Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows 7 Reintroduces Remote BSoD

Posted by timothy on from the no-such-thing-as-perfect-security dept.

David Gerard writes "Remember the good old days of the 1990s, when you could teardrop attack any Windows user who'd annoyed you and bluescreen them? Microsoft reintroduces this popular feature in Windows 7, courtesy the rewritten TCP/IP and SMB2 stacks. Well done, guys! Another one for the Windows 7 Drinking Game."

25 of 427 comments (clear)

  1. Re:Local? by PsychicX · · Score: 2, Insightful

    Agreed -- it IS rather bad, but generally speaking you're not expecting attacks from inside your LAN. As Windows vulnerabilities go, this isn't horrible in a practical sense.

  2. Re:Local? by ZekoMal · · Score: 3, Insightful

    Not expecting such a problem until you go to college; half of the students on my campus don't even have a password put on their computers, making it extremely easy to access them remotely as is. If everyone had Win 7 installed, well...it'd make for some interesting work.

  3. Re:First Post by commodore64_love · · Score: 1, Insightful

    "Commodore Amiga is better!"
    "No Atari ST is better!"
    "No Amiga!"
    "No Atari!"
    "Amiga!"
    "Atari!"

    Oh that's not the debate you were looking for? Sorry. Let me update that ancient debate for the modern world:
    "Apple Macintosh is better!"
    "No Microsoft PC is better!"
    "No Apple!"
    "No Microsoft!"
    "Apple!"
    "Microsoft!"

    (and ancient debate... just as juvenile today as it was 20 years ago)

    --
    "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  4. Re:The difference is... by rastilin · · Score: 4, Insightful

    Rewritten software is a double-edged sword. On the one hand you are able to finally discard the truly broken sections of your previous implementation; allowing you to make massive leaps forward. On the other you're getting rid of a large list of known bugs and replacing it with an even larger list of unknown ones.

    One of the most useful features of old technolgy is that it breaks in predictable ways.

    So it's not too surprising that something like this happened. Doesn't worry me either, I have firewalls and a NAT on all my machines, no reason not to. However since it's something that happened before, it's irritating that Microsoft didn't think to check for something like this.

    --
    How do you kill that which has no life?
  5. Re:Local? by gazbo · · Score: 3, Insightful

    Just because IPv6 reduces the need for NAT doesn't mean you shouldn't use a firewall. I assume that's what you were talking about anyway.

  6. Re:The difference is... by Sfing_ter · · Score: 4, Insightful

    really - unless the person sets the "Let Microsoft decide when and where I do updates" most of the updates WILL NOT be done. The average person uses the computer like a tv - turn it on to see the web and turn it off when done. Leave my computer on ALL NIGHT just so i can backup/run antivirus/run defrag/run etc. etc. ???

    Oh yeah these people do exist and they have 'FRIENDS' that 'KNOW' computers and 'HELP' them out by turning off that annoying UAC or giving them a 'FREE' version of office. The looks on their faces when I explain that the software they got off Limewire is infected with virus' - they can't believe microsoft would do that!!! THAT is the mentality, and that is why these attacks have always worked, and will always work.

    --
    A computer once beat me at chess, but it was no match for me at kick boxing. Emo Philips
  7. Please grow up, you're driving us away by Anonymous Coward · · Score: 5, Insightful

    Hi. I'm an adult. I work as a software engineer.

    I cannot join in with the Linux community because of you people. You're just *too awful*. Instead of accepting that this stuff happens and it's bad, you childishly nerdsnort and start writing Microsoft with a dollar sign instead of an S, acting as if this stuff is some amazing manifestation of idiocy rather than a likely consequence of using a mainstream OS developed with time and budgetary constraints. It's going to have stupid bugs. Get the fuck over it.

    I would like to join in with the Linux community, but all I ever hear is this pathetic nyerr-nyerr-nyerr garbage.

    If you want to attract intelligent, grown-up people to Linux you need to stop doing certain things.

    1) Don't act as if users of other operating systems are less intelligent than you. It turns out that Linux-advocacy isn't the entire world, and that leaders in different fields (or even this one!) might be using Windows. They're not "lusers", they just have priorities different from your own.

    2) Don't act as if Linux hasn't had equally stupid stuff happen to it. Yes, it's a different process altogether, and I would dare say that bugs are less likely due to its open source nature, but they still happen. One that I can remember off the top of my head is Debian's guessable SSL keys.

    3) Try—for ten minutes—to give the impression that half of your time isn't devoted to bashing an OS you believe is irrelevant.

    4) For good measure try cutting out the xkcd worship and meme-spouting. We might be able to relate to you people if you acted as if you weren't cut from the same distasteful mold.

    1. Re:Please grow up, you're driving us away by Anonymous Coward · · Score: 5, Insightful

      The pubertal masses of Slashdot != The Linux community

    2. Re:Please grow up, you're driving us away by bflong · · Score: 2, Insightful

      You're in the wrong place. You won't find a high percentage of adult, intelligent people here, and those that are are not very vocal. Maybe a long, long time ago, but no more. As someone else already said Slashdot != Linux Community.

