| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: dinis at ddplus.net (Dinis Cruz) Subject: lame bitching about xpsp2 I'm interested about this comment of yours (which I see repeated in a lot of places): "...They need to forget DOS (which they can't)..." What do you mean by DOS? Are you talking about "cmd.exe" or are you talking about the current: - design of the windows Kernel? - way the user-mode APIs work? - way the device drivers operate? - use of interrupts? Also, please expand on what you mean by "...get really permission security ..." Best regards Dinis > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure- > admin@...ts.netsys.com] On Behalf Of Todd Towles > Sent: 13 August 2004 18:31 > To: devis; Full-disclosure > Subject: RE: [Full-Disclosure] lame bitching about xpsp2 > > I agree that Windows would improve from a core OS rewrite. They need to > forget DOS (which the can't) and get really permission security. I > agree. But to blame MS for the current lot of malware still on the > internet isn't fair. I run Windows XP (along with Linux boxes) at the > house and I don't pollute the internet with that junk. But of course we > are computer people and we can't turn that off, we can't think like > normal people anymore. We are fully aware of the dangers of online > banking at home directly connected to the internet thru a cable modem > and no router. > > But sad to say, normal people are not..and will not understand. To quote > a movie, they are the cattle and we are the cowboys of the new digital > wild west. > > -----Original Message----- > From: devis [mailto:devis@...ynix.net] > Sent: Friday, August 13, 2004 1:02 PM > To: Todd Towles; Full-disclosure > Subject: Re: [Full-Disclosure] lame bitching about xpsp2 > > I am getting nimda probes because nimda from a start was made possible > by MS designing a web server full of damn holes ( read not tested, > deadlines, time is money ). Do not blame the people not patching their > boxes, as it is the problem today, but not the problem that caused it. > That is what i am talking about short term memory. Track problem at > their source instead of fixing now whats leaking., and will releak soon > another way. Aren't we likely to see a new worm attacking MS systems in > the next future ? Of course we will. Time to stop pretending computing > is easy just to sell their damn sofware, and educate people about > computer security, which is the reverse of what they have been doing, > for all these years. Applauding the change of direction ? I don't cause > it is higly hypocrit, otherwise the new pop up blocker of Internet > Explorer will block ALL popups. > > Beside, the unix based permissions system has proven far superior, ask > apple. Still shameful that the default XP install, in 2004, at these > malware times, still logs you as an administrator . Would you feel safe > using ur *nix box as root everyday ? I wouldn't. > > If Ms is really serious, they wouldn't design lame things from a start. > They do want you to have to patch. They do want you to consume and buy > plenty anti virus, personnal firewall etc etc. Don't beleive me ? Take a > look at the svchost.exe and how it werks. > So i hope SP2 will reduce these bogus traffic everyone sees. > > Wake UP before its too LATE. > My 2 cents. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists