Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft States Full TCP/IP Too Dangerous

Posted by Zonk on from the don't-let-them-have-all-the-toys dept.

daria42 writes "To fully implement the TCP/IP protocol in Windows XP would make creating denial of service attacks 'entirely too trivial', Microsoft has claimed. The company was responding to claims by Nmap author and well-known security expert Fyodor that by repeatedly disabling the ability to send TCP/IP packets via the 'raw sockets' avenue, Microsoft was asking the security community to 'pick their poison': either cripple their operating system or leave it open to hackers. Admitting that a recent security patch had intentionally disabled a community-developed workaround to Microsoft's TCP/IP changes - which were first implemented in Windows XP Service Pack 2 - the company claimed it had received little negative feedback on the issue."

5 of 575 comments (clear)

  1. They picked C by Nijika · · Score: 5, Funny
    Cripple the OS, and leave it open to hackers!

    In Redmond, this is what they call a win win.

    //no Karma Bonus for that one... ;)

    --
    Luck favors the prepared, darling.
  2. My TCP/IP by wombatmobile · · Score: 5, Funny

    Maybe Microsoft is right. Protocols are dangerous.

    Wouldn't it be safer if we all just had a My TCP/IP folder?

    1. Re:My TCP/IP by tehshen · · Score: 5, Funny

      If they implement the full protocols, everyone could have your TCP/IP folder :)

      --
      Guy asked me for a quarter for a cup of coffee. So I bit him.
  3. I Can't Believe It... by cyngus · · Score: 5, Funny

    I am actually going to side with Microsoft on this one. It is not as if they removed raw sockets, but rather restricted access to them. Let's consider who needs raw sockets, mostly advanced users. Advanced users are going to have an Administrator or root account on the Windows machine and therefore should have access to raw sockets, no? There is almost no reason for the average user to have raw sockets. They do create a real risk of bad network behavior and I imagine if someone were to create TCP/IP today instead of 30 years ago when the Internet was a much smaller, nicer place, raw sockets would not be part of the spec.

    As an aside, I think I'm going to take the rest of the day off, agreeing with Microsoft is mentally jarring. It has to make you question existence just a little and also make you a touch ill.

  4. Re:A wise decision by nusuth · · Score: 5, Funny
    runas /user:Administrator@domain "C:\program files\internet explorer\iexplore.exe"

    So you run internet explorer to add a printer. And I thought adding a printer to OS/2 was unintuitive...

    --

    Gentlemen, you can't fight in here, this is the War Room!