      --
      Why is it so hot? Where am I going? What am I doing in this handbasket?
    3. Re:Please grow up, you're driving us away by Anonymous Coward · · Score: 1, Insightful

      Dear Anonymous Coward,

      Please do not lump all Linux users under the same tree. Most of us that has reached past our first 20-or-so years have gone past the Microsoft hate and like Linux for what it is, not because we dislike MS or Windows. Forgive our immature teenage hacker boys, they've yet to grow up, get a life and get a girlfriend.

      Sincerely,
      A Linux User

    4. Re:Please grow up, you're driving us away by JasterBobaMereel · · Score: 1, Insightful

      Slashdot is not the Linux Community

      1) People who use windows are not stupid, they either like it, prefer it, are unaware of alternatives, or are forced to .... people who constant claim it is the most wonderful thing and flawless however consider stupid .... just like mindless Linux advocates

      2) Yes this has happened in Linux, but as you pointed out Windows is a mainstream commercial product and has, I assume, a whole department paid to do regression testing, checking for likely flaws, checking and rechecking.... and this slipped through

      3) Slashdot is not the Linux Community

      4) Slashdot is not the Linux Community

      --
      Puteulanus fenestra mortis
    5. Re:Please grow up, you're driving us away by Anonymous Coward · · Score: 2, Insightful

      The pubertal masses of Slashdot != The Linux community

      No shit, but you guys certainly align yourselves with it and give it a shitty image. All it takes is one person in a club of a hundred to tarnish the clubs image or one incident to fuck up an image. What was that joke about the old constructor? "I built the old church up on the east hill. I built the schoolhouse over on the outside of the city! I built fives houses for the poor with my own hands! They could've called me Billy the builder! The constructor! But no... ya fuck one goat..."

    6. Re:Please grow up, you're driving us away by natehoy · · Score: 2, Insightful

      Hi, I'm also an adult, and I also work as a software engineer.

      >>I cannot join in with the Linux community because of you people.

      So to keep you from joining a community, all I need to do is act poorly and pretend to be a member of that community? Wow, there can't be a lot of communities that meet that standard of purity. There are asshats in pretty much every community or movement.

      A great number of Linux users, and even contributors, also use Windows, and use both as a tool appropriate to the job at hand. Most Linux project managers and major contributors don't have time to post to slashdot, and don't get into pissing matches over whose digital penis is larger. There are vocal proponents of Linux, and those that like to copy-paste the "Death to M$" meme, but a Linux contributor who seriously wants to kill Microsoft will be out there writing code or documentation, not wasting their time bashing Microsoft on slashdot.

      Try Linux or don't - but don't avoid it just because there are a good number of people with lots of free time out there representing "the community" poorly. Also, don't make the mistake of assuming that Linux is an organized, centralized movement with some form of control emanating from the center. Linux is not a company. It's not a bureaucracy. It's a movement - with lots of different people moving in lots of different directions with lots of different goals and aspirations. Some go about their business more politely than others.

      Most people seriously involved in the Linux movement don't really care one way or the other about Microsoft. It's not that they see Microsoft as irrelevant to the world at large, they are writing what they want. Microsoft really only becomes relevant when they threaten to enforce patents which they have used their majority desktop share to implement as "standards", and you can see they might react with something entirely unlike joy and adulation. :)

      If I build my own car, I really don't have any feelings about Ford, unless Ford decides that I cannot implement roundness in my wheels because they hold a patent on round wheels. At that point, I'd probably be pissed and post nasty things on the automotive section of slashdot when Ford is mentioned. (grin)

      --
      "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
    7. Re:Please grow up, you're driving us away by Anonymous Coward · · Score: 2, Insightful

      More that it represents one whole religion rather than a denomination. But the OP isn't wrong. The Slashdot community mentality is common in every linux user I know, not unlike how the majority of jews follow the torah or christians follows the bible or muslims follows the qur'an.

      And I, like the OP, resist linux because of those people.

    8. Re:Please grow up, you're driving us away by Anonymous Coward · · Score: 1, Insightful

      While the OP is a dick ("Hi. I'm an adult."), the point it makes is, to some degree, valid. It doesn't matter if the entirety of the Linux using world is not like a lot of the idiots on here. Vocal members do tend to define how something is perceived. I read the OpenBSD mailing lists, for example, and the climate there is one of extreme hostility. I have no desire to use OpenBSD due to the fact that its loudest members are, by and large, complete assholes. I know there are better ways to evaluate an operating system, but this plays a large role for me.

      I'm a Linux user, but I still cringe at how some people act so childish. The summary for this story was particularly bad. I don't care one way or the other if people use Linux (why would I?), but I do think some of the more immature posters might want to think about how they look; the kind of people who are so insufferable do tend to be those who want others to convert, and this is the equivalent of telling me I'm going to hell unless I convert to your religion. All it does is push a person away.

