"Kier" <vallon@tiscali.co.uk> wrote in message
news:pan.2007.09.28.08.40.43.637828@tiscali.co.uk. ..
> On Fri, 28 Sep 2007 08:47:26 +0100, dennis@home wrote:
>
>>
>> "Kier" <vallon@tiscali.co.uk> wrote in message
>> news:pan.2007.09.27.22.10.39.759492@tiscali.co.uk. ..
>>> On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:
>>>
>>>>
>>>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>>>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>>>
>>>>
>>>>
>>>>> See the advanced technology in action here
>>>>> http://www.livecdlist.com
>>>>> Just download and boot from CD.
>>>>
>>>> You must be joking.. nobody in their right mind would download a self
>>>> booting CD recommended by anyone they didn't know.
>>>
>>> Strangely enough, though 7 is a loon, he's not the sort of loon to
>>> recommend you trash your machine from some roague CD. The list is
>>> genuine.
>>
>> But I have no way to know that and I certainly aren't going to trust
>> someone
>> shouting in a news group, anyone that does is being foolish.
>> It shows that people still don't understand the basics of security if
>> they
>> do.
>
> That would be a social engineering type hack, right? I do take your point
> in that regard. One of my favourite books is a fascinating exploaration of
> the art, called 'A Complete Hacker's Handbook'.
>
>> If you can't verify the source you may as well let the hacker sit at the
>> machine and give him the passwords.
>
> How come we don't see this happening, then? I have *never* heard of such a
> thing being done. Probably it *could* be, somehow, but I know of not one
> instance.
>
>>
>>>
>>>> It could do absolutely anything to the machine you boot it on.
>>>
>>> Actually, no. Some don't even make it easy or possible to have write
>>> access to your drives
>>
>> You don't know how Unix works if you think that.
>
> It's not impossible, certainly, but without root access it's not easy. Of
> course, some LiveCDs are desighed to do partitioning and rescue work, so
> they by definition must be able to write to disc. But if you have
> physical access, no system is really safe, however well-protected.
>
> The ordinary user, however, is not going to be able to break his sytem
> using a LiveCD. That was my initial point. LiveCDs don't usually touch
> the underlying OS at all - in fact, with sufficient memory you can run one
> without a hard disk in the machine at all.

You have misunderstood.
You even know what I say is true from what you have said above and then you
ignore what you said and say it can't happen because its a live CD. It is
because its a live CD (i.e. bootable) that it can happen. Don't think I am
getting at Linux here because I am not it can happen with any bootable disk.
It has happened with windows.. people have released images on P2P with
malicious code built in. There is nothing to stop someone doing exactly the
same with a live CD and they are also on P2P from various sources too. Don't
think that Linux makes you secure.. nothing makes an idiot with a computer
secure.

While its true that many *real* live CDs can't access the disks, its only
because whoever put the CD together removed that ability.
Anyone could create a live CD that can access the disks and can do anything
they like including instaling root kits or emailing data or anything they
like.
Unless you can identify these disks you have a security problem and it is
not going away just by saying it hasn't been done yet.. the reality is that
you probably wouldn't know if it had been. To start with while people don't
believe it can happen who is going to look.

>
>> If you boot an entire OS it will be able to do anything it likes to your
>> drives unless you are running an encrypted file system that prompts you
>> for
>> a password at boot before it can decrypt the drives. No Linux or windows
>> does that that I know of. You certainly can't do anything about it when
>> the
>> source is available as if you store the password on the machine the rogue
>> software can use exactly the same mechanism to extract the password and
>> access the file system as the original OS. This is also true of windows
>> but
>> someone has to disassemble the software and find the mechanism first so
>> its
>> slightly more difficult.
>
> The source isn't usually available on a LiveCD, no mater what 7 said.
> There usually isn't room.

I know but it can fit on a DVD.

>>>> Its just the sort of thing a hacker would try to get you to do.
>>>> It would be a **** good way to root Linux boxes BTW.
>>>
>>> Well, I've used dozens of LiveCDs over the past few years, and not one
>>> has
>>> ever harmed my PCs. On the contrary, they've helped me save data when
>>> hardware went tit's-up.
>>
>> I have used live CDs too but not one that someone has been shouting about
>> in
>> a news group.. you can't trust anyone these days.
>>
>> Live CDs are one of the biggest security risks the average user is likely
>> to
>> come across now floppies have gone (mostly).
>
> Yes, no problems like that have been detected, to my knowledge.

