Full Disclosure mailing list archives

Re: lame bitching about xpsp2

From: Niek Baakman <niekbaakman () home nl>
Date: Sat, 14 Aug 2004 22:00:18 +0200

devis said the following on 8/13/2004 8:01 PM GMT+2:

I am getting nimda probes because nimda from a start was made possibleby MS designing a web server full of damn holes ( read not tested,deadlines, time is money ). Do not blame the people not patching theirboxes, as it is the problem today, but not the problem that caused it.That is what i am talking about short term memory. Track problem attheir source instead of fixing now whats leaking., and will releak soonanother way. Aren't we likely to see a new worm attacking MS systems inthe next future ? Of course we will. Time to stop pretending computingis easy just to sell their damn sofware, and educate people aboutcomputer security, which is the reverse of what they have been doing,for all these years. Applauding the change of direction ? I don't causeit is higly hypocrit, otherwise the new pop up blocker of InternetExplorer will block ALL popups.


MS web server full of damn holes? What about apache ?
What do you think would happen if you do not update your apache for a year,
or openssh, or any piece of software ?
What do you think would happen if you did not apply those MaxOSX updates
which Apple released over the past few months?
Don't talk about releaking and only mention Microsoft.
There are opensource programs which have the same track record.

All comes down to staying up-to-date, and patch.

> Beside, the unix based permissions system has proven far superior, ask

I'd say NTFS is pretty advanced too. In some ways it is better.

> apple. Still shameful that the default XP install, in 2004, at these
> malware times, still logs you as an administrator . Would you feel safe
> using ur *nix box as root everyday ? I wouldn't.

XP install asks for an administrator password, *and* to add one, or more normalusers. I see the same behavior in some Linux distributions. (e.g. slackware doesnot ask you to create a user account during install).


Kind regards,

Niek Baakman

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: lame bitching about xpsp2, (continued)
- - Re: lame bitching about xpsp2 Barry Fitzgerald (Aug 13)
- RE: lame bitching about xpsp2 Jonathan Rickman (Aug 13)
  - Re: lame bitching about xpsp2 Dark Avenger (Aug 13)
- RE: lame bitching about xpsp2 Todd Towles (Aug 13)
  - Re: lame bitching about xpsp2 devis (Aug 13)
    - Re: ask apple - was: lame bitching about xpsp2 it (Aug 14)
    - Re: Re: ask apple - was: lame bitching about xpsp2 kf_lists (Aug 14)
    - Re: ask apple... i.t Consulting (Aug 27)
    - Re: ask apple... i.t (Aug 27)
    - Re: Re: ask apple - was: lame bitching about xpsp2 Chris Adams (Aug 14)
    - Re: lame bitching about xpsp2 Niek Baakman (Aug 14)
    - Re: lame bitching about xpsp2 Maarten (Aug 14)
  - Re: lame bitching about xpsp2 Matthew Simmiss (Aug 13)
  - Re: lame bitching about xpsp2 Matthew Simmiss (Aug 13)
- RE: lame bitching about xpsp2 Todd Towles (Aug 13)
  - RE: lame bitching about xpsp2 Dinis Cruz (Aug 13)
    - Re: lame bitching about xpsp2 devis (Aug 13)
- Re: lame bitching about xpsp2 intellicomp.cl (Aug 14)
- RE: lame bitching about xpsp2 Soderland, Craig (Aug 16)
  - Re: lame bitching about xpsp2 Ill will (Aug 16)
    - RE: lame bitching about xpsp2 joe (Aug 16)

(Thread continues...)