** Reply to message from Tracy R Reed <[EMAIL PROTECTED]> on Sun, 04 May 2008 21:22:05 -0700
> I agree. We shouldn't be worried about the Chinese hacking our systems > via the Internet. We should be worried about them taking advantage of > something like this and conducting industrial espionage on a grand > scale. Why don't Qualcomm or any of the local companies who supposedly > strongly protect their "IP" worry about this? I don't know if you remember this but a few years ago, there was an exploit published for Windows which came through Internet Explorer. IIRC, it might have been the WMF exploit. Microsoft did not provide a patch for this for a number of months and only could recommend that the browser be locked down so much that a number of standard Windows "features" no longer worked and that was all we heard from them for a few months. In a conversation at that time with American Express and one of my other credit card processing vendors, I asked if, while they were managing my account, they used MS Internet Explorer and if they also had/used it for internet access. They said yes. When asked why they would be doing this and risking the loss of my financial records, insisted that there was no way their security people would risk their customers data. It did not matter what I said regarding this. FYI, there's an article out on how China is known to be actively 'poking' at India networks and that BOTs, keyloggers, and network mapping are the primary tools used. BOTs and keyloggers only work once you are inside the system. And that story I mentioned above, about a year later, American Express, CNN, man San Diego City departments and corporations around the country were shutdown for a few days because an undetected BOT was in their computers. They only found out about it because the BOT would cause some versions of Windows and patches to reboot. ie, the BOT software crashed the OS. So there is constantly evidence of not only major flaws in Microsofts software and their slow response to these, but also a willingness to accept this as the norm and do little about it. Both in the private sector and government sector. Did you know the San Diego County Courthouse just had their computer systems shutdown for a week because of a Windows infection? Do you even think anyone is talking about a more secure and reliable platform? I don't. Sometimes, evidence is actually an accumulation of facts showing past practices which lends validity to even quickly hidden stories such as the NSA keys. Doug -- KPLUG-List@kernel-panic.org http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