Is anyone looking?

>> (Any bootable device suffers from exactly the same security problems
>> whatever OS you are running on the machine.)
>> It doesn't take a lot of skill to put some malicious software on one and
>> it
>> has total access to the machine be it windows or Linux or dos.
>
> Less easily with Linux, but essentially, yes.

There is another error, why is it less easy? I see no reason for it to be
less easy.. in fact I think it might be easier as I have the source i need
to modify it to do what *I* want.
>
>> You have to be sure that it is what it claims before you boot it.
>> If it is malicious and you boot it the average user will never know
>> anything
>> bad has happened.
>> They could easily be the Linux (and everything else) equivalent of the
>> boot
>> sector virus that dos suffers from and there is no easy way for a user to
>> be
>> sure other than from where they download it from.
>
> Yet there doesn't seem to be one, does there? If it's that easy, why
> isn't it being done?
>
>>
>> Where is the definitive list of live CDs that have been verified and the
>> checksums and software to verify the cd before use? Who exactly is
>> responsible for doing that and do they have the skills to do it are a
>> couple
>> of questions I would ask if I put a security hat on.
>
> Well, I don't deny it's always good to cultivate good security habits,
> whtever OS you're using. But, like I said, nothing like that ever seems to
> have happened. I do vaguely recall there was a case where some dodgy rpms
> or something got into a reputable distro repo, but it was very quickily
> discovered and stopped. The transparency of open source tends to make such
> things more difficult to get away with.

That is an illusion not backed up by logic.
There are so few people that really know what they are doing with open
source that they can't get all the bugs so they are unlikely to find
anything malicious unless it has a bug and an undesirable side effect. I can
just see someone sitting there and going through a "Ubuntu 7.1" live CD
looking for stuff that shouldn't be there.

On Fri, 28 Sep 2007 10:11:26 +0100, dennis@home wrote:

>
> "Kier" <vallon@tiscali.co.uk> wrote in message
> news:pan.2007.09.28.08.40.43.637828@tiscali.co.uk. ..
>> On Fri, 28 Sep 2007 08:47:26 +0100, dennis@home wrote:
>>
>>>
>>> "Kier" <vallon@tiscali.co.uk> wrote in message
>>> news:pan.2007.09.27.22.10.39.759492@tiscali.co.uk. ..
>>>> On Thu, 27 Sep 2007 22:12:59 +0100, dennis@home wrote:
>>>>
>>>>>
>>>>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>>>>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>>>>
>>>>>
>>>>>
>>>>>> See the advanced technology in action here
>>>>>> http://www.livecdlist.com
>>>>>> Just download and boot from CD.
>>>>>
>>>>> You must be joking.. nobody in their right mind would download a self
>>>>> booting CD recommended by anyone they didn't know.
>>>>
>>>> Strangely enough, though 7 is a loon, he's not the sort of loon to
>>>> recommend you trash your machine from some roague CD. The list is
>>>> genuine.
>>>
>>> But I have no way to know that and I certainly aren't going to trust
>>> someone
>>> shouting in a news group, anyone that does is being foolish.
>>> It shows that people still don't understand the basics of security if
>>> they
>>> do.
>>
>> That would be a social engineering type hack, right? I do take your point
>> in that regard. One of my favourite books is a fascinating exploaration of
>> the art, called 'A Complete Hacker's Handbook'.
>>
>>> If you can't verify the source you may as well let the hacker sit at the
>>> machine and give him the passwords.
>>
>> How come we don't see this happening, then? I have *never* heard of such a
>> thing being done. Probably it *could* be, somehow, but I know of not one
>> instance.
>>
>>>
>>>>
>>>>> It could do absolutely anything to the machine you boot it on.
>>>>
>>>> Actually, no. Some don't even make it easy or possible to have write
>>>> access to your drives
>>>
>>> You don't know how Unix works if you think that.
>>
>> It's not impossible, certainly, but without root access it's not easy. Of
>> course, some LiveCDs are desighed to do partitioning and rescue work, so
>> they by definition must be able to write to disc. But if you have
>> physical access, no system is really safe, however well-protected.
>>
>> The ordinary user, however, is not going to be able to break his sytem
>> using a LiveCD. That was my initial point. LiveCDs don't usually touch
>> the underlying OS at all - in fact, with sufficient memory you can run one
>> without a hard disk in the machine at all.
>
> You have misunderstood.

