Microsoft being proactive

Discussion in 'NZ Computing' started by Collector»NZ, Jan 23, 2005.

  1. Well I am not a Microsoft Fan boy, but I just saw an advert on TV
    promoting protecting your pc, it quoted http://protectmypc.co.nz as a
    URL. This redirects to
    http://www.microsoft.com/nz/athome/security/default.mspx

    At last some action by MS to educate users in protecting thier buggy
    systems.
    --
    >>Follow ups may be set to a single group when appropriate!

    ======================================================================
    | Local 40.9000°S, 174.9830°E |
    ======================================================================
    "I used to jog, but the ice kept bouncing out of my glass."
    Fools ignore complexity. Pragmatists suffer it. Some can avoid it.
    Geniuses remove it
    Collector»NZ, Jan 23, 2005
    #1
    1. Advertising

  2. On Sun, 23 Jan 2005 21:30:07 +1300, Collector»NZ wrote:

    > Well I am not a Microsoft Fan boy, but I just saw an advert on TV
    > promoting protecting your pc, it quoted http://protectmypc.co.nz as a
    > URL. This redirects to
    > http://www.microsoft.com/nz/athome/security/default.mspx
    >
    > At last some action by MS to educate users in protecting thier buggy
    > systems.


    heh it should probably redirect to http://www.apple.co.nz

    It is very hard to educate users in my experience. I've just started to
    say "you must install all critical updates ASAP or you will lose your
    internet access".
    wogers nemesis, Jan 23, 2005
    #2
    1. Advertising

  3. Collector»NZ

    froggy Guest

    On Sun, 23 Jan 2005 23:40:38 +1300, Mauricio Freitas wrote:

    > "wogers nemesis" <> wrote in message
    > news:...
    >> On Sun, 23 Jan 2005 21:30:07 +1300, Collector»NZ wrote:
    >>
    >>> Well I am not a Microsoft Fan boy, but I just saw an advert on TV
    >>> promoting protecting your pc, it quoted http://protectmypc.co.nz as a
    >>> URL. This redirects to
    >>> http://www.microsoft.com/nz/athome/security/default.mspx
    >>>
    >>> At last some action by MS to educate users in protecting thier buggy
    >>> systems.

    >>
    >> heh it should probably redirect to http://www.apple.co.nz
    >>
    >> It is very hard to educate users in my experience. I've just started to
    >> say "you must install all critical updates ASAP or you will lose your
    >> internet access".

    >
    > "versions of Mac OS X are vulnerable, up to the tested version 10.3.4.
    > Several kernel level bounds checking vulnerabilities were found during an
    > audit of the recent Darwin kernel xnu517.7.7. These vulnerabilities are
    > mostly in user to kernel memory copy operations and also allocation of
    > kernel memory driven by user supplied size value(s)."
    >
    > http://www.geekmac.com/content.asp?contentid=3923
    >
    > I have to say though that these problem on Mac OS are "local" meaning that
    > physical access is required to exploit. But this is also evidence that there
    > are no 100% OS. All have flaws, and there's no way to be more secure.


    I always thought local ( in the context of exploits ) meant local user,
    as in still able to be executed remotely but only if logged in ( for
    example via ssh etc) and not physically local
    froggy, Jan 23, 2005
    #3
  4. "wogers nemesis" <> wrote in message
    news:...
    > On Sun, 23 Jan 2005 21:30:07 +1300, Collector»NZ wrote:
    >
    >> Well I am not a Microsoft Fan boy, but I just saw an advert on TV
    >> promoting protecting your pc, it quoted http://protectmypc.co.nz as a
    >> URL. This redirects to
    >> http://www.microsoft.com/nz/athome/security/default.mspx
    >>
    >> At last some action by MS to educate users in protecting thier buggy
    >> systems.

    >
    > heh it should probably redirect to http://www.apple.co.nz
    >
    > It is very hard to educate users in my experience. I've just started to
    > say "you must install all critical updates ASAP or you will lose your
    > internet access".


