Full Disclosure mailing list archives
RE: [inbox] Knocking Microsoft
From: "Curt Purdy" <purdy () tecman com>
Date: Fri, 27 Feb 2004 17:55:54 -0600
James Saveker wrote: <snip>
Microsoft has in there defence started the trustworthy computing scheme, which many would not hesitate to laugh at. However windows server 2003 does not by default load unnecessary services.
So MS is doing what UNIX did from the start 20 years ago. As for "trustworthy computing", their first product, 2K3 server is just as vulnerable to the two worst vulnerabilies in history, the RPC Dcom and ASN.1 vulns. <snip>
The code they produce is far more stringently tested in regard to security than perhaps it was before.
Their registry based spagheti code still contains core code from the early NT days. Even if the new code they write now is more secure, it's like building a brick wall on quicksand. The only solution is a complete re-write from ground up and I don't believe even MS has the resources for that now. That is the reason I don't allow any XP on my networks and am slowly replacing as many of my W2K desktops with SuSe Linux as I can. My servers are already majority UNIX and Netware. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke
<<attachment: winmail.dat>>
Current thread:
- OT: Re: Knocking Microsoft, (continued)
- OT: Re: Knocking Microsoft gadgeteer (Feb 27)
- Re: OT: Re: Knocking Microsoft Valdis . Kletnieks (Feb 27)
- Re: OT: Re: Knocking Microsoft gadgeteer (Feb 27)
- OT: Re: Knocking Microsoft gadgeteer (Feb 27)
- Re: Knocking Microsoft James F. Wilkus (Feb 27)
- Re: Re: Knocking Microsoft Troy Solo (Feb 27)
- Re: Re: Knocking Microsoft madsaxon (Feb 27)
- Re: Re: Knocking Microsoft Luís Bruno (Feb 28)
- Re: Re: Knocking Microsoft Denis Dimick (Feb 27)
- [OT] Re: Re: Knocking Microsoft Robert Brockway (Feb 27)
- Re: Knocking Microsoft martin f krafft (Feb 28)
- RE: Knocking Microsoft Steve Wray (Feb 27)
- Re: Knocking Microsoft gadgeteer (Feb 27)
- Re: Knocking Microsoft martin f krafft (Feb 28)
- RE: Re: Knocking Microsoft Steve Wray (Feb 28)
- Re: Re: Knocking Microsoft martin f krafft (Feb 28)
- Re: Re: Knocking Microsoft Jan Lühr (Feb 29)
- Re: Knocking Microsoft Jeremiah Cornelius (Feb 27)