It looks like they're talking about the Enhanced Security Mode like IE 6 has in Win2003 servers. That thing sucks pretty bad, and no desktop user would ever keep it turned on.
If they're thinking of running IE as a less-priv user, then that's closer to the mark. When people are tricked, an exploit is used, or they outright say, "install this, yes I agree to have you screw with me," then you better hope that app doesn't have rights to HKLM\Software\Microsoft\Run and C:\WINDOWS\SYSTEM32.
Of course if IE7 does run with a less-priv user, there's the risk that all of us in the well-oiled IT shops, already running as less-priv users, will have more and more spyware developed to target us, rather than all the truckloads of spyware that just assume they have full access to the system once they start executing.
I don't really care if a seamless user experience is lost. There's no distinction between seamless installation of a helpfull plugin or seamless installation of spyware.
I can think of plenty of companies who won't let you get details about a file format they use under any circumstances.
And how often do these companies do so because they are the vast majority market share? A lot of the time, in my experience. Of course I don't REALLY blame most of them. If I was fool enough to buy a product that holds my data hostage, then it's my own fault. The larger issue with Microsoft is that they have been found in courts across the globe to be an unfair monopoly. So when I go to chose a word processor, I am unfairly steered towards MS by factors that should not be part of my decision. For example, all the folks takling about use of DOC for schoolwork. If the spec were open, then there would be absolutely no problem for other word processors (free, commercial, etc) to convert to DOC.
Why doesn't Microsoft put a "Default save format=XXX" var. MS has bloated Word with every other feature you couldn't want, how come you can't change the default save format? OR allow 3rd party plugin save formats? Actually, I wonder how Adobe did it with PDF? Maybe I'm onto something here, if they didn't have to sign an NDA, maybe open source can do the same? Granted, the PDF save is just an addition to the File menu, so it's not really replacing the save command, but the important part is how it is able to scrape the document from the pane and objectify it. Anyone know?
I eventually take apart every toy I get. I've taken apart dozzens of game controllers, and the first time I opened up a vibrating controller, I saw something I'd seen before. A cheap little DC motor with an unbalanced weight on the rotor. The first time I'd seen this was in the Milton Bradley board game, Operation. The little motor did a pretty good job of making an "electric shock" noise, and the vibration discouraged you from bracing the palm of your hand or other hand on the board while plucking the little bones out.
http://www.hasbro.com/operation/
Don't look at management, but at other businesses that have been where you are now. If you're a 100 PC shop, talk to people who run 500 PC shops and see how they handle the same day-to-day stuff you do. Chances are you'll get some ideas.
You didn't say what size you are, but the same concept applies to any size. Your first impression when you look at larger sites is going to be "wow, I wish I had those tools! But we can't afford to do it that way..." Get past that. Tools like ghost, altiris, etc, are simply ways to implement ideas. If the idea is, "I want to stop popping the WinXP CD into each computer every month and stop getting called to the desktop when a user messes something up," then 1 smart IT guy is better than any per-PC licensed product.
Another thought is that IT shops of all sizes often take on the role of trainers. Do you spend a lot of time showing people how to mail merge, or how to select the right printer? How can you package that? Maybe a training CD with a cheesey video would save you time on these things. At the very least, it looks really good that you're innovating, and you'll be less under the gun.
I strongly disagree. First, you're creating a bureaucracy that will have it's own overhead. Second, you're assuming that users will become smarter, and avoid problems, thus reducing support costs. If users's don't reduce their problems, then the costs are going to maifest themselves in some other way. Worst case: non IT solving IT problems in short-sighted ways.
In small networks, this never happens. In larger networks, departments (who are also told to keep costs down) try to solve problems on their own, and you quickly lose standardization and IT control over systems. You'll get the receptionist's son who's "really smart with computers" trying to fix things, and chances are, he'll be calling you asking you stupid stuff anyway. "I need the CD key for Office" is not really goign to fit into your billable IT world, because it'll only take 5 minutes and get you a few dollars, but the cost of ALLOWING that type of thing in the first palce is horrific.
I can make a guess... They can not afford to cause mass-outages at corp sites where Volume License Keys are used. If MS is wrong about the copies being pirated they will be liable for damages. The following situations are probably not piracy:
1. Helpdesk guy using his pirated copy at work because he couldn't get access to the corp key as fast as he wanted.
2. Ghost images where MS Sysprep was not used
3. Network Admin wanted to one of the many MS corp tools that require VLK, but he never bought a VLK CD because all his PCs came with OEM windows.