    "versions of Mac OS X are vulnerable, up to the tested version 10.3.4.
    Several kernel level bounds checking vulnerabilities were found during an
    audit of the recent Darwin kernel xnu517.7.7. These vulnerabilities are
    mostly in user to kernel memory copy operations and also allocation of
    kernel memory driven by user supplied size value(s)."

    http://www.geekmac.com/content.asp?contentid=3923

    I have to say though that these problem on Mac OS are "local" meaning that
    physical access is required to exploit. But this is also evidence that there
    are no 100% OS. All have flaws, and there's no way to be more secure.

    --
    Mauricio Freitas, Microsoft MVP Mobile Devices
    http://www.geekzone.co.nz
    http://www.geekmac.com
    Mauricio Freitas, Jan 23, 2005
    #4
  5. "froggy" <> wrote in message
    news:p...
    > On Sun, 23 Jan 2005 23:40:38 +1300, Mauricio Freitas wrote:
    >
    >> "wogers nemesis" <> wrote in message
    >> news:...
    >>> On Sun, 23 Jan 2005 21:30:07 +1300, Collector»NZ wrote:
    >>>
    >>>> Well I am not a Microsoft Fan boy, but I just saw an advert on TV
    >>>> promoting protecting your pc, it quoted http://protectmypc.co.nz as a
    >>>> URL. This redirects to
    >>>> http://www.microsoft.com/nz/athome/security/default.mspx
    >>>>
    >>>> At last some action by MS to educate users in protecting thier buggy
    >>>> systems.
    >>>
    >>> heh it should probably redirect to http://www.apple.co.nz
    >>>
    >>> It is very hard to educate users in my experience. I've just started to
    >>> say "you must install all critical updates ASAP or you will lose your
    >>> internet access".

    >>
    >> "versions of Mac OS X are vulnerable, up to the tested version 10.3.4.
    >> Several kernel level bounds checking vulnerabilities were found during an
    >> audit of the recent Darwin kernel xnu517.7.7. These vulnerabilities are
    >> mostly in user to kernel memory copy operations and also allocation of
    >> kernel memory driven by user supplied size value(s)."
    >>
    >> http://www.geekmac.com/content.asp?contentid=3923
    >>
    >> I have to say though that these problem on Mac OS are "local" meaning
    >> that
    >> physical access is required to exploit. But this is also evidence that
    >> there
    >> are no 100% OS. All have flaws, and there's no way to be more secure.

    >
    > I always thought local ( in the context of exploits ) meant local user,
    > as in still able to be executed remotely but only if logged in ( for
    > example via ssh etc) and not physically local
    >


    Oh, that too... But most users will not have remote access enabled by
    default on Mac OS, and root is disabled by default as well. You have to
    really go deep three levels to enable root, what "standard" users will not
    find easily.

    --
    Mauricio Freitas, Microsoft MVP Mobile Devices
    http://www.geekzone.co.nz
    http://www.geekmac.com
    Mauricio Freitas, Jan 23, 2005
    #5
  6. Collector»NZ

    froggy Guest

    On Sun, 23 Jan 2005 23:47:03 +1300, Mauricio Freitas wrote:

    > "froggy" <> wrote in message
    > news:p...
    >> On Sun, 23 Jan 2005 23:40:38 +1300, Mauricio Freitas wrote:
    >>
    >>> "wogers nemesis" <> wrote in message
    >>> news:...
    >>>> On Sun, 23 Jan 2005 21:30:07 +1300, Collector»NZ wrote:
    >>>>
    >>>>> Well I am not a Microsoft Fan boy, but I just saw an advert on TV
    >>>>> promoting protecting your pc, it quoted http://protectmypc.co.nz as a
    >>>>> URL. This redirects to
    >>>>> http://www.microsoft.com/nz/athome/security/default.mspx
    >>>>>
    >>>>> At last some action by MS to educate users in protecting thier buggy
    >>>>> systems.
    >>>>
    >>>> heh it should probably redirect to http://www.apple.co.nz
    >>>>
    >>>> It is very hard to educate users in my experience. I've just started to
    >>>> say "you must install all critical updates ASAP or you will lose your
    >>>> internet access".
    >>>
    >>> "versions of Mac OS X are vulnerable, up to the tested version 10.3.4.
    >>> Several kernel level bounds checking vulnerabilities were found during an
    >>> audit of the recent Darwin kernel xnu517.7.7. These vulnerabilities are
    >>> mostly in user to kernel memory copy operations and also allocation of
    >>> kernel memory driven by user supplied size value(s)."
    >>>
    >>> http://www.geekmac.com/content.asp?contentid=3923
    >>>
    >>> I have to say though that these problem on Mac OS are "local" meaning
    >>> that
    >>> physical access is required to exploit. But this is also evidence that
    >>> there
    >>> are no 100% OS. All have flaws, and there's no way to be more secure.

