Slashdot Mirror
Microsoft: We Make Hackers Obsolete
bahamat writes "This article explains how Microsoft was forced to yank a magazine ad by the Advertising Standards Authority. In the ad MS claims that they'll make the hacker extinct. The tagline reads "Microsoft software is carefully designed to keep your company's valuable information in, and unauthorised people and viruses out. Which means that your data couldn't really be safer, even if you kept it in a safe. Which is great news for the survival of your company. But tragic news for hackers." Does MS really think that people are too stupid to remember what happened less than 2 months ago? My favorite quote from the article is "Clarke described Microsoft's claim as "laughable". "
I wonder if they used stock photography again this time?
If you can't beat them, arrange to have them beaten. -George Carlin
So where is their product that makes hackers extinct! I havent heard of the release yet! This is great new! Does someone have a link to it?
Instead of the ad showing the greasy hacker it should show the hacker with huge muscles and maybe like laser beams shooting from its eyes as it thrives in the microsoft environment. I bet then they'd run the ad.
-Eod
Maybe they've finaly refined their product to the point where you simply can't boot it anymore. Put your safe inside your computer and feel as safe as ever.
Computing in Hell:
The security of Windows, the ease of use of Linux, and a Macintosh mouse!
"Those who have never entered upon scientific pursuits know not a tithe of the poetry by which they are surrounded."
It IS hacker proof - we don't have access to the source, how are we supposed to hack on the code?
*rim shot*
Because it doesn't require a hacker to break into Microsoft products, any average user can do it.
I can't believe it; someone LYING in an ADVERTISEMENT?! This threatens the integrity of the entire advertising field!
Windows 2000 Server:
3 vulnerabilities in 7 yea--- days!
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
The product is called "Microsoft Offswitch"
It might be the end of advertising as we know it.
" In the ad MS claims that they'll make the hacker extinct. "
I don't see what the problem is. It's true! Why be a hacker when you can do it all as a script kiddie?
From the Jargon Dictionary link in the article:
hacker n. [originally, someone who makes furniture with an axe]
Why would Microsoft even care about some crude pre-modern furniture makers? I am beginning to think there was more than one reason the advertisement got yanked.
Stallan once said if you stated a lie long enough it would become true.
...."Windows is reliable...Unix is reliable...Windows is scalable...Unix is scalable...Windows cost less then a $1000 dollars...???" ?
I remember how NT4 was supposed to be the unix killer. Anyone remember the microsoft ad on the internet which went something like this
At the same time Bill Gates did a show called scalability day. In the demonstration with Microsoft Transaction server they showed NT doing million of simulated hits for banking apps. Bill said if NT can do this with only pc hardware just imagine what it can do with 32 processor systems.
What a joke. We all know that NT4 sucked bigtime and it was no solaris as Microsoft claimed.
Same is true with this. Many companies like Motorolla and TI believed the lie and replaced all there unix systems with NT ones only to downgrade back to unix. NT just could not handle it and Microsoft transaction server was not the magical bullet Microsoft made it out to be.
Its like the story of the boy who called wolf.
http://saveie6.com/
http://phunny.drghetto.com/switchlinux3.swf
much more creative.
YOU SUCK BALLS!
If anyone else was confused by the appearance of the "Advertising Standards Authority", it should be pointed out that this all occurred in South Africa, and not in the United Corporations of America.
America, naturally, would never CONSIDER such an insightful group.
Are you some kind of robot? If yes, what powers do you have? Do you use them for good or for awesome?
So it looks like Microsoft doesn't realize how lucky it has been in recent times.
SQL Slammer - affected users had better be thankful the packets only caused congestion - a packet 5 times the size but had a damaging (as opposed to disruptive) payload would hurt a lot more.
The WebDAV hole - a hell of a good job keeping hackers out of the US Army website.
The JScript hole - so just by reading my (HTML and JScript enabled) mail, an attacker could potentially run arbitrary code on my computer?
SirCam and Klez - information really does want to be free, it keeps escaping from Microsoft products!
In Soviet Russia, Microsoft owns Hackers!
Doing the Right Thing should not be preempted by making a buck.
Who needs hackers when the Windows can exploit itself over and over again...
I believe it's called self-abuse... for the more techie, it's known as digital-masturbation.
Welley Corporation - SLM Scammers
Holden: Yeah.
Banky: Good. Over here, we have a publicly accessible, secure, and intelligently maintained Windows server. Down here, we have a self-hating, angry as fuck, agenda of rage, bitter Solaris admin. Over here, we got Santa Claus, and up here the Easter Bunny. Which one is going to get to the hundred dollar bill first?
Holden: What is this supposed to prove?