4. One of the MS oddball licenses like Academic Alliance allowed hundreds of employees or students a valid copy of WinXP at home, and they were 'accidentally' given an install CD with the VLK key obfuscated instead of the "requires activation" CD.
So they will tread lightly on these "violations".
I'm guessing it's like many of the other MS anti-piracy campaigns. They're going to read your key, look in the product activation database (which doesn't include corp VLK numbers in a useable form) and if your key is activated to another PC, it shoots up the flare. Even if you're allowed to pass without being hassled, chances are the data about your "level of suspicion" is being logged. e.g. "This PC has a key registered to an.EDU but he's coming from a.COM"... The collection of data like that is what's scarey.
You don't have to license the application to reverse engineer the protocol.
I have a big network and a strict usage policy. If my network users want to license the software and use it on my network, I peek at the traffic on my wires, and even compare that with screenshots of the licensed user's desktops.
They're distributing the app to the public, and intentionally sending the traffic over the public Internet. They have no expectation that non-licensed users will not look at the traffic and figure out what it's doing.
There is 1 sentence in the article about environmental impact. I'd say this is huge, and I'm not normally one to gripe about environmental issues unless I'm trying to impress a girl.
"Environmentalists are worried..." How is any animal going to cross this thing? Most animals won't go under an underpass a half mile long, and the only underpasses are likely to be for crossing traffic anyway.
I disagree. There are only 2 possibilities I can see. Either they're making money, or they're losing it on purpose.
1: AMD is making money off every sale. They did not recieve some grant to make PCs for poor people, and are not getting any tax exemption from these things. As much as I like AMD, I'm sure they wouldn't be able to get their stock holders to be happy with the idea that they're helping mankind by losing money. They help mankind enough by keeping Intel in check.
2: If AMD is selling the device under cost, the only thing I can think of is that they hope to break in to the embedded market.
The SIZE of this device adds to the cost. If the goal was to create a nice cheap PC, it'd be slightly bigger.
I think the first thing to do is take the WinCE drive and put it on a PC and make a 'dd' backup. Poke around, analyze it. Does it have a traditional partition table? dd clone onto a CF disk and see if it boots WinCE in the PIC?
If there really is a well designed "OS Handshake" to boot, try to work around it. Can you let WinCE complete the handshake, then use something like 'bootlin' to bootstrap linux? I think there was an evolution of bootlin into the windows days but can't recall it's name.
MS Q-articles are well known for putting makeup on the pig until a real worm is released, then they move the risk to critical. The POCs linked to by the slashdotters are showing that the bug is able to run system-level code, creating admin users and launching cmd.exe as system. The POCs might be using other security flaws to do this, but the result is the same. (like the message queueing flaws [design flaws] that MS says can't be fixed)
I am shocked that a JPEG library uses named pipes...Maybe it's because it part of the code is processed by the graphics driver running as system?
I sympathize that bugs happen, but it seems to me that a buffer overflow in the JPEG handler is one of the fisrt things you look for when you do a code audit.
Isn't there a team at Microsoft who says, "What parts of Outlook do we still have that automatically launch other things? Maybe we should go look at the source code for those and see if there are unchecked buffers?"
Autoupdate and Windowsupdate only install a fraction of the patches released for this bug. (Windows OS and IE basically)
WindowsUpdate does install a "GDI+ Detection Tool", but I have run this tool on systems with unpatched Visual Studio, Outlook, and Office and it does not detect that the patches are missing. I looked at the strings in this tool, and it basically looks like it checks for MS Photo software.
Manually visiting "officeupdate.microsoft.com" and running those updates will probably cover the most common attack vectors (Outlook, Word), but how many people do this on a regular basis? My users are not admin-level (yet) so they can't use this update site.
Incidentally, every default configuration of IE/Word I have seen allows DOC files with jpegs to be opened in the browser window with no prompting. It will not be hard to get people to run the exploits, and there's plenty of ways for worms to automate themselves without users opening things.
I'm working on a script to detect and run the patches (there's about 17 of them for this bug) but it's going to be a while because of the pre-reqs for many of the patches, and the very specific revisions that must match the patch. "If Visio 2002 is installed, detect which Visio SP level is running. If it's SP0 or SP1, run Visio SP2, then reboot, and run GDI patch"...
I accidentally log in as root all the time. I have to do 90% of my linux work as root (editing/etc files and stopping and starting daemons), so if I ssh or scp to an outside network, It uses my current user name by default: root. And even when I get a login: prompt, my natural instinct is type root.
