestamp>1267524960000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>2, or a vulnerable plugin, or socially engineer a user of a fully patched browser (also a security flaw because the user needs the ability to execute arbitrary binaries)...<br>5/5a, active directory as a whole is vulnerable to these kind of attacks, due to design flaws rather than specific bugs that can easily be patched.<br>6, cracking windows passwords is easy once you have the hashes due to the encryption being extremely weak, and it cannot easily be replaced because the encryption algorithm is required for the network authentication processes (see design flaw)... However, you don't even need to crack the hashes, you can use the hashes as they are without cracking them (another design flaw)</p><p>aside from the various design flaws in windows, their marketing is the biggest flaw... windows is marketed as an "easy to use" server platform, where you don't need to hire expensive admins to run it. Now to keep a windows network barely functioning this is true, however to keep one as secure as possible (within the limits imposed by the various fundamental design flaws) you need a significant number of highly skilled staff and (often expensive) third party sotware.. MS would never admit this however, because that would be an admission that windows is about the most expensive platform to maintain across the board.<br>Most companies seem to buy in to the marketing and hire insufficient staff with insufficient skills, as a result you get huge gaps in their setup which can be exploited.</p><p>There is also the lockin issue, companies are often tied to old crufty proprietary apps that cannot be moved to more modern systems, for instance webapps tied to ie6. Had they done their research up front and understood the risks and the future pain it will cause, it's likely they never would have implemented such proprietary systems... However, most companies seem not to understand the risks of lockin and even today are implementing new proprietary applications that will tie them down again. Windows 7 may be "the most secure windows ever", but they said that about nt4 years ago too. In a few years time, windows 7 will be the insecure crufty legacy os thats a thorn in peoples side while ms is pushing everyone to upgrade to the new "more secure" version.</p></htmltext>
<tokenext>2 , or a vulnerable plugin , or socially engineer a user of a fully patched browser ( also a security flaw because the user needs the ability to execute arbitrary binaries ) ...5/5a , active directory as a whole is vulnerable to these kind of attacks , due to design flaws rather than specific bugs that can easily be patched.6 , cracking windows passwords is easy once you have the hashes due to the encryption being extremely weak , and it can not easily be replaced because the encryption algorithm is required for the network authentication processes ( see design flaw ) ... However , you do n't even need to crack the hashes , you can use the hashes as they are without cracking them ( another design flaw ) aside from the various design flaws in windows , their marketing is the biggest flaw... windows is marketed as an " easy to use " server platform , where you do n't need to hire expensive admins to run it .
Now to keep a windows network barely functioning this is true , however to keep one as secure as possible ( within the limits imposed by the various fundamental design flaws ) you need a significant number of highly skilled staff and ( often expensive ) third party sotware.. MS would never admit this however , because that would be an admission that windows is about the most expensive platform to maintain across the board.Most companies seem to buy in to the marketing and hire insufficient staff with insufficient skills , as a result you get huge gaps in their setup which can be exploited.There is also the lockin issue , companies are often tied to old crufty proprietary apps that can not be moved to more modern systems , for instance webapps tied to ie6 .
Had they done their research up front and understood the risks and the future pain it will cause , it 's likely they never would have implemented such proprietary systems... However , most companies seem not to understand the risks of lockin and even today are implementing new proprietary applications that will tie them down again .
Windows 7 may be " the most secure windows ever " , but they said that about nt4 years ago too .
In a few years time , windows 7 will be the insecure crufty legacy os thats a thorn in peoples side while ms is pushing everyone to upgrade to the new " more secure " version .</tokentext>
<sentencetext>2, or a vulnerable plugin, or socially engineer a user of a fully patched browser (also a security flaw because the user needs the ability to execute arbitrary binaries)...5/5a, active directory as a whole is vulnerable to these kind of attacks, due to design flaws rather than specific bugs that can easily be patched.6, cracking windows passwords is easy once you have the hashes due to the encryption being extremely weak, and it cannot easily be replaced because the encryption algorithm is required for the network authentication processes (see design flaw)... However, you don't even need to crack the hashes, you can use the hashes as they are without cracking them (another design flaw)aside from the various design flaws in windows, their marketing is the biggest flaw... windows is marketed as an "easy to use" server platform, where you don't need to hire expensive admins to run it.
Now to keep a windows network barely functioning this is true, however to keep one as secure as possible (within the limits imposed by the various fundamental design flaws) you need a significant number of highly skilled staff and (often expensive) third party sotware.. MS would never admit this however, because that would be an admission that windows is about the most expensive platform to maintain across the board.Most companies seem to buy in to the marketing and hire insufficient staff with insufficient skills, as a result you get huge gaps in their setup which can be exploited.There is also the lockin issue, companies are often tied to old crufty proprietary apps that cannot be moved to more modern systems, for instance webapps tied to ie6.
Had they done their research up front and understood the risks and the future pain it will cause, it's likely they never would have implemented such proprietary systems... However, most companies seem not to understand the risks of lockin and even today are implementing new proprietary applications that will tie them down again.
Windows 7 may be "the most secure windows ever", but they said that about nt4 years ago too.
In a few years time, windows 7 will be the insecure crufty legacy os thats a thorn in peoples side while ms is pushing everyone to upgrade to the new "more secure" version.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328620</id>
	<title>Re:alternative: no-nonsense sandboxing</title>
	<author>karnal</author>
	<datestamp>1267538280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Actually, there's still an attack vector that would exist here.  Credentials.  Specifically, what some attackers would look for would be cool little tidbits of information:</p><p>1.  Bank Account credentials<br>2.  401k/other "wealth" credentials<br>3.  e-mail credentials</p><p>These could all be compromised even in a sandbox....</p></htmltext>
<tokenext>Actually , there 's still an attack vector that would exist here .
Credentials. Specifically , what some attackers would look for would be cool little tidbits of information : 1 .
Bank Account credentials2 .
401k/other " wealth " credentials3 .
e-mail credentialsThese could all be compromised even in a sandbox... .</tokentext>
<sentencetext>Actually, there's still an attack vector that would exist here.
Credentials.  Specifically, what some attackers would look for would be cool little tidbits of information:1.
Bank Account credentials2.
401k/other "wealth" credentials3.
e-mail credentialsThese could all be compromised even in a sandbox....</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327002</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325730</id>
	<title>Re:Sounds like resistance is easy.</title>
	<author>Anonymous</author>
	<datestamp>1267458360000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>the best practices corporate IT departments have been following for years are ineffective against the attacks</p></div><p>Well obviously. Antivirus protects against old, common vectors. But if a company ran (say) ubuntu or (more likely) macos an attacker could still craft an attack against them, as long as they had information on the systems being used.</p></div>
	</htmltext>
<tokenext>the best practices corporate IT departments have been following for years are ineffective against the attacksWell obviously .
Antivirus protects against old , common vectors .
But if a company ran ( say ) ubuntu or ( more likely ) macos an attacker could still craft an attack against them , as long as they had information on the systems being used .</tokentext>
<sentencetext>the best practices corporate IT departments have been following for years are ineffective against the attacksWell obviously.
Antivirus protects against old, common vectors.
But if a company ran (say) ubuntu or (more likely) macos an attacker could still craft an attack against them, as long as they had information on the systems being used.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327002</id>
	<title>alternative: no-nonsense sandboxing</title>
	<author>r00t</author>
	<datestamp>1267471080000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Let's try less crap on our machines that might be vulnerable.</p></div><p>I can agree for performance and cross-platform issues, but proper sandboxing solves the attack surface problem.</p><p>Imagine a web browser that starts up a fresh new virtual PC for each web site, then deletes the machine when you leave the web site. The virtual machine could even run IE 6 on Windows XP without any service packs, and the entire world allowed to run Active X shit without prompting. The virtual PC can get pwned in a fraction of a second every time, and you just don't need to care. Firewalling on the host OS can restrict the guest OS to the intended web site, so you don't need to worry about being a botnet node.</p></div>
	</htmltext>
<tokenext>Let 's try less crap on our machines that might be vulnerable.I can agree for performance and cross-platform issues , but proper sandboxing solves the attack surface problem.Imagine a web browser that starts up a fresh new virtual PC for each web site , then deletes the machine when you leave the web site .
The virtual machine could even run IE 6 on Windows XP without any service packs , and the entire world allowed to run Active X shit without prompting .
The virtual PC can get pwned in a fraction of a second every time , and you just do n't need to care .
Firewalling on the host OS can restrict the guest OS to the intended web site , so you do n't need to worry about being a botnet node .</tokentext>
<sentencetext>Let's try less crap on our machines that might be vulnerable.I can agree for performance and cross-platform issues, but proper sandboxing solves the attack surface problem.Imagine a web browser that starts up a fresh new virtual PC for each web site, then deletes the machine when you leave the web site.
The virtual machine could even run IE 6 on Windows XP without any service packs, and the entire world allowed to run Active X shit without prompting.
The virtual PC can get pwned in a fraction of a second every time, and you just don't need to care.
Firewalling on the host OS can restrict the guest OS to the intended web site, so you don't need to worry about being a botnet node.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331788</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>fysdt</author>
	<datestamp>1267553820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Sounds like advertising to me..<nobr> <wbr></nobr>:)
<br> <br>
1. Google gets attacked<br>
2. Switch to Google Docs for reading PDF's<br>
3.<nobr> <wbr></nobr>...<br>
4. PROFIT!?</htmltext>
<tokenext>Sounds like advertising to me.. : ) 1 .
Google gets attacked 2 .
Switch to Google Docs for reading PDF 's 3 .
.. . 4 .
PROFIT ! ?</tokentext>
<sentencetext>Sounds like advertising to me.. :)
 
1.
Google gets attacked
2.
Switch to Google Docs for reading PDF's
3.
...
4.
PROFIT!?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325698</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326292</id>
	<title>Read the article's last paragraph</title>
	<author>Anonymous</author>
	<datestamp>1267463760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I don't normally read the slashdot articles, but happened to read this one.  Read the last paragraph, it is chilling.</p><p>DK</p></htmltext>
<tokenext>I do n't normally read the slashdot articles , but happened to read this one .
Read the last paragraph , it is chilling.DK</tokentext>
<sentencetext>I don't normally read the slashdot articles, but happened to read this one.
Read the last paragraph, it is chilling.DK</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326400</id>
	<title>I use a Mac</title>
	<author>Anonymous</author>
	<datestamp>1267464900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>with Preview as my pdf reader.  I never use Acrobat.  Does that move me out of the sight picture for this type of attack?</htmltext>
<tokenext>with Preview as my pdf reader .
I never use Acrobat .
Does that move me out of the sight picture for this type of attack ?</tokentext>
<sentencetext>with Preview as my pdf reader.
I never use Acrobat.
Does that move me out of the sight picture for this type of attack?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326014</id>
	<title>Re:So for this attack to work.</title>
	<author>Anonymous</author>
	<datestamp>1267460880000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>And yet they all exist in the majority of all computing systems.</htmltext>
<tokenext>And yet they all exist in the majority of all computing systems .</tokentext>
<sentencetext>And yet they all exist in the majority of all computing systems.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326742</id>
	<title>Brace for impact.</title>
	<author>dweller\_below</author>
	<datestamp>1267468140000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>I imagine most of us are saying: "Not a problem. I don't have anything China wants."</p><p>I wish. This is what hacking looks like now. If you haven't noticed, you haven't been paying attention.</p><p>We asked ourself, which 10 computers would cause us the greatest loss if they were compromised. When we took a hard look at their network traffic, we found an otherwise indetectable compromise. It appears to have been in place for at least 3 months. Just patiently listening and waiting.</p><p>You may want to try the same exercise.</p><p>Organized crime has demonstrated (http://www.ren-isac.net/alerts/banking-attacks\_technical\_201001.html) that patient, disciplined attacks yeild great monetary rewards.</p><p>The Chinese have demonstrated that patient, disciplined attacks are virtually unstoppable.</p><p>What more could any hacker want?</p><p>The most fragile secret is a successful economic model. Once it gets out, EVERYBODY copies it.</p><p>Learn how to defend yourself if you want to survive.</p><p>Miles</p></htmltext>
<tokenext>I imagine most of us are saying : " Not a problem .
I do n't have anything China wants .
" I wish .
This is what hacking looks like now .
If you have n't noticed , you have n't been paying attention.We asked ourself , which 10 computers would cause us the greatest loss if they were compromised .
When we took a hard look at their network traffic , we found an otherwise indetectable compromise .
It appears to have been in place for at least 3 months .
Just patiently listening and waiting.You may want to try the same exercise.Organized crime has demonstrated ( http : //www.ren-isac.net/alerts/banking-attacks \ _technical \ _201001.html ) that patient , disciplined attacks yeild great monetary rewards.The Chinese have demonstrated that patient , disciplined attacks are virtually unstoppable.What more could any hacker want ? The most fragile secret is a successful economic model .
Once it gets out , EVERYBODY copies it.Learn how to defend yourself if you want to survive.Miles</tokentext>
<sentencetext>I imagine most of us are saying: "Not a problem.
I don't have anything China wants.
"I wish.
This is what hacking looks like now.
If you haven't noticed, you haven't been paying attention.We asked ourself, which 10 computers would cause us the greatest loss if they were compromised.
When we took a hard look at their network traffic, we found an otherwise indetectable compromise.
It appears to have been in place for at least 3 months.
Just patiently listening and waiting.You may want to try the same exercise.Organized crime has demonstrated (http://www.ren-isac.net/alerts/banking-attacks\_technical\_201001.html) that patient, disciplined attacks yeild great monetary rewards.The Chinese have demonstrated that patient, disciplined attacks are virtually unstoppable.What more could any hacker want?The most fragile secret is a successful economic model.
Once it gets out, EVERYBODY copies it.Learn how to defend yourself if you want to survive.Miles</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329112</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267541700000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>JavaScript + [ SVG | PNG ] already cover simple animations fairly well. This has been known for a while.</p></htmltext>
<tokenext>JavaScript + [ SVG | PNG ] already cover simple animations fairly well .
This has been known for a while .</tokentext>
<sentencetext>JavaScript + [ SVG | PNG ] already cover simple animations fairly well.
This has been known for a while.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326048</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328366</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>LukePH</author>
	<datestamp>1267534800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>What about <a href="http://en.wikipedia.org/wiki/Animated\_Portable\_Network\_Graphics" title="wikipedia.org" rel="nofollow">APNG</a> [wikipedia.org], also not very well supported (yet?), but much more so then MNG. Yeah I know it's also basically unusable because of the lack of support, but just had to mention it.</htmltext>
<tokenext>What about APNG [ wikipedia.org ] , also not very well supported ( yet ?
) , but much more so then MNG .
Yeah I know it 's also basically unusable because of the lack of support , but just had to mention it .</tokentext>
<sentencetext>What about APNG [wikipedia.org], also not very well supported (yet?
), but much more so then MNG.
Yeah I know it's also basically unusable because of the lack of support, but just had to mention it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326048</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31336198</id>
	<title>Wait wait wait...</title>
	<author>Anonymous</author>
	<datestamp>1267526520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>You say you know what's going on in China because of someone who lives there?  Someone who is, by your very admission, living in an Orwellian Panopticon of government lies and surveillance?  Someone who is telling you the truth as he sees it, certainly, but why do you believe that the information he's gathered is itself true?</p><p>The government of China lies, and it steals information, and it kills its own people en masse...and yet you think it wouldn't sully itself with governmental espionage or industrial sabotage.  All it wants, you say, is to steal information from foreign companies.</p><p>I'm glad we cleared that up.</p></htmltext>
<tokenext>You say you know what 's going on in China because of someone who lives there ?