Banky: No, I'm serious. This is a serious exercise. It's like an SAT question. Which one is going to get to the hundred dollar bill first? The male-friendly lesbian, the man-hating dyke, Santa Claus, or the Easter bunny?
Holden: The self-hating admin.
Banky: Good. Why?
Holden: I don't know.
Banky: Because the other three are figments of your fucking imagination!
http://us.imdb.com/Title?0118842
"My God, this must be a truly remarkable corn chip, to be so widely and confidently touted."
My daily commute to/from work near Silicon Valley takes me on highway 101 in the Redwood City area. There are tons of billboards around but one always stands out, because it is the only billboard that is electronic. It is brighter than all the others, and it changes what it shows every five seconds or so.
One of the most commonly seen ads on this electronic billboard is Oracle's "Unbreakable" farce.
Last week a fellow cohort of mine was driving in at 6:30am and happened to glance at the billboard. It was showing the Blue Screen of Death.
- First they ignore you, then they laugh at you, then ???, then profit.
bahamat wrote: Does MS really think that people are too stupid to remember what happened less than 2 months ago?
You don't need to look that far back. Try this week. It seems as though Microsoft has an ongoing program to nurture and feed the *acker types of the world.
"Weapons should be hardy rather than decorative" - Miyamoto Musashi
I think that goes for OS's too
How many slashes would a slashdot dot, if a slashdot could dot slashes?
Evil l337 h4x0r: Mwah ha ha! I am going to break into this system, cause it to become slow and unreliable, trash lots of files, turn the security framework into pure unmanageable chaos, and make it send out IP packets violating several RFCs!"
(Typing...)
Elh: Ah, crap, it's already running Windows.
When all you have is a hammer, everything looks like a skull.
Microsoft Disclaimer: Please uplug all Cat-5 and/or modem cables from your system and do not connect to any networks, especially the internet in order to take full advantage of our "Hacker Exterminator" Technology. Wireless networking is included in this disclaimer. Thank you for choosing Microsoft.
I wonder how many crackers and script kiddies cut their teeth on Microsoft vulnerabilities. I'd wager that the vast majority of the black hats out there owe their "careers" to Microsoft software.
The cure for cancer is coming: Reovirus
I think you meant shut it down.
You may have stumbled on to Microsoft's secret security strategy here.
- Release insecure software for over a generation.
- Watch 'real' hacker skills atrophy with time.
- Implement all the code fixes they have been secretly stockpiling in Bill's underground lair.
- MS systems become inpenetrable.
Maybe this is the real reason MS wants Linux eliminated, because it keeps hackers sharp.
"The words of the prophets are written on the Slashdot walls."
No, not really. Most firms are honest. Some firms exadurate, like Apple's famous "bicycle for your brain" hyperbole describing the Apple II or Oracle's "Unbreakable" advert. Microsoft, however is so dishonest that really large, generally clueless organizations notice:
When you get to the point where the postman. bankers and marketing droids notice you suck and lie about it, man, it's over.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Does MS really think that people are too stupid to remember what happened less than 2 months ago?
They don't just think it... They count on it.
For example, just pulled from the Microsoft outlook home page:
If you have Outlook version 2002, you already have industry-leading technologies helping to protect your data.
Evidently, Security Bulletin MS03-003 is some of that industry-leading technology.
It says so in the license!
"Orthodoxy is unconsciousness" - Orwell
It's great that Microsoft's advertising claims were shot down in this case for being unjustifiable, but they've still got some other pretty nasty falsehoods floating around out there.
I don't know if this particular campaign is appearing at American schools, but certainly at Canadian universities, Microsoft has launched a fairly heavy ad campaign for academic-priced software (I've seen the ads at Waterloo and Simon Fraser.) The ads feature bold print saying "Getting software for any less would be illegal", and in smaller print, below: "90% off the estimated retail price!". (See a banner ad of it at the University of Waterloo computer store.)
Hmm... given that I've paid less than their listed prices for the software on my computer, I guess they're accusing me of breaking the law. It's too bad that a lot of their competition's software is still cheaper (e.g. I use OpenOffice, myself, but I'm pretty sure I could get a full-priced copy of StarOffice for less than the student-priced Office XP.)
I would love to see Sun start a competing campaign saying "Getting certain other software at these prices would be illegal. Save money and keep yourself out of jail: use StarOffice."
That's because Microsoft has nothing to do with crackers. It's Frito-Lay that has made crackers obsolete. Tortilla chips have gained so much market share in recent years that crackers just don't have a chance.
