Slashdot Mirror


User: symbolset

symbolset's activity in the archive.

Stories
0
Comments
9,127
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 9,127

  1. If Symantec is helping on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 1

    Then the cure will be worse than the disease.

  2. Re:Yes, on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 1

    No. I also heard it doesn't run on Macs. Something about Apple having taste.

  3. Re:A stroke of genius... on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 2, Insightful

    Microsoft patched one heinous vector months ago: the broken Server service that allows pathological inputs to execute arbitrary code with System privileges, remotely. They patched it with hasty broken code that will be exploited later this year, but that's a different worm for a different day. They also didn't disable remote logins on this service or do the rational thing and close the port entirely so one exploited PC inside your network is going to spend its whole day cracking passwords. A diligent IT shop might have validated the patch by now. Remember... patches break stuff.

    Still not protected: that laptop that's been sitting in a drawer waiting for the position at that empty desk to be filled. The road warrior whose third party firewall blocks Windows updates.

    Still not fixed: Autorun.

    Blaming the victim isn't going to get you anywhere here. We know better.

  4. Please mod parent funny on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 0

    When MS learns how to write secure code....

    Apparently Microsoft hires the brightest minds on H1B visas from around the world, draining the IQ of the planet on their way to spending $9 Billion a year on research and development. One must presume that they know how and that they don't care.

  5. Not likely on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 4, Insightful

    This program, which has been in place since 2003, has paid out a grand total of $250. All of it in one whopping check to the college mates of the Sasser programmer. Presumably they split it and bought some beer. The program manager must be quite proud of himself.

    In related news, Microsoft is working with ICANN and others to prevent the registration of the domain this thing calls home to. It probably hasn't even occurred to them that the programmers ran their random name generator out a long way in advance, registered the domain in the name of some perfectly innocent third party long ago and that they're too late because launch day for downadup is tomorrow since they always kick these things off of the eve of a holiday weekend.

    If you admin Windows desktops, I wouldn't invest too much in your plans for this weekend.

  6. Re:In separate news, Microsoft budgeting an extra on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 1

    Silly me. I thought the price was $699.

    They must have got a slamming discount for volume.

  7. Re:Malicious? on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 1

    Generally I phrase that as "anything a program can do, another program can do". I think I got it from Wirth but it may date back to Turing, or even further.

  8. Well maybe on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 2, Insightful

    I'm so sick of how anything that criticizes microsoft on slashdot gets modded up on slashdot, and...oh, nevermind.

    Well maybe they should make a decent OS. Or stop partnering with companies for the purpose of killing them for the secondary benefits. Or suing their customers. Or stealing ideas like Stacker. Or paying Gartner to release "studies" that exclaim their new products are taking off like a rocket. Or taking a perfectly good webmail like hotmail and turning it all greasy. Or trying to kill decent software companies like Netscape, Corel and Adobe. Or launching disinformation campaigns like "get the facts" and "Mojave Project". Or generally puking all over everything in IT. Or paying folks like SCO to sue decent folk who are just trying to use decent software. Or... oh screw it. None of that is ever going to happen. Never mind.

    Slashdot is never going to like Microsoft.

  9. Tough room on Microsoft Slaps $250K Bounty On Conficker Worm · · Score: 3, Informative

    The MS bounty program has been running since 2003. Thus far they have paid out only one award of $250.

  10. Of course on MS To Offer Free Windows 7 Upgrade To Vista Users · · Score: 1

    How else are they going to get Gartner to report rabid adoption rates? Without these phantom installs and the SA license upgrades and the "pre-downgrade" seat count inflation people might find out what adoption rates really are. That won't do.

  11. agree on MS To Offer Free Windows 7 Upgrade To Vista Users · · Score: 2, Informative

    Many of us would agree they could do no better. But that is not the same thing as thinking the product doesn't suck.