Someone who is , by your very admission , living in an Orwellian Panopticon of government lies and surveillance ?
Someone who is telling you the truth as he sees it , certainly , but why do you believe that the information he 's gathered is itself true ? The government of China lies , and it steals information , and it kills its own people en masse...and yet you think it would n't sully itself with governmental espionage or industrial sabotage .
All it wants , you say , is to steal information from foreign companies.I 'm glad we cleared that up .</tokentext>
<sentencetext>You say you know what's going on in China because of someone who lives there?
Someone who is, by your very admission, living in an Orwellian Panopticon of government lies and surveillance?
Someone who is telling you the truth as he sees it, certainly, but why do you believe that the information he's gathered is itself true?The government of China lies, and it steals information, and it kills its own people en masse...and yet you think it wouldn't sully itself with governmental espionage or industrial sabotage.
All it wants, you say, is to steal information from foreign companies.I'm glad we cleared that up.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31332696</id>
	<title>Regular hack...</title>
	<author>hesaigo999ca</author>
	<datestamp>1267556820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>They described in steps, the regular hack that happens in everyday hacking.<br>I don't know what they were trying to single out, but most hacks start off with a vulnerability being exploited and then the<br>hacker tends to put into effect means to be able to reconnect using proper credentials.<br>Anyways, using a hole to then log on and create your own account for later seems pretty simple in terms of<br>common sense, but the rest of the way would be to describe how a hacker goes about deleting tracks left behind in order to avoid flagging that the server was compromised. This would show more the effort you need to put into a good hack session.</p></htmltext>
<tokenext>They described in steps , the regular hack that happens in everyday hacking.I do n't know what they were trying to single out , but most hacks start off with a vulnerability being exploited and then thehacker tends to put into effect means to be able to reconnect using proper credentials.Anyways , using a hole to then log on and create your own account for later seems pretty simple in terms ofcommon sense , but the rest of the way would be to describe how a hacker goes about deleting tracks left behind in order to avoid flagging that the server was compromised .
This would show more the effort you need to put into a good hack session .</tokentext>
<sentencetext>They described in steps, the regular hack that happens in everyday hacking.I don't know what they were trying to single out, but most hacks start off with a vulnerability being exploited and then thehacker tends to put into effect means to be able to reconnect using proper credentials.Anyways, using a hole to then log on and create your own account for later seems pretty simple in terms ofcommon sense, but the rest of the way would be to describe how a hacker goes about deleting tracks left behind in order to avoid flagging that the server was compromised.
This would show more the effort you need to put into a good hack session.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326544</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Machtyn</author>
	<datestamp>1267466160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>What about <a href="http://www.docu-track.com/product/pdf-xchange-viewer" title="docu-track.com">PDFXViewer</a> [docu-track.com].  Besides being highly convenient for editing PDF doc's, could also be a way to prevent hijacks?  (I don't know, I'm asking.)</htmltext>
<tokenext>What about PDFXViewer [ docu-track.com ] .
Besides being highly convenient for editing PDF doc 's , could also be a way to prevent hijacks ?
( I do n't know , I 'm asking .
)</tokentext>
<sentencetext>What about PDFXViewer [docu-track.com].
Besides being highly convenient for editing PDF doc's, could also be a way to prevent hijacks?
(I don't know, I'm asking.
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325698</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325850</id>
	<title>Re:oh for the love of \_\_\_\_!</title>
	<author>Anonymous</author>
	<datestamp>1267459380000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Okay, I know an ex-pat who has moved to China and married.</p></div><p>It's refreshing to see such a rock-solid substantiation on Slashdot.</p></div>
	</htmltext>
<tokenext>Okay , I know an ex-pat who has moved to China and married.It 's refreshing to see such a rock-solid substantiation on Slashdot .</tokentext>
<sentencetext>Okay, I know an ex-pat who has moved to China and married.It's refreshing to see such a rock-solid substantiation on Slashdot.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327664</id>
	<title>Re:Sounds like resistance is easy.</title>
	<author>Yvanhoe</author>
	<datestamp>1267524960000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Yeah, the title should be "if you use vulnerable software, resistance is futile". Duh. It looks like people are discovering what "vulnerable" means. They assume you are using a vulnerable browser, on a network with vulnerable servers. In that case, you are pretty much doomed anyway.</htmltext>
<tokenext>Yeah , the title should be " if you use vulnerable software , resistance is futile " .
Duh. It looks like people are discovering what " vulnerable " means .
They assume you are using a vulnerable browser , on a network with vulnerable servers .
In that case , you are pretty much doomed anyway .</tokentext>
<sentencetext>Yeah, the title should be "if you use vulnerable software, resistance is futile".
Duh. It looks like people are discovering what "vulnerable" means.
They assume you are using a vulnerable browser, on a network with vulnerable servers.
In that case, you are pretty much doomed anyway.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326642</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267467120000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>Major attack preventer: <a href="https://chrome.google.com/extensions/detail/nnbmlagghjjcbdhgmkedmbmedengocbn" title="google.com" rel="nofollow">Google docs PDF reader</a> [google.com].</p></div><p>I may be putting a big foot in my mouth but here's the question:  If you preview it using as suggested the google reader aren't you still loading that into memory?  Isn't that simply making it harder to gain attack to the machine in question? What about using a different viewer altogether like foxit/adobe/etc?  Is the security risk the pdf or the software that's running it?  I'd also be curious to know the effectiveness of these pdf attacks on linux hosts.</p><p>Although not feasible for the work environment (or is it?) there are probably many users out there who now surf through virtual machines.  It makes me wonder if perhaps we'll see locked down user terminals with virtual machines configured for personal use.</p><p>I'm in no way affiliated to any of those companies i'm just curious:  Are pdfs truly the security risk the parent made them out to be?  Thanks ahead of time for helping to shed some light on the subject.</p><p>S.</p></div>
	</htmltext>
<tokenext>Major attack preventer : Google docs PDF reader [ google.com ] .I may be putting a big foot in my mouth but here 's the question : If you preview it using as suggested the google reader are n't you still loading that into memory ?
Is n't that simply making it harder to gain attack to the machine in question ?
What about using a different viewer altogether like foxit/adobe/etc ?
Is the security risk the pdf or the software that 's running it ?
I 'd also be curious to know the effectiveness of these pdf attacks on linux hosts.Although not feasible for the work environment ( or is it ?
) there are probably many users out there who now surf through virtual machines .
It makes me wonder if perhaps we 'll see locked down user terminals with virtual machines configured for personal use.I 'm in no way affiliated to any of those companies i 'm just curious : Are pdfs truly the security risk the parent made them out to be ?
Thanks ahead of time for helping to shed some light on the subject.S .</tokentext>
<sentencetext>Major attack preventer: Google docs PDF reader [google.com].I may be putting a big foot in my mouth but here's the question:  If you preview it using as suggested the google reader aren't you still loading that into memory?
Isn't that simply making it harder to gain attack to the machine in question?
What about using a different viewer altogether like foxit/adobe/etc?
Is the security risk the pdf or the software that's running it?
I'd also be curious to know the effectiveness of these pdf attacks on linux hosts.Although not feasible for the work environment (or is it?
) there are probably many users out there who now surf through virtual machines.
It makes me wonder if perhaps we'll see locked down user terminals with virtual machines configured for personal use.I'm in no way affiliated to any of those companies i'm just curious:  Are pdfs truly the security risk the parent made them out to be?
Thanks ahead of time for helping to shed some light on the subject.S.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325698</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326792</id>
	<title>Re:oh for the love of \_\_\_\_!</title>
	<author>Nazlfrag</author>
	<datestamp>1267468620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I'm still not quite getting this government sponsored industrial enspionage. Can someone provide a CIA refrence?</p></htmltext>
<tokenext>I 'm still not quite getting this government sponsored industrial enspionage .
Can someone provide a CIA refrence ?</tokentext>
<sentencetext>I'm still not quite getting this government sponsored industrial enspionage.
Can someone provide a CIA refrence?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331528</id>
	<title>Does this mean ...</title>
	<author>Anonymous</author>
	<datestamp>1267552800000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>that Google must have had a corporate Windoze network and active directory ? That's Evil !<nobr> <wbr></nobr>;-)</p></htmltext>
<tokenext>that Google must have had a corporate Windoze network and active directory ?
That 's Evil !
; - )</tokentext>
<sentencetext>that Google must have had a corporate Windoze network and active directory ?
That's Evil !
;-)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327630</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267524360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>That is easily fixed - as a user just enable Flash, Jave, etc. "on demand". Most web sites I frequent (mostly news, etc.) work just fine without.<br>Now, we can't expect that from all user out there. However, Google should expect that from their employees. After all, they are supposed to be the best and brightest, no?</p></htmltext>
<tokenext>That is easily fixed - as a user just enable Flash , Jave , etc .
" on demand " .
Most web sites I frequent ( mostly news , etc .
) work just fine without.Now , we ca n't expect that from all user out there .
However , Google should expect that from their employees .
After all , they are supposed to be the best and brightest , no ?</tokentext>
<sentencetext>That is easily fixed - as a user just enable Flash, Jave, etc.
"on demand".
Most web sites I frequent (mostly news, etc.
) work just fine without.Now, we can't expect that from all user out there.
However, Google should expect that from their employees.
After all, they are supposed to be the best and brightest, no?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326728</id>
	<title>Re:Packet Filter</title>
	<author>jon3k</author>
	<datestamp>1267468020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You really think they don't use compromised hosts elsewhere to mount these attacks?  Guess where the LEAST likely source address an attack from China would probably come from?  Right.  APNIC address space in China.</htmltext>
<tokenext>You really think they do n't use compromised hosts elsewhere to mount these attacks ?
Guess where the LEAST likely source address an attack from China would probably come from ?
Right. APNIC address space in China .</tokentext>
<sentencetext>You really think they don't use compromised hosts elsewhere to mount these attacks?
Guess where the LEAST likely source address an attack from China would probably come from?
Right.  APNIC address space in China.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326084</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267458720000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>Absolutely.  It's kind of funny because it was over five years ago that Microsoft "got it" and started reducing the attack surface in their operating systems.  Non-essential services were disabled by default for instance.</p><p>Now, in 2010 the web experience "requires" a browser, Flash, Adobe Reader, Java run-time, and potentially a slew of other plug-ins.  Everything from WinZip to the Google Toolbar has a service running in the background to update it periodically, and there's a push for unrelated shit to be bundled with what we try to install.  Download managers are becoming increasingly the norm, with Adobe burying their direct link to Reader and Flash one link further from the "Click Here to Download" link the same week they patched an exploit in it.</p><p>We need to re-think how we compute.  Less is more.  Pick a standard such as HTML5 and stick to it.  No plugins.  (Beyond page-agnostic browser functionality add-ons like Ad-Block Plus.)  No background services, no download managers, no web-extending formats.  If a stock browser less than three years old can't render it, it isn't the web.  If it isn't the web, we don't code for it.  JPG, PNG, and a handful of standardized other formats can be direct linked-to.</p><p>That's not the panacea... it won't solve it all.  But going the way we're going is the wrong direction.  Let's try less crap on our machines that might be vulnerable.</p></htmltext>
<tokenext>Absolutely .
It 's kind of funny because it was over five years ago that Microsoft " got it " and started reducing the attack surface in their operating systems .
Non-essential services were disabled by default for instance.Now , in 2010 the web experience " requires " a browser , Flash , Adobe Reader , Java run-time , and potentially a slew of other plug-ins .
Everything from WinZip to the Google Toolbar has a service running in the background to update it periodically , and there 's a push for unrelated shit to be bundled with what we try to install .
Download managers are becoming increasingly the norm , with Adobe burying their direct link to Reader and Flash one link further from the " Click Here to Download " link the same week they patched an exploit in it.We need to re-think how we compute .
Less is more .
Pick a standard such as HTML5 and stick to it .
No plugins .
( Beyond page-agnostic browser functionality add-ons like Ad-Block Plus .
) No background services , no download managers , no web-extending formats .
If a stock browser less than three years old ca n't render it , it is n't the web .
If it is n't the web , we do n't code for it .
JPG , PNG , and a handful of standardized other formats can be direct linked-to.That 's not the panacea... it wo n't solve it all .
But going the way we 're going is the wrong direction .
Let 's try less crap on our machines that might be vulnerable .</tokentext>
<sentencetext>Absolutely.
It's kind of funny because it was over five years ago that Microsoft "got it" and started reducing the attack surface in their operating systems.
Non-essential services were disabled by default for instance.Now, in 2010 the web experience "requires" a browser, Flash, Adobe Reader, Java run-time, and potentially a slew of other plug-ins.
Everything from WinZip to the Google Toolbar has a service running in the background to update it periodically, and there's a push for unrelated shit to be bundled with what we try to install.
Download managers are becoming increasingly the norm, with Adobe burying their direct link to Reader and Flash one link further from the "Click Here to Download" link the same week they patched an exploit in it.We need to re-think how we compute.
Less is more.
Pick a standard such as HTML5 and stick to it.
No plugins.
(Beyond page-agnostic browser functionality add-ons like Ad-Block Plus.
)  No background services, no download managers, no web-extending formats.
If a stock browser less than three years old can't render it, it isn't the web.
If it isn't the web, we don't code for it.
JPG, PNG, and a handful of standardized other formats can be direct linked-to.That's not the panacea... it won't solve it all.
But going the way we're going is the wrong direction.
Let's try less crap on our machines that might be vulnerable.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328234</id>
	<title>Re:Asymmetric Warfare</title>
	<author>Anonymous</author>
	<datestamp>1267532760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>The name of the paper is"Unrestricted War"and it did have turned into a book.It was written by two generals of the Chinese air force and very popular in the new leftists and nationists of China in the past decade.</p></htmltext>
<tokenext>The name of the paper is " Unrestricted War " and it did have turned into a book.It was written by two generals of the Chinese air force and very popular in the new leftists and nationists of China in the past decade .</tokentext>
<sentencetext>The name of the paper is"Unrestricted War"and it did have turned into a book.It was written by two generals of the Chinese air force and very popular in the new leftists and nationists of China in the past decade.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326178</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326772</id>
	<title>Re:So for this attack to work.</title>
	<author>Anonymous</author>
	<datestamp>1267468380000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Worst security flaw I have seen:<br>A remote win 2k3 terminal server that ran E2 (shop management) AND hosted its database. In order to run E2 on the same system that hosts the database you needed to be amin (this is what I was told). Girls in office would surf the web and click on anything that came in their inbox. system became infected and hours of downtime ensued. I explained the system was a horrible mess and needed to be changed immediately in order to ensure, boss says any downtime is unacceptable, the system needs to stay as-is. Never bothered to help them again. I could not understand how anyone with half a brain thought this was an acceptable setup.</p></htmltext>
<tokenext>Worst security flaw I have seen : A remote win 2k3 terminal server that ran E2 ( shop management ) AND hosted its database .
In order to run E2 on the same system that hosts the database you needed to be amin ( this is what I was told ) .
Girls in office would surf the web and click on anything that came in their inbox .
system became infected and hours of downtime ensued .
I explained the system was a horrible mess and needed to be changed immediately in order to ensure , boss says any downtime is unacceptable , the system needs to stay as-is .
Never bothered to help them again .
I could not understand how anyone with half a brain thought this was an acceptable setup .</tokentext>
<sentencetext>Worst security flaw I have seen:A remote win 2k3 terminal server that ran E2 (shop management) AND hosted its database.
In order to run E2 on the same system that hosts the database you needed to be amin (this is what I was told).