That said, I have seen an increase of root/guest/temp/ ssh login attempts on my home DSL router/firewall. The IPs tend to be similar to mine, and there are 7-10 attempts in a row. So I'm guessing there is script or worm on the lose that searches nearby IPs for vulnerable hosts.
Or you could do what I did and marry a loving, supportive woman. Not only will you want to work hard to help support her, but the love and emotional support she'll give you will make the stress melt right away. The glass is half full guys, not half empty!
I had to ask myself why a director of Novell Marketing wants Linux community opinions on Linux certs. The answer was pretty obvious.
There are a lot of Novell certified folks out there with no Linux skills. I used to be a huge Novell guy. Then I learned Linux and discovered open-source. I had to learn a LOT. Based on all I've learned, I don't see anything that Novell+Linux can do better than Linux+Open-Source. The Linux skills I learned are the exact same skills Novell needs it's CNEs to learn. CNEs need to keep recomending Novell products to their bosses. (bonus if lots of linux admins start buying Novell products, too...)
Using Linux in a meaningful way means embracing OPEN-SOURCE! Novell's money comes from licensing closed-source products. Many of them are based on non-GNU open-source codebases! Becoming a Linux admin means learning that licensing per-user is stupid. If you want more users, you beef up the hardware. Not being able to tweak and recompile your apps is stupid. Using a closed-source pay-per-user product on the back end is not as flexible as using an open-source product.
The Novell Product Line:
eDirectory NDS=closed-source custom OpenLDAP with NCP protocol wrappers to support your NDS-only, non-ldap apps. (e.g. they customized it by adding Novell backwards compatibility)
Nterprise Web Platform=Apache+Tomcat with auth_ldap. I admit I don't know too much about Novell's web platform. Or how Novell manages to sell this as a product...I guess you're paying for a GUI admin app instead of editing the conf files?
iPrint=Novell closed-source implementation of the ietf IPP protocol, tied to NDS. (cups is a great GNU implementation of the IPP protocol)
GroupWise=...uh...wierd. GroupWise is nicer than any open-soruce groupware, but it's niche. GroupWise is just as tied to NDS as Exchange is to Active Directory. Open-source groupware on win32 is slim. A free pop3 client+commercial calender app is klunky. Novell's recent aquisition of Ximian and hard pushing of the exchange connector Linux desktops proves that they already know Exchange has won the small-to-mid groupware market. Novell sells an Exchange client to Linux users, but doesn't have a Groupwise client for Linux users? (the web client is no better than MS's web client)
iFolder=hyped up "home directory" for places that let their NT and Netware file servers get out of control. If you need iFolder, it's because you're too lazy to fix your file servers. (e.g. migrate them on Linux, and win clients get to them via samba and ftp)
ZenWorks 4 Servers=Win2k and Netware Server management for amature admins. If you're really linux savy, you're getting rid of these servers. At the very least, you use scripts to manage them.
Zenworks 4 Desktops=Totally obsoleted by Win2000 client's built-in management. (Novell has basically given up marketing it...) Use MSI for app distribution, WMI scripts for everything else.
No self-respecting Linux guru is going to pull out open-ldap and replace it with NDS. The only reason to use NDS instead of LDAP is if you have legacy apps. (the number of non-Novell apps that are NDS aware can be counted on 1 hand)
Basically, if Novell really teaches it's CNEs to be Linux proficient, they'll be teaching the CNEs to chose open-source instead.
I'm sure these customers didn't know they had a problem with their PCs. That was the first fact that caused the worm to be a problem. The fact that the computers weren't patched was secondary.
Instead of pushing the patches, why not be more aggressive about notifying customers, and giving us better tools to patch and scan? Asking millions of users to pull updates ALL THE TIME, or turn on an automatic pull where there are only 3 configuration options is a real lack of choice. There are lots of things in between that can be tried.
If I were a home XP user, and I saw a notification, "Message from Microsoft Security: Due to a problem recently found in WinXP, You are at high risk of being hit with an intrusive virus or worm. Here is a web site with details. Here is a 1-800 number with details. To correct the problem now, press Ok."
Supposing MS did give home users this easy to use scan, notify, patch utility, the only reason they would not use it is if the EULA were too scary. This is easy to fix. Put a big splash screen with "Absolutely no Information is gathered and Sent to Microsoft. To see how this tool works, click here. Microsoft will never change this policy without your consent. (Like we did with WindowsUpdate)"
We shouldn't have to wait long to see an analysis of Blaster, but I am going to guess that the majority of infection vectors came from business or academic Win2000 installations. WinXP systems crashed so much, they weren't efficiently spreading the worm. So corporate tools to fill this middle ground need to be improved. The hard to learn and use tools like IIS lockdown, hfncheck, etc need to be seriously overhauled.
At work, I would love to have a non-web-based WindowsUpdate SCANNER, and a separate PATCHER. They'd be easy to use with a GUI, but also have command line options so they could be used in scripts. (SUS isn't what I'm talking about, because it is browser based, and the process is still a pull. The only way you can push an important update is to go to each server, or set the servers auto-pull frequency really high)
I also wonder if MS is afraid that making system maintenance too easy might cut in to their SMS server sales?
It's easy for any DSL provider to sidestep this. They have to be a voice provider? Great! Covad can start offering traditional analog voice service for the low-low price of $800 a month+$20 a minute...
Slashdot Mirror
I wouldn't worry about it... US gunfire and air strikes are more likely to kill you than cancer.
If they're thinking of running IE as a less-priv user, then that's closer to the mark. When people are tricked, an exploit is used, or they outright say, "install this, yes I agree to have you screw with me," then you better hope that app doesn't have rights to HKLM\Software\Microsoft\Run and C:\WINDOWS\SYSTEM32.
Of course if IE7 does run with a less-priv user, there's the risk that all of us in the well-oiled IT shops, already running as less-priv users, will have more and more spyware developed to target us, rather than all the truckloads of spyware that just assume they have full access to the system once they start executing.
I don't really care if a seamless user experience is lost. There's no distinction between seamless installation of a helpfull plugin or seamless installation of spyware.
And how often do these companies do so because they are the vast majority market share? A lot of the time, in my experience. Of course I don't REALLY blame most of them. If I was fool enough to buy a product that holds my data hostage, then it's my own fault. The larger issue with Microsoft is that they have been found in courts across the globe to be an unfair monopoly. So when I go to chose a word processor, I am unfairly steered towards MS by factors that should not be part of my decision. For example, all the folks takling about use of DOC for schoolwork. If the spec were open, then there would be absolutely no problem for other word processors (free, commercial, etc) to convert to DOC.
Why doesn't Microsoft put a "Default save format=XXX" var. MS has bloated Word with every other feature you couldn't want, how come you can't change the default save format? OR allow 3rd party plugin save formats? Actually, I wonder how Adobe did it with PDF? Maybe I'm onto something here, if they didn't have to sign an NDA, maybe open source can do the same? Granted, the PDF save is just an addition to the File menu, so it's not really replacing the save command, but the important part is how it is able to scrape the document from the pane and objectify it. Anyone know?
I eventually take apart every toy I get. I've taken apart dozzens of game controllers, and the first time I opened up a vibrating controller, I saw something I'd seen before. A cheap little DC motor with an unbalanced weight on the rotor. The first time I'd seen this was in the Milton Bradley board game, Operation. The little motor did a pretty good job of making an "electric shock" noise, and the vibration discouraged you from bracing the palm of your hand or other hand on the board while plucking the little bones out. http://www.hasbro.com/operation/
You didn't say what size you are, but the same concept applies to any size. Your first impression when you look at larger sites is going to be "wow, I wish I had those tools! But we can't afford to do it that way..." Get past that. Tools like ghost, altiris, etc, are simply ways to implement ideas. If the idea is, "I want to stop popping the WinXP CD into each computer every month and stop getting called to the desktop when a user messes something up," then 1 smart IT guy is better than any per-PC licensed product.
Another thought is that IT shops of all sizes often take on the role of trainers. Do you spend a lot of time showing people how to mail merge, or how to select the right printer? How can you package that? Maybe a training CD with a cheesey video would save you time on these things. At the very least, it looks really good that you're innovating, and you'll be less under the gun.
In small networks, this never happens. In larger networks, departments (who are also told to keep costs down) try to solve problems on their own, and you quickly lose standardization and IT control over systems. You'll get the receptionist's son who's "really smart with computers" trying to fix things, and chances are, he'll be calling you asking you stupid stuff anyway. "I need the CD key for Office" is not really goign to fit into your billable IT world, because it'll only take 5 minutes and get you a few dollars, but the cost of ALLOWING that type of thing in the first palce is horrific.
