Why does every one hate Microsoft

Discussion in 'Computer Security' started by Dana, Oct 25, 2006.

  1. Dana

    JAB Guest

    Can't remember who this was an exchange between but it was something
    like this:

    Customer: When are you going to stop putting out such buggy crap?
    Vendor When you stop buying it.
     
    JAB, Oct 28, 2006
    #81
    1. Advertisements

  2. Dana

    Jim Watt Guest

    This would be the same Government that justified bombing
    Iraq, killing 50,000 civilians, who lied about their
    reasons and continue to lie.

    That government ?
     
    Jim Watt, Oct 28, 2006
    #82
    1. Advertisements

  3. Dana

    Jim Watt Guest

    Do you watch fox news a lot ?
     
    Jim Watt, Oct 28, 2006
    #83
  4. Dana

    Ron Lopshire Guest

    LOL. I like it. I like it.

    Ron :)
     
    Ron Lopshire, Oct 28, 2006
    #84
  5. Dana

    Ron Lopshire Guest

    Ron Lopshire, Oct 28, 2006
    #85
  6. Dana

    Jim Watt Guest

    MS at least make an effort to update the holes discovered
    in their software rather than denying there are any.
     
    Jim Watt, Oct 28, 2006
    #86
  7. You don't need any packet filter to do that.
    This only works for legitimate applications, and for those is quite
    superfluos. Malicious applications can trivially bypass such restrictions.
    Nah, that's more likely a race condition in the NDIS layer.
    http://ulm.ccc.de/ChaosSeminar/2004/12_Personal_Firewalls (german only)
    http://en.wikipedia.org/wiki/Shatter_attack

    Basically Outpost runs a privileged system service which opens windows,
    those are suspect to shatter attacks.

    You can verify the windows context with Tools like Spy++ and Winspector.
    Huh? The log file is quite extensive and, in contrast to Outpost, doesn't
    omit required information. And it doesn't popup useless messages.
     
    Sebastian Gottschalk, Oct 28, 2006
    #87
  8. Uhm... what exactly beside RtlPrefetchMemory and RltFlushTLBEntry are
    actually needed? And why should they be security relevant? I'd think it's
    rather quite risky to manipulate internal kernel objects.
    Huh? Name some of these, so I can avoid trying and especially buying them
    in the future.
    Huh? Behaviour based security technologies hooking up kernel functions are
    utterly broken and useless. I'd sacrifice them for just one cookie (with
    strawberry taste, of course).
     
    Sebastian Gottschalk, Oct 28, 2006
    #88
  9. I would disagree with that statement.
    As I recall, back in the days of Geoworks, MS was convicted of monopoly
    activity in their licencing agreements with hardware vendors. In effect, if
    you wanted to sell with MS pre-installed, you have to agree to sell only MS,
    and not allow any other products on any equipment you sold.
    At that time, other OS vendors has superior products and were a real threat
    to MS. By the time the court action was settled, MS had illegally obtained
    marker dominance. They may have had to pay a fine and agree to stop doing
    that, but for the competition, the gun was in place and the trigger had been
    pulled.

    Stuart
     
    Stuart Miller, Oct 28, 2006
    #89
  10. Dana

    erewhon Guest

    Read the Lancet - they killed nearer 600,000 Iraqis.
     
    erewhon, Oct 28, 2006
    #90
  11. Dana

    erewhon Guest

    And I have never used any HP software that was not a total POS.

    Then you are a fekin idiot. HP Insight Manager and RDP (Altris+Ghost
    authors) are excellent tools.
     
    erewhon, Oct 28, 2006
    #91
  12. Dana

    B. Nice Guest

    http://seclists.org/fulldisclosure/2006/Jul/0481.html

    And please also have a look at this:

    http://www.securitytracker.com/alerts/2004/Jan/1008755.html

    I find that one very interresting since it deals with the exact same
    problem. But note the date of this bug report: January 2004. And look
    under solution: "The vendor reportedly plans to issue a fix shortly".
    I don't want to go into a discussion of the term "shortly" - but it
    seems to me like more than two and a half years is kinda streching it
    :)

    Talking about being trustworthy?

    /B. Nice
     
    B. Nice, Oct 29, 2006
    #92
  13. Dana

    John Hyde Guest

    Hi, I'm from the <redacted name of secret "three initial" agency>.
    We've traced a terrorist person across the vastness of usenet, and we
    believe that he posts to Alt.computer.security. We'd like to examine
    your harddrive. You don't need top send it in, we'll just come by the
    house and clone a copy, you can have the copy while we do forensic
    analysis on your original(s). Oh, by the way, we'll be searching your
    house to be sure that you have not hid any computers or hard drives from
    us. Naturally, anything else we find in the search will be fair game.
    But you don't mind, right? After all, you have nothing to hide.