Girls in office would surf the web and click on anything that came in their inbox.
system became infected and hours of downtime ensued.
I explained the system was a horrible mess and needed to be changed immediately in order to ensure, boss says any downtime is unacceptable, the system needs to stay as-is.
Never bothered to help them again.
I could not understand how anyone with half a brain thought this was an acceptable setup.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326362</id>
	<title>Custom Built</title>
	<author>Anonymous</author>
	<datestamp>1267464420000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Well its obvious why all these attacks work in the first place, companies don't use custom built operating systems. Its a lot harder to attack anything when you have no idea what's what. Where everything is based on a single letter and number sequence to get things done such as f8 for internet, or q0 for delete, or r2 to set us up the bomb. Build it from scratch, write out any vulnerabilities or hell, just make sure everything important is on the corporate intranet and anything you might need to work on has to be copied to a separate intranet for VPN access to work from home, don't allow internet access<nobr> <wbr></nobr>:D</p></htmltext>
<tokenext>Well its obvious why all these attacks work in the first place , companies do n't use custom built operating systems .
Its a lot harder to attack anything when you have no idea what 's what .
Where everything is based on a single letter and number sequence to get things done such as f8 for internet , or q0 for delete , or r2 to set us up the bomb .
Build it from scratch , write out any vulnerabilities or hell , just make sure everything important is on the corporate intranet and anything you might need to work on has to be copied to a separate intranet for VPN access to work from home , do n't allow internet access : D</tokentext>
<sentencetext>Well its obvious why all these attacks work in the first place, companies don't use custom built operating systems.
Its a lot harder to attack anything when you have no idea what's what.
Where everything is based on a single letter and number sequence to get things done such as f8 for internet, or q0 for delete, or r2 to set us up the bomb.
Build it from scratch, write out any vulnerabilities or hell, just make sure everything important is on the corporate intranet and anything you might need to work on has to be copied to a separate intranet for VPN access to work from home, don't allow internet access :D</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325776</id>
	<title>Resistence is VERY easy</title>
	<author>Anonymous</author>
	<datestamp>1267458720000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>QUIT RUNNING WINDOWS.
Look, if anybody runs windows on more than their client box (and many would argue even that is stupid), then you deserve what you get. The same set of idiots will design tanks and subs with picture windows.</htmltext>
<tokenext>QUIT RUNNING WINDOWS .
Look , if anybody runs windows on more than their client box ( and many would argue even that is stupid ) , then you deserve what you get .
The same set of idiots will design tanks and subs with picture windows .</tokentext>
<sentencetext>QUIT RUNNING WINDOWS.
Look, if anybody runs windows on more than their client box (and many would argue even that is stupid), then you deserve what you get.
The same set of idiots will design tanks and subs with picture windows.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326070</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267461360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I'd go further. We need a new paradigm in computing.</p><p>We <i>assume</i> the CPU is safe. We <i>assume</i> the OS is safe.  We <i>assume</i> installed software is safe.</p><p>Why do we carry on with those assumptions, when they are plainly false. Why not design and engineer future CPU's, OS's and software assuming they are unsafe?</p></htmltext>
<tokenext>I 'd go further .
We need a new paradigm in computing.We assume the CPU is safe .
We assume the OS is safe .
We assume installed software is safe.Why do we carry on with those assumptions , when they are plainly false .
Why not design and engineer future CPU 's , OS 's and software assuming they are unsafe ?</tokentext>
<sentencetext>I'd go further.
We need a new paradigm in computing.We assume the CPU is safe.
We assume the OS is safe.
We assume installed software is safe.Why do we carry on with those assumptions, when they are plainly false.
Why not design and engineer future CPU's, OS's and software assuming they are unsafe?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326948</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Lorens</author>
	<datestamp>1267470480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Look at capability operating systems like CapROS, interfaces like CapDesk or plash, or the Polaris system newly released by HP (haven't had the time to look at it yet). Basically, in a capability system, every single process is sandboxed in an intuitive way. You the user have big rights, but you do not by default delegate those rights to a program when you launch a program. By default you only want to give it some RAM, a window to communicate with you, and probably a read-only or a read-write version of a file - so that's what the prcess gets as parameters. No blocks as such, just no system calls available other than read/write to parameter n.</p></htmltext>
<tokenext>Look at capability operating systems like CapROS , interfaces like CapDesk or plash , or the Polaris system newly released by HP ( have n't had the time to look at it yet ) .
Basically , in a capability system , every single process is sandboxed in an intuitive way .
You the user have big rights , but you do not by default delegate those rights to a program when you launch a program .
By default you only want to give it some RAM , a window to communicate with you , and probably a read-only or a read-write version of a file - so that 's what the prcess gets as parameters .
No blocks as such , just no system calls available other than read/write to parameter n .</tokentext>
<sentencetext>Look at capability operating systems like CapROS, interfaces like CapDesk or plash, or the Polaris system newly released by HP (haven't had the time to look at it yet).
Basically, in a capability system, every single process is sandboxed in an intuitive way.
You the user have big rights, but you do not by default delegate those rights to a program when you launch a program.
By default you only want to give it some RAM, a window to communicate with you, and probably a read-only or a read-write version of a file - so that's what the prcess gets as parameters.
No blocks as such, just no system calls available other than read/write to parameter n.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326070</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325752</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>EvanED</author>
	<datestamp>1267458480000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p><i>Major attack vector: Acrobat Reader. Security company publishes intrusion analysis in pdf format. If you clicked it, you may be part of the problem.</i></p><p>This is Slashdot. Who clicks on the article links?</p><p>On a serious note, the <a href="https://addons.mozilla.org/en-US/firefox/addon/3199" title="mozilla.org" rel="nofollow">Link Alert</a> [mozilla.org] extension for Firefox will put an icon following links that go to a PDF file. (I know that the<nobr> <wbr></nobr>/. editors kindly put "(PDF)" after it, but to be honest I tuned it out, and if I felt like reading TFA would have just clicked.)</p></htmltext>
<tokenext>Major attack vector : Acrobat Reader .
Security company publishes intrusion analysis in pdf format .
If you clicked it , you may be part of the problem.This is Slashdot .
Who clicks on the article links ? On a serious note , the Link Alert [ mozilla.org ] extension for Firefox will put an icon following links that go to a PDF file .
( I know that the / .
editors kindly put " ( PDF ) " after it , but to be honest I tuned it out , and if I felt like reading TFA would have just clicked .
)</tokentext>
<sentencetext>Major attack vector: Acrobat Reader.
Security company publishes intrusion analysis in pdf format.
If you clicked it, you may be part of the problem.This is Slashdot.
Who clicks on the article links?On a serious note, the Link Alert [mozilla.org] extension for Firefox will put an icon following links that go to a PDF file.
(I know that the /.
editors kindly put "(PDF)" after it, but to be honest I tuned it out, and if I felt like reading TFA would have just clicked.
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326278</id>
	<title>Re:So for this attack to work.</title>
	<author>Tracy Reed</author>
	<datestamp>1267463580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>And you have just described the business network (as opposed to production server network which is of course Linux and by definition far more secure) of pretty much every place I have ever worked.</p></htmltext>
<tokenext>And you have just described the business network ( as opposed to production server network which is of course Linux and by definition far more secure ) of pretty much every place I have ever worked .</tokentext>
<sentencetext>And you have just described the business network (as opposed to production server network which is of course Linux and by definition far more secure) of pretty much every place I have ever worked.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31346158</id>
	<title>Re:Chinese Patience</title>
	<author>Anonymous</author>
	<datestamp>1267634580000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Why not simply burn the documents?<br>Trees can be planted to offset the carbon emissions.</p></htmltext>
<tokenext>Why not simply burn the documents ? Trees can be planted to offset the carbon emissions .</tokentext>
<sentencetext>Why not simply burn the documents?Trees can be planted to offset the carbon emissions.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325970</id>
	<title>Re:So for this attack to work.</title>
	<author>Anonymous</author>
	<datestamp>1267460460000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>1 = 2 = 3 = 4<br>5 = 5 (sic) = running active directory</p></htmltext>
<tokenext>1 = 2 = 3 = 45 = 5 ( sic ) = running active directory</tokentext>
<sentencetext>1 = 2 = 3 = 45 = 5 (sic) = running active directory</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328122</id>
	<title>Re:Even better, don't hire humans</title>
	<author>gozu</author>
	<datestamp>1267531380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>People like you are why I shouldn't be browsing slashdot at work. Don't say stuff that makes me laugh out loud, I'm supposed to be working.</p></htmltext>
<tokenext>People like you are why I should n't be browsing slashdot at work .
Do n't say stuff that makes me laugh out loud , I 'm supposed to be working .</tokentext>
<sentencetext>People like you are why I shouldn't be browsing slashdot at work.
Don't say stuff that makes me laugh out loud, I'm supposed to be working.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326590</id>
	<title>Buzzwords</title>
	<author>Anonymous</author>
	<datestamp>1267466760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Whatever happened to using phrases like "confidence trick" instead of "social engineering"?</p></htmltext>
<tokenext>Whatever happened to using phrases like " confidence trick " instead of " social engineering " ?</tokentext>
<sentencetext>Whatever happened to using phrases like "confidence trick" instead of "social engineering"?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326420</id>
	<title>Re:Even better, don't hire humans</title>
	<author>Anonymous</author>
	<datestamp>1267465080000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext>I disagree...can I have a job?</htmltext>
<tokenext>I disagree...can I have a job ?</tokentext>
<sentencetext>I disagree...can I have a job?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326334</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326454</id>
	<title>Re:SMBs and Cloud Computing</title>
	<author>sumdumass</author>
	<datestamp>1267465380000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>1</modscore>
	<htmltext><p>I hope you weren't counting on a Funny mod because Google was a victim of this attack. IF you were, then I'm sorry that I walked around it. I do not think cloud computing would be the solution to something like this.</p><p>You see, they infiltrated the regular network before infiltrating the servers. Even cloud computing services wouldn't be looking for attacks from inside as it would appear once the workstations were compromised. They basically tricked users into giving them access or visiting a site that took advantage of an exploit to get access on the workstations. From there, it was almost like sitting in the offices that were supposed to be accessing the servers. This would work with or without cloud computing.</p></htmltext>
<tokenext>I hope you were n't counting on a Funny mod because Google was a victim of this attack .
IF you were , then I 'm sorry that I walked around it .
I do not think cloud computing would be the solution to something like this.You see , they infiltrated the regular network before infiltrating the servers .
Even cloud computing services would n't be looking for attacks from inside as it would appear once the workstations were compromised .
They basically tricked users into giving them access or visiting a site that took advantage of an exploit to get access on the workstations .
From there , it was almost like sitting in the offices that were supposed to be accessing the servers .
This would work with or without cloud computing .</tokentext>
<sentencetext>I hope you weren't counting on a Funny mod because Google was a victim of this attack.
IF you were, then I'm sorry that I walked around it.
I do not think cloud computing would be the solution to something like this.You see, they infiltrated the regular network before infiltrating the servers.
Even cloud computing services wouldn't be looking for attacks from inside as it would appear once the workstations were compromised.
They basically tricked users into giving them access or visiting a site that took advantage of an exploit to get access on the workstations.
From there, it was almost like sitting in the offices that were supposed to be accessing the servers.
This would work with or without cloud computing.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326196</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370</id>
	<title>Chinese Patience</title>
	<author>IonOtter</author>
	<datestamp>1267464540000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><p>When I was in the military, we used to shred our secret documents to NSA specs, which is 0.8mm x 4mm.  That's about the same width as the "i" in the subject, and about twice as long.</p><p>In 2002, we were informed that this was <i>not small enough</i>, and now had to run the <i>shredded documents</i> through the <a href="http://en.wikipedia.org/wiki/Hammer\_mill" title="wikipedia.org">hammer mill</a> [wikipedia.org], so everything would be reduced to powder.</p><p>They caught some folks rummaging at the local landfill, looking for the trash bags filled with end of week, end of month and end of year destruction.</p><p>Those people had <a href="http://en.wikipedia.org/wiki/Optical\_microscope#Stereo\_microscope" title="wikipedia.org">stereo microscopes</a> [wikipedia.org] in their homes and apartments, and were reassembling the documents and crypto tapes, one tiny piece at a time.</p><p>The Chinese have existed as a nation for longer than any other civilization on the face of this planet, and they take the "long view" in such things.</p></htmltext>
<tokenext>When I was in the military , we used to shred our secret documents to NSA specs , which is 0.8mm x 4mm .
That 's about the same width as the " i " in the subject , and about twice as long.In 2002 , we were informed that this was not small enough , and now had to run the shredded documents through the hammer mill [ wikipedia.org ] , so everything would be reduced to powder.They caught some folks rummaging at the local landfill , looking for the trash bags filled with end of week , end of month and end of year destruction.Those people had stereo microscopes [ wikipedia.org ] in their homes and apartments , and were reassembling the documents and crypto tapes , one tiny piece at a time.The Chinese have existed as a nation for longer than any other civilization on the face of this planet , and they take the " long view " in such things .</tokentext>
<sentencetext>When I was in the military, we used to shred our secret documents to NSA specs, which is 0.8mm x 4mm.
That's about the same width as the "i" in the subject, and about twice as long.In 2002, we were informed that this was not small enough, and now had to run the shredded documents through the hammer mill [wikipedia.org], so everything would be reduced to powder.They caught some folks rummaging at the local landfill, looking for the trash bags filled with end of week, end of month and end of year destruction.Those people had stereo microscopes [wikipedia.org] in their homes and apartments, and were reassembling the documents and crypto tapes, one tiny piece at a time.The Chinese have existed as a nation for longer than any other civilization on the face of this planet, and they take the "long view" in such things.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327102</id>
	<title>Re:Chinese Patience</title>
	<author>Johnny Mnemonic</author>
	<datestamp>1267472520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You can be sure that it was no accident that "they" "caught" the guys rummaging the trash.  The confirmation is the followup, that included warrants to search the premises of them rummagers to find the microscopes.</p><p>Here's a couple of other things I would infer:<br>-you will never hear from the rummagers again.<br>-the NSA shredded some bogus intelligence and let the rummagers piece it together before busting them.  There's nothing so good as catching someone being clever;  their cleverness and effort deludes them into thinking that what they have is genuine.</p></htmltext>
<tokenext>You can be sure that it was no accident that " they " " caught " the guys rummaging the trash .
The confirmation is the followup , that included warrants to search the premises of them rummagers to find the microscopes.Here 's a couple of other things I would infer : -you will never hear from the rummagers again.-the NSA shredded some bogus intelligence and let the rummagers piece it together before busting them .
There 's nothing so good as catching someone being clever ; their cleverness and effort deludes them into thinking that what they have is genuine .</tokentext>
<sentencetext>You can be sure that it was no accident that "they" "caught" the guys rummaging the trash.
The confirmation is the followup, that included warrants to search the premises of them rummagers to find the microscopes.Here's a couple of other things I would infer:-you will never hear from the rummagers again.-the NSA shredded some bogus intelligence and let the rummagers piece it together before busting them.
There's nothing so good as catching someone being clever;  their cleverness and effort deludes them into thinking that what they have is genuine.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326992</id>
	<title>Hardened Desktop - SELinux?</title>
	<author>mrmeval</author>
	<datestamp>1267470960000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Currently I've been attempting to convert my Fedora system from SELinux working in targeted mode to strict mode. I found that numerous programs I'd like to run and that are provided will not work with SELinux without giving them permission to do insecure functions. So far several programs violate SELinux execmem rules when enforced. There is no way for a non-coder to fix this. One problem for a VLSI IDE I want to run is the TK interpreter 'wish'. Most of the others are 3D tools or games.</p><p>I will at some point weed out that garbage and run this in strict mode. This is a slow process.</p></htmltext>
<tokenext>Currently I 've been attempting to convert my Fedora system from SELinux working in targeted mode to strict mode .
