We might need to all contribute some money to fund a foot replacement programme for this MS "security" guy, considering the number of times he's shot himself in the foot during this talk, if the Infoworld article quotes him correctly! And he probably doesn't even realise how funny his profundities are!
-----Original Message----- From: Edward W. Ray [mailto:[EMAIL PROTECTED] Sent: Friday, 27 February 2004 11:51 AM To: [EMAIL PROTECTED] Subject: [Full-Disclosure] And how long have buffer overflows been around? A lot longer than just before Windows 2003 release, but not according to Security Architect and Chief Technology Officer of Microsoft's Security Business Unit David Aucsmith: "Windows 95 was written without a single security feature, he said, as it was designed to be totally open to let users connect to other systems. Furthermore, the security kernel of the Windows NT server software was written before the Internet, and the Windows Server 2003 software was written before buffer overflows became a frequent target of recent attacks..." The rest of the article can be found at http://www.infoworld.com/article/04/02/24/HNunderattack_1.html A little levity for today's discussion. Edward W. Ray _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html NOTICE This e-mail and any attachments are confidential and may contain copyright material of Macquarie Bank or third parties. If you are not the intended recipient of this email you should not read, print, re-transmit, store or act in reliance on this e-mail or any attachments, and should destroy all copies of them. Macquarie Bank does not guarantee the integrity of any emails or any attached files. The views or opinions expressed are the author's own and may not reflect the views or opinions of Macquarie Bank. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