    ==============

    Of course you'll never get such a letter, they'll assume that you will
    start hiding stuff. They'll just come by unannounced, the first while
    you're not there to install the keylogger, the second time will be
    calculated to make sure you are home and docile, 2:00 am usually works.
    But you don't mind, you have nothing to hide . . .
     
    John Hyde, Oct 29, 2006
    #93
  14. Dana

    erewhon Guest

    Both of these exploits no longer work. It is not possible to drag-drop, and
    the exploit to file-load configuration appears to do format checking to
    prevent cmd.exe from being loaded.

    However, the underlying 'gui as local system' certainly is piss poor design.
     
    erewhon, Oct 29, 2006
    #94
  15. Dana

    erewhon Guest


    I am right in this matter.

    You are confused in that not all rhetoric is a rhetorical QUESTION. It was
    not a question of any form, hence whilst it may be rhetoric, it is certainly
    not a rhetorical question.

    You can confirm my statement here if you wish:

    http://dictionary.reference.com/browse/rhetorical question
    I don't disagree - this fails however to qualify or prove your assertion.
    You may be familiar with the trivial. I, however, am familiar with accuracy.
    Word-whore :)
     
    erewhon, Oct 29, 2006
    #95
  16. Dana

    nemo_outis Guest



    Dear, dear, you keep digging yourself a deeper hole.

    It was you who, as the first paragraph above clearly shows, disclaimed
    being rhetorical because you weren't asking a question without expecting
    an answer (i.e., weren't asking a rhetorical question). And in saying
    that you were just plain wrong, since, even though you made a statement
    (more accurately, a mostly phatic interjection) and did not ask a
    question, you were nonetheless using a rhetorical device: tmesis.

    The very fact that I pointed out your use of tmesis, a different
    rhetorical device than a rhetorical question, clearly shows I know
    rhetoric is hardly confined to the latter.

    Regards,
     
    nemo_outis, Oct 29, 2006
    #96
  17. Dana

    kurt wismer Guest

    ssdt hooking is the popular example...
    for one thing it's used to prevent tampering with the security app's
    processes...
    risky i the sense that you don't know what might happen... i assume the
    security vendors have spent a considerable amount of time (since these
    technologies aren't something they cooked up overnight) and money (since
    these technologies are attempts at gaining/retaining a competitive
    advantage) researching what could happen and making allowances for that...

    frankly, i don't think hooking into the system service dispatch table
    should be any more risky than hooking onto the interrupt vector table
    was back in the days of dos...
    well, from what i gather both symantec and checkpoint have tamper
    resistance techniques that are based on ssdt hooking...
    and what would you suggest as an alternative means of monitoring
    everything applications do on a system? the security vendors would be
    more than happy to use an officially sanctioned alternative if one
    existed, however nobody, not even those vendors who disagree with
    symantec and mcafee over what a big deal this is, has pointed to any
    such existing alternative... additionally, the fact that microsoft has
    agreed to create an API allowing access into the kernel for security
    vendors (but one that we probably shouldn't expect before vista sp1 is
    released) seems to further indicate that no such alternative currently
    exists...
     
    kurt wismer, Oct 29, 2006
    #97
  18. SSDT hooking is exactly what has been replaced with the kernel hooking API
    in Windows Vista.
    That's exactly why the kernel got locked down.
    Risky is potentially creating compatibility problems, lockups and
    conflicts.
    I assume that you're not talking of Symantec or McAfee any more.
    Well, it was.
    Yes, I'm already avoiding those.
    Usermode function hooking? Object access auditing? Change notifications?

    Anyway, why would someone do such a nonsense? You have to avoid running
    untrusted code in first place.
    Or maybe you're just misinterpreting this step.
     
    Sebastian Gottschalk, Oct 30, 2006
    #98
  19. Dana

    erewhon Guest

    And tmesis is, as I said, one of those rhetorical devices.

    I know. But I keep trying to tell you, but you seem to stupid to understand.

    Whilst it is clearly a rhetorical device, it is in no way a rhetorical
    question.

    You just keep banging your gums. You're only making yourself look stupid.
    So why can you not accept you were wrong to claim it was a rhetorical
    question, when it quite clearly was not.
    The only person confused here is you.
     
    erewhon, Oct 30, 2006
    #99
  20. Dana

    Ant Guest

    He didn't; he claimed it was a rhetorical device.

    Earlier you said: "it wasn't rhetorical, since I wasn't asking a
    question". He then pointed out that a rhetorical question was: "only
    one of many rhetorical devices".
     
    Ant, Oct 30, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.