I found that numerous programs I 'd like to run and that are provided will not work with SELinux without giving them permission to do insecure functions .
So far several programs violate SELinux execmem rules when enforced .
There is no way for a non-coder to fix this .
One problem for a VLSI IDE I want to run is the TK interpreter 'wish' .
Most of the others are 3D tools or games.I will at some point weed out that garbage and run this in strict mode .
This is a slow process .</tokentext>
<sentencetext>Currently I've been attempting to convert my Fedora system from SELinux working in targeted mode to strict mode.
I found that numerous programs I'd like to run and that are provided will not work with SELinux without giving them permission to do insecure functions.
So far several programs violate SELinux execmem rules when enforced.
There is no way for a non-coder to fix this.
One problem for a VLSI IDE I want to run is the TK interpreter 'wish'.
Most of the others are 3D tools or games.I will at some point weed out that garbage and run this in strict mode.
This is a slow process.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327934</id>
	<title>Re:Sounds like resistance is easy.</title>
	<author>wvmarle</author>
	<datestamp>1267528920000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Well the problem seems to be far more than just a pdf or a Windows vulnerability. Scariest part in the list from TFS:</p><p><div class="quote"><p>5. The attacker attempts to access an Active Directory server to obtain the password database, which can be cracked onsite or offsite.</p></div><p>The question I have now is: why is it so easy to crack those passwords? (apparently easier than tricking someone in giving their password or installing keyloggers: that means it's quite easy). I thought passwords were normally stored as one-way hashes, and those are really tough to crack.
</p><p>Dictionary attacks of course are easy (just calculate the hashes of a dictionary and compare), but in this case I may assume that they were after sysadmin passwords which again I may assume are proper passwords, and not vulnerable to dictionary attach.
</p><p>So like (all) successful attacks there must be an array of vulnerabilities in all the layers of security in those systems.
</p><p>Getting into the single desktop as logged-in user shouldn't happen: vulnerability 1.
</p><p>Getting into a single desktop as the logged-in user should not give you full control over that desktop. Vulnerability 2.
</p><p>Getting full control over the desktop should not give you access to an AD server (in order to download that database). Vulnerability 3.
</p><p>Downloading the (encrypted I may hope) AD password database should not give you the passwords: modern encryption technology is strong enough to prevent that for all practical reasons.
</p><p>If I understand this sequence of events correctly there have to be at least four security vulnerabilities. Not just one. But four layers of security that have been punched open, and not once but apparently on large scale. That is a bad sign for overall security.</p></div>
	</htmltext>
<tokenext>Well the problem seems to be far more than just a pdf or a Windows vulnerability .
Scariest part in the list from TFS : 5 .
The attacker attempts to access an Active Directory server to obtain the password database , which can be cracked onsite or offsite.The question I have now is : why is it so easy to crack those passwords ?
( apparently easier than tricking someone in giving their password or installing keyloggers : that means it 's quite easy ) .
I thought passwords were normally stored as one-way hashes , and those are really tough to crack .
Dictionary attacks of course are easy ( just calculate the hashes of a dictionary and compare ) , but in this case I may assume that they were after sysadmin passwords which again I may assume are proper passwords , and not vulnerable to dictionary attach .
So like ( all ) successful attacks there must be an array of vulnerabilities in all the layers of security in those systems .
Getting into the single desktop as logged-in user should n't happen : vulnerability 1 .
Getting into a single desktop as the logged-in user should not give you full control over that desktop .
Vulnerability 2 .
Getting full control over the desktop should not give you access to an AD server ( in order to download that database ) .
Vulnerability 3 .
Downloading the ( encrypted I may hope ) AD password database should not give you the passwords : modern encryption technology is strong enough to prevent that for all practical reasons .
If I understand this sequence of events correctly there have to be at least four security vulnerabilities .
Not just one .
But four layers of security that have been punched open , and not once but apparently on large scale .
That is a bad sign for overall security .</tokentext>
<sentencetext>Well the problem seems to be far more than just a pdf or a Windows vulnerability.
Scariest part in the list from TFS:5.
The attacker attempts to access an Active Directory server to obtain the password database, which can be cracked onsite or offsite.The question I have now is: why is it so easy to crack those passwords?
(apparently easier than tricking someone in giving their password or installing keyloggers: that means it's quite easy).
I thought passwords were normally stored as one-way hashes, and those are really tough to crack.
Dictionary attacks of course are easy (just calculate the hashes of a dictionary and compare), but in this case I may assume that they were after sysadmin passwords which again I may assume are proper passwords, and not vulnerable to dictionary attach.
So like (all) successful attacks there must be an array of vulnerabilities in all the layers of security in those systems.
Getting into the single desktop as logged-in user shouldn't happen: vulnerability 1.
Getting into a single desktop as the logged-in user should not give you full control over that desktop.
Vulnerability 2.
Getting full control over the desktop should not give you access to an AD server (in order to download that database).
Vulnerability 3.
Downloading the (encrypted I may hope) AD password database should not give you the passwords: modern encryption technology is strong enough to prevent that for all practical reasons.
If I understand this sequence of events correctly there have to be at least four security vulnerabilities.
Not just one.
But four layers of security that have been punched open, and not once but apparently on large scale.
That is a bad sign for overall security.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327746</id>
	<title>Re:Chinese Patience</title>
	<author>Bert64</author>
	<datestamp>1267526280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I just shred with a generic  desktop shredder, and then set fire to the resulting bundle of paper scraps.</p></htmltext>
<tokenext>I just shred with a generic desktop shredder , and then set fire to the resulting bundle of paper scraps .</tokentext>
<sentencetext>I just shred with a generic  desktop shredder, and then set fire to the resulting bundle of paper scraps.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326196</id>
	<title>SMBs and Cloud Computing</title>
	<author>sp3d2orbit</author>
	<datestamp>1267462800000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>The paper says that small and medium sized businesses are often targets and that they rarely have the resources to mitigate the attacks. Seems to me like this is a great reason to move to cloud computing. I would think 99\% of businesses would be better off letting Google protect their servers than trying to find away around these attacks themselves.</p></htmltext>
<tokenext>The paper says that small and medium sized businesses are often targets and that they rarely have the resources to mitigate the attacks .
Seems to me like this is a great reason to move to cloud computing .
I would think 99 \ % of businesses would be better off letting Google protect their servers than trying to find away around these attacks themselves .</tokentext>
<sentencetext>The paper says that small and medium sized businesses are often targets and that they rarely have the resources to mitigate the attacks.
Seems to me like this is a great reason to move to cloud computing.
I would think 99\% of businesses would be better off letting Google protect their servers than trying to find away around these attacks themselves.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327736</id>
	<title>Re:Though I wish that MacOS were safer,</title>
	<author>Bert64</author>
	<datestamp>1267526040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You aren't worth the effort of exploiting...<br>You probably don't use that machine as a workstation in a significantly sized company/government department... And if you do, then attacking you is a waste of time because any such company will have plenty of windows machines floating around which will be a lot easier to exploit and likely hold all the data an attacker might want anyway.</p></htmltext>
<tokenext>You are n't worth the effort of exploiting...You probably do n't use that machine as a workstation in a significantly sized company/government department... And if you do , then attacking you is a waste of time because any such company will have plenty of windows machines floating around which will be a lot easier to exploit and likely hold all the data an attacker might want anyway .</tokentext>
<sentencetext>You aren't worth the effort of exploiting...You probably don't use that machine as a workstation in a significantly sized company/government department... And if you do, then attacking you is a waste of time because any such company will have plenty of windows machines floating around which will be a lot easier to exploit and likely hold all the data an attacker might want anyway.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326132</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326628</id>
	<title>Re:SMBs and Cloud Computing</title>
	<author>Anonymous</author>
	<datestamp>1267467000000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>I would think 99\% of businesses would be better off letting Google protect their servers than trying to find away around these attacks themselves.</p></div><p>Hunh?  Didn't this all come to light because Google's ran afoul the exploit?</p></div>
	</htmltext>
<tokenext>I would think 99 \ % of businesses would be better off letting Google protect their servers than trying to find away around these attacks themselves.Hunh ?
Did n't this all come to light because Google 's ran afoul the exploit ?</tokentext>
<sentencetext>I would think 99\% of businesses would be better off letting Google protect their servers than trying to find away around these attacks themselves.Hunh?
Didn't this all come to light because Google's ran afoul the exploit?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326196</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326318</id>
	<title>Re:So for this attack to work.</title>
	<author>Opportunist</author>
	<datestamp>1267464060000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>A lot of failures, and all of them are at work in most companies.</p><p>Vulnerable browser? A necessity, since most company-intern webpages are geared for IE (sometimes even an ancient version of IE because the adaptation for the quirks of newer versions take time), and of course programmed by the cheapest idiot who didn't test for any other browser. Let's be happy that it at least works with IE... if only with version 6.</p><p>Vulnerable to priv escalation? A given in most companies. You usually have the cheapest admins, and too few of them. You'd be amazed how much resistance you get for anything that could remotely increase security (and, unfortunately bundled with it, decreases comfort and ease of access). And you'd be amazed just how little the common Windows administrator knows about Windows in the first place.</p><p>Network vulnerable to this? A given as well. Security often ends at the company firewall. Behind it, inside the company, you'll rarely find any sensible segmentation or protection. It's actually very common that machines are fully accessable across the whole network.</p><p>Accessing AD server database? C'mon, do I have to go into detail? You don't think servers are any better protected against "inside jobs" as the rest of the network, do you?</p></htmltext>
<tokenext>A lot of failures , and all of them are at work in most companies.Vulnerable browser ?
A necessity , since most company-intern webpages are geared for IE ( sometimes even an ancient version of IE because the adaptation for the quirks of newer versions take time ) , and of course programmed by the cheapest idiot who did n't test for any other browser .
Let 's be happy that it at least works with IE... if only with version 6.Vulnerable to priv escalation ?
A given in most companies .
You usually have the cheapest admins , and too few of them .
You 'd be amazed how much resistance you get for anything that could remotely increase security ( and , unfortunately bundled with it , decreases comfort and ease of access ) .
And you 'd be amazed just how little the common Windows administrator knows about Windows in the first place.Network vulnerable to this ?
A given as well .
Security often ends at the company firewall .
Behind it , inside the company , you 'll rarely find any sensible segmentation or protection .
It 's actually very common that machines are fully accessable across the whole network.Accessing AD server database ?
C'mon , do I have to go into detail ?
You do n't think servers are any better protected against " inside jobs " as the rest of the network , do you ?</tokentext>
<sentencetext>A lot of failures, and all of them are at work in most companies.Vulnerable browser?
A necessity, since most company-intern webpages are geared for IE (sometimes even an ancient version of IE because the adaptation for the quirks of newer versions take time), and of course programmed by the cheapest idiot who didn't test for any other browser.
Let's be happy that it at least works with IE... if only with version 6.Vulnerable to priv escalation?
A given in most companies.
You usually have the cheapest admins, and too few of them.
You'd be amazed how much resistance you get for anything that could remotely increase security (and, unfortunately bundled with it, decreases comfort and ease of access).
And you'd be amazed just how little the common Windows administrator knows about Windows in the first place.Network vulnerable to this?
A given as well.
Security often ends at the company firewall.
Behind it, inside the company, you'll rarely find any sensible segmentation or protection.
It's actually very common that machines are fully accessable across the whole network.Accessing AD server database?
C'mon, do I have to go into detail?
You don't think servers are any better protected against "inside jobs" as the rest of the network, do you?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722</id>
	<title>Even better, don't hire humans</title>
	<author>Anonymous</author>
	<datestamp>1267458300000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext>Humans are the biggest weakness in the chain.  Don't hire them, or at least hire the most non-people types you can.  Hire the non-team players and the ones that argue with everyone.  When someone calls them and asks them to go to a web site, they'll say screw you and hang up.</htmltext>
<tokenext>Humans are the biggest weakness in the chain .
Do n't hire them , or at least hire the most non-people types you can .
Hire the non-team players and the ones that argue with everyone .
When someone calls them and asks them to go to a web site , they 'll say screw you and hang up .</tokentext>
<sentencetext>Humans are the biggest weakness in the chain.
Don't hire them, or at least hire the most non-people types you can.
Hire the non-team players and the ones that argue with everyone.
When someone calls them and asks them to go to a web site, they'll say screw you and hang up.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326472</id>
	<title>Useless filter.</title>
	<author>FooAtWFU</author>
	<datestamp>1267465560000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext>And get 0wned by a zombie in Switzerland or Dubai or Schenectady or something.</htmltext>
<tokenext>And get 0wned by a zombie in Switzerland or Dubai or Schenectady or something .</tokentext>
<sentencetext>And get 0wned by a zombie in Switzerland or Dubai or Schenectady or something.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326084</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325698</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267458120000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext>Major attack preventer: <a href="https://chrome.google.com/extensions/detail/nnbmlagghjjcbdhgmkedmbmedengocbn" title="google.com">Google docs PDF reader</a> [google.com].</htmltext>
<tokenext>Major attack preventer : Google docs PDF reader [ google.com ] .</tokentext>
<sentencetext>Major attack preventer: Google docs PDF reader [google.com].</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327604</id>
	<title>Re:Asymmetric Warfare</title>
	<author>advocate\_one</author>
	<datestamp>1267524060000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><blockquote><div><p>Over the last decade things have pretty much played out exactly like the paper laid things out: an economic assault,</p></div></blockquote><p>and what's really depressing is our own corporations are falling over backwards (outsourcing production, relocating, sourcing goods from China) to help them all in the name of short term profit to make the next quarter's numbers look good. There is no level playing field. The Chinese are deliberately polluting their country and ruining their workers health in order to make their labour and processes so cheap that we can't compete.</p></div>
	</htmltext>
<tokenext>Over the last decade things have pretty much played out exactly like the paper laid things out : an economic assault,and what 's really depressing is our own corporations are falling over backwards ( outsourcing production , relocating , sourcing goods from China ) to help them all in the name of short term profit to make the next quarter 's numbers look good .
There is no level playing field .
The Chinese are deliberately polluting their country and ruining their workers health in order to make their labour and processes so cheap that we ca n't compete .</tokentext>
<sentencetext>Over the last decade things have pretty much played out exactly like the paper laid things out: an economic assault,and what's really depressing is our own corporations are falling over backwards (outsourcing production, relocating, sourcing goods from China) to help them all in the name of short term profit to make the next quarter's numbers look good.
There is no level playing field.
The Chinese are deliberately polluting their country and ruining their workers health in order to make their labour and processes so cheap that we can't compete.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326178</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327956</id>
	<title>Re:oh for the love of \_\_\_\_!</title>
	<author>wvmarle</author>
	<datestamp>1267529340000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The Chinese definitely have the desire to innovate, the ability is still lacking. I see lots of quite innovative products coming out of there (mostly toys and premium items), the problem is that in general they are not thought out well, or just don't work.
</p><p>Back on topic: surveillance of their own people may be one thing, but being "in" foreign systems comes mighty handy in case of a war. Then you can use your existing secret log-ins to do serious cyber-damage to foreign computer systems, breaking communication channels the enemy thinks are safe, or simply listening in on enemy communication.</p></htmltext>
<tokenext>The Chinese definitely have the desire to innovate , the ability is still lacking .
