Re: [CGUYS] Better Late than Never
"Locking down" Microsoft's Products to me means destroying much of their usability. At the corporate level, it means that the user has no control over his computer. That may be just fine in a "normal" retail organization, but is folly in a research and development organization. The IT department has no concept of what the primary mission personnel do in a research and development organization, and simply stand in the way of the primary mission personnel doing their primary mission. Fred Holmes At 04:03 PM 2/7/2010, tjpa wrote: >On Feb 7, 2010, at 2:18 PM, Tony B wrote: >>Congrats to Mr. Ormandy for finding it after 17 years, and kudos to >>MS for >>fixing it within a month. > >Lest we forget... > >"Microsoft is to pull out all the stops in a bid to lock down security >on its products, considered by many as the company's Achilles heel." >"Chairman and founder Bill Gates has called for a fundamental shift to >focus on improved security against hackers and viruses." > >"In a memo sent to the US firm's 47,000 employees, Mr Gates said that >locking down Microsoft's products, a strategy he has dubbed >'trustworthy computing', ... " and bla bla bla > >January 22, 2002 > > >* >** List info, subscription management, list rules, archives, privacy ** >** policy, calmness, a member map, and more at http://www.cguys.org/ ** >* * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Better Late than Never
Chris Dunford >> "Microsoft is to pull out all the stops in a bid to >> lock down security on its products, considered by >> many as the company's Achilles heel." >> "Chairman and founder Bill Gates has called for a >> fundamental shift to focus on improved security >> against hackers and viruses." >> "In a memo sent to the US firm's 47,000 employees, >> Mr Gates said that locking down Microsoft's products, >> a strategy he has dubbed 'trustworthy computing', ... " > Yes, a "focus on improved security" obviously means "We > will find and fix every possible vulnerability in > millions of lines of code, and, from now on, no security > issues will ever be reported." A 17 year old bug should've been code that's undergone repeated inspections and testing. I don't know what the details are, but I wonder if it's a typical buffer over-run flaw? -- Take care | This clown speaks for himself, his job doesn't Wayne D. | supply this, at least not directly When in doubt, form a committee * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Better Late than Never
Quoting Chris Dunford : "Microsoft is to pull out all the stops in a bid to lock down security on its products, considered by many as the company's Achilles heel." "Chairman and founder Bill Gates has called for a fundamental shift to focus on improved security against hackers and viruses." Yes, a "focus on improved security" obviously means "We will find and fix every possible vulnerability in millions of lines of code, and, from now on, no security issues will ever be reported." And they should fix bugs 15 years before *anyone* knows they exist. * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Better Late than Never
> "Microsoft is to pull out all the stops in a bid to lock down security > on its products, considered by many as the company's Achilles heel." > "Chairman and founder Bill Gates has called for a fundamental shift to > focus on improved security against hackers and viruses." > > "In a memo sent to the US firm's 47,000 employees, Mr Gates said that > locking down Microsoft's products, a strategy he has dubbed > 'trustworthy computing', ... " and bla bla bla Yes, a "focus on improved security" obviously means "We will find and fix every possible vulnerability in millions of lines of code, and, from now on, no security issues will ever be reported." * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Better Late than Never
On Feb 7, 2010, at 2:18 PM, Tony B wrote: Congrats to Mr. Ormandy for finding it after 17 years, and kudos to MS for fixing it within a month. Lest we forget... "Microsoft is to pull out all the stops in a bid to lock down security on its products, considered by many as the company's Achilles heel." "Chairman and founder Bill Gates has called for a fundamental shift to focus on improved security against hackers and viruses." "In a memo sent to the US firm's 47,000 employees, Mr Gates said that locking down Microsoft's products, a strategy he has dubbed 'trustworthy computing', ... " and bla bla bla January 22, 2002 * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
Re: [CGUYS] Better Late than Never
Congrats to Mr. Ormandy for finding it after 17 years, and kudos to MS for fixing it within a month. On Sun, Feb 7, 2010 at 1:53 PM, tjpa wrote: > http://news.bbc.co.uk/2/hi/technology/8499859.stm > > "A 17-year-old bug in Windows will be patched by Microsoft in its latest > security update."' > * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *
[CGUYS] Better Late than Never
http://news.bbc.co.uk/2/hi/technology/8499859.stm "A 17-year-old bug in Windows will be patched by Microsoft in its latest security update."' "... allow attackers to effectively hijack a Windows PC and run their own programs on it." "... in Windows XP, Windows Server 2003 and 2008 as well as Windows Vista and Windows 7." * ** List info, subscription management, list rules, archives, privacy ** ** policy, calmness, a member map, and more at http://www.cguys.org/ ** *