I saw this on a co-workers computer yesterday. IE (and the rest of his system) were virtually unresponsive - especially when it came to network operations. Turns out he had just installed Morpheus on it. Grabbed a copy of Ad-aware, ran it, and all his problems went away. Nasty stuff though...
This is taken out of context - the quote refers specifically to the Hotmail hole that allowed the reading of a specific user's mail. The quote has nothing to do with IIS as the hole is due to the poor design of the CGI backend. In other words, the Hotmail hole would have existed irrespective of the underlying web server.
Our sysadmin (in the process of patching one of our NT boxes) tried to access windowsupdate.microsoft.com - you guessed it, it had been hit too. Didn't stay that way for very long (~2 minutes total) but we did get a screenshot:^) Nice to know MS keeps its patches (security and otherwise) on a secure and fully patched server...
As I understand it the crime (publishing a circumvention of the encryption algorithm) was committed on US soil and thus falls under US jurisdiction. Mind you, that's not saying that what they're doing is right...
About the only novel thing mentioned in whitepaper mentioned was a means of dynamically adding to the system libraries (though even this isn't very original). Other than that everything they mentioned was simply standard design practive made to sound innovative. ("recursive functions" and "software procedures" are new ideas?!? - their quotes btw) Add to this the fact that their website has nothing but investor info and this starts looking really dubious.
Slashdot Mirror
I saw this on a co-workers computer yesterday. IE (and the rest of his system) were virtually unresponsive - especially when it came to network operations. Turns out he had just installed Morpheus on it. Grabbed a copy of Ad-aware, ran it, and all his problems went away. Nasty stuff though...
This is taken out of context - the quote refers specifically to the Hotmail hole that allowed the reading of a specific user's mail. The quote has nothing to do with IIS as the hole is due to the poor design of the CGI backend. In other words, the Hotmail hole would have existed irrespective of the underlying web server.
Run away! Run away!
(With apologies to Monty Python)
Our sysadmin (in the process of patching one of our NT boxes) tried to access windowsupdate.microsoft.com - you guessed it, it had been hit too. Didn't stay that way for very long (~2 minutes total) but we did get a screenshot :^) Nice to know MS keeps its patches (security and otherwise) on a secure and fully patched server...
As I understand it the crime (publishing a circumvention of the encryption algorithm) was committed on US soil and thus falls under US jurisdiction. Mind you, that's not saying that what they're doing is right...
Can anyone say 1984?
About the only novel thing mentioned in whitepaper mentioned was a means of dynamically adding to the system libraries (though even this isn't very original). Other than that everything they mentioned was simply standard design practive made to sound innovative. ("recursive functions" and "software procedures" are new ideas?!? - their quotes btw) Add to this the fact that their website has nothing but investor info and this starts looking really dubious.
...the widgets on Linux are Windows style. If I wanted windows that's what I'd be using.