No, I don't think so.

> You even know what I say is true from what you have said above and then you
> ignore what you said and say it can't happen because its a live CD. It is

Not 'can't', so much as 'is less likely to'.

> because its a live CD (i.e. bootable) that it can happen. Don't think I am
> getting at Linux here because I am not it can happen with any bootable disk.

Of course it can happen. The fact it, it doesn't seem to *be* happening,
at least not on a large enough scale that it can be detected.

> It has happened with windows.. people have released images on P2P with
> malicious code built in. There is nothing to stop someone doing exactly
> the same with a live CD and they are also on P2P from various sources
> too. Don't think that Linux makes you secure.. nothing makes an idiot
> with a computer secure.

We're a trifle more secure than Windows, though no system is 100% secure,
with a determined enough attacker.

>
> While its true that many *real* live CDs can't access the disks, its
> only because whoever put the CD together removed that ability. Anyone
> could create a live CD that can access the disks and can do anything
> they like including instaling root kits or emailing data or anything
> they like.

Anyone could, yes. But I've heard of no case of it happening. And since it
would be relatively easy, you would naturally expect it to have happened
often enough to have been noticed or detected.

> Unless you can identify these disks you have a security problem and it is
> not going away just by saying it hasn't been done yet.. the reality is that
> you probably wouldn't know if it had been. To start with while people don't
> believe it can happen who is going to look.

Someone may have done it somewhere, of course, and gone undetected. But
they will have crafted a LiveCD of their own, not placed it in the public
domain, as it were.

>
>>
>>> If you boot an entire OS it will be able to do anything it likes to your
>>> drives unless you are running an encrypted file system that prompts you
>>> for
>>> a password at boot before it can decrypt the drives. No Linux or windows
>>> does that that I know of. You certainly can't do anything about it when
>>> the
>>> source is available as if you store the password on the machine the rogue
>>> software can use exactly the same mechanism to extract the password and
>>> access the file system as the original OS. This is also true of windows
>>> but
>>> someone has to disassemble the software and find the mechanism first so
>>> its
>>> slightly more difficult.
>>
>> The source isn't usually available on a LiveCD, no mater what 7 said.
>> There usually isn't room.
>
> I know but it can fit on a DVD.

I can, yes. But even them, it usually won't be, though you can request it
as of right..

>
>>>>> Its just the sort of thing a hacker would try to get you to do.
>>>>> It would be a **** good way to root Linux boxes BTW.
>>>>
>>>> Well, I've used dozens of LiveCDs over the past few years, and not one
>>>> has
>>>> ever harmed my PCs. On the contrary, they've helped me save data when
>>>> hardware went tit's-up.
>>>
>>> I have used live CDs too but not one that someone has been shouting about
>>> in
>>> a news group.. you can't trust anyone these days.
>>>
>>> Live CDs are one of the biggest security risks the average user is likely
>>> to
>>> come across now floppies have gone (mostly).
>>
>> Yes, no problems like that have been detected, to my knowledge.
>
> Is anyone looking?

Probably. If you can think of this occurring, then someone else no doubt
has thought of it, and is watching for it.

>
>>> (Any bootable device suffers from exactly the same security problems
>>> whatever OS you are running on the machine.)
>>> It doesn't take a lot of skill to put some malicious software on one and
>>> it
>>> has total access to the machine be it windows or Linux or dos.
>>
>> Less easily with Linux, but essentially, yes.
>
> There is another error, why is it less easy? I see no reason for it to be
> less easy.. in fact I think it might be easier as I have the source i need
> to modify it to do what *I* want.

That's an argument often made to suggest Linux is less secure - yet it
doesn't seem to be, does it, despite the source code being freely
available to all? You'd think it would be an open invitation to every
hacket and cracker out there.

>>
>>> You have to be sure that it is what it claims before you boot it.
>>> If it is malicious and you boot it the average user will never know
>>> anything
>>> bad has happened.
>>> They could easily be the Linux (and everything else) equivalent of the
>>> boot
>>> sector virus that dos suffers from and there is no easy way for a user to
>>> be
>>> sure other than from where they download it from.
>>
>> Yet there doesn't seem to be one, does there? If it's that easy, why
>> isn't it being done?
>>
>>>
>>> Where is the definitive list of live CDs that have been verified and the
>>> checksums and software to verify the cd before use? Who exactly is
>>> responsible for doing that and do they have the skills to do it are a
>>> couple
>>> of questions I would ask if I put a security hat on.
>>
>> Well, I don't deny it's always good to cultivate good security habits,
>> whtever OS you're using. But, like I said, nothing like that ever seems to
>> have happened. I do vaguely recall there was a case where some dodgy rpms
>> or something got into a reputable distro repo, but it was very quickily
>> discovered and stopped. The transparency of open source tends to make such
>> things more difficult to get away with.
>
> That is an illusion not backed up by logic.

No, it's not an illusion, it's a fact. It's a lot harder to hide something
in Linux code, because it's available to all for inspection. Of course,
it's not *impossible*, but it's harder.

> There are so few people that really know what they are doing with open
> source that they can't get all the bugs so they are unlikely to find

Whao, there. So few There are thousands and thousands who know what
they're doing - and are doing it, daily.

> anything malicious unless it has a bug and an undesirable side effect. I
> can just see someone sitting there and going through a "Ubuntu 7.1" live
> CD looking for stuff that shouldn't be there.

They don't need to. What's on there is what's in the Ubuntu repos, which
is scrutinised by the whole community.

--
Kier

"Kier" <vallon@tiscali.co.uk> wrote in message
news:pan.2007.09.28.09.43.02.352391@tiscali.co.uk. ..
> On Fri, 28 Sep 2007 10:11:26 +0100, dennis@home wrote:

8<

> We're a trifle more secure than Windows, though no system is 100% secure,
> with a determined enough attacker.

Now you are getting it wrong again.
You are no more secure than windows with regards to this type of attack.
In fact you are probably less secure.
At least on windows there are a multitude of AV and anti spyware packages
that any hacker would have to overcome as well as the standard OS features.
On Linux there is just the standard stuff so one hack will work almost
anywhere.
Don't let any security features that are there to stop you running malware
give you the impression you are safe as a fake live CD doesn't have them and
the ones on your system don't matter.
>
>>
>> While its true that many *real* live CDs can't access the disks, its
>> only because whoever put the CD together removed that ability. Anyone
>> could create a live CD that can access the disks and can do anything
>> they like including instaling root kits or emailing data or anything
>> they like.
>
> Anyone could, yes. But I've heard of no case of it happening. And since it
> would be relatively easy, you would naturally expect it to have happened
> often enough to have been noticed or detected.

What is there to detect?
Are you looking for something?
You are secure so why are you looking?
Yes it is a social engineering hack and it sounds like you are a perfect
target (like most people).
You expect too much from your software.. something it cannot do.
You have also been luuled into a false sense of security by some of the
things it can do but have no relevance here.

>
>> Unless you can identify these disks you have a security problem and it is
>> not going away just by saying it hasn't been done yet.. the reality is
>> that
>> you probably wouldn't know if it had been. To start with while people
>> don't
>> believe it can happen who is going to look.
>
> Someone may have done it somewhere, of course, and gone undetected. But
> they will have crafted a LiveCD of their own, not placed it in the public
> domain, as it were.

P2P? That sounds public to me.

There were loads of them last time I looked and I expect some of them to be
dubious, one has to get herd controllers somewhere..

Anyway if the hackers hadn't thought of it they know now.
You can expect your first batch with the release of Ubuntu next week. ;-)

8<

dennis@home wrote:

>"Kier" <vallon@tiscali.co.uk> wrote:
>>
>> On Fri, 28 Sep 2007 10:11:26 +0100, dennis@home wrote:
>
>8<
>
>> We're a trifle more secure than Windows, though no system is 100% secure,
>> with a determined enough attacker.
>
>Now you are getting it wrong again.
>You are no more secure than windows with regards to this type of attack.
>In fact you are probably less secure.

You are a fscking idiot. If you're so paranoid, get your LiveCD ISO
from directly from the ubuntu (or whatever) Web site. Sheesh.

"chrisv" <chrisv@nospam.invalid> wrote in message
news:e71qf35sq1bt67vqp7v01v2sj0kouak1vr@4ax.com...
> dennis@home wrote:
>
>>"Kier" <vallon@tiscali.co.uk> wrote:
>>>
>>> On Fri, 28 Sep 2007 10:11:26 +0100, dennis@home wrote:
>>
>>8<
>>
>>> We're a trifle more secure than Windows, though no system is 100%
>>> secure,
>>> with a determined enough attacker.
>>
>>Now you are getting it wrong again.
>>You are no more secure than windows with regards to this type of attack.
>>In fact you are probably less secure.
>
> You are a fscking idiot. If you're so paranoid, get your LiveCD ISO
> from directly from the ubuntu (or whatever) Web site. Sheesh.
>

Another one that doesn't like the truth.
There is *nothing* in Linux (or most OSes) to protect a user from such a
simple attack and yet you think I am paranoid for not listening to some
troll posting download web sites in a news group. Do get a clue on what is
and isn't safe with the computer you are supposed to be in charge of.

On Fri, 28 Sep 2007 18:57:38 +0100, "dennis@home"
<dennis@killspam.kicks-ass.net> wrote:


>Another one that doesn't like the truth.

The truth is you're just another self-important, loud, uncouth windbag
that has some odd need to try to defend questionable Microsoft
practices. I should thank you, because you and about a half a dozen
other airheads make me and I'm guessing many others laugh every day
over the idiotic things you keep saying.

dennis@home wrote:

>"chrisv" <chrisv@nospam.invalid> wrote:
>>
>> You are a fscking idiot. If you're so paranoid, get your LiveCD ISO
>> from directly from the ubuntu (or whatever) Web site. Sheesh.
>
>Another one that doesn't like the truth.

The truth is, you're an idiot.

>There is *nothing* in Linux (or most OSes) to protect a user from such a
>simple attack

Idiot. Read my last post again.

Adam Albright wrote:

> On Fri, 28 Sep 2007 18:57:38 +0100, "dennis@home"
> <dennis@killspam.kicks-ass.net> wrote:
>
>
>
>>Another one that doesn't like the truth.
>
>
> The truth is you're just another self-important, loud, uncouth windbag
> that has some odd need to try to defend questionable Microsoft
> practices. I should thank you, because you and about a half a dozen
> other airheads make me and I'm guessing many others laugh every day
> over the idiotic things you keep saying.
>


OMG, that the most self-descriptive (or self-effacing) statement you've
yet to post!
That didn't hurt at all did it?
Frank

"Adam Albright" <AA@ABC.net> wrote in message
news:1thqf3lqr0cuou50t9s3c8f64t9ikk34pk@4ax.com...
> On Fri, 28 Sep 2007 18:57:38 +0100, "dennis@home"
> <dennis@killspam.kicks-ass.net> wrote:
>
>
>>Another one that doesn't like the truth.
>
> The truth is you're just another self-important, loud, uncouth windbag
> that has some odd need to try to defend questionable Microsoft
> practices. I should thank you, because you and about a half a dozen
> other airheads make me and I'm guessing many others laugh every day
> over the idiotic things you keep saying.
>

You are crazy. This has nothing to do with M$ or windows so shut up.

Adam Albright wrote:
> On Fri, 28 Sep 2007 18:57:38 +0100, "dennis@home"
> <dennis@killspam.kicks-ass.net> wrote:
>
>
>> Another one that doesn't like the truth.
>
> The truth is you're just another self-important, loud, uncouth windbag
> that has some odd need to try to defend questionable Microsoft
> practices. I should thank you, because you and about a half a dozen
> other airheads make me and I'm guessing many others laugh every day
> over the idiotic things you keep saying.
>

<You're just self-important garbage that think you are God's gift to the
world, but all you really are is street garbage that needs to be pick-up
and taken to the city dump.>

"chrisv" <chrisv@nospam.invalid> wrote in message
news:c7iqf35fsmtg27jcnsh81m7m241e6cb2kg@4ax.com...
> dennis@home wrote:
>
>>"chrisv" <chrisv@nospam.invalid> wrote:
>>>
>>> You are a fscking idiot. If you're so paranoid, get your LiveCD ISO
>>> from directly from the ubuntu (or whatever) Web site. Sheesh.
>>
>>Another one that doesn't like the truth.
>
> The truth is, you're an idiot.
>
>>There is *nothing* in Linux (or most OSes) to protect a user from such a
>>simple attack
>
> Idiot. Read my last post again.
>

The only thing in your post are insults so it appears you know nothing! and
you call me an idiot.

dennis@home wrote:

>"chrisv" <chrisv@nospam.invalid> wrote in message
>>
>> dennis@home wrote:
>>
>>>"chrisv" <chrisv@nospam.invalid> wrote:
>>>>
>>>> You are a fscking idiot. If you're so paranoid, get your LiveCD ISO
>>>> from directly from the ubuntu (or whatever) Web site. Sheesh.
>>>
>>>Another one that doesn't like the truth.
>>
>> The truth is, you're an idiot.
>>
>>>There is *nothing* in Linux (or most OSes) to protect a user from such a
>>>simple attack
>>
>> Idiot. Read my last post again.
>
>The only thing in your post are insults

Incorrect. I also explained *why* I'm calling you an idiot.

>so it appears you know nothing!

Wrong again, obviously.

>and you call me an idiot.

Yes, I do, because you are.

Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:

>
> "7" <website_has_email@www.enemygadgets.com> wrote in message
> news:dOVKi.21730$c_1.2486@text.news.blueyonder.co. uk...
>> Asstroturfer dennis@home wrote on behalf of Micoshaft Corporation:
>>
>>>
>>> "7" <website_has_email@www.enemygadgets.com> wrote in message
>>> news:4lUKi.21642$c_1.10147@text.news.blueyonder.co .uk...
>>>
>>>
>>>
>>>> See the advanced technology in action here
>>>> http://www.livecdlist.com
>>>> Just download and boot from CD.
>>>
>>> You must be joking.. nobody in their right mind would download a self
>>> booting CD recommended by anyone they didn't know.
>>> It could do absolutely anything to the machine you boot it on.
>>> Its just the sort of thing a hacker would try to get you to do.
>>> It would be a **** good way to root Linux boxes BTW.
>>
>> 100% wrong!!!
>
> You shouldn't be so certain, the Internet is full of nasty clever people
> that will eat you for breakfast.
>
>> Linux distributions come with source code.
>> If you don't trust a distro, you can make it yourself
>> with the original source code.
>>
>> Begs the question which corporation is gonna trust a micoshaft CD that
>> has no accompanying source code?
>> Micoshaft recommend their install CDs which are self booting
>> and you have no access to their source code to know
>> whats in a Micoshaft CD!!!
>>
>> All Linux CDs come *WITH* source code so that you can be sure
>> that no viruses or other crap spyware and adware has been put into it.
>
> Rubbish.
> They don't all come with source, and you will find it hard to compile it
> and make your own.

Fine all you have to do now is prove it by naming one.
That will be the *first ever* GPL'd Linux distro without source code.


> You have no way to actually know a live CD is safe unless you know where
> it came from and you know they can be trusted.

Well, ok. All you now have to do now is prove it!
Simply download the source code, modify it and send it back to the
Linux distro maintainers, explaining what your code does,
and I'm sure they will jump to it and incorporate it in their next release.

WAAAAHAHAHAHAHAHHAHAHAHAHHAHAHAHAHAHAHAHAHAHAHAHAH AAAAA!!!!




Don't give up your day job just yet fool!
The Open Source world is whole lot smarter than you think once
you get to know how it works.
http://www.livecdlist.com
http://www.distrowatch.com


>> That is a fundmantal distinction between open source Linux
>> and closed source untrustworthy Micoshaft sponsored products.
>
> You are letting irrational hate get in the way of logic.
> You would make an ideal target for a hacker.

>
> HAHAHAHHAHAHAHAHHAHAHAHAHAHAHAHAHAHAHAHAHAAAAA!!!!
>
>

<Well, here we go with 7.>

<Please don't get this lunatic started.>

dennis@home wrote:

> you call me an idiot.

Something about the suitability of foot apparel comes to mind...