Dailydave mailing list archives
Re: Computers' Insecure Security - Business Week, 17Jun05
From: "Andrew R. Reiter" <arr () watson org>
Date: Mon, 20 Jun 2005 17:15:58 -0400 (EDT)
On Mon, 20 Jun 2005, Rodney Thayer wrote: :It's nice to see Yankee Group has discovered something that other :folks have already seen;-) : :Whether or not hackers should be treating :security products as more interesting targets is a point of discussion, :but the security product vendors are, after all, by definition, in the :security space so I think it's fair to question the security :of their products and unfair of them to presume they have some sort of :right to be sloppy on the security of their own implementations. I agree with you. I thought this has been understood for a long time now :-/ Look at the show that was put on when BlackHat had a nice presentation on FW-1 weaknesses (by T. Lopatic, J. McDonald, & D. Song) back in 2000; this is just one (high profile) example of many. Oh well :-) Guess some people need that wake up call. : :Gage wrote: :> Looks like we have a case of the blind leading the blind. (respectively :> excluding any dailydave's) the security software products that we recommend :> and use are now worst than the out-of-the box OS from MS. The new Yankee :> Group Report should be an interesting read for most. It doesn't take much :> hacking talent to hold down the F8 key and select safe mode with networking :> to turn off 95+% of all security products. :> :> Gage :> :> :> JUNE 17, 2005 :> :> Computers' Insecure Security :> :> :> Software meant to protect PCs are now attack targets, revealing a rising :> number of flaws -- even more than those of Microsoft products :> :> :> Think you're safe because your computer has the latest antivirus program, :> complete with daily updates via the Web? Or maybe you figure the firewall :> you have installed will stop malicious software from reaching your machine. :> :> :> Well, you may not be as secure as you think. Hackers are increasingly :> finding flaws in the very programs designed to prevent attacks -- :> computer-security software. Advertisement : :... :_______________________________________________ :Dailydave mailing list :Dailydave () lists immunitysec com :https://lists.immunitysec.com/mailman/listinfo/dailydave : : -- Andrew R. Reiter arr () watson org _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Computers' Insecure Security - Business Week, 17Jun05 Gage (Jun 19)
- Re: Computers' Insecure Security - Business Week, 17Jun05 H D Moore (Jun 19)
- Re: Computers' Insecure Security - Business Week, 17Jun05 Rodney Thayer (Jun 20)
- Re: Computers' Insecure Security - Business Week, 17Jun05 Andrew R. Reiter (Jun 20)
- <Possible follow-ups>
- Re: Computers' Insecure Security - Business Week, 17Jun05 Steve Manzuik (Jun 20)
- Re: Computers' Insecure Security - Business Week, 17Jun05 Steve Manzuik (Jun 20)