    9. Re:Please grow up, you're driving us away by shutdown+-p+now · · Score: 2, Insightful

      I'm sorry, Sir. This is not the Linux community, this is the Slashdot community.

      If you want the Linux community, go to http://www.kernel.org/

      http://kernel.org/ (specifically, LKML) would be the Linux developer community. Linux community as a whole is a very big thing, but Slashdot is definitely a part of it. Not saying that every single person here is a Linux advocate, but they are certainly in majority.

    10. Re:Please grow up, you're driving us away by cwrinn · · Score: 2, Insightful

      It's pretty pathetic that such visceral complaints are keeping you from collaborating in such an intelligent and engaging community. Perhaps you should reevaluate your stance on this after some deep thought.

      --
      Here's a cookie... *psst* it's MAGIC
  8. Re:Local? by dontclapthrowmoney · · Score: 3, Insightful

    ...generally speaking you're not expecting attacks from inside your LAN...

    Even if you have total control over all physical access points to your LAN, and total trust in your user base, there is still a chance that internal people can try to do nasty things - and in some ways they may have more motivation to do so.

    I think the concept of "internal/trusted network" is going to shrink - nowadays I tend to this of the "internal network" as ending at the edge of centralised server resources, and clients on what would have been called the "internal LAN" are actually outside of what I would now call the "trusted zone". Even then, SMB traffic is more likely to be open so this vulnerability is still a problem, and many organisations still concentrate on border protection without taking any defense-in-depth measures internally so they're probably wide-open to this.

    I could be paranoid, but I don't want to be less strict with internal controls and then find out the hard way that I was right all along.

  9. Re:IP Reasons for SMB2 by BassMan449 · · Score: 2, Insightful
    Did you read the link?

    Patents. Microsoft has patents that may cover your implementations of the technologies described in the Open Specifications. Neither this notice nor Microsoft's delivery of the documentation grants any licenses under those or any other Microsoft patents. However, a given Open Specification may be covered by Microsoft's Open Specification Promise (available here: http://www.microsoft.com/interop/osp ) or the Community Promise (available here: http://www.microsoft.com/interop/cp/default.mspx ). If you would prefer a written license, or if the technologies described in the Open Specifications are not covered by the Open Specifications Promise or Community Promise, as applicable, patent licenses are available by contacting iplg@microsoft.com..

    I checked both the Open Specification Promise and the Community Promise and SMB2 is not covered by either. Just because Microsoft published the spec doesn't mean they won't sue you for patent infringment.

  10. Re:"RE"-introducing? by moranar · · Score: 4, Insightful

    So you mean the problem is _less serious_ by the fact that it's been on _more_ Windows versions than stated? Maybe you mean that MS has said 'it's not a problem because this and that?'

    --
    "I think it would be a good idea!"
    Gandhi, about Internet Security
  11. Re:"RE"-introducing? by jedidiah · · Score: 4, Insightful

    You make it sound like a gaping security hole is alright just because it's been in the product long enough that people might have forgotten about it.

    If anything, this makes it sound like Windows 7 is the same old crap and that once again we have empty promises from Microsoft claiming that they will do things right this time.

    Windows users are like domestic abuse victims.

    --
    A Pirate and a Puritan look the same on a balance sheet.
  12. Re:"RE"-introducing? by Anonymous Coward · · Score: 0, Insightful

    Funny, I could say the almost same thing about your thoughtless copy-pasta.

    This brain dead Microsoft bash is just an update to previous MS bashes, being sold to you by people who have no actual technical knowledge of the product itself, and don't know it is an entirely new operating system.

  13. Re:Local? by FrankSchwab · · Score: 1, Insightful

    WTF does "one, giant active directory domain" or "ping accross continents baby" have to do with IP Subnets?

    Do you have any understanding of networks at all, or do you just spew back the crap you've heard?

    /frank

    --
    And the worms ate into his brain.
  14. Re:"RE"-introducing? by Anonymous Coward · · Score: 1, Insightful

    I think the point is that Vista has been around for a couple of years now, and it's obviously not the "OMGWTFBBQ" issue some anti-Microsoft folks think it is. If it were, there would have been a big stink about all the remote BSODs in Vista.

    Right, because Vista has been so broadly deployed in enterprise environments!

  15. Re:"RE"-introducing? by blind+biker · · Score: 2, Insightful

    The article makes it seem like it hasn't been in Windows since Windows NT and that Windows 7 is the first time it's reappeared. Seriously, Vista has it.

    Is this a case of "It's after midnight, must post another slam on Microsoft, even if we have twist and stretch like taffy to make the case"?

    I'm here, reading your wonderful post, and laughing my ass off! Do you really think, reminding us that this horrible flaw is already present in Windows Vista, will somehow "soften the blow"?

    Man, you're precious!

    --
    "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.