    >>
    >> I always thought local ( in the context of exploits ) meant local user,
    >> as in still able to be executed remotely but only if logged in ( for
    >> example via ssh etc) and not physically local
    >>

    >
    > Oh, that too... But most users will not have remote access enabled by
    > default on Mac OS, and root is disabled by default as well. You have to
    > really go deep three levels to enable root, what "standard" users will not
    > find easily.


    lol.. now you've got me curious about apples way of doing things.. and
    google is getting a work out.. one thing I've been dying to mention.. but
    havent found the right opourtunity (sp?) ..
    steve jobs (owner of apple as you well know ) owns a movie making company
    that he bought from skywalker something...called Pixar
    One of the chief programmers for that company has an illustrious past as
    well (for the linux community )
    useless trivia time..
    can you name the programmer
    and can you name his claim to fame in Linux

    the clock starts......
    now!
    froggy, Jan 23, 2005
    #6
  7. Collector»NZ

    froggy Guest

    On Sun, 23 Jan 2005 23:54:52 +1300, froggy wrote:

    > On Sun, 23 Jan 2005 23:47:03 +1300, Mauricio Freitas wrote:
    >
    >> "froggy" <> wrote in message
    >> news:p...
    >>> On Sun, 23 Jan 2005 23:40:38 +1300, Mauricio Freitas wrote:
    >>>
    >>>> "wogers nemesis" <> wrote in message
    >>>> news:...
    >>>>> On Sun, 23 Jan 2005 21:30:07 +1300, Collector»NZ wrote:
    >>>>>
    >>>>>> Well I am not a Microsoft Fan boy, but I just saw an advert on TV
    >>>>>> promoting protecting your pc, it quoted http://protectmypc.co.nz as a
    >>>>>> URL. This redirects to
    >>>>>> http://www.microsoft.com/nz/athome/security/default.mspx
    >>>>>>
    >>>>>> At last some action by MS to educate users in protecting thier buggy
    >>>>>> systems.
    >>>>>
    >>>>> heh it should probably redirect to http://www.apple.co.nz
    >>>>>
    >>>>> It is very hard to educate users in my experience. I've just started to
    >>>>> say "you must install all critical updates ASAP or you will lose your
    >>>>> internet access".
    >>>>
    >>>> "versions of Mac OS X are vulnerable, up to the tested version 10.3.4.
    >>>> Several kernel level bounds checking vulnerabilities were found during an
    >>>> audit of the recent Darwin kernel xnu517.7.7. These vulnerabilities are
    >>>> mostly in user to kernel memory copy operations and also allocation of
    >>>> kernel memory driven by user supplied size value(s)."
    >>>>
    >>>> http://www.geekmac.com/content.asp?contentid=3923
    >>>>
    >>>> I have to say though that these problem on Mac OS are "local" meaning
    >>>> that
    >>>> physical access is required to exploit. But this is also evidence that
    >>>> there
    >>>> are no 100% OS. All have flaws, and there's no way to be more secure.
    >>>
    >>> I always thought local ( in the context of exploits ) meant local user,
    >>> as in still able to be executed remotely but only if logged in ( for
    >>> example via ssh etc) and not physically local
    >>>

    >>
    >> Oh, that too... But most users will not have remote access enabled by
    >> default on Mac OS, and root is disabled by default as well. You have to
    >> really go deep three levels to enable root, what "standard" users will not
    >> find easily.

