[<prev] [next>] [day] [month] [year] [list]
Message-ID: <freemail.20050212162954.36699@fm11.freemail.hu>
From: etomcat at freemail.hu (Feher Tamas)
Subject: Re: Microsoft to give holes info to Uncle Sam
first
Hello,
I already got an e-mail asking why I am a tinfoil-hat
conspiracist and what is the problem with Microsoft giving
fixes to US gov't in advance?
If Microsoft gives fixes info to Uncle Sam first, it gives
USA the exploits first.
I mean you just unpack the hotfix installer first to see
what files got changed and then you compare the new and old
files' code to see what routines were changed. With diligent
effort you can find out why code had to be modified and then
reverse engineer or brute force an exploit. Virus writers do
this almost always.
Considering the vast resources available to US federal govt,
they would have a working exploit in a day, even if MS only
gave them the hotfixes in binary format. They could use the
more serious exploits to illegally access people's computers
in America and abroad (muslims, environmentalists, german
and french people, etc.) and blame it on ordinary
underground hackers if discovered.
If you find a bug and tell MS about it and agree to keep
your mouth shut until the security fixes become public, then
now you essentially give DoD and DoHS 29 days to do whatever
they want and no judge will know if John Doe's PC ever gets
tapped. Maybe it's not even punishable if a commercial
entiry (M$) gave voluntarily them the fixes, which became
the source of exploit.
I think IT people should write "security@...rosoft.com" en
masse and thell Redmond this is an unacceptable practice.
Elsewhere in the news: as for the Windows rootkit finders I
wrote about yesterday, they do seem to work. At least one
new (yet unknown) rootkit has been found using them. The
problem is these tools are heuristic in nature and user
often thinks: whoaa that many alerts, must be a false alarm!
Well it was not, it was a cracked game distributor
mechanism. If there is an alarm, do sumbit the files to your
AV vendor's sample e-mail to find out exactly what's wrong.
Regards: Tamas Feher
Powered by blists - more mailing lists