Domain: infomaticsonline.co.uk
Stories and comments across the archive that link to infomaticsonline.co.uk.
Comments · 6
-
Re:The patch!
Ok - I admit I got the timeline wrong - but I still see nothing but responsible behavior from MS in dealing with this flaw.
Every time this happens we get some idiot on here blathering about how things are better now.
Easy there dude.. however strongly you feel about it, the links you used were extremely disingenuous. I'll explain why:
Well that wasn't true before, was it?
Read your own link. It's got quotes from Brian Valentine (not a security expert) at the RSA 2000 conference talking about how MS put a naked Win2k machine on the 'net for 2 weeks, and only 4 denial of service bugs were found and no breaches were made. Also from your link: "Microsoft has made a comprehensive effort to build Windows 2000 with security in mind, including having a staff of 15 people study the code for breaches, denials of service, and bugs." -- in other words, that was a different world back then, and MS had a lot to learn about what kind of effort was required to secure windows. The effort mentioned in that article is laughable, with the benefit of hindsight. And as I said, the claim of MS not having secure development practices prior to ~2004 is true!
It wasn't true last time, was it? Note the 10 XP vulnerability blurb footing the story.
Again, read the damn link - not just the headline!
The article you linked does not refer to security in the sense of viruses/vulnerabilities/pwnage. It refers to security in the sense of data security using encryption and key management, authentication mechanisms (x509 certificate auth using smartcards). So you see, the headlines appear pretty damning, but the articles themselves again merely prove my point. Prior to 2004, MS really hadn't grasped the magnitude of the effort that would be required, and post 2004 (maybe earlier - right around the release of XP SP2) they really got their shit together.What convincing evidence do you offer that this time they really, really mean it?
1. Industry plaudits: http://news.cnet.com/8301-1009_3-10042248-83.html
2. Details of the process: http://msdn.microsoft.com/en-us/security/ms995349.aspx
(note, the second link is a white paper by Michael Howard - a hacker/security expert himself - not a PHB unlike the dude quoted in your first link.) It's also detailed and insightful -- I suggest you read this link, even if you forgo reading your own. -
The patch!
2. The patch was released before the exploit was available -- that's a win for MS.
Bzzt! Wrong!:
We discovered this vulnerability as part of our research into a limited series of targeted malware attacks against Windows XP systems that we discovered about two weeks ago through our ongoing monitoring.
Microsoft developed the patch in response to targeted attacks. Therefore exploit code was in the wild before the patch. You are right about it dating back to XP, and all prior versions of Windows. Someone, somewhere, has been exploiting this remotely exploitable security hole in highly targeted attacks for an indeterminate number of years. Who knows what valuable proprietary data they've got so far? What corporate secrets were leaked? Every time this happens we get some idiot on here blathering about how things are better now. Well that wasn't true before, was it? It wasn't true last time, was it? Note the 10 XP vulnerability blurb footing the story. What convincing evidence do you offer that this time they really, really mean it?
-
Re:Was that a blog, or an ad for Sony?You are trolling, right?
Far from it. Working in a computer shop, I've had a LOT of their equipment through the place. It's a considered opinion, one some here disagree with. Good.
Someone mentioned their "superior" displays earlier, and I almost shot Dr. Pepper outta my nose. They don't make them themselves...
I can't STAND proprietary formats. Another gripe of mine, discussed by others earlier.
Their legacy support, while MARGINALLY better than the early 2000s, is still rock-bottom. If you look, they dropped product line after product line, too, with little warning. High-end products like AIBO? Check here to see how AIBO enthusiasts had their parade pissed on... once again, by Sony's legal department.
The RIAA stuff drives me crazy, too. Their lobbyists criminalized my being deaf.[DMCA]
Simply stated, Ford does NOT try to take my car if I use it for purposes OTHER than what Ford thinks I should. I'll gripe about ANY company that thinks it can dictate the use of its products after the sale is completed without a signed contract.
-
Actually you can die from abuse of video games
A gamer died from exhaustion in South Korea. Another gamer died from exhaustion in Taiwan.
Video games can cause seizures.
I'm against censorship, but unforunately your argument doesn't hold.
People will find the strangest ways to die and to get sick.
-
Actually you can die from abuse of video games
A gamer died from exhaustion in South Korea. Another gamer died from exhaustion in Taiwan.
Video games can cause seizures.
I'm against censorship, but unforunately your argument doesn't hold.
People will find the strangest ways to die and to get sick.
-
Re:Their 'Software Partners?'
PeopleSoft , vmware, HP, Trustix , MySQL , SAFLINK , FTI , Constant Data , SurfControl , Software AG , Agnitum , Volante , JBoss , FalconStor , Intershop, Tarantella, Software AG and Bull ,
etc..., etc..., etc...
Google is your friend: 703,000 for novell software partner. (0.58 seconds)