Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Why does every one hate Microsoft

Reply
Thread Tools

Why does every one hate Microsoft

 
 
kurt wismer
Guest
Posts: n/a
 
      11-01-2006
Sebastian Gottschalk wrote:
> kurt wismer wrote:
>
>> were that entirely true (ie if the new kernel hooking API replaced *all*
>> the functionality could get through ssdt hooking) then why do security
>> vendors still complain about not having a way to perform those functions
>> and why has microsoft promised to open up further access with additional
>> API's?

>
> I guess with "security vendors" you mean Symantec, McAfee and Agnitum,
> because the others like Kaspersky Labs and Sophos don't have any problems.


kaspersky and sophos are the only 2 who have spoken out against the
security vendor vs. microsoft controversy, and the argument has been
made that in sophos' case it was pure marketing...

> The reason is simple: Their software is so complex, hardly modularized and
> broken that they're not able to switch from the complex, system up-****ing
> kernel modifications to simple modularized API-based hooking.


no, the reason is that the API's to do what they want don't exist yet...

> The additional APIs are, as you may have already guessed, ACPI-relevant
> stuff like RltPrefetchMemory and RltFlushCurrentTLBEntry, and have nothing
> to do with Symantec and Co.'s bullshit. AFAIK they didn't make any such
> promise yet.


with all due respect, your info is wrong...
http://www.stepto.com/default/log/di...g1.aspx?ID=265

>>>> additionally, the fact that microsoft has agreed to create an API allowing
>>>> access into the kernel for security vendors (but one that we probably
>>>> shouldn't expect before vista sp1 is released) seems to further indicate
>>>> that no such alternative currently exists...
>>> Or maybe you're just misinterpreting this step.

>> [sarcasm]
>> oh yes, that must be it... the security vendors are wasting time and
>> money (not to mention risking public humiliation) complaining about not
>> having access to something they already have access to

>
> They do. See above. It's way cheaper to have Microsoft ****ing up Windows
> than fixing their very own software.


there is no officially sanctioned (by microsoft) way to fix their own
software yet...

> Anyway, a clear API for hooking is WAY better than modifying kernel memory,


sure, but unfortunately the clear API for hooking is going to take years
to complete... what shall we do in the mean time?

[snip]
> Security vendors could simply take a driver, modify kernel memory as in
> before, and then it'd work. Microsoft rather decided to force them to use
> the new API. Which is a good thing.


an API which does not yet exist...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"
 
Reply With Quote
 
 
 
 
Sebastian Gottschalk
Guest
Posts: n/a
 
      11-01-2006
kurt wismer wrote:

> Sebastian Gottschalk wrote:
>> kurt wismer wrote:
>>
>>> were that entirely true (ie if the new kernel hooking API replaced *all*
>>> the functionality could get through ssdt hooking) then why do security
>>> vendors still complain about not having a way to perform those functions
>>> and why has microsoft promised to open up further access with additional
>>> API's?

>>
>> I guess with "security vendors" you mean Symantec, McAfee and Agnitum,
>> because the others like Kaspersky Labs and Sophos don't have any problems.

>
> kaspersky and sophos are the only 2 who have spoken out against the
> security vendor vs. microsoft controversy, and the argument has been
> made that in sophos' case it was pure marketing...


Indeed. Sophos got their software easily ported, Symantec didn't, therefore
they got blamed for obfuscating their very own issues.

>> The reason is simple: Their software is so complex, hardly modularized and
>> broken that they're not able to switch from the complex, system up-****ing
>> kernel modifications to simple modularized API-based hooking.

>
> no, the reason is that the API's to do what they want don't exist yet...


It does. Take a look at the latest Vista builds. Even further, it has been
fully documented.

>> Anyway, a clear API for hooking is WAY better than modifying kernel memory,

>
> sure, but unfortunately the clear API for hooking is going to take years
> to complete...


Bullshit. You need only some few simple functions.

> what shall we do in the mean time?


Loading signed drivers, as ever? I still whonder what problem Symantec has.
 
Reply With Quote
 
 
 
 
kurt wismer
Guest
Posts: n/a
 
      11-02-2006
Sebastian Gottschalk wrote:
> kurt wismer wrote:
>> Sebastian Gottschalk wrote:

[snip]
>>> The reason is simple: Their software is so complex, hardly modularized and
>>> broken that they're not able to switch from the complex, system up-****ing
>>> kernel modifications to simple modularized API-based hooking.

>> no, the reason is that the API's to do what they want don't exist yet...

>
> It does. Take a look at the latest Vista builds. Even further, it has been
> fully documented.
>
>>> Anyway, a clear API for hooking is WAY better than modifying kernel memory,

>> sure, but unfortunately the clear API for hooking is going to take years
>> to complete...

>
> Bullshit. You need only some few simple functions.
>
>> what shall we do in the mean time?

