| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: guninski at guninski.com (Georgi Guninski) Subject: Windoze almost managed to 200x repeat 9/11 clearly m$ are involved in this "incident". i don't want amateurs commenting on m$. i want an official reply from m$. is there any official m$ reply on the "incident" (hahahaha) ? -- where do you want bill gates to go today? On Fri, Sep 24, 2004 at 02:08:49PM -0500, Todd Towles wrote: > But you just said, there was a patch for the OS. It isn't like some one > month ago patch...this is years and years and years. The company decided > not to patch and to make the tech do a reboot every 30 days. He didn't > do his job, it states it right there. > > Does Microsoft have crappy coding in Windows 95? Yep. But can they > really be blamed for a company that decided to not patch? > > You are right about the old software, I think every large corporate has > a Windows 95 box running something and one piece of software holds up > the upgrade each year. If this system is that important, it shouldn't > have been maintained so poorly. > > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Michal > Zalewski > Sent: Friday, September 24, 2004 1:32 PM > To: ASB > Cc: full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] Windoze almost managed to 200x repeat > 9/11 > > On Fri, 24 Sep 2004, ASB wrote: > > > "The servers are timed to shut down after 49.7 days of use in order to > > > prevent a data overload, a union official told the LA Times." > > > > How you managed to read "OS failure" into this is rather astounding... > > The statement above, even though either cleverly disguised by the > authorities, or mangled by the press, does ring a bell. It is not about > applications eating up too much memory, hence requiring an occassional > reboot, oh no. > > Windows 9x had a problem (fixed by Microsoft, by the way) that caused > them to hang or crash after a jiffie counter in the kernel overflowed: > > http://support.microsoft.com/support/kb/articles/q216/6/41.asp > > It would happen precisely after 49.7 days. Coincidence? Not very likely. > It seems that the system was running on unpatched Windows 95 or 98, and > rather than deploying a patch, they came up with a maintenance procedure > requiring a scheduled reboot every 30 days. > > This is one hell of a ridiculous idea, and any attempt to blame a > failure on a technician who failed to reboot the box is really pushing > it. > > It is not uncommon for telecommunications, medical, flight control, > banking and other mission-critical applications to run on terribly > ancient software (and with a clause that requires them NOT to be > updated, because the software is not certified against those patches). > > In the end, the OS and decision-makers that implemented the system and > established ill-conceived workarounds should split the blame. > > /mz > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists