lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <41A1C67E.20100@rubig.com>
From: stefan.schatzl at rubig.com (Stefan Schatzl)
Subject: [in] Re: IE is just as safe as FireFox

devis wrote:
> Please run some unix or at least read about the unix permission system, 
> and lets pray god this sheds some light in your mono cultured brains. 
> Here are the relevant points:
> 
> 1) Despite recent ameliorations of MS ( multi user finally, permissions 
> ... ) and some effort at making the system more secure, something very 

Finally? Microsoft Windows NT 3.1 had already in 1992 most or all of the 
  permissions and multi-user "functionality". Perhaps you refer with 
'finally' to Microsoft Windows XP, which is the current incarnation of 
the NT operating system.

> important is still left out: The first default user of the MS computer 
> is made an administrator. This comes down to giving uid0 to ur first 
> unix user. Unix does NOT do that. It requieres you to use su and become 
> root ( administrator ) after proper credentials submission ( password ).

This is not correct for each and every unix flavour.

> The first user is NOT and administrator, and any recent Unix 
> documentation will insist on the danger of running as root(admin). Unix 
> keeps the admin account well separated from the user account, which MS 

True.

[ ... MS ... ]
> DOESN'T, despite all wrong arguments i read on this list. VERY BAD 
> practice generally. So its user friendly, as the user has admin rights 

Wrong. The NT operating system has the same 'true' privilege separations 
as any other modern operating system. Sadly, the vendor chose to blur 
the distinction on the surface for Joe Average which causes major 
problems. It would be a better choice to force the average user to 
create a normal unprivileged account during system installation like Mac 
OS X does.

 > Isn't security important and supposedly the goal of
> recent MS developpements ? If they really did target security, their 

True goal is making as much money and influence as possible.

> This is why, Firefox being independant from this OS that carries 60 of 
> its code base as being legacy code for older system hardware and 

The Mozilla Suite (and Firefox) already existed for some years.

> Lets not hide from ourselves whats needed from MS to reach modern world 
> security:
> a complete rewrite, and a ditch of old Dos base and the 20 years old 
> legacy code.

Microsoft Windows NT is a complete rewrite from scratch. MSDOS is being 
emulated in a virtual machine called NTVDM. Microsoft Windows XP is not 
the first NT version, mind you.

> Rafel Ivgi, The-Insider wrote:
> 
 >[ fullquote from grandparent snipped, please learn some quoting style ]


Stefan Schatzl.
-- 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