>
> Loading signed drivers, as ever? I still whonder what problem Symantec has.


how do i say this... stephen toulouse (stepto) is in a far better
position to know what's going on in vista (what's there, what's coming,
when) than you are and his statement (that i linked to previously)
fairly clearly contradicts yours... the functionality is *not* there and
is planned for release over the course of *years*...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"
 
Reply With Quote
 
sid
Guest
Posts: n/a
 
      11-02-2006

"Dana" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> "Jim Watt" <(E-Mail Removed)_way> wrote in message
> news:(E-Mail Removed)...
> > On Thu, 26 Oct 2006 09:28:45 -0800, "Dana" <(E-Mail Removed)> wrote:
> >
> > >Would you give some examples of what you are talking about.
> > >I may live in Alaska, but we are not that out of touch, I really have not
> > >heard of anything close to what you describe.

> >
> > Perhaps you could use Google to research the following topics:
> >
> > Item 1:
> >
> > Civil liberties suffered an historic setback this week, when President
> > Bush signed the un-American Military Commissions Act of 2006.

>
> I am not affected by this, hence my Civil Liberties are just fine


While your ignorance may indeed be blissful, you are nonetheless
affected.

According to the wording in the un-American Military Commissions
Act of 2006, you could, upon the whim of a very ignorant and
tyrannical Mr. Bush, be whisked away to an unknown prison and be
held indefinitely without charge, simply because some anonymous
individual has accused you, sans proof, of supporting terrorism.

Your civil liberties are not "just fine"...

Sid


 
Reply With Quote
 
sid
Guest
Posts: n/a
 
      11-02-2006

"Dana" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> "ArtDent" <(E-Mail Removed)> wrote in message
> news:5is0h.603$(E-Mail Removed) .net...
> >
> > On 27-Oct-2006, "Dana" <(E-Mail Removed)> wrote:
> >
> > > > > I am not affected by this, hence my Civil Liberties are just fine
> > > >
> > > > Possible the most stupid statement I've heard in a long time ...
> > >
> > > Actually no. I have no problem with the state detaining those that seek
> > > to do harm to mass numbers of people.

> >
> > I don't either, but only if the state can prove it, in an open court of
> > law.
> > None of this 'detain them for x number of years just because we want to,
> > nevermind any *proof* nonsense, we are the government, we will do as we
> > please'.
> > Wait until the neighbor's kid, that you yelled at last week, calls the FBI
> > and tells them you are a terrorist, and based _solely_ on that call they
> > arrest you and keep you incommunicado for as long as they like. You still
> > beilieve that you are not affected by this?

>
> Yep, as your above with the neighbor kid would not happen, as the FBI would
> know that it is a prank
>
> > Heck, the police don't even
> > have to apologize if they break into the wrong address anymore. And
> > people don't believe we live in a police state already!
> > Just as a side note - back in the day (late fifties, early sixties) when I
> > was going to elementary school, we were taught how bad the Soviet Union
> > was with their 'snitch' society, how people were encouraged over there to
> > 'tattle' on each other and how terrible such a society was. However,
> > nowadays, here in the 'good ole' USofA, we are now doing exactly the same
> > thing. Students are actually paid cash money by the police to 'rat out'
> > on their friends.

>
> And their parents. But a lot of that especially snitching on your parents
> were bought about by those on the left, like teacher unions, teachers, and
> left leaning politicians.
>


You bring your brain-washed ignorance from the political NGs
to here? So tell me, Dana... what leads you to believe the FBI
would see the kid's snitching as a prank?

What if the so called "lefties" come to power? What's to stop
them from dragging you off to prison indefinitely (thanks to
Bush's thirst for unmitigated power) by convicting you (without
habeas corpus, of course) of being un-American simply for
being ignorant-- or brainwashed-- or for supporting the right-
wing fascist's agenda!

Tyranny works both ways, y'know!

Sid


 
Reply With Quote
 
raincoater
Guest
Posts: n/a
 
      03-01-2007
Hello, nemo_outis!
You wrote:

> In the interests of pedantry, I feel obliged to tell you that the
> rhetorical device you used above - inserting a word between parts of
> another word - is an example of tmesis.
>
> The Greeks really do have a word for it
>
> Regards,
>

Hey Nemo. I've been wracking my brain trying to recall the proper name of
the rhetorical device wherin one refers to one's opponent's defects by
claiming to be 'too good' to do such a sordid thing...I won't mention
Senator Jones's penchant for cavorting around in bra and panties as it
would diminish from the seriousness of our purpose here...
Can you help me?
-raincoater



--
Posted via a free Usenet account from http://www.teranews.com

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
findcontrol("PlaceHolderPrice") why why why why why why why why why why why Mr. SweatyFinger ASP .Net 2 12-02-2006 03:46 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd loyola Microsoft Certification 3 11-14-2006 05:18 PM
microsoft.public.certification, microsoft.public.cert.exam.mcsa, microsoft.public.cert.exam.mcad, microsoft.public.cert.exam.mcse, microsoft.public.cert.exam.mcsd realexxams@yahoo.com Microsoft Certification 0 05-10-2006 02:35 PM
D-Link DSL 504T - I hate my router - No, I really really hate it!!! Simon Harding Computer Support 7 01-03-2006 09:11 PM
microsoft.public.dotnet.faqs,microsoft.public.dotnet.framework,microsoft.public.dotnet.framework.windowsforms,microsoft.public.dotnet.general,microsoft.public.dotnet.languages.vb Charles A. Lackman ASP .Net 1 12-08-2004 07:08 PM



Advertisments