Interesting People mailing list archives
more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake
From: David Farber <dave () farber net>
Date: Fri, 13 Jan 2006 16:47:12 -0500
Begin forwarded message: From: Bob Frankston <Bob2-19-0501 () bobf frankston com> Date: January 13, 2006 4:21:41 PM EST To: dave () farber net, ip () v2 listbox comSubject: RE: [IP] Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake
As one of the Groklaw commenters reminds us, Gibson also wanted to take out the raw sockets calls in Windows because he thinks that they are a security hole when removing them only creates the illusion of security.
Just reading his analysis, the WMF is a classic operating system bug – a callback from a protected context. Given that the code has been around for a long time and seemed to work I can understand overlooking it. Calling it a conspiracy is very strange. It’s not completely different from the more subtle bug in expanding JPG files. As to asking Microsoft to patch all old versions of Windows they did -- the patch is called XP.
I do appreciate his explanation even if I don’t agree with his conspiracy theory.
Ideally there would be no bit rot in the world but the solution is simplicity rather than a combinatorial explosion of systems mixed with patches.
Let’s not confuse naïve hindsight analysis with understanding – it makes it more difficult to address the issues.
It’s also important to realize that the processor is not the only execution engine – all applications are execution engines that apply polices. Befuddling them is a standard attack vector – especially when the execution engine is a clerk interpreting a baroque policy (such as cellular plans).
As noted in Schneier’s comments on identity – we can’t fix human factors attacks with a simple technical patch as Gibson seemed to want to do with raw sockets.
-----Original Message----- From: David Farber [mailto:dave () farber net] Sent: Friday, January 13, 2006 15:47 To: ip () v2 listbox com Subject: [IP] Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake Begin forwarded message: From: Matt Manor <kingmanor () gmail com> Date: January 13, 2006 12:54:39 PM EST To: David Farber <dave () farber net> Subject: Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake http://www.groklaw.net/article.php?story=20060113111825193 http://www.grc.com/sn/SN-022.htm Those of you using Microsoft Windows 2000 or XP will want to follow this story: Steve Gibson has examined WMF and he now believes it was deliberately coded. It looks to him that Microsoft put a backdoor into Windows, which can be triggered even if Active X is turned off and security is at high. ------------------------------------- You are subscribed as BobIP () Bobf Frankston com To manage your subscription, go to http://v2.listbox.com/member/?listname=ipArchives at: http://www.interesting-people.org/archives/interesting- people/
------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake David Farber (Jan 13)
- <Possible follow-ups>
- more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake David Farber (Jan 13)