On Thu, 2 Apr 2015 02:34:48 +0900 Daisuke HIGASHI wrote: > > The only other option is to persuade the users of the compromised machines > > to clean their systems. > > I agree. Which isn't going to happen unless idiots all get chrome books assuming the update situation their is better than android, which isn't going to happen because Windows still has third party support others don't and the Win7 kernel onwards actually has more security features than Linux or Freebsd but not openbsd or grsec linux. Not to mention out of date firmwares on phones that laughably are now being branded as a cool feature by ubuntu mobile (one-time update marketing rubbish). Oh and those security features that the Win7 kernel now has can't work with JAVA. What is the attackers motivation, amplification? If that's true? then amplification is the real issue and SSL everywhere has a similar perhaps more dangerous issue that can be fixed as it was with TCP handshakes sending more than one ACK, the current implementations are wrong and will now take time to phase out and the sooner that starts the better. ****The client should have to do more work than he causes****.