I see lots of quite innovative products coming out of there ( mostly toys and premium items ) , the problem is that in general they are not thought out well , or just do n't work .
Back on topic : surveillance of their own people may be one thing , but being " in " foreign systems comes mighty handy in case of a war .
Then you can use your existing secret log-ins to do serious cyber-damage to foreign computer systems , breaking communication channels the enemy thinks are safe , or simply listening in on enemy communication .</tokentext>
<sentencetext>The Chinese definitely have the desire to innovate, the ability is still lacking.
I see lots of quite innovative products coming out of there (mostly toys and premium items), the problem is that in general they are not thought out well, or just don't work.
Back on topic: surveillance of their own people may be one thing, but being "in" foreign systems comes mighty handy in case of a war.
Then you can use your existing secret log-ins to do serious cyber-damage to foreign computer systems, breaking communication channels the enemy thinks are safe, or simply listening in on enemy communication.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329708</id>
	<title>Can't solve stupid.</title>
	<author>DarthVain</author>
	<datestamp>1267544700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I love how "Step #1" is social engineering. Which can be translated to simply, find some stupid sucker that you can convince to do something they shouldn't be doing.</p><p>You cannot solve stupid.</p><p>No amount of security will prevent intrusion if all you have to do is call up some idiot and get him to turn it off for you.</p><p>The only solution to this is A) Training, or B) Don't hire freaking idiots.</p><p>Difficulty is that idiots are usually cheap labour, and don't particularly care one way or another. One might argue you can still hire idiots, just don't give them access to anything critical. However it today's world that can mean pretty much any network access, which means why bother hiring them as they won't be able to do anything (or even less than before).</p><p>Sadly many times it is the older people closer to retirement, or the very young temporary workers who are most vulnerable. I have personally worked with some people that A) I wonder how they hell they got that job, and B) how the hell they can get ANY job not directly associated with shovels (not including managers).  I think a good litmus test is if the jerk at Bestbuy or Futureshop can Con you, then slowly step away from my computer console, as you are a danger to yourself and others. I find it hard to believe someone could be found without raising suspicion in a company like Google, but I guess every corporate structure has its flaws.</p><p>It also takes a bit of a suspicious mind, critical thinking, and a dash of paranoia. Both my Dad and my Sister fell for that malware that you get by clicking on the website that makes it look like your desktop, and it has an error. It actually took me a few moments to realize that the "error" they were talking about was really that phishing website. I was at somewhat a loss at what to tell them when they asked me how to prevent this in the future. I couldn't exactly tell them not to be suckers. In the end just telling them to pay attention to what they are doing and to be very suspicious of any new website you do not trust.</p><p>(Firmly adjusts tinfoil hat with pride)</p><p>With the amount of jerks out there trying to screw with you, as amazing as it sounds, a tinfoil hat is your best defense. (I mean that figuratively, not literally, though it is fashionable...)</p></htmltext>
<tokenext>I love how " Step # 1 " is social engineering .
Which can be translated to simply , find some stupid sucker that you can convince to do something they should n't be doing.You can not solve stupid.No amount of security will prevent intrusion if all you have to do is call up some idiot and get him to turn it off for you.The only solution to this is A ) Training , or B ) Do n't hire freaking idiots.Difficulty is that idiots are usually cheap labour , and do n't particularly care one way or another .
One might argue you can still hire idiots , just do n't give them access to anything critical .
However it today 's world that can mean pretty much any network access , which means why bother hiring them as they wo n't be able to do anything ( or even less than before ) .Sadly many times it is the older people closer to retirement , or the very young temporary workers who are most vulnerable .
I have personally worked with some people that A ) I wonder how they hell they got that job , and B ) how the hell they can get ANY job not directly associated with shovels ( not including managers ) .
I think a good litmus test is if the jerk at Bestbuy or Futureshop can Con you , then slowly step away from my computer console , as you are a danger to yourself and others .
I find it hard to believe someone could be found without raising suspicion in a company like Google , but I guess every corporate structure has its flaws.It also takes a bit of a suspicious mind , critical thinking , and a dash of paranoia .
Both my Dad and my Sister fell for that malware that you get by clicking on the website that makes it look like your desktop , and it has an error .
It actually took me a few moments to realize that the " error " they were talking about was really that phishing website .
I was at somewhat a loss at what to tell them when they asked me how to prevent this in the future .
I could n't exactly tell them not to be suckers .
In the end just telling them to pay attention to what they are doing and to be very suspicious of any new website you do not trust .
( Firmly adjusts tinfoil hat with pride ) With the amount of jerks out there trying to screw with you , as amazing as it sounds , a tinfoil hat is your best defense .
( I mean that figuratively , not literally , though it is fashionable... )</tokentext>
<sentencetext>I love how "Step #1" is social engineering.
Which can be translated to simply, find some stupid sucker that you can convince to do something they shouldn't be doing.You cannot solve stupid.No amount of security will prevent intrusion if all you have to do is call up some idiot and get him to turn it off for you.The only solution to this is A) Training, or B) Don't hire freaking idiots.Difficulty is that idiots are usually cheap labour, and don't particularly care one way or another.
One might argue you can still hire idiots, just don't give them access to anything critical.
However it today's world that can mean pretty much any network access, which means why bother hiring them as they won't be able to do anything (or even less than before).Sadly many times it is the older people closer to retirement, or the very young temporary workers who are most vulnerable.
I have personally worked with some people that A) I wonder how they hell they got that job, and B) how the hell they can get ANY job not directly associated with shovels (not including managers).
I think a good litmus test is if the jerk at Bestbuy or Futureshop can Con you, then slowly step away from my computer console, as you are a danger to yourself and others.
I find it hard to believe someone could be found without raising suspicion in a company like Google, but I guess every corporate structure has its flaws.It also takes a bit of a suspicious mind, critical thinking, and a dash of paranoia.
Both my Dad and my Sister fell for that malware that you get by clicking on the website that makes it look like your desktop, and it has an error.
It actually took me a few moments to realize that the "error" they were talking about was really that phishing website.
I was at somewhat a loss at what to tell them when they asked me how to prevent this in the future.
I couldn't exactly tell them not to be suckers.
In the end just telling them to pay attention to what they are doing and to be very suspicious of any new website you do not trust.
(Firmly adjusts tinfoil hat with pride)With the amount of jerks out there trying to screw with you, as amazing as it sounds, a tinfoil hat is your best defense.
(I mean that figuratively, not literally, though it is fashionable...)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327078</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>DocHoncho</author>
	<datestamp>1267472160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Ah hahahaha hahaha aHhaa**cough**ahahhahaa</p><p>And you know what else we need?  A pony.  Lots of ponies.</p></htmltext>
<tokenext>Ah hahahaha hahaha aHhaa * * cough * * ahahhahaaAnd you know what else we need ?
A pony .
Lots of ponies .</tokentext>
<sentencetext>Ah hahahaha hahaha aHhaa**cough**ahahhahaaAnd you know what else we need?
A pony.
Lots of ponies.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</id>
	<title>So for this attack to work.</title>
	<author>Anonymous</author>
	<datestamp>1267458840000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>1. You must first find someone using windows who is prone to clicking things without thinking. - ok, I accept that.<br>2. Running a vulnerable browser - Still quite common, First security failure<br>3. Running windows - Still very plausible<br>4. Vulnerable to a privilege escalation exploit - Second security failure<br>5. With a network setup that is vulnerable to this kind of thing - Third security failure<br>5. Then "accessing" an AD server database - Fourth  security failure<br>6. To be cracked - ok</p><p>So for this to work you have to have an insecure browser or other userland app that is easily exploitable (Acrobat), an OS with a privilege escalation flaw and A network that will let someone do things they probably shouldn't, an AD server that is crackable so that you can get at the DB.</p><p>IMHO that is a hell of a lot of failures by the various parties for this to work.</p></htmltext>
<tokenext>1 .
You must first find someone using windows who is prone to clicking things without thinking .
- ok , I accept that.2 .
Running a vulnerable browser - Still quite common , First security failure3 .
Running windows - Still very plausible4 .
Vulnerable to a privilege escalation exploit - Second security failure5 .
With a network setup that is vulnerable to this kind of thing - Third security failure5 .
Then " accessing " an AD server database - Fourth security failure6 .
To be cracked - okSo for this to work you have to have an insecure browser or other userland app that is easily exploitable ( Acrobat ) , an OS with a privilege escalation flaw and A network that will let someone do things they probably should n't , an AD server that is crackable so that you can get at the DB.IMHO that is a hell of a lot of failures by the various parties for this to work .</tokentext>
<sentencetext>1.
You must first find someone using windows who is prone to clicking things without thinking.
- ok, I accept that.2.
Running a vulnerable browser - Still quite common, First security failure3.
Running windows - Still very plausible4.
Vulnerable to a privilege escalation exploit - Second security failure5.
With a network setup that is vulnerable to this kind of thing - Third security failure5.
Then "accessing" an AD server database - Fourth  security failure6.
To be cracked - okSo for this to work you have to have an insecure browser or other userland app that is easily exploitable (Acrobat), an OS with a privilege escalation flaw and A network that will let someone do things they probably shouldn't, an AD server that is crackable so that you can get at the DB.IMHO that is a hell of a lot of failures by the various parties for this to work.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326836</id>
	<title>Re:Chinese Patience</title>
	<author>Anonymous</author>
	<datestamp>1267469040000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>Same thing happened when the Iranians overtook the US Embassy in 1979.  The students pieced the documents back together looking for identities of CIA informants and the like.  <a href="http://www.gwu.edu/~nsarchiv/NSAEBB/NSAEBB21/04-01.htm" title="gwu.edu" rel="nofollow">An example</a> [gwu.edu] of the reconstructed documents is in the National Security Archive at GWU.</p></htmltext>
<tokenext>Same thing happened when the Iranians overtook the US Embassy in 1979 .
The students pieced the documents back together looking for identities of CIA informants and the like .
An example [ gwu.edu ] of the reconstructed documents is in the National Security Archive at GWU .</tokentext>
<sentencetext>Same thing happened when the Iranians overtook the US Embassy in 1979.
The students pieced the documents back together looking for identities of CIA informants and the like.
An example [gwu.edu] of the reconstructed documents is in the National Security Archive at GWU.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326626</id>
	<title>My recommendation - Capability Based Security</title>
	<author>ka9dgx</author>
	<datestamp>1267467000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>This problem was SOLVED by Dennis and Van Horn back in the 1960s, it's called capability based security. You can read more here: <a href="http://old.nabble.com/On-the-Spread-of-the-Capability-Approach-to5608409.html" title="nabble.com">http://old.nabble.com/On-the-Spread-of-the-Capability-Approach-to5608409.html</a> [nabble.com]</p><p>The concept is simple, every process has a list of capabilities handed to it. It doesn't get to do anything not on the list.</p><p>It would be fairly easy to make sane default lists and still have a very usable computer.</p></htmltext>
<tokenext>This problem was SOLVED by Dennis and Van Horn back in the 1960s , it 's called capability based security .
You can read more here : http : //old.nabble.com/On-the-Spread-of-the-Capability-Approach-to5608409.html [ nabble.com ] The concept is simple , every process has a list of capabilities handed to it .
It does n't get to do anything not on the list.It would be fairly easy to make sane default lists and still have a very usable computer .</tokentext>
<sentencetext>This problem was SOLVED by Dennis and Van Horn back in the 1960s, it's called capability based security.
You can read more here: http://old.nabble.com/On-the-Spread-of-the-Capability-Approach-to5608409.html [nabble.com]The concept is simple, every process has a list of capabilities handed to it.
It doesn't get to do anything not on the list.It would be fairly easy to make sane default lists and still have a very usable computer.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327534</id>
	<title>Re:Sounds like resistance is easy.</title>
	<author>Bert64</author>
	<datestamp>1267523040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Which is why a monoculture is so bad... Attackers don't need information on the systems being used, they can just assume that their victims are running windows.<br>If they had to recon their target first to find out what they're running and devise attack methodologies for multiple platforms the attacks would be massively more difficult and less common.</p></htmltext>
<tokenext>Which is why a monoculture is so bad... Attackers do n't need information on the systems being used , they can just assume that their victims are running windows.If they had to recon their target first to find out what they 're running and devise attack methodologies for multiple platforms the attacks would be massively more difficult and less common .</tokentext>
<sentencetext>Which is why a monoculture is so bad... Attackers don't need information on the systems being used, they can just assume that their victims are running windows.If they had to recon their target first to find out what they're running and devise attack methodologies for multiple platforms the attacks would be massively more difficult and less common.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325730</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326512</id>
	<title>Re:Sounds like resistance is easy.</title>
	<author>grcumb</author>
	<datestamp>1267465920000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>[I]f a company ran (say) ubuntu or (more likely) macos an attacker could still craft an attack against them, as long as they had information on the systems being used.</p></div><p>Agreed. These guys know what they're about, and they're willing to invest patience and resources in their attacks.</p><p>That said, reducing the number of attack vectors is a useful and productive exercise. As Schneier loves to point out, the real goal of the security process is to make breaking in cost more than it's worth to the attacker. In this particular case, that puts the cost pretty high indeed. But choosing a more secure OS and simplifying the exposed systems would help a lot.</p><p>The next step would be to reduce the reward derived from a successful attack: a strong auditing process. </p><p>This is rarely considered, except in high-security scenarios, but really, the only really viable defense against this kind of assault is to recognise when you're being attacked (most companies probably never did) and then to take steps to reduce its effectiveness. You'd need to watch who's talking to whom, and who's accessing what data. The cost in man-hours would be significant, but the alternative is to accept that before long there's going to be a Chinese knock-off of your product on the market, competing with yours at a fraction of the price.</p><p>The final step is the least likely: Actively counter-attack. Infiltrate and/or disable the attacker's machines, feed them false information (costing them money as they try to track the source of the failure), and even use official channels (as Google as done) to try to slow them down or take greater pains to conceal themselves.</p></div>
	</htmltext>
<tokenext>[ I ] f a company ran ( say ) ubuntu or ( more likely ) macos an attacker could still craft an attack against them , as long as they had information on the systems being used.Agreed .
These guys know what they 're about , and they 're willing to invest patience and resources in their attacks.That said , reducing the number of attack vectors is a useful and productive exercise .
As Schneier loves to point out , the real goal of the security process is to make breaking in cost more than it 's worth to the attacker .
In this particular case , that puts the cost pretty high indeed .
But choosing a more secure OS and simplifying the exposed systems would help a lot.The next step would be to reduce the reward derived from a successful attack : a strong auditing process .
This is rarely considered , except in high-security scenarios , but really , the only really viable defense against this kind of assault is to recognise when you 're being attacked ( most companies probably never did ) and then to take steps to reduce its effectiveness .
You 'd need to watch who 's talking to whom , and who 's accessing what data .
The cost in man-hours would be significant , but the alternative is to accept that before long there 's going to be a Chinese knock-off of your product on the market , competing with yours at a fraction of the price.The final step is the least likely : Actively counter-attack .
Infiltrate and/or disable the attacker 's machines , feed them false information ( costing them money as they try to track the source of the failure ) , and even use official channels ( as Google as done ) to try to slow them down or take greater pains to conceal themselves .</tokentext>
<sentencetext>[I]f a company ran (say) ubuntu or (more likely) macos an attacker could still craft an attack against them, as long as they had information on the systems being used.Agreed.
These guys know what they're about, and they're willing to invest patience and resources in their attacks.That said, reducing the number of attack vectors is a useful and productive exercise.
As Schneier loves to point out, the real goal of the security process is to make breaking in cost more than it's worth to the attacker.
