another reason why windows is evil/how microsoft patches can give you viruses - TennisForum.com
 
LinkBack Thread Tools
post #1 of 15 (permalink) Old Aug 26th, 2005, 05:16 AM Thread Starter
Enjoying married life.
 
Wigglytuff's Avatar
 
Join Date: Feb 2004
Location: lolcat
Posts: 19,642
                     
another reason why windows is evil/how microsoft patches can give you viruses

OK so this is the deal.

microsoft released a security update, one of the vulnerabilities that was fixed was a window 2000 issue. the details of this issue were never made public. however, some people reversed enginered the security updated, found out what vulnerability it fixed, and wrote a worm for it that would affect your system whether or not you had patched within THREE DAYS of the microsoft release of microsoft's update. .

basicly in simple terms:
if you use windows you are screwed if you update, you are screwed if you dont. if microsoft releases a patch you are screwed, if they dont you are screwed.

can it be prevented? sure, microsoft can do like every other os and not write these holes into the OS in the first place.

"racism is dead, it died when MLK walked on a bridge and freed the slaves. Now we have a socialist Kenyan president who is not an American and if anyone mentions race they are a reverse racist (while racism is dead, reverse racism is alive and well.) #whattheyteachyouatfox"

Last edited by Jigglypuff; Aug 26th, 2005 at 05:24 AM.
Wigglytuff is offline  
Sponsored Links
Advertisement
 
post #2 of 15 (permalink) Old Aug 26th, 2005, 05:24 AM
Senior Member
 
JenFan75's Avatar
 
Join Date: Jan 2005
Location: Officially Dead
Posts: 2,493
                     
Answer: Use linux.
JenFan75 is offline  
post #3 of 15 (permalink) Old Aug 26th, 2005, 05:25 AM Thread Starter
Enjoying married life.
 
Wigglytuff's Avatar
 
Join Date: Feb 2004
Location: lolcat
Posts: 19,642
                     
Quote:
Originally Posted by JenFan75
Answer: Use linux.
or Mac OS

"racism is dead, it died when MLK walked on a bridge and freed the slaves. Now we have a socialist Kenyan president who is not an American and if anyone mentions race they are a reverse racist (while racism is dead, reverse racism is alive and well.) #whattheyteachyouatfox"
Wigglytuff is offline  
post #4 of 15 (permalink) Old Aug 26th, 2005, 05:26 AM
Senior Member
 
JenFan75's Avatar
 
Join Date: Jan 2005
Location: Officially Dead
Posts: 2,493
                     
Eww. No.
JenFan75 is offline  
post #5 of 15 (permalink) Old Aug 26th, 2005, 05:30 AM
Senior Member
 
Join Date: Jun 2001
Location: Hitlum
Posts: 8,050
                     
Quote:
Originally Posted by Jigglypuff
OK so this is the deal.

microsoft released a secrutiy update, one of the vulnerabilities that was fixed was a window 2000 issue. the details of this issue were never made public. however, some people reversed enginered the secruitiy updated, found out what vuleraribily it fixed, and wrote a worm for it that would affect your system whether or not you had patched within THREE DAYS of the microsoft release of microsoft's update. .

basicly in simple terms:
if you use windows you are screwed if you update, you are screwed if you dont. if microsoft releases a patch you are screwed, if they dont you are screwed.

can it be prevented? sure, microsoft can do like every other os and not write these holes into the OS in the first place.
do you really think it's possible to write software without holes? maybe if you did it for a living you would know that doesn't make sense.

And you really think Windows is the only software with vulnerabilities?

Firefox had like 8 vulnerabilities discovered within hours of its release. The tiger OS had multiple patches shortly after release.

Oracle, Cisco, Sun are constantly patching their systems. Oracle used to release patches faster than MS, they do now once a month, not because there are less vulnerabilities but because their customers asked them to.

BTW, with open source you don't even need to reverse engineer, just read the source code that is available, if you know what you are looking for ...

Thinking of software with no bugs/vulnerabilities is the same as thinking you can drive without the chance of a mechanical failure or an accident, it's just not possible.

BTW, Windows has a few billion lines of code, I really invite anyone interested to find all the possible security problems and fix them.

another thing, do you really think Microsoft "write the holes"? often the holes are for NOT writing something, missing checks, missing exception handling and if you think MS enjoys it think again, Windows XP sp2 costed 1 billion dollars do develop and rendered zero income, I don't think they amuse themselves with security holes.
Fingon is offline  
post #6 of 15 (permalink) Old Aug 26th, 2005, 05:30 AM Thread Starter
Enjoying married life.
 
Wigglytuff's Avatar
 
Join Date: Feb 2004
Location: lolcat
Posts: 19,642
                     
Quote:
Originally Posted by JenFan75
Eww. No.
hater!

"racism is dead, it died when MLK walked on a bridge and freed the slaves. Now we have a socialist Kenyan president who is not an American and if anyone mentions race they are a reverse racist (while racism is dead, reverse racism is alive and well.) #whattheyteachyouatfox"
Wigglytuff is offline  
post #7 of 15 (permalink) Old Aug 26th, 2005, 05:32 AM
Senior Member
 
JenFan75's Avatar
 
Join Date: Jan 2005
Location: Officially Dead
Posts: 2,493
                     
Quote:
Originally Posted by Jigglypuff
hater!

Yup.
JenFan75 is offline  
post #8 of 15 (permalink) Old Aug 26th, 2005, 05:33 AM
Senior Member
 
Join Date: Jun 2001
Location: Hitlum
Posts: 8,050
                     
Quote:
Originally Posted by JenFan75
Answer: Use linux.
do you use linux?
Fingon is offline  
post #9 of 15 (permalink) Old Aug 26th, 2005, 05:33 AM Thread Starter
Enjoying married life.
 