1. Helpdesk guy using his pirated copy at work because he couldn't get access to the corp key as fast as he wanted.
2. Ghost images where MS Sysprep was not used
3. Network Admin wanted to one of the many MS corp tools that require VLK, but he never bought a VLK CD because all his PCs came with OEM windows.
4. One of the MS oddball licenses like Academic Alliance allowed hundreds of employees or students a valid copy of WinXP at home, and they were 'accidentally' given an install CD with the VLK key obfuscated instead of the "requires activation" CD.
So they will tread lightly on these "violations".
I'm guessing it's like many of the other MS anti-piracy campaigns. They're going to read your key, look in the product activation database (which doesn't include corp VLK numbers in a useable form) and if your key is activated to another PC, it shoots up the flare. Even if you're allowed to pass without being hassled, chances are the data about your "level of suspicion" is being logged. e.g. "This PC has a key registered to an .EDU but he's coming from a .COM"... The collection of data like that is what's scarey.
You don't have to license the application to reverse engineer the protocol.
I have a big network and a strict usage policy. If my network users want to license the software and use it on my network, I peek at the traffic on my wires, and even compare that with screenshots of the licensed user's desktops.
They're distributing the app to the public, and intentionally sending the traffic over the public Internet. They have no expectation that non-licensed users will not look at the traffic and figure out what it's doing.
There is 1 sentence in the article about environmental impact. I'd say this is huge, and I'm not normally one to gripe about environmental issues unless I'm trying to impress a girl.
"Environmentalists are worried..." How is any animal going to cross this thing? Most animals won't go under an underpass a half mile long, and the only underpasses are likely to be for crossing traffic anyway.
1: AMD is making money off every sale. They did not recieve some grant to make PCs for poor people, and are not getting any tax exemption from these things. As much as I like AMD, I'm sure they wouldn't be able to get their stock holders to be happy with the idea that they're helping mankind by losing money. They help mankind enough by keeping Intel in check. 2: If AMD is selling the device under cost, the only thing I can think of is that they hope to break in to the embedded market. The SIZE of this device adds to the cost. If the goal was to create a nice cheap PC, it'd be slightly bigger.
If there really is a well designed "OS Handshake" to boot, try to work around it. Can you let WinCE complete the handshake, then use something like 'bootlin' to bootstrap linux? I think there was an evolution of bootlin into the windows days but can't recall it's name.
I am shocked that a JPEG library uses named pipes...Maybe it's because it part of the code is processed by the graphics driver running as system?
Isn't there a team at Microsoft who says, "What parts of Outlook do we still have that automatically launch other things? Maybe we should go look at the source code for those and see if there are unchecked buffers?"
WindowsUpdate does install a "GDI+ Detection Tool", but I have run this tool on systems with unpatched Visual Studio, Outlook, and Office and it does not detect that the patches are missing. I looked at the strings in this tool, and it basically looks like it checks for MS Photo software.
Manually visiting "officeupdate.microsoft.com" and running those updates will probably cover the most common attack vectors (Outlook, Word), but how many people do this on a regular basis? My users are not admin-level (yet) so they can't use this update site.
Incidentally, every default configuration of IE/Word I have seen allows DOC files with jpegs to be opened in the browser window with no prompting. It will not be hard to get people to run the exploits, and there's plenty of ways for worms to automate themselves without users opening things.
I'm working on a script to detect and run the patches (there's about 17 of them for this bug) but it's going to be a while because of the pre-reqs for many of the patches, and the very specific revisions that must match the patch. "If Visio 2002 is installed, detect which Visio SP level is running. If it's SP0 or SP1, run Visio SP2, then reboot, and run GDI patch"...
Sorry if I'm spreading panic, but this bug sucks.
I accidentally log in as root all the time. I have to do 90% of my linux work as root (editing /etc files and stopping and starting daemons), so if I ssh or scp to an outside network, It uses my current user name by default: root. And even when I get a login: prompt, my natural instinct is type root.
That said, I have seen an increase of root/guest/temp/ ssh login attempts on my home DSL router/firewall. The IPs tend to be similar to mine, and there are 7-10 attempts in a row. So I'm guessing there is script or worm on the lose that searches nearby IPs for vulnerable hosts.
I had to ask myself why a director of Novell Marketing wants Linux community opinions on Linux certs. The answer was pretty obvious.
There are a lot of Novell certified folks out there with no Linux skills. I used to be a huge Novell guy. Then I learned Linux and discovered open-source. I had to learn a LOT. Based on all I've learned, I don't see anything that Novell+Linux can do better than Linux+Open-Source. The Linux skills I learned are the exact same skills Novell needs it's CNEs to learn. CNEs need to keep recomending Novell products to their bosses. (bonus if lots of linux admins start buying Novell products, too...)
