lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200408140013.i7E0D2B14380@netsys.com>
From: dinis at ddplus.net (Dinis Cruz)
Subject: lame bitching about xpsp2

I'm interested about this comment of yours (which I see repeated in a lot of
places):

"...They need to forget DOS (which they can't)..."

What do you mean by DOS?

Are you talking about "cmd.exe" or are you talking about the current:

	- design of the windows Kernel?
	- way the user-mode APIs work?
	- way the device drivers operate?
	- use of interrupts?

Also, please expand on what you mean by "...get really permission security
..."

Best regards

Dinis 
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-
> admin@...ts.netsys.com] On Behalf Of Todd Towles
> Sent: 13 August 2004 18:31
> To: devis; Full-disclosure
> Subject: RE: [Full-Disclosure] lame bitching about xpsp2
> 
> I agree that Windows would improve from a core OS rewrite. They need to
> forget DOS (which the can't) and get really permission security. I
> agree. But to blame MS for the current lot of malware still on the
> internet isn't fair. I run Windows XP (along with Linux boxes) at the
> house and I don't pollute the internet with that junk. But of course we
> are computer people and we can't turn that off, we can't think like
> normal people anymore. We are fully aware of the dangers of online
> banking at home directly connected to the internet thru a cable modem
> and no router.
> 
> But sad to say, normal people are not..and will not understand. To quote
> a movie, they are the cattle and we are the cowboys of the new digital
> wild west.
> 
> -----Original Message-----
> From: devis [mailto:devis@...ynix.net]
> Sent: Friday, August 13, 2004 1:02 PM
> To: Todd Towles; Full-disclosure
> Subject: Re: [Full-Disclosure] lame bitching about xpsp2
> 
> I am getting nimda probes because nimda from a start was made possible
> by MS designing a web server full of damn holes ( read not tested,
> deadlines, time is money ). Do not blame the people not patching their
> boxes, as it is the problem today, but not the problem that caused it.
> That is what i am talking about short term memory. Track problem at
> their source instead of fixing now whats leaking., and will releak soon
> another way. Aren't we likely to see a new worm attacking MS systems in
> the next future ? Of course we will. Time to stop pretending computing
> is easy just to sell their damn sofware, and educate people about
> computer security, which is the reverse of what they have been doing,
> for all these years. Applauding the change of direction ? I don't cause
> it is higly hypocrit, otherwise the new pop up blocker of Internet
> Explorer will block ALL popups.
> 
> Beside, the unix based permissions system has proven far superior, ask
> apple. Still shameful that the default XP install, in 2004, at these
> malware times, still logs you as an administrator . Would you feel safe
> using ur *nix box as root everyday ? I wouldn't.
> 
> If Ms is really serious, they wouldn't design lame things from a start.
> They do want you to have to patch. They do want you to consume and buy
> plenty anti virus, personnal firewall etc etc. Don't beleive me ? Take a
> look at the svchost.exe and how it werks.
> So i hope SP2 will reduce these bogus traffic everyone sees.
> 
> Wake UP before its too LATE.
> My 2 cents.
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