Thread: Virus/Worm email messages
View Single Post
  #43   Report Post  
Old September 22nd 03, 05:36 PM
Richard Clark
 
Posts: n/a
Default
On 22 Sep 2003 15:52:11 GMT, "Dick Carroll;"
wrote:
Is is not correct to say that Windows was left vulnerable so that
other computers can deliberately enter and assess remote computers for
various reasons, such as determining whether or not the copy of the OS
in use had been properly :"registered" before issuing updates?

I'm not a programmer but it seems that might xerainly be a very good
reason.
In other words, all these security "holes" are perhaps not accidental.
When a virus writer takes advantage of one of them the "patch" issued
to "fix" it mught just be specific to that particular violation, instead
of permanently taking care of the problem.

I know that the Windows series is an extremely complex piece of work,
but the virii
issuers seem to have little trouble finding cracks that Bill's
programmers couldn't
anticipate..

Dick


Hi Dick,

Your claim
I'm not a programmer
Should have been the point where you stopped writing.

The security holes are not inadvertent mistakes that anyone could have
suffered in the face of such a monumental work as Windows. These
holes (and I am not talking about the current round of affairs, as
neither was J. McLaughlin) are deliberate design "features" that
Chairman Bill and MS claim to be what the user population clamor for.

In other words, insecure software is being deliberately constructed
and sold for the express purpose of satisfying Market issues. MS is
quite blunt in this admission, and aggressively so! Many years ago,
the computer community bewailed MS's determination to allow raw
sockets to be made available at the user level. As you are "not a
programmer" you probably never heard this debate, and yet it is part
and parcel to the features of insecure design. MS snubbed the
security experts (Not Invented Here syndrome) and went their own way -
the body count over those same years testify to it in the millions.
Unfortunately the income measures in the billions and security is
buried in the digits with the corpses of dead machines.

The feature called DCOM is so insecure, that it leads the way in
current hacker fields of delight. DCOM is a patchwork quilt of an
older Marketing concept called COM (which has been largely ignored by
software professionals such that MS tried to "sex" it up by adding a
"D" to make it "Distributed," yet another Market slide) which in turn
was spun off from OLE. All of these have technical basis in
implementation, but were designed in whole ignorance of security
requirements. You have absolutely no need for DCOM, and yet as a
service to you MS has deliberately left access to it on your machine
open to anyone on the internet.

None of these issues are trivial. None of them require poking and
prodding to discover or crack. None of them came without advanced
warning (and one site has had fixes months in advance of MS). None of
them were designed by accident, or through the misfortune of Windows
being too complex to debug 100% faithfully. What is worse, MS even
submitted a security patch in the last two weeks that did not work!
Making allowances for them is generous in the extreme.

I note that you post from a revolving IP, such that if you had not, I
could have connected to your machine to give you a demonstration of
how open you are to attack. It involves a command built into NT that
is designed EXPRESSLY to allow me to do this! I don't need hacker
tools, just a DOS session and the command line interpreter will do the
rest. If you ever consider moving up to townsqr's hi-speed
connectivity, you better get these on-ramps to your system controlled!

73's
Richard Clark, KB7QHC
Reply With QuoteReply With Quote