Security Incidents mailing list archives
Re: Microsoft's Early Xmas Present.
From: Ryan Russell <ryan () securityfocus com>
Date: Thu, 3 Jan 2002 10:44:52 -0700 (MST)
On Thu, 3 Jan 2002, David Kennedy CISSP wrote:
At 10:04 PM 12/29/01 -0700, Ryan Russell wrote: After watching all the NIMDA hit's we're still seeing, this idea has some appeal but I also seem to recall a great hue and cry from the digerati when DCMA and UCITA were interpreted to include a "remote kill" function a software publisher could trigger that sounds a lot like this. Think back to July and September, would we *really* want anyone to have the ability turn off IIS all over the world in response to Code Red or NIMDA?
What I propose is a little bit different from a remote kill. A simple expiration, with warnings ahead of time. Think MS's evaluation versions of Win2K for example, which are good for 120 days, and start complaining about 2 weeks before they cut off. I failed to explain part fo my thinking in my first note. Naturally, MS would seemingly note be willing to do such a think, users would complain, etc... And I would never even have considered something like this to be viable. However, MS has already shown a willingness to put Office XP into cripple mode if your system appears to have changed too much, unless you check in. So, I figure if they can do it for copy protection reasons, why not for security? No, I don't expect this to actually happen. This is just one suggestion as to how the problem might be improved. Perhaps having an extreme option might help drive a realistic one. As a side note, one person pointed out that some of these patches are huge, and what about modem users? I can see a couple of solutions; One, some sort of baby patch that perhaps disables a service rather than patching it, until the real patch can be obtained. Two, allow people to buy a subscription. Make MS allow other vendors to have the update images to cut their own CDs, so it's not another profit center, ala Red Hat repackagers. I think the CD image idea has merit. I was at a friends house last night trying to download DirectX 8.1 over a modem at their place. After it died with 1 minute to go, I am now prepping a CD of all the patches they need via my home DSL line. It would be great if I could download an ISO image from MS. Ryan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Microsoft's Early Xmas Present. Devdas Bhagat (Jan 02)
- Re: Microsoft's Early Xmas Present. Steve Stearns (Jan 02)
- Re: Microsoft's Early Xmas Present. John Sage (Jan 03)
- Re: Microsoft's Early Xmas Present. Brett Glass (Jan 03)
- Re: Microsoft's Early Xmas Present. John Sage (Jan 03)
- <Possible follow-ups>
- Re: Microsoft's Early Xmas Present. David Kennedy CISSP (Jan 03)
- Re: Microsoft's Early Xmas Present. Ryan Russell (Jan 03)
- RE: Microsoft's Early Xmas Present. Cloppert, Michael (Jan 03)
- RE: Microsoft's Early Xmas Present. H C (Jan 03)
- Re: Microsoft's Early Xmas Present. Valdis . Kletnieks (Jan 03)
- RE: Microsoft's Early Xmas Present. Eric Jon Rostetter (Jan 03)
- RE: Microsoft's Early Xmas Present. H C (Jan 03)
- RE: Microsoft's Early Xmas Present. H C (Jan 03)
- Re: Microsoft's Early Xmas Present. Steve Stearns (Jan 02)