In this particular case, that puts the cost pretty high indeed.
But choosing a more secure OS and simplifying the exposed systems would help a lot.The next step would be to reduce the reward derived from a successful attack: a strong auditing process.
This is rarely considered, except in high-security scenarios, but really, the only really viable defense against this kind of assault is to recognise when you're being attacked (most companies probably never did) and then to take steps to reduce its effectiveness.
You'd need to watch who's talking to whom, and who's accessing what data.
The cost in man-hours would be significant, but the alternative is to accept that before long there's going to be a Chinese knock-off of your product on the market, competing with yours at a fraction of the price.The final step is the least likely: Actively counter-attack.
Infiltrate and/or disable the attacker's machines, feed them false information (costing them money as they try to track the source of the failure), and even use official channels (as Google as done) to try to slow them down or take greater pains to conceal themselves.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325730</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325870</id>
	<title>Re:oh for the love of \_\_\_\_!</title>
	<author>Anonymous</author>
	<datestamp>1267459560000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>They are also interested in industrial espionage against specific high-value targets that have technology that China cannot replicate with its limited (though rapidly growing) infrastructure. China is very good at copying technology. It has very little ability (or desire) to innovate.</p></div><p>For this point - this is how economies work by import replacement, which then causes modifications on that product they replaced, making a new product (a division of that work).  To think that any economy over the course of human history simply invents something without anything before it (except maybe fire), ignores the way markets are.  The USA did it and the Japanese did it and in turn rapidly expanded their economies and markets.</p></div>
	</htmltext>
<tokenext>They are also interested in industrial espionage against specific high-value targets that have technology that China can not replicate with its limited ( though rapidly growing ) infrastructure .
China is very good at copying technology .
It has very little ability ( or desire ) to innovate.For this point - this is how economies work by import replacement , which then causes modifications on that product they replaced , making a new product ( a division of that work ) .
To think that any economy over the course of human history simply invents something without anything before it ( except maybe fire ) , ignores the way markets are .
The USA did it and the Japanese did it and in turn rapidly expanded their economies and markets .</tokentext>
<sentencetext>They are also interested in industrial espionage against specific high-value targets that have technology that China cannot replicate with its limited (though rapidly growing) infrastructure.
China is very good at copying technology.
It has very little ability (or desire) to innovate.For this point - this is how economies work by import replacement, which then causes modifications on that product they replaced, making a new product (a division of that work).
To think that any economy over the course of human history simply invents something without anything before it (except maybe fire), ignores the way markets are.
The USA did it and the Japanese did it and in turn rapidly expanded their economies and markets.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</id>
	<title>oh for the love of \_\_\_\_!</title>
	<author>Anonymous</author>
	<datestamp>1267458240000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>Okay, I know an ex-pat who has moved to China and married. I have a much better understanding of the current state of technology and governmental oversight there than most here. Let's clear some things up:</p><p>The government closely monitors it citizens using every form of surveillance available in public places (which include the internet) to ensure that they are not acting in a fashion the government defines as "subversive". They aren't interested in international cyber-terrorism. They simply realize that they need to be where their citizens are to maintain the umbrella of surveillance. They're not trying to blow up power plants or destroy financial markets, or engage in other acts of cyber-terrorism. They are simply of the mindset that the internet lacks geographical boundaries, and hence treat it somewhat like international waters, and regularily patrol and conduct intrusions on remote systems for the purpose of effecting surveillance on its own citizens.</p><p>They are also interested in industrial espionage against specific high-value targets that have technology that China cannot replicate with its limited (though rapidly growing) infrastructure. China is very good at copying technology. It has very little ability (or desire) to innovate. They are focused primarily on a massive modernization program so as to set themselves up to compete with the EU, US, and south asian markets. Hong Kong is about the only ace they have up their sleeve right now there. So they conduct limited cyber attacks for the purpose of acquiring the information and designs to manufacture technologies that are highly intricate (such as microprocessor design).</p><p>This is not a statement on the validity of any sovereignty claims, or a moral judgement on China's state-sponsored activities on the global communications networks, merely an statement of their motivations.</p></htmltext>
<tokenext>Okay , I know an ex-pat who has moved to China and married .
I have a much better understanding of the current state of technology and governmental oversight there than most here .
Let 's clear some things up : The government closely monitors it citizens using every form of surveillance available in public places ( which include the internet ) to ensure that they are not acting in a fashion the government defines as " subversive " .
They are n't interested in international cyber-terrorism .
They simply realize that they need to be where their citizens are to maintain the umbrella of surveillance .
They 're not trying to blow up power plants or destroy financial markets , or engage in other acts of cyber-terrorism .
They are simply of the mindset that the internet lacks geographical boundaries , and hence treat it somewhat like international waters , and regularily patrol and conduct intrusions on remote systems for the purpose of effecting surveillance on its own citizens.They are also interested in industrial espionage against specific high-value targets that have technology that China can not replicate with its limited ( though rapidly growing ) infrastructure .
China is very good at copying technology .
It has very little ability ( or desire ) to innovate .
They are focused primarily on a massive modernization program so as to set themselves up to compete with the EU , US , and south asian markets .
Hong Kong is about the only ace they have up their sleeve right now there .
So they conduct limited cyber attacks for the purpose of acquiring the information and designs to manufacture technologies that are highly intricate ( such as microprocessor design ) .This is not a statement on the validity of any sovereignty claims , or a moral judgement on China 's state-sponsored activities on the global communications networks , merely an statement of their motivations .</tokentext>
<sentencetext>Okay, I know an ex-pat who has moved to China and married.
I have a much better understanding of the current state of technology and governmental oversight there than most here.
Let's clear some things up:The government closely monitors it citizens using every form of surveillance available in public places (which include the internet) to ensure that they are not acting in a fashion the government defines as "subversive".
They aren't interested in international cyber-terrorism.
They simply realize that they need to be where their citizens are to maintain the umbrella of surveillance.
They're not trying to blow up power plants or destroy financial markets, or engage in other acts of cyber-terrorism.
They are simply of the mindset that the internet lacks geographical boundaries, and hence treat it somewhat like international waters, and regularily patrol and conduct intrusions on remote systems for the purpose of effecting surveillance on its own citizens.They are also interested in industrial espionage against specific high-value targets that have technology that China cannot replicate with its limited (though rapidly growing) infrastructure.
China is very good at copying technology.
It has very little ability (or desire) to innovate.
They are focused primarily on a massive modernization program so as to set themselves up to compete with the EU, US, and south asian markets.
Hong Kong is about the only ace they have up their sleeve right now there.
So they conduct limited cyber attacks for the purpose of acquiring the information and designs to manufacture technologies that are highly intricate (such as microprocessor design).This is not a statement on the validity of any sovereignty claims, or a moral judgement on China's state-sponsored activities on the global communications networks, merely an statement of their motivations.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331656</id>
	<title>Re:Even better, don't hire humans</title>
	<author>sjames</author>
	<datestamp>1267553280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Hire people who can resist a <a href="http://news.bbc.co.uk/2/hi/technology/3639679.stm" title="bbc.co.uk">candy bar</a> [bbc.co.uk]!</p></htmltext>
<tokenext>Hire people who can resist a candy bar [ bbc.co.uk ] !</tokentext>
<sentencetext>Hire people who can resist a candy bar [bbc.co.uk]!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638</id>
	<title>Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267457760000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext>Major attack vector: Acrobat Reader.  Security company publishes intrusion analysis in pdf format.  If you clicked it, you may be part of the problem.</htmltext>
<tokenext>Major attack vector : Acrobat Reader .
Security company publishes intrusion analysis in pdf format .
If you clicked it , you may be part of the problem .</tokentext>
<sentencetext>Major attack vector: Acrobat Reader.
Security company publishes intrusion analysis in pdf format.
If you clicked it, you may be part of the problem.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325734</id>
	<title>Re:Sounds like resistance is easy.</title>
	<author>Anonymous</author>
	<datestamp>1267458360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Because there are tons of other options when developing a corporate network.</p></htmltext>
<tokenext>Because there are tons of other options when developing a corporate network .</tokentext>
<sentencetext>Because there are tons of other options when developing a corporate network.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328788</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>hey!</author>
	<datestamp>1267539660000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>I disagree. What we need to do is compartmentalize.</p><p>Why do you have to use the same system to browse the corporate intranet over VPN and handle personal web browsing? Each of these activities should take place on a different virtual machine on a different virtual network.  Then you watch the virtual/host interfaces like a hawk.</p><p>This is not an airtight strategy -- there is no such thing.  What it does is buys time and spreads the footprint of the attack.</p><p>It's not entirely convenient.  But you can focus your security attention on mechanisms you use to move data between different security universes.<br>Companies seriously interested in security also really need a solid cryptographic infrastructure, including two factor security with a hardware component, and revocable trust.  That's not convenient either.</p></htmltext>
<tokenext>I disagree .
What we need to do is compartmentalize.Why do you have to use the same system to browse the corporate intranet over VPN and handle personal web browsing ?
Each of these activities should take place on a different virtual machine on a different virtual network .
Then you watch the virtual/host interfaces like a hawk.This is not an airtight strategy -- there is no such thing .
What it does is buys time and spreads the footprint of the attack.It 's not entirely convenient .
But you can focus your security attention on mechanisms you use to move data between different security universes.Companies seriously interested in security also really need a solid cryptographic infrastructure , including two factor security with a hardware component , and revocable trust .
That 's not convenient either .</tokentext>
<sentencetext>I disagree.
What we need to do is compartmentalize.Why do you have to use the same system to browse the corporate intranet over VPN and handle personal web browsing?
Each of these activities should take place on a different virtual machine on a different virtual network.
Then you watch the virtual/host interfaces like a hawk.This is not an airtight strategy -- there is no such thing.
What it does is buys time and spreads the footprint of the attack.It's not entirely convenient.
But you can focus your security attention on mechanisms you use to move data between different security universes.Companies seriously interested in security also really need a solid cryptographic infrastructure, including two factor security with a hardware component, and revocable trust.
That's not convenient either.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326296</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267463820000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>1</modscore>
	<htmltext><p>I don't have a service for every thing I've installed to update it, because, like any decent OS, the system package manger handles all that in one central, elegant, secure, and user-friendly system called 'apt'.</p><p>Practice safe computing.  Use a 'buntu.</p></htmltext>
<tokenext>I do n't have a service for every thing I 've installed to update it , because , like any decent OS , the system package manger handles all that in one central , elegant , secure , and user-friendly system called 'apt'.Practice safe computing .
Use a 'buntu .</tokentext>
<sentencetext>I don't have a service for every thing I've installed to update it, because, like any decent OS, the system package manger handles all that in one central, elegant, secure, and user-friendly system called 'apt'.Practice safe computing.
Use a 'buntu.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664</id>
	<title>Sounds like resistance is easy.</title>
	<author>Kludge</author>
	<datestamp>1267457940000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>Just don't use MS Windows.</p></htmltext>
<tokenext>Just do n't use MS Windows .</tokentext>
<sentencetext>Just don't use MS Windows.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31334548</id>
	<title>Re:Chinese Patience</title>
	<author>Anonymous</author>
	<datestamp>1267520520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>And if you burned the papers, they would read the smoke signals.</p></htmltext>
<tokenext>And if you burned the papers , they would read the smoke signals .</tokentext>
<sentencetext>And if you burned the papers, they would read the smoke signals.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327480</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>c-reus</author>
	<datestamp>1267522260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>yeah, let's put DRM in CPU, OS and in installed software! It's the only way to be sure.<br>&lt;/sarcasm&gt;</p></htmltext>
<tokenext>yeah , let 's put DRM in CPU , OS and in installed software !
It 's the only way to be sure .</tokentext>
<sentencetext>yeah, let's put DRM in CPU, OS and in installed software!
It's the only way to be sure.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326070</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327904</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267528680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>No background services[...]<br>-&gt; if you take off all the useless shit working in background you'd  then have a hard time justifying why anyone still needs to buy a 3GHz Dual-Core with 4Gigs of RAM for the basic desktop use (browsing / word &amp; spreadsheet processing)...</p></htmltext>
<tokenext>No background services [ ... ] - &gt; if you take off all the useless shit working in background you 'd then have a hard time justifying why anyone still needs to buy a 3GHz Dual-Core with 4Gigs of RAM for the basic desktop use ( browsing / word &amp; spreadsheet processing ) .. .</tokentext>
<sentencetext>No background services[...]-&gt; if you take off all the useless shit working in background you'd  then have a hard time justifying why anyone still needs to buy a 3GHz Dual-Core with 4Gigs of RAM for the basic desktop use (browsing / word &amp; spreadsheet processing)...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31330540</id>
	<title>Re:So for this attack to work.</title>
	<author>Anonymous</author>
	<datestamp>1267548540000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>1. You must first find someone using windows who is prone to clicking things without thinking. - ok, I accept that.</p></div><p>You've already missed the point - the emails are targeted.  We're not talking Nigerian scam here; think about a email from your boss regarding a project you've been working on...</p><p><div class="quote"><p>2. Running a vulnerable browser - Still quite common, First security failure</p></div><p>All software has vulnerabilities.  To think otherwise is incredibly naive.</p><p><div class="quote"><p>3. Running windows - Still very plausible</p></div><p>Why is running windows a requirement?  See "All software..." comment above.</p><p><div class="quote"><p>4. Vulnerable to a privilege escalation exploit - Second security failure</p></div><p>See "All software..." comment above.</p><p><div class="quote"><p>5. With a network setup that is vulnerable to this kind of thing - Third security failure</p></div><p>You mean, one that is connected to the Internet?  Perhaps you are implying that there is some magic security box that would catch custom exploits for 0-day vulnerabilities delivered via email and/or http...</p><p><div class="quote"><p>5. Then "accessing" an AD server database - Fourth  security failure</p></div><p>Do you even know how AD works?</p><p><div class="quote"><p>6. To be cracked - ok</p></div><p>You understand that passwords can be cracked.  That's at least a start.</p><p><div class="quote"><p>So for this to work you have to have an insecure browser or other userland app that is easily exploitable (Acrobat)</p></div><p>Why does the software need to be "easily" exploitable?  You think the attackers need to wait for something to be posted to milw0rm?</p><p><div class="quote"><p>an OS with a privilege escalation flaw</p></div><p>How rare do you think those are, exactly?</p><p><div class="quote"><p>and A network that will let someone do things they probably shouldn't</p></div><p>Should I not be making HTTP and DNS requests?  (hint: that's all (actually more than) the attack needs)</p><p><div class="quote"><p>an AD server that is crackable so that you can get at the DB</p></div><p>All that's needed here is a way to get the administrator to log in to the owned host.  Another post describes numerous ways to achieve this.</p><p><div class="quote"><p>IMHO that is a hell of a lot of failures by the various parties for this to work.</p></div><p>I'm glad you're at least humble, since you don't know what you're talking about.</p></div>
	</htmltext>
<tokenext>1 .
You must first find someone using windows who is prone to clicking things without thinking .
- ok , I accept that.You 've already missed the point - the emails are targeted .
We 're not talking Nigerian scam here ; think about a email from your boss regarding a project you 've been working on...2 .
Running a vulnerable browser - Still quite common , First security failureAll software has vulnerabilities .
To think otherwise is incredibly naive.3 .
Running windows - Still very plausibleWhy is running windows a requirement ?
See " All software... " comment above.4 .
Vulnerable to a privilege escalation exploit - Second security failureSee " All software... " comment above.5 .
With a network setup that is vulnerable to this kind of thing - Third security failureYou mean , one that is connected to the Internet ?