    >
    > lol.. now you've got me curious about apples way of doing things.. and
    > google is getting a work out.. one thing I've been dying to mention.. but
    > havent found the right opourtunity (sp?) ..
    > steve jobs (owner of apple as you well know ) owns a movie making company
    > that he bought from skywalker something...called Pixar
    > One of the chief programmers for that company has an illustrious past as
    > well (for the linux community )
    > useless trivia time..
    > can you name the programmer
    > and can you name his claim to fame in Linux
    >
    > the clock starts......
    > now!


    times up!
    it was ( if anyone cared)
    Bruce Perens
    has a fair bit to do with Debian (think head developer)
    froggy, Jan 23, 2005
    #7
  8. Collector»NZ

    David Preece Guest

    froggy wrote:
    >>Oh, that too... But most users will not have remote access enabled by
    >>default on Mac OS, and root is disabled by default as well.

    >
    > lol.. now you've got me curious about apples way of doing things..


    Users are created as "ordinary" users by default, but you can add "admin
    rights" from a checkbox on the users dialog. When you do this the user
    gets added to /etc/sudoers (or whatever it's called) and they can sudo
    off the command line by entering their password. It's a pain in the arse
    to make the real root account live and, frankly, I've never seen a need
    to do it.

    Oh, and sudoers get a GUI password entering thing for authenticating to
    install updates, drivers, things like that.

    Dave
    David Preece, Jan 23, 2005
    #8
  9. wogers nemesis wrote:
    > It is very hard to educate users in my experience. I've just started to
    > say "you must install all critical updates ASAP or you will lose your
    > internet access".


    nice... we've started doing that with some of our customers.
    Dave - Dave.net.nz, Jan 24, 2005
    #9
  10. Collector»NZ

    mark Guest

    David Preece <> wrote in news:41f40576$1
    @clear.net.nz:

    > Subject: Re: Microsoft being proactive
    > From: David Preece <>
    > Newsgroups: nz.comp
    >
    > froggy wrote:
    >>>Oh, that too... But most users will not have remote access enabled by
    >>>default on Mac OS, and root is disabled by default as well.

    >>
    >> lol.. now you've got me curious about apples way of doing things..

    >
    > Users are created as "ordinary" users by default, but you can add "admin
    > rights" from a checkbox on the users dialog. When you do this the user
    > gets added to /etc/sudoers (or whatever it's called) and they can sudo
    > off the command line by entering their password. It's a pain in the arse
    > to make the real root account live



    It is pretty straightforward to do through the GUI.


    > and, frankly, I've never seen a need to do it.



    I found it very usefull pre-OS X 10.2, when a number of bugs got my
    frustration levels close to boiling :)

    (eg., changing directory rights in the GUI, and even emptying the trash
    didn't always work. Ahh... those were the days.


    >
    > Oh, and sudoers get a GUI password entering thing for authenticating to
    > install updates, drivers, things like that.
    >
    > Dave
    mark, Jan 24, 2005
    #10
  11. In article <41f37ede$>,
    "Mauricio Freitas" <> wrote:

    >I have to say though that these problem on Mac OS are "local" meaning that
    >physical access is required to exploit.


    Physical-access "exploits" don't count.
    Lawrence D¹Oliveiro, Jan 24, 2005
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Boomer
    Replies:
    2
    Views:
    377
    Boomer
    Aug 15, 2003
  2. Lord of Darkness

    Re: Microsoft websites under attack, currently being DOSsed.

    Lord of Darkness, Aug 18, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    402
    Lord of Darkness
    Aug 18, 2003
  3. Cory
    Replies:
    0
    Views:
    385
  4. dimon
    Replies:
    2
    Views:
    438
    dimon
    Oct 16, 2005
  5. Daniel Farley
    Replies:
    7
    Views:
    301
    Who is this
    Aug 21, 2003
Loading...

Share This Page