lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <3FCD45BD1275D248A6FB0DB4A4728DDC2B8FC2@nfamail01.futures.org>
From: nom.de.guerre at bonbon.net (NDG)
Subject: Richard M. Smith got it wrong

Windows Messenger <> Messenger Service

Not that Windows Messenger if in any way a Good Thing (tm)

-----Original Message-----
From: Richard M. Smith [mailto:rms@...puterbytesman.com] 
Sent: Wednesday, October 15, 2003 3:48 PM
To: 'Darren Bounds'; full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] Microsoft got it wrong


Only last month in USA Today, Microsoft was claiming that Windows Messenger
didn't represent a security hazard:

   Pop-ups assail through Windows
   http://www.usatoday.com/tech/news/2003-09-24-popups_x.htm

   Microsoft views pop-up boxes as a benign nuisance 
   that does "not pose a security risk," says Greg Sullivan, 
   product manager for Windows. 

Looks like Microsoft crystal ball is pretty fuzzy.  Windows Messsenger is
just the sort of seldom-used feature that should be turned off by default in
Windows XP.

Richard M. Smith
http://www.ComputerBytesMan.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