Perhaps you are implying that there is some magic security box that would catch custom exploits for 0-day vulnerabilities delivered via email and/or http...5 .
Then " accessing " an AD server database - Fourth security failureDo you even know how AD works ? 6 .
To be cracked - okYou understand that passwords can be cracked .
That 's at least a start.So for this to work you have to have an insecure browser or other userland app that is easily exploitable ( Acrobat ) Why does the software need to be " easily " exploitable ?
You think the attackers need to wait for something to be posted to milw0rm ? an OS with a privilege escalation flawHow rare do you think those are , exactly ? and A network that will let someone do things they probably shouldn'tShould I not be making HTTP and DNS requests ?
( hint : that 's all ( actually more than ) the attack needs ) an AD server that is crackable so that you can get at the DBAll that 's needed here is a way to get the administrator to log in to the owned host .
Another post describes numerous ways to achieve this.IMHO that is a hell of a lot of failures by the various parties for this to work.I 'm glad you 're at least humble , since you do n't know what you 're talking about .</tokentext>
<sentencetext>1.
You must first find someone using windows who is prone to clicking things without thinking.
- ok, I accept that.You've already missed the point - the emails are targeted.
We're not talking Nigerian scam here; think about a email from your boss regarding a project you've been working on...2.
Running a vulnerable browser - Still quite common, First security failureAll software has vulnerabilities.
To think otherwise is incredibly naive.3.
Running windows - Still very plausibleWhy is running windows a requirement?
See "All software..." comment above.4.
Vulnerable to a privilege escalation exploit - Second security failureSee "All software..." comment above.5.
With a network setup that is vulnerable to this kind of thing - Third security failureYou mean, one that is connected to the Internet?
Perhaps you are implying that there is some magic security box that would catch custom exploits for 0-day vulnerabilities delivered via email and/or http...5.
Then "accessing" an AD server database - Fourth  security failureDo you even know how AD works?6.
To be cracked - okYou understand that passwords can be cracked.
That's at least a start.So for this to work you have to have an insecure browser or other userland app that is easily exploitable (Acrobat)Why does the software need to be "easily" exploitable?
You think the attackers need to wait for something to be posted to milw0rm?an OS with a privilege escalation flawHow rare do you think those are, exactly?and A network that will let someone do things they probably shouldn'tShould I not be making HTTP and DNS requests?
(hint: that's all (actually more than) the attack needs)an AD server that is crackable so that you can get at the DBAll that's needed here is a way to get the administrator to log in to the owned host.
Another post describes numerous ways to achieve this.IMHO that is a hell of a lot of failures by the various parties for this to work.I'm glad you're at least humble, since you don't know what you're talking about.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326368</id>
	<title>Re:oh for the love of \_\_\_\_!</title>
	<author>vajorie</author>
	<datestamp>1267464540000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><blockquote><div><p>Okay, I know an ex-pat who has moved to China and married. I have a much better understanding</p></div>
</blockquote><p>

Hey, nice to hear. I have this Black friend so I know Blacks.<nobr> <wbr></nobr>/yay</p></div>
	</htmltext>
<tokenext>Okay , I know an ex-pat who has moved to China and married .
I have a much better understanding Hey , nice to hear .
I have this Black friend so I know Blacks .
/yay</tokentext>
<sentencetext>Okay, I know an ex-pat who has moved to China and married.
I have a much better understanding


Hey, nice to hear.
I have this Black friend so I know Blacks.
/yay
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326330</id>
	<title>Oh brother..</title>
	<author>jav1231</author>
	<datestamp>1267464180000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>"We went to do business in a communist nation and they attacked our network, attempting to gain access and who knows what!?" As my teenaged daughter used to say, "Uh..Hello! Yeah!?" Which loosely translates to: And you're surprised?</htmltext>
<tokenext>" We went to do business in a communist nation and they attacked our network , attempting to gain access and who knows what ! ?
" As my teenaged daughter used to say , " Uh..Hello !
Yeah ! ? " Which loosely translates to : And you 're surprised ?</tokentext>
<sentencetext>"We went to do business in a communist nation and they attacked our network, attempting to gain access and who knows what!?
" As my teenaged daughter used to say, "Uh..Hello!
Yeah!?" Which loosely translates to: And you're surprised?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325768</id>
	<title>Auror</title>
	<author>Anonymous</author>
	<datestamp>1267458660000</datestamp>
	<modclass>Funny</modclass>
	<modscore>1</modscore>
	<htmltext><p>Anyone else read that as <a href="http://harrypotter.wikia.com/wiki/Auror" title="wikia.com" rel="nofollow">Auror Attack?</a> [wikia.com]</p></htmltext>
<tokenext>Anyone else read that as Auror Attack ?
[ wikia.com ]</tokentext>
<sentencetext>Anyone else read that as Auror Attack?
[wikia.com]</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326334</id>
	<title>Re:Even better, don't hire humans</title>
	<author>Anonymous</author>
	<datestamp>1267464240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>Hire the non-team players and the ones that argue with everyone.</p></div></blockquote><p>
It's not necessary to employ true arguers. You could easily get away with hiring those only capable of simple contradiction.</p></div>
	</htmltext>
<tokenext>Hire the non-team players and the ones that argue with everyone .
It 's not necessary to employ true arguers .
You could easily get away with hiring those only capable of simple contradiction .</tokentext>
<sentencetext>Hire the non-team players and the ones that argue with everyone.
It's not necessary to employ true arguers.
You could easily get away with hiring those only capable of simple contradiction.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329184</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267542060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Major attack vector: Internet Explorer. Security company publishes intrusion analysis in HTML format. If you clicked it, you may be part of the problem.</p><p>Formats (especially open standards) and applications are not the same thing.</p></htmltext>
<tokenext>Major attack vector : Internet Explorer .
Security company publishes intrusion analysis in HTML format .
If you clicked it , you may be part of the problem.Formats ( especially open standards ) and applications are not the same thing .</tokentext>
<sentencetext>Major attack vector: Internet Explorer.
Security company publishes intrusion analysis in HTML format.
If you clicked it, you may be part of the problem.Formats (especially open standards) and applications are not the same thing.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326110</id>
	<title>Re:So for this attack to work.</title>
	<author>k10quaint</author>
	<datestamp>1267462020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You just described most of corporate america with your six steps.<br>
<br>
Step #1 is very very plausible. One develops a potential working relationship with the target company and crafts an email to contain an innocuous looking document or link requested by the target. The link/document contains the latest exploit that has not been patched. The email is not suspicious because who would attack a potential business partner after all. It is an exploit that is preferably zero day and not yet in the virus/malware databases. Also, a new shell for the attack could be devised from the original code to insure it would be unrecognizable. <br>
<br>
Step #4 can be obviated by infecting an admin's computer, and if I was targeting a company with a zero day unknown exploit, I would aim it at their IT guys.<br>
<br>
Step #5a all networks are vulnerable to this sort of exploit, especially if the exploit is unknown to scanners &amp; filters. <br>
<br>
Step #5b if you root an admin's box, you can piggy back on him next time he does maintenance on *every* server and device he maintains.<br>
<br>
I am surprised the list was only 100 companies. I assume every S&amp;P 500 company has been penetrated to some degree.</htmltext>
<tokenext>You just described most of corporate america with your six steps .
Step # 1 is very very plausible .
One develops a potential working relationship with the target company and crafts an email to contain an innocuous looking document or link requested by the target .
The link/document contains the latest exploit that has not been patched .
The email is not suspicious because who would attack a potential business partner after all .
It is an exploit that is preferably zero day and not yet in the virus/malware databases .
Also , a new shell for the attack could be devised from the original code to insure it would be unrecognizable .
Step # 4 can be obviated by infecting an admin 's computer , and if I was targeting a company with a zero day unknown exploit , I would aim it at their IT guys .
Step # 5a all networks are vulnerable to this sort of exploit , especially if the exploit is unknown to scanners &amp; filters .
Step # 5b if you root an admin 's box , you can piggy back on him next time he does maintenance on * every * server and device he maintains .
I am surprised the list was only 100 companies .
I assume every S&amp;P 500 company has been penetrated to some degree .</tokentext>
<sentencetext>You just described most of corporate america with your six steps.
Step #1 is very very plausible.
One develops a potential working relationship with the target company and crafts an email to contain an innocuous looking document or link requested by the target.
The link/document contains the latest exploit that has not been patched.
The email is not suspicious because who would attack a potential business partner after all.
It is an exploit that is preferably zero day and not yet in the virus/malware databases.
Also, a new shell for the attack could be devised from the original code to insure it would be unrecognizable.
Step #4 can be obviated by infecting an admin's computer, and if I was targeting a company with a zero day unknown exploit, I would aim it at their IT guys.
Step #5a all networks are vulnerable to this sort of exploit, especially if the exploit is unknown to scanners &amp; filters.
Step #5b if you root an admin's box, you can piggy back on him next time he does maintenance on *every* server and device he maintains.
I am surprised the list was only 100 companies.
I assume every S&amp;P 500 company has been penetrated to some degree.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326820</id>
	<title>Re:So for this attack to work.</title>
	<author>Anonymous</author>
	<datestamp>1267468920000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>1. You must first find someone using windows who is prone to clicking things without thinking. - ok, I accept that.<br>2. Running a vulnerable browser - Still quite common, First security failure<br>3. Running windows - Still very plausible<br>4. Vulnerable to a privilege escalation exploit - Second security failure<br>5. With a network setup that is vulnerable to this kind of thing - Third security failure<br>5. Then "accessing" an AD server database - Fourth  security failure<br>6. To be cracked - ok</p><p>So for this to work you have to have an insecure browser or other userland app that is easily exploitable (Acrobat), an OS with a privilege escalation flaw and A network that will let someone do things they probably shouldn't, an AD server that is crackable so that you can get at the DB.</p><p>IMHO that is a hell of a lot of failures by the various parties for this to work.</p></div><p>I think you're missing the point.  These are targeted attacks.  They can take months to study most of the things you mention without ever raising the alarm.  I've worked in information technology call centers for almost a decade.  If you asked me to gain access to one of those machines (which in most cases have higher privileges than most) i think it wouldn't be too difficult.  Given months to plan I have no doubt of it.</p><p>S</p></div>
	</htmltext>
<tokenext>1 .
You must first find someone using windows who is prone to clicking things without thinking .
- ok , I accept that.2 .
Running a vulnerable browser - Still quite common , First security failure3 .
Running windows - Still very plausible4 .
Vulnerable to a privilege escalation exploit - Second security failure5 .
With a network setup that is vulnerable to this kind of thing - Third security failure5 .
Then " accessing " an AD server database - Fourth security failure6 .
To be cracked - okSo for this to work you have to have an insecure browser or other userland app that is easily exploitable ( Acrobat ) , an OS with a privilege escalation flaw and A network that will let someone do things they probably should n't , an AD server that is crackable so that you can get at the DB.IMHO that is a hell of a lot of failures by the various parties for this to work.I think you 're missing the point .
These are targeted attacks .
They can take months to study most of the things you mention without ever raising the alarm .
I 've worked in information technology call centers for almost a decade .
If you asked me to gain access to one of those machines ( which in most cases have higher privileges than most ) i think it would n't be too difficult .
Given months to plan I have no doubt of it.S</tokentext>
<sentencetext>1.
You must first find someone using windows who is prone to clicking things without thinking.
- ok, I accept that.2.
Running a vulnerable browser - Still quite common, First security failure3.
Running windows - Still very plausible4.
Vulnerable to a privilege escalation exploit - Second security failure5.
With a network setup that is vulnerable to this kind of thing - Third security failure5.
Then "accessing" an AD server database - Fourth  security failure6.
To be cracked - okSo for this to work you have to have an insecure browser or other userland app that is easily exploitable (Acrobat), an OS with a privilege escalation flaw and A network that will let someone do things they probably shouldn't, an AD server that is crackable so that you can get at the DB.IMHO that is a hell of a lot of failures by the various parties for this to work.I think you're missing the point.
These are targeted attacks.
They can take months to study most of the things you mention without ever raising the alarm.
I've worked in information technology call centers for almost a decade.
If you asked me to gain access to one of those machines (which in most cases have higher privileges than most) i think it wouldn't be too difficult.
Given months to plan I have no doubt of it.S
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328566</id>
	<title>The attack name Aurora is being overloaded</title>
	<author>grandpa-geek</author>
	<datestamp>1267537860000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Aurora was also the name of the "cybersecurity attack" on an electric generator that resulted in it bouncing up and down in a video on CNN a few years ago.</p><p>Actually, the cyber intrusion was stipulated and the remainder of the attack simulated by doing things with the generator that are known to cause serious problems.</p></htmltext>
<tokenext>Aurora was also the name of the " cybersecurity attack " on an electric generator that resulted in it bouncing up and down in a video on CNN a few years ago.Actually , the cyber intrusion was stipulated and the remainder of the attack simulated by doing things with the generator that are known to cause serious problems .</tokentext>
<sentencetext>Aurora was also the name of the "cybersecurity attack" on an electric generator that resulted in it bouncing up and down in a video on CNN a few years ago.Actually, the cyber intrusion was stipulated and the remainder of the attack simulated by doing things with the generator that are known to cause serious problems.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325906</id>
	<title>Re:So for this attack to work.</title>
	<author>esocid</author>
	<datestamp>1267459920000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>Have you not ever worked in an office setting? Walk by your sysadmin's dungeon and mention something about clicking a link in some email you got, and sit back and watch the fireworks.<br> <br>I can pretty much guarantee you that even in a tech setting, there will even be a handful of those people who still lack common, and/or tech, sense. This is exactly why certain places prevent their employees from installing software, running as admin, running off of flashdrives, or even discs.</htmltext>
<tokenext>Have you not ever worked in an office setting ?
Walk by your sysadmin 's dungeon and mention something about clicking a link in some email you got , and sit back and watch the fireworks .
I can pretty much guarantee you that even in a tech setting , there will even be a handful of those people who still lack common , and/or tech , sense .
This is exactly why certain places prevent their employees from installing software , running as admin , running off of flashdrives , or even discs .</tokentext>
<sentencetext>Have you not ever worked in an office setting?
Walk by your sysadmin's dungeon and mention something about clicking a link in some email you got, and sit back and watch the fireworks.
I can pretty much guarantee you that even in a tech setting, there will even be a handful of those people who still lack common, and/or tech, sense.
This is exactly why certain places prevent their employees from installing software, running as admin, running off of flashdrives, or even discs.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326692</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>GigaplexNZ</author>
	<datestamp>1267467720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>If a stock browser less than three years old can't render it, it isn't the web. If it isn't the web, we don't code for it.</p></div><p>That sounds a bit like a chicken and the egg problem. If we don't currently support it, we won't ever support it.</p></div>
	</htmltext>
<tokenext>If a stock browser less than three years old ca n't render it , it is n't the web .
If it is n't the web , we do n't code for it.That sounds a bit like a chicken and the egg problem .
If we do n't currently support it , we wo n't ever support it .</tokentext>
<sentencetext>If a stock browser less than three years old can't render it, it isn't the web.
If it isn't the web, we don't code for it.That sounds a bit like a chicken and the egg problem.
If we don't currently support it, we won't ever support it.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329494</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>GameboyRMH</author>
	<datestamp>1267543680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>PDF exploits attack vulnerabilities in Adobe Reader. You'll be safe with another non-vulnerability-laden PDF reader like Foxit, evince, etc. Later versions of Ubuntu (Karmic and I think Jaunty) even come with an AppArmor profile for evince.</p></htmltext>
<tokenext>PDF exploits attack vulnerabilities in Adobe Reader .