Using Linux in a meaningful way means embracing OPEN-SOURCE! Novell's money comes from licensing closed-source products. Many of them are based on non-GNU open-source codebases! Becoming a Linux admin means learning that licensing per-user is stupid. If you want more users, you beef up the hardware. Not being able to tweak and recompile your apps is stupid. Using a closed-source pay-per-user product on the back end is not as flexible as using an open-source product.
The Novell Product Line:
eDirectory NDS=closed-source custom OpenLDAP with NCP protocol wrappers to support your NDS-only, non-ldap apps. (e.g. they customized it by adding Novell backwards compatibility)
Nterprise Web Platform=Apache+Tomcat with auth_ldap. I admit I don't know too much about Novell's web platform. Or how Novell manages to sell this as a product...I guess you're paying for a GUI admin app instead of editing the conf files?
iPrint=Novell closed-source implementation of the ietf IPP protocol, tied to NDS. (cups is a great GNU implementation of the IPP protocol)
GroupWise=...uh...wierd. GroupWise is nicer than any open-soruce groupware, but it's niche. GroupWise is just as tied to NDS as Exchange is to Active Directory. Open-source groupware on win32 is slim. A free pop3 client+commercial calender app is klunky. Novell's recent aquisition of Ximian and hard pushing of the exchange connector Linux desktops proves that they already know Exchange has won the small-to-mid groupware market. Novell sells an Exchange client to Linux users, but doesn't have a Groupwise client for Linux users? (the web client is no better than MS's web client)
iFolder=hyped up "home directory" for places that let their NT and Netware file servers get out of control. If you need iFolder, it's because you're too lazy to fix your file servers. (e.g. migrate them on Linux, and win clients get to them via samba and ftp)
ZenWorks 4 Servers=Win2k and Netware Server management for amature admins. If you're really linux savy, you're getting rid of these servers. At the very least, you use scripts to manage them.
Zenworks 4 Desktops=Totally obsoleted by Win2000 client's built-in management. (Novell has basically given up marketing it...) Use MSI for app distribution, WMI scripts for everything else.
No self-respecting Linux guru is going to pull out open-ldap and replace it with NDS. The only reason to use NDS instead of LDAP is if you have legacy apps. (the number of non-Novell apps that are NDS aware can be counted on 1 hand)
Basically, if Novell really teaches it's CNEs to be Linux proficient, they'll be teaching the CNEs to chose open-source instead.
I'm sure these customers didn't know they had a problem with their PCs. That was the first fact that caused the worm to be a problem. The fact that the computers weren't patched was secondary. Instead of pushing the patches, why not be more aggressive about notifying customers, and giving us better tools to patch and scan? Asking millions of users to pull updates ALL THE TIME, or turn on an automatic pull where there are only 3 configuration options is a real lack of choice. There are lots of things in between that can be tried. If I were a home XP user, and I saw a notification, "Message from Microsoft Security: Due to a problem recently found in WinXP, You are at high risk of being hit with an intrusive virus or worm. Here is a web site with details. Here is a 1-800 number with details. To correct the problem now, press Ok." Supposing MS did give home users this easy to use scan, notify, patch utility, the only reason they would not use it is if the EULA were too scary. This is easy to fix. Put a big splash screen with "Absolutely no Information is gathered and Sent to Microsoft. To see how this tool works, click here. Microsoft will never change this policy without your consent. (Like we did with WindowsUpdate)" We shouldn't have to wait long to see an analysis of Blaster, but I am going to guess that the majority of infection vectors came from business or academic Win2000 installations. WinXP systems crashed so much, they weren't efficiently spreading the worm. So corporate tools to fill this middle ground need to be improved. The hard to learn and use tools like IIS lockdown, hfncheck, etc need to be seriously overhauled. At work, I would love to have a non-web-based WindowsUpdate SCANNER, and a separate PATCHER. They'd be easy to use with a GUI, but also have command line options so they could be used in scripts. (SUS isn't what I'm talking about, because it is browser based, and the process is still a pull. The only way you can push an important update is to go to each server, or set the servers auto-pull frequency really high) I also wonder if MS is afraid that making system maintenance too easy might cut in to their SMS server sales?
It's easy for any DSL provider to sidestep this. They have to be a voice provider? Great! Covad can start offering traditional analog voice service for the low-low price of $800 a month+$20 a minute...