Slashdot Mirror
Microsoft States Full TCP/IP Too Dangerous
daria42 writes "To fully implement the TCP/IP protocol in Windows XP would make creating denial of service attacks 'entirely too trivial', Microsoft has claimed. The company was responding to claims by Nmap author and well-known security expert Fyodor that by repeatedly disabling the ability to send TCP/IP packets via the 'raw sockets' avenue, Microsoft was asking the security community to 'pick their poison': either cripple their operating system or leave it open to hackers. Admitting that a recent security patch had intentionally disabled a community-developed workaround to Microsoft's TCP/IP changes - which were first implemented in Windows XP Service Pack 2 - the company claimed it had received little negative feedback on the issue."
In Redmond, this is what they call a win win.
Luck favors the prepared, darling.
This is just part of the push to get the core internet routers cut over to NetBEUI well in advance of any ipV6 rollout. If Microsoft can manage that, the internet will be theirs again, just like when they initially built it between Steve, Bill and Woz's offices back in the early seventies.
Scary thing is, from what I've been reading Oracle will go along with this. And they can tell the future!!
rewrite TCP/IP? Embrace and extend it, so that we can have a safe, trusted internet?
Maybe Microsoft is right. Protocols are dangerous.
Wouldn't it be safer if we all just had a My TCP/IP folder?
Dear MS Employees, We have started the FUD about TCP/IP. Now press forward with MS/IP. Once we release it we'll charge everyone a fee to use it because we know it will be more secure than TCP/IP. After all, it comes from Microsoft. With Love, Bill
I'm not a troll, but I play one on Slashdot.
I am actually going to side with Microsoft on this one. It is not as if they removed raw sockets, but rather restricted access to them. Let's consider who needs raw sockets, mostly advanced users. Advanced users are going to have an Administrator or root account on the Windows machine and therefore should have access to raw sockets, no? There is almost no reason for the average user to have raw sockets. They do create a real risk of bad network behavior and I imagine if someone were to create TCP/IP today instead of 30 years ago when the Internet was a much smaller, nicer place, raw sockets would not be part of the spec.
As an aside, I think I'm going to take the rest of the day off, agreeing with Microsoft is mentally jarring. It has to make you question existence just a little and also make you a touch ill.
Why embrace and extend? All they really need to do is support the evil bit.
But of course, being Microsoft, you're probably right. They'll make their own implementation of the evil bit, patent it, and charge royalties to others who want to support their new "EDDP" protocol (Evil Data Detection Protocol).
Not to mention that IIS, Exchange, IE, and Outlook will grow to require use of EDDP during transfers of data, locking Mozilla, Apple, Linux, and others from accessing much of the internet.
Finally, John C. Dvorak will boldly claim that EDDP is the wave of the future, and Apple, Linux, and Mozilla are clearly inferior for not supporting what is clearly a web standard, because if Microsoft says it is, it MUST be.
You nailed it.
Microsoft is clearly trying to shift the blame from their dain-bramaged design to TCP/IP. How many other operating systems are there that do (more or less) fully implement TCP/IP, including raw sockets? It's almost universal.
Oh well. I guess Microsoft knows the neighborhood is safer with a crippled lunatic than healthy one.
Raise your children as if you were teaching them to raise your grandchildren, because you are.
Translation: Our OS is a dog and we need to neuter it to keep it under control.
Not that this will solve anything, no raw sockets? I don't need no raw sockets, I have 48 billion bogus dns lookups!
--Nuintari
slashdot : where an opinion can be wrong.
Windows was never a bathtub - it was a sewer.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
So you run internet explorer to add a printer. And I thought adding a printer to OS/2 was unintuitive...
Gentlemen, you can't fight in here, this is the War Room!
"Steve's views were so discredited" = chicken
"M$ agree[s] with him now" = egg
Help us Billy Gates, you are our only hope!
I don't like big words..., does that make me anti-semantic?
It also pointed out that "writing and installing kernel-mode code is vastly more complicated" than using an existing raw socket feature,
Yeh, that's why the majority of people doing this use an widely available rootkit or equivalent to do it for them.
and that if malware did make it into the kernel of a Windows machine, the user would have more serious concerns than just SYN attacks launched from their machines.
"If malware can execute code on a Windows machine, the user has more serious concerns than just SYN attacks launched from their machines. That's why Windows doesn't bother trying to close local exploits."
You haven't browsed the Gentoo forums, have you?
With any TCP/IP, I've found that by just unplugging the ethernet cable, a windows desktop can be just as secure as an OpenBSD Server.
I mean, on other occasions you hear them blather about Windows' totally stellar, fine-grained security architecture, and now they want to prevent Joe Average user from accidentally using raw sockets by, uh, removing the feature altogether?