You 'll be safe with another non-vulnerability-laden PDF reader like Foxit , evince , etc .
Later versions of Ubuntu ( Karmic and I think Jaunty ) even come with an AppArmor profile for evince .</tokentext>
<sentencetext>PDF exploits attack vulnerabilities in Adobe Reader.
You'll be safe with another non-vulnerability-laden PDF reader like Foxit, evince, etc.
Later versions of Ubuntu (Karmic and I think Jaunty) even come with an AppArmor profile for evince.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326642</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331726</id>
	<title>Re:Sounds like resistance is easy.</title>
	<author>sjames</author>
	<datestamp>1267553640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It would be harder to gain full privilege and harder to go undetected. It would then be harder to spread it to other systems. There would be a greater liklihood that diverse systems would have to be cracked. No OS is invulnerable and no infrastructure is invulnerable, but some OSes are less vulnerable than others and a diverse infrastructure is less vulnerable than a homogeneous one.</p></htmltext>
<tokenext>It would be harder to gain full privilege and harder to go undetected .
It would then be harder to spread it to other systems .
There would be a greater liklihood that diverse systems would have to be cracked .
No OS is invulnerable and no infrastructure is invulnerable , but some OSes are less vulnerable than others and a diverse infrastructure is less vulnerable than a homogeneous one .</tokentext>
<sentencetext>It would be harder to gain full privilege and harder to go undetected.
It would then be harder to spread it to other systems.
There would be a greater liklihood that diverse systems would have to be cracked.
No OS is invulnerable and no infrastructure is invulnerable, but some OSes are less vulnerable than others and a diverse infrastructure is less vulnerable than a homogeneous one.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325730</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326304</id>
	<title>Re:So for this attack to work.</title>
	<author>Sikmaz</author>
	<datestamp>1267463940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Point by point:<br>#2: Many of the attacks use Zero-day exploits that are not public knowledge.<br>#4: See #2<br>#5: If you have more than 1400 servers there will be some that are vulnerable and when that happens they get one door they need.   Hopefully it is just some departmental webserver so the scope is small but they almost certainly now have at least the first foothold they need to grab some accounts and move from there if they don't have a Zero-day exploit they can use.<br>#5 (2nd #5?): What they get is the SAM database which is hashed using NTLM so it is vulnerable to rainbow table attacks.</p><p>So for it to work you just need:<br>1) An exploit not publicly known that allows remote code execution or elevation of privilege.   There is at least 2-3 of these a month<br>2) Compromise a departmental webserver/app server and start working backwards....    Eventually you will get more and more accounts until you get something interesting.   At the worst you have mapped a typical server and know your attack surface.   Maybe they run Tivoli?   So scan specific hosts for Tivoli vulnerabilities but do it slow so it isn't seen by IDS.   If they run Symantec AV use the exploit that is out right now to get on a privileged system...</p><p>So obviously it isn't as hard as it first seemed and it isn't a matter of incompetence with large companies there are simply too many possible ways in.   Your best defense is a layered one with a lot of monitoring of your logs and IDS sensors to watch for things that look unusual.   Baseline your traffic so if you see a large upload over https to a server in a weird location you can flag it!   It might be your SAM database going out the door...</p><p>tl:dr:  In a large company there are a lot of ways to get in, if you think you are safe you are lying to yourself.</p></htmltext>
<tokenext>Point by point : # 2 : Many of the attacks use Zero-day exploits that are not public knowledge. # 4 : See # 2 # 5 : If you have more than 1400 servers there will be some that are vulnerable and when that happens they get one door they need .
Hopefully it is just some departmental webserver so the scope is small but they almost certainly now have at least the first foothold they need to grab some accounts and move from there if they do n't have a Zero-day exploit they can use. # 5 ( 2nd # 5 ?
) : What they get is the SAM database which is hashed using NTLM so it is vulnerable to rainbow table attacks.So for it to work you just need : 1 ) An exploit not publicly known that allows remote code execution or elevation of privilege .
There is at least 2-3 of these a month2 ) Compromise a departmental webserver/app server and start working backwards.... Eventually you will get more and more accounts until you get something interesting .
At the worst you have mapped a typical server and know your attack surface .
Maybe they run Tivoli ?
So scan specific hosts for Tivoli vulnerabilities but do it slow so it is n't seen by IDS .
If they run Symantec AV use the exploit that is out right now to get on a privileged system...So obviously it is n't as hard as it first seemed and it is n't a matter of incompetence with large companies there are simply too many possible ways in .
Your best defense is a layered one with a lot of monitoring of your logs and IDS sensors to watch for things that look unusual .
Baseline your traffic so if you see a large upload over https to a server in a weird location you can flag it !
It might be your SAM database going out the door...tl : dr : In a large company there are a lot of ways to get in , if you think you are safe you are lying to yourself .</tokentext>
<sentencetext>Point by point:#2: Many of the attacks use Zero-day exploits that are not public knowledge.#4: See #2#5: If you have more than 1400 servers there will be some that are vulnerable and when that happens they get one door they need.
Hopefully it is just some departmental webserver so the scope is small but they almost certainly now have at least the first foothold they need to grab some accounts and move from there if they don't have a Zero-day exploit they can use.#5 (2nd #5?
): What they get is the SAM database which is hashed using NTLM so it is vulnerable to rainbow table attacks.So for it to work you just need:1) An exploit not publicly known that allows remote code execution or elevation of privilege.
There is at least 2-3 of these a month2) Compromise a departmental webserver/app server and start working backwards....    Eventually you will get more and more accounts until you get something interesting.
At the worst you have mapped a typical server and know your attack surface.
Maybe they run Tivoli?
So scan specific hosts for Tivoli vulnerabilities but do it slow so it isn't seen by IDS.
If they run Symantec AV use the exploit that is out right now to get on a privileged system...So obviously it isn't as hard as it first seemed and it isn't a matter of incompetence with large companies there are simply too many possible ways in.
Your best defense is a layered one with a lot of monitoring of your logs and IDS sensors to watch for things that look unusual.
Baseline your traffic so if you see a large upload over https to a server in a weird location you can flag it!
It might be your SAM database going out the door...tl:dr:  In a large company there are a lot of ways to get in, if you think you are safe you are lying to yourself.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326048</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>adolf</author>
	<datestamp>1267461120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You left out GIF.  The patents are expired, and it is a free standard.</p><p>[Yes, I know that PNG does the same things as GIF, only better.  Except, that it can't do animations.  And simple animations, though often annoying, can be very useful, especially in a world like you suggest in which Flash does not exist.  <a href="http://en.wikipedia.org/wiki/File:Wankel\_Cycle\_anim\_en.gif" title="wikipedia.org">See?</a> [wikipedia.org]  And though HTML5 + Ogg Theora fills some of the gap, <a href="http://en.wikipedia.org/wiki/Lossy\_compression" title="wikipedia.org">lossy compression</a> [wikipedia.org] like that sucks for technical drawings, whereas lossless formats can do very well.  Of course, there's MNG, which is similar to PNG but with animations in mind...which is cool and all, except <a href="http://en.wikipedia.org/wiki/Mng#Application\_support" title="wikipedia.org">nobody uses it</a> [wikipedia.org].)</p></htmltext>
<tokenext>You left out GIF .
The patents are expired , and it is a free standard .
[ Yes , I know that PNG does the same things as GIF , only better .
Except , that it ca n't do animations .
And simple animations , though often annoying , can be very useful , especially in a world like you suggest in which Flash does not exist .
See ? [ wikipedia.org ] And though HTML5 + Ogg Theora fills some of the gap , lossy compression [ wikipedia.org ] like that sucks for technical drawings , whereas lossless formats can do very well .
Of course , there 's MNG , which is similar to PNG but with animations in mind...which is cool and all , except nobody uses it [ wikipedia.org ] .
)</tokentext>
<sentencetext>You left out GIF.
The patents are expired, and it is a free standard.
[Yes, I know that PNG does the same things as GIF, only better.
Except, that it can't do animations.
And simple animations, though often annoying, can be very useful, especially in a world like you suggest in which Flash does not exist.
See? [wikipedia.org]  And though HTML5 + Ogg Theora fills some of the gap, lossy compression [wikipedia.org] like that sucks for technical drawings, whereas lossless formats can do very well.
Of course, there's MNG, which is similar to PNG but with animations in mind...which is cool and all, except nobody uses it [wikipedia.org].
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328224</id>
	<title>Re:Who clicked on the PDF?</title>
	<author>Anonymous</author>
	<datestamp>1267532700000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Totally agree, Adobe should be focusing on security rather than so many features. I mean if I want to have a meeting and present a document, I'll do it though the video conference software that already has this option.</p><p>Flash should be secure, and it's constantly showing me that it is not. I know you can get flash blockers, so you have the option to run (at least). Why not offer a cut down flash version that only allows you to play movies and has no vunerabilities?</p></htmltext>
<tokenext>Totally agree , Adobe should be focusing on security rather than so many features .
I mean if I want to have a meeting and present a document , I 'll do it though the video conference software that already has this option.Flash should be secure , and it 's constantly showing me that it is not .
I know you can get flash blockers , so you have the option to run ( at least ) .
Why not offer a cut down flash version that only allows you to play movies and has no vunerabilities ?</tokentext>
<sentencetext>Totally agree, Adobe should be focusing on security rather than so many features.
I mean if I want to have a meeting and present a document, I'll do it though the video conference software that already has this option.Flash should be secure, and it's constantly showing me that it is not.
I know you can get flash blockers, so you have the option to run (at least).
Why not offer a cut down flash version that only allows you to play movies and has no vunerabilities?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326084</id>
	<title>Packet Filter</title>
	<author>Anonymous</author>
	<datestamp>1267461660000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext>If you don't expect/want traffic from China, configure your firewall to block <a href="http://www.okean.com/antispam/china.html" title="okean.com">IP addresses assigned to China</a> [okean.com].</htmltext>
<tokenext>If you do n't expect/want traffic from China , configure your firewall to block IP addresses assigned to China [ okean.com ] .</tokentext>
<sentencetext>If you don't expect/want traffic from China, configure your firewall to block IP addresses assigned to China [okean.com].</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31337342</id>
	<title>Re:Chinese Patience</title>
	<author>Anonymous</author>
	<datestamp>1267530900000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><i>In 2002, we were informed that this was not small enough, and now had to run the shredded documents through the hammer mill, so everything would be reduced to powder.</i></p><p><i>They caught some folks rummaging at the local landfill, looking for the trash bags filled with end of week, end of month and end of year destruction.</i></p><p>Any reason you didn't choose a simpler solution, like burning after shredding?</p><p>All the spy novels I've read (which of course are 100\% historically accurate) have embassies &amp; secret installations that burn after shredding.</p></htmltext>
<tokenext>In 2002 , we were informed that this was not small enough , and now had to run the shredded documents through the hammer mill , so everything would be reduced to powder.They caught some folks rummaging at the local landfill , looking for the trash bags filled with end of week , end of month and end of year destruction.Any reason you did n't choose a simpler solution , like burning after shredding ? All the spy novels I 've read ( which of course are 100 \ % historically accurate ) have embassies &amp; secret installations that burn after shredding .</tokentext>
<sentencetext>In 2002, we were informed that this was not small enough, and now had to run the shredded documents through the hammer mill, so everything would be reduced to powder.They caught some folks rummaging at the local landfill, looking for the trash bags filled with end of week, end of month and end of year destruction.Any reason you didn't choose a simpler solution, like burning after shredding?All the spy novels I've read (which of course are 100\% historically accurate) have embassies &amp; secret installations that burn after shredding.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326906</id>
	<title>Summary omits crucial component: MICROSOFT WINDOWS</title>
	<author>Anonymous</author>
	<datestamp>1267470060000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Taggers take note.</p></htmltext>
<tokenext>Taggers take note .</tokentext>
<sentencetext>Taggers take note.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325766</id>
	<title>Antivirus?</title>
	<author>TubeSteak</author>
	<datestamp>1267458660000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>"Attackers are willing to spend months attacking people in these companies, and they write custom malware specific to those companies," [iSec founding partner Alex Stamos] told The Register. "The malware for each of these companies has been customized based on the versions of vulnerable software they're running, as well as what kind of anti-virus they're using.<nobr> <wbr></nobr>...</p></div><p>Since when has anti-virus heuristics algorithms been at all useful against custom malware?</p><p>Even the script kiddies can find encrypters to take their cookie cutter programs and make them invisible to the majority of anti-virus programs.</p></div>
	</htmltext>
<tokenext>" Attackers are willing to spend months attacking people in these companies , and they write custom malware specific to those companies , " [ iSec founding partner Alex Stamos ] told The Register .
" The malware for each of these companies has been customized based on the versions of vulnerable software they 're running , as well as what kind of anti-virus they 're using .
...Since when has anti-virus heuristics algorithms been at all useful against custom malware ? Even the script kiddies can find encrypters to take their cookie cutter programs and make them invisible to the majority of anti-virus programs .</tokentext>
<sentencetext>"Attackers are willing to spend months attacking people in these companies, and they write custom malware specific to those companies," [iSec founding partner Alex Stamos] told The Register.
"The malware for each of these companies has been customized based on the versions of vulnerable software they're running, as well as what kind of anti-virus they're using.
...Since when has anti-virus heuristics algorithms been at all useful against custom malware?Even the script kiddies can find encrypters to take their cookie cutter programs and make them invisible to the majority of anti-virus programs.
	</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_47</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327746
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_50</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326318
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327904
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_41</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327934
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326772
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328234
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326178
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_38</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331788
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325698
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326278
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326304
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326692
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31336198
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_44</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328620
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327002
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_37</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31330540
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326544
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325698
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_36</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326472
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326084
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325850
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326836
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325906
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_42</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326728
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326084
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31330736
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_56</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328588
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331726
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325730
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_61</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326512
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325730
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_35</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327534
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325730
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331656
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328366
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326048
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31337342
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325734
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326792
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_48</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327956
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_53</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328224
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_55</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326110
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_54</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326628
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326196
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327630
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_45</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325870
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327664
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326454
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326196
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326400
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328122
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_46</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329494
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326642
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325698
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_40</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327102
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_39</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31334548
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_43</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327078
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326420
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326334
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329112
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326048
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327480
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326070
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325950
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_34</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328788
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326014
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31346158
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_59</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326296
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_62</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326820
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_58</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327666
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_49</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326948
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326070
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_52</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325752
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_33</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325878
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326248
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_32</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325970
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325838
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_57</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327604
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326178
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_60</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329184
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_02_0047249_51</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327736
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326132
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325720
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325878
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325870
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325838
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327956
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325850
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326792
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326368
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31336198
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326178
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328234
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327604
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325800
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326772
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326304
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326278
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326318
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326014
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326820
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326110
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31330540
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325906
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325970
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327666
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325638
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326400
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325752
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329184
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325698
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326544
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331788
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326642
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329494
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325786
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31330736
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328224
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326070
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327480
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326948
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325950
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327002
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328620
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327630
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328788
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326048
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328366
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31329112
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326692
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326296
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327904
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327078
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326626
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326196
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326454
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326628
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326132
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327736
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325766
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326590
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326370
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326836
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327102
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31337342
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31334548
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31346158
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327746
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325768
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325664
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328588
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325722
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326248
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326334
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326420
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31328122
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331656
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325730
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31331726
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327534
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326512
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31325734
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327934
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31327664
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326084
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326728
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326472
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_02_0047249.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_02_0047249.31326906
</commentlist>
</conversation>
