nanog mailing list archives

Re: What could have been done differently?

From: Scott Francis <darkuncle () darkuncle net>
Date: Thu, 30 Jan 2003 17:23:32 -0800

On Thu, Jan 30, 2003 at 10:39:17AM -0800, hino () ccrl sj nec com said:

IIRC, MS's patches has been digitally signed by MS, and their patching
system checks these sign silently. So, they will claim that
compromised route info and/or DNS spoofing does not affect their
correctness.

Though, I'm not sure what will happen in key revoking situation.


interesting side note ... top of the page right now at http://www.ntk.net
details a similar problem facing MS in the UK currently. (Remember when they
forgot to renew hotmail.com, and some kind Linux geek fixed it for them ...
well, apparently their entry in the Data Protection Register (UK) expired
January 8. This means all personal data held by them in the UK is now illegal
(passport, anyone?) I wonder if something like this would be useful (or even
possible) in the US, of if it would be just another opportunity for
bureaucratic bungling ...)

Koji


-- 
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
  GPG key CB33CCA7 has been revoked; I am now 5537F527
        illum oportet crescere me autem minui

Attachment: _bin
Description:

Current thread:

Re: What could have been done differently?, (continued)
- Re: What could have been done differently? Scott Francis (Jan 28)
- RE: What could have been done differently? Drew Weaver (Jan 28)
- RE: What could have been done differently? Ray Burkholder (Jan 28)
- Re: What could have been done differently? Iljitsch van Beijnum (Jan 28)
  - Re: What could have been done differently? Scott Francis (Jan 28)
    - Re: What could have been done differently? Iljitsch van Beijnum (Jan 29)
    - Re: What could have been done differently? just me (Jan 29)
    - Re: What could have been done differently? Scott Francis (Jan 29)
    - Re: What could have been done differently? just me (Jan 29)
    - Re: What could have been done differently? Scott Francis (Jan 29)
    - Message not available
    - Re: What could have been done differently? Scott Francis (Jan 30)
- Re: What could have been done differently? Steven M. Bellovin (Jan 28)
  - Re: What could have been done differently? Scott Francis (Jan 28)
  - Re: What could have been done differently? Brian Wallingford (Jan 28)
  - Bell Labs or Microsoft security? Sean Donelan (Jan 29)
    - Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
    - Re: Bell Labs or Microsoft security? Marshall Eubanks (Jan 29)
    - Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
    - Re: Bell Labs or Microsoft security? Florian Weimer (Jan 29)
    - Re: Bell Labs or Microsoft security? Alif The Terrible (Jan 29)
    - Re: Bell Labs or Microsoft security? Mathew Lodge (Jan 29)

(Thread continues...)