  12. Source code is just documentation on How To Argue That Open Source Software Is Secure? · · Score: 1

    It's really thorough documentation that tells the compiler how to make the machine code for the software.

    But the compiled software is machine readable too or it wouldn't run. The physical machine requires code in its own well documented format. Naturally this means that closed source is only less convenient to reverse engineer, not impossible. Relying on this inconvenience for security is not Best Practice. It doesn't make your computer more secure any more than the practice of restricting maintenance manuals keeps thieves from stealing your car.

  13. It's not just about the cores on Intel Moves Up 32nm Production, Cuts 45nm · · Score: 2, Informative

    The smaller feature sizes bring power savings as well. So they're taking the server of yesteryear and putting it in your pocket. They're delivering the technology that'll bring the next billion users online because those folks don't have the watts to burn that we do.

    They're also working to solve the whole I/O problem with servers that happens when you get too much processing power in one box.

    In fact, they're pretty well focused on not just learning new things and creating new products, but in delivering new technologies that improve the way we work and live. And then letting go of it so we can figure new ways to use it that haven't occurred to them.

    That's so different from the next story down where another company is getting raked over the coals for dumping money into R&D, because that other company is so famous for clinging to every ounce of leverage they can get out of every vague interpretation or use of their innovations and so toxic to deal with that they could deliver an all electric hovercraft that cured cancer and nobody would want to partner with them.

    Sweet.

  14. Yep on How To Argue That Open Source Software Is Secure? · · Score: 3, Insightful

    "First they ignore you, then they ridicule you, then they fight you, then you win." -- Mahatma Gandhi

    They're getting scared now.

  15. Just laugh on How To Argue That Open Source Software Is Secure? · · Score: 1

    It's the best answer you can give.

  16. Re:But... why? on Russia's Operating System May Be Fedora Based · · Score: 2, Insightful

    The US. It's called "Windows".

  17. Re:Incredible on Hadron Collider Relaunch Delayed · · Score: 1

    You sound fat.

  18. And by "you" on Houston Courts Shut Down By Malware · · Score: 1

    You obviously don't mean the city of Hoston.

    Apparently lots of people don't do all of the best practice mods before they clone. Those people shold get a mac - for their protection and ours.

  19. Re:Maybe I'm off base here but on OpenDNS To Block and Monitor Conficker Worm · · Score: 1

    A worm/virus that can compromise the machine can also alter that machine's DNS settings.

    A swarm with 15 million zombies would also have little trouble knocking OpenDNS offline. Since this is typically what the operators of these systems do to security researchers who get too nosy and purveyors of block lists and patch tools, it's a logical next step.

  20. Re:Netbooks, anyone? on Microsoft May Be Targeting the Ubuntu Desktop · · Score: 1
  21. Cool on Houston Courts Shut Down By Malware · · Score: 1

    Now all you have to do is get all 13,000 City of Houston employees to do that and that part of the problem is solved. At least it is for city of Houston employees. But then there's all the other installation methods including RPC. And the other million pieces of malware. And the millions of other computers.

    It's easier just to get a mac.

  22. Re:Oops on Houston Courts Shut Down By Malware · · Score: 5, Funny

    10 million zombies can't be wrong.

  23. Oops on Houston Courts Shut Down By Malware · · Score: 5, Funny

    It's amazing what can happen when you "lose" a few dozen pen drives with downadup at various strategic places.

  24. Re:the acorn becomes the mighty oak...yeah yeah on Microsoft May Be Targeting the Ubuntu Desktop · · Score: 1

    Many linux distros now can be installed to a bootable pendrive. This is really handy - when you get a desktop that's a festering pile of malware you can boot to the pen, copy the files to the pen, wipe and install directly and put the files back. The Rescue Pen. It's great. The ultimate malware cleaner on your keychain.

  25. Re:Netbooks, anyone? on Microsoft May Be Targeting the Ubuntu Desktop · · Score: 1

    And Toys-R-Us even.