To give them the benefit of the doubt, perhaps they meant an open safe, with a big arrow pointed towards it and the words "FREE STUFF!" spray painted on the wall. ;-)
It's not as if the Dodo went extinct because it fell into obsolescence. It went extinct because the Dutch sailors and settlers arrived in Mauritius bringing rats and cats, then cut down half the forest and clubbed the few surviving dodos for sport. Not unlike MS' historical conduct in the software industry, come to think of it.
Unix is a complete joke as far as security.
I don't know what you mean by "Unix", but I'm assuming it includes all POSIX-compatable operating systems (including GNU/Linux, *BSD, etc). In that case, maybe you should look at OpenBSD. It's about as Unix as they come, being BSD-derived and all. Yet it is also one of the most secure general-purpose operating systems out there. In the past 7+ years, OpenBSD has had one remote root hole in the default install (the OpenSSH off-by-one hole, I believe) and a handfull of priviledge escalation holes and the like. Compare this to Solaris or Red Hat Linux, and you'll see that not all Unixes are the same.
a.) It's ancient so most of the flaws are finally worked out.
I agree here, but I think that the point deserves more elaboration. Many of the flaws in Windows and Windows-related products like IIS stem from fundamental design problems, the kind that only massive time and energy spent reworking can fix. For example, the fact that any NetBIOS-enabled Windows machine will send you its password hashes upon request (by getting the machine to retrieve a remote file:// url) has been acknowledged by Microsoft as a pretty much unfixable design flaw. Similarly, the IIS URL parsing mechanism is overly complex, leading to holes like the Unicode ../../ problems. With Unix, most of the fundamental design issues have been worked out or worked around. True, there are still a few fundamental problems; the inflexible permissions system and the fact that many things run as root just to get one specific priviledge (ping, daemons, etc) come to mind. But most of the flaws in Unix programs come from buffer overflows, format string vulnerabilities, unchecked perl open() calls, and the like: little, isolated errors that are easy to make and almost as easy to fix.
b.) Nobody _gives a shit_ about Unix so there aren't a lot of hackers out there targetting it.
This point blatantly contradicts the others. If Unix is so unimportant, why (according to point a) have there been so many flaws found and fixed? Besides that, have you looked at how many companies are into Linux these days? I think that Red Hat, IBM, and HP (just to name a few) would disagree with your statement that "Nobody _gives a shit_ about Unix". With the release of Mac OS X, Unix is now also a popular desktop OS with a significant market share. As for "hackers" (I'll assume you meant crackers) targeting Unix, take a look at any security-related mailing list and you'll see that many Unix-related flaws are researched and found, and often exploited. Crackers and script kiddies do care about Unix (it accounts for over half of all webservers*, for example), and this is why so much effort has gone into and will continue to go into securing Unix.
*Netcraft says that 64.19% of sites run Apache, but does not mention the OS distribution. Since most Apache installs are on Unix systems, and since there are also some non-Apache Unix webservers, I figured that saying 50% was more than reasonable.
This message may appeal to naive purchasers, but does not address real-world threats. Most corporate fraud is committed by insiders. Microsoft is proposing an overly simplistic threat model: the villains are outside the wall. In reality, villains inside the wall account for greater damage.
I guess you guys didn't read the extra fine print. It says that the user must... 1. Use a hardware firewall with both incoming and outgoing ports blocks.
2. Use Mozilla instead of IE and Outlook Express.
3. Have two anti-virus programs that checks for updates every five minutes.
4. Sanitize all floppy disks with magnets before use.
5. Check for and download Windows updates daily, unless the updates undoes the previous fix (e.g. Slammer) or breaks the Windows. Consumers should buy a second system and a second copy of Windows.
6. Leave the system off. If you must use your computer, try your local library computer lab. If you must use your home computer, turn it on just long enough to do your business and turn it off when finished. Note that acorrding to EULA, by merely turning on the system, you are acting against the recommandation of MS and therefore, MS is not liable for any damages.
7. Upgrade to the new version of Windows as soon as it is released. Delete your old partition and do a clean install as the new and improved Windows magically wipes away your past problems.
8. If you get hacked with the latest version of Windows, that probably means that you are a pirate.
9. If you are not a pirate, that means that you must have violated one of the clauses above and MS shall not be held liable.
10. If you followed all the clauses above, by EULA, you must submit the problem to us, so that we can put a clause excluding your error in the future EULA (to be installed with the next patch) so that MS MS shall not be held liable. If you do not submit your error, you are in violation of EULA and MS shall not be held liable.
1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
Just shows how low the media whores in this country. No objection to printing that in Time magazine. An African country can see the absurdity of these ads and force retractions, but not here.
The result of this evaluation is that both products are not safe to use on the Internet and as a public terminal:
(Read it yourself.)
So Windows is indeed certified to be hacker-proof, unless you connect it to the Internet, or the hacker is unwilling to cooperate.