lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: james.burnes at gwl.com (Burnes, James)
Subject: Microsoft prepares security assault on Linu
	x ]

Not only that.  Ballmer complained about the possibility of an evil Chinese
hacker adding *secret* back door code to compromise the kernel.   What a
joke.

Tell me, Mr. Ballmer, who was it that compromised national security by
giving the Chinese government (among others) the privilege of viewing the
Win2K source code? Would that be Microsoft?  

http://english.peopledaily.com.cn/200303/04/eng20030304_112657.shtml

That kind of crap really pisses me off.  Talk about your serious national
security threat.    What if the Chinese found serious bugs in the sources
and then decided not to tell anyone?  Where the hell is the NSA and FBI in
this psychodrama?  Win2K, Win2K3 should be de-listed as acceptable software
in the intelligence and defense world.

Who am I more concerned about?  Some random Chinese hacker screwing with
open code, or the Chinese government which has many, many more eyes to
pinpoint likely attacks in source code only they can view.

Ballmer is a fool and thinks that we are too.

BTW: Whoever is auditing the Linux kernel contributions; let's make sure
that MS source code doesn't get transferred from the Chinese review of
source code to the Linux kernel.

Pot, kettle, black.
 

> -----Original Message-----
> From: KF [mailto:dotslash@...soft.com]
> Sent: Wednesday, November 12, 2003 12:11 PM
> Cc: full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] Microsoft prepares security assault on
> Linux ]
> 
> good lord... is this a joke? They compare windows 2003 server to redhat
> 6.0! Thats pretty damn close to apples and oranges. How about NT4.0 to
> RH6.... thats a more level playing field? Even 2k3 vs. RH9 would be a
> bit more on point. I fail to see how you can compare software that is 5
> years old to something that was just released.
> 
> "there were 17 critical vulnerabilities. For Windows Server 2003, there
> were four. For Red Hat Linux 6, they were five to ten times higher."
> 
> -KF
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists