Slashdot Mirror


Windows 98, Me, NT4, 2000 and XP SSL Flawed

JoeSmack writes "In amazingly unexpected news, ComputerWorld is running an article that says the SSL security hole found in Internet Explorer is not a flaw in the browser, but in the operating system itself." The article mentions that Konqueror was patched against the same bug in 90 minutes.

6 of 483 comments (clear)

  1. Oh, that's good then... by MrFenty · · Score: 5, Funny
    ...Scott Culp, manager of the Microsoft Security Response Center said that the SSL flaw doesn't affect any other application outside Internet Explorer and that it's a client-side issue only.

    Glad it's only a client side issue then.

  2. Didn't mention Windows 95 by SpanishInquisition · · Score: 5, Funny

    So I guess it's safe.
    It's a good thing I didn't upgrade.

    --
    Je t'aime Stéphanie
  3. Quick fix by Subcarrier · · Score: 4, Funny

    You can disable SSL in the advanced options menu. ;-)

    --
    "I have opinions of my own, strong opinions, but I don't always agree with them." -- George H. W. Bush
  4. Oh good, it's not an IE bug by freerangegeek · · Score: 5, Funny

    We only wrote bad code that made it through QA for 5 different versions of the OS dating back to the mid 90s. Of course, with Palladium, our new secure platform, things like this will never happen. Good thing we got that patch out quick!

    (Oh wait, that was the Konqueror people!)

    We'll I'm sure with our new secure computing focus it will be out any time now. Please don't stop doing ecommerce, just because all your personal data can be hacked, just use Passport.

    (Oh wait, that happens with Passport too!)

    Ummmm...

  5. 90 Minutes for Konqueror fix. by FreeLinux · · Score: 5, Funny

    90 minutes????? What are the KDE boys doing, sleeping???

    This is just unacceptable. I cannot believe and refuse to accept that it could take 90 minutes to get a major security fix out for a browser. This is completely unacceptable. It's no wonder everyone uses IE.

    I guess the Microsofties were right after all. Support for open source software is nearly impossible to find.

    -- Before you post, are you sure you got it?

  6. I'll tell you why by tunabomber · · Score: 4, Funny

    Anybody else not see the lack of logic here? MS has two crypto implementations? One for the OS, one for the API? Why the redundancy?

    The logic is so obviously simple:

    increased redundancy == increased failsafety

    So, if one of the crypto API's has a security hole, the OS can rely on the backup API, just like how a bike with one flat tire can be ridden home on the remaining good tire.

    I tell you, those MS guys really got some effective circumetry in their noggins!

    --

    pi = 3.141592653589793helpimtrappedinauniversefactory71 ...