- Jan 13, 2006
- 15
- 0
- 0
New info. Potential bombshell. Go to http://www.twit.tv/ and listen to "Security Now" with Steve Gibson and Leo Laporte. Latest info about WMF windows issue.
Why not? It's pretty interesting. Tool of what?
I dont have any reason to believe that his intentions are bad, he's just overly fanatical about things that sometimes really just dont matter...Originally posted by: P0ldy
Since he thinks it's an "intentional backdoor" by MS, I can see what you mean. But, why else do you say that? I've never heard of this guy.
And as for the Raw Sockets, he was proven correct on his standpoint. Microsoft eventually removed Raw Socket support from XP after it became apparent that it was, in fact, being exploited as Steve had said would happen.
Who are we to say what is and is not and acceptable language to use?
I think everyone who bashes him does so out of ignorance.
Originally posted by: Nothinman
And as for the Raw Sockets, he was proven correct on his standpoint. Microsoft eventually removed Raw Socket support from XP after it became apparent that it was, in fact, being exploited as Steve had said would happen.
Please tell me where/how they were exploited. Worst case they let you craft some invalid packets that won't make it past the local subnet. And raw sockets are incredibly useful for low level things like DHCP clients and they requird administrative rights to use. They were properly secured from their inception, the fact that most users ignore the security provided by MS is irrelevant. I mean really, libpcap is available for Windows, if an attacker want to use raw sockets he knows he needs admin rights anyway so the extra step of installing libpcap isn't going to slow him down.
Quote from Microsoft: "We have removed support for TCP sends over RAW sockets in SP2. We surveyed applications and found the only apps using this on XP were people writing attack tools."
Who are we to say what is and is not and acceptable language to use?
Those of us who care about security, as he pretends to do. It doesn't take a genious to realize that languages like C and asm are prone to buffer overflows and need to be audited with a fine toothed comb to be even remotely sure there isn't a problem. Sure it's his time to waste writing it, but I'll never run any of his software.
What does coding in Assembly have to do with security? I'm just saying that he can use whatever he wants.
I think everyone who bashes him does so out of ignorance.
s/bashes/supports/
Quote from Microsoft: "We have removed support for TCP sends over RAW sockets in SP2. We surveyed applications and found the only apps using this on XP were people writing attack tools."
What does coding in Assembly have to do with security? I'm just saying that he can use whatever he wants.
Originally posted by: n0cmonkey
http://www.grcsucks.com
Cloaking your ports is retarded.
Raw sockets aren't a threat.
Originally posted by: LemonHead
Originally posted by: n0cmonkey
http://www.grcsucks.com
Cloaking your ports is retarded.
Raw sockets aren't a threat.
That site is retarted.
That site is retarted.
Microsoft already has a half dozen <b>legitimate</b> means of gaining acess to a system, any of which would be
a much more logical candidate for building "backdoor" codes into.
I agree, if Gibson were really as big on security as he claimed he would have been going after users for running as a local admin rather than going after Microsoft as though this is their issue.Please tell me where/how they were exploited. Worst case they let you craft some invalid packets that won't make it past the local subnet. And raw sockets are incredibly useful for low level things like DHCP clients and they requird administrative rights to use. They were properly secured from their inception, the fact that most users ignore the security provided by MS is irrelevant. I mean really, libpcap is available for Windows, if an attacker want to use raw sockets he knows he needs admin rights anyway so the extra step of installing libpcap isn't going to slow him down.
Are you trying to be funny?Microsoft already has a half dozen <b>legitimate</b> means of gaining acess to a system, any of which would be
a much more logical candidate for building "backdoor" codes into.