Wigglytuff's Avatar
 
Join Date: Feb 2004
Location: lolcat
Posts: 19,642
                     
Quote:
Originally Posted by Fingon
do you really think it's possible to write software without holes? maybe if you did it for a living you would know that doesn't make sense.

And you really think Windows is the only software with vulnerabilities?

Firefox had like 8 vulnerabilities discovered within hours of its release. The tiger OS had multiple patches shortly after release.

Oracle, Cisco, Sun are constantly patching their systems. Oracle used to release patches faster than MS, they do now once a month, not because there are less vulnerabilities but because their customers asked them to.

BTW, with open source you don't even need to reverse engineer, just read the source code that is available, if you know what you are looking for ...

Thinking of software with no bugs/vulnerabilities is the same as thinking you can drive without the chance of a mechanical failure or an accident, it's just not possible.

BTW, Windows has a few billion lines of code, I really invite anyone interested to find all the possible security problems and fix them.

another thing, do you really think Microsoft "write the holes"? often the holes are for NOT writing something, missing checks, missing exception handling and if you think MS enjoys it think again, Windows XP sp2 costed 1 billion dollars do develop and rendered zero income, I don't think they amuse themselves with security holes.
you miss the point entirely.

and yes microsoft has written a number of these holes into its system on purpose. they have said so themselves. now they have called them "features" until someone with a brain shows them why its stupid. and these things include a GOOD number of things that SP2 does.

i mean what retard at microsoft thought up the "feature" where a website can install a program on your computer without your consent or knowledge?

"racism is dead, it died when MLK walked on a bridge and freed the slaves. Now we have a socialist Kenyan president who is not an American and if anyone mentions race they are a reverse racist (while racism is dead, reverse racism is alive and well.) #whattheyteachyouatfox"

Last edited by Jigglypuff; Aug 26th, 2005 at 05:52 AM. Reason: spelling
Wigglytuff is offline  
post #10 of 15 (permalink) Old Aug 26th, 2005, 05:35 AM Thread Starter
Enjoying married life.
 
Wigglytuff's Avatar
 
Join Date: Feb 2004
Location: lolcat
Posts: 19,642
                     
Quote:
Originally Posted by JenFan75
Yup.
can i ask why come?

"racism is dead, it died when MLK walked on a bridge and freed the slaves. Now we have a socialist Kenyan president who is not an American and if anyone mentions race they are a reverse racist (while racism is dead, reverse racism is alive and well.) #whattheyteachyouatfox"
Wigglytuff is offline  
post #11 of 15 (permalink) Old Aug 26th, 2005, 06:16 AM
Senior Member
 
Join Date: Jun 2001
Location: Hitlum
Posts: 8,050
                     
Quote:
Originally Posted by Jigglypuff
you miss the point entirely.

and yes microsoft has written a number of these holes into its system on purpose. they have said so themselves. now they have called them "features" until someone with a brain shows them why its stupid. and these things include a GOOD number of things that SP2 does.

i mean what retard at microsoft thought up the "feature" where a website can install a program on your computer without your consent or knowledge?
First of all, there isn't a feature were a website can install a program on your system without your knowledge, some sites have used vulnerabilities not "features" to do that.

Maybe you would prefer that you can't install anything downloaded? because it's the only way to prevent that from happening, you are supposed to install only software with a valid certificate but there are always ways around it, the same way you can break a lock in a house.

I would like you also to enumarate what are those holes that Microsoft intentionally put there, especially in SP2. The documentation about SP 2 is quite technical and there is a large part of it that I don't understand even though I work in IT, I am only concerned with the features that affect programmers, like authentication in MST, RPC, pipes, messaging, etc.

the only way to make an OS safe (any os) is to stay away from the internet, as simple as that, if you are connected you are vulnerable, and some of the features you think are brainless are also present in the mac os.

Buffer overflow is one of the most exploited vulnerabilities and that's possible in any application or OS, and I can promise you that every application has vulnerabilities, and many of them.

BTW, I use Windows and never had a problem.

another thing, the zero hour vulnerabilities are quite rare. a vast majority of attacks occurred against known vulnerabilities that haven't been patched (the patch exists but hasn't been installed). Most of the vulnerabilities to which there is an exploit and not a patch are not in the wild and are only known in labs. The majority of the security problems are not detected by hackers but by consultants and antivirus companies, hackers take advantage of that information.

You might also find interesting that some of the worst attacks (like DDOS) targetted Cisco and not Microsoft's vulnerabilities. Maybe we should get rid of Cisco?
Fingon is offline  
post #12 of 15 (permalink) Old Aug 26th, 2005, 06:29 AM
Senior Member
 
JenFan75's Avatar
 
Join Date: Jan 2005
Location: Officially Dead
Posts: 2,493
                     
Quote:
Originally Posted by Fingon
do you use linux?

Nope. But I don't whine about windows either so it's all good
JenFan75 is offline  
post #13 of 15 (permalink) Old Aug 26th, 2005, 06:30 AM
Senior Member
 
JenFan75's Avatar
 
Join Date: Jan 2005
Location: Officially Dead
Posts: 2,493
                     
Quote:
Originally Posted by Jigglypuff
can i ask why come?

Because PCs are just an all-around better computer to have. You get more for your money.
JenFan75 is offline  
post #14 of 15 (permalink) Old Aug 26th, 2005, 01:49 PM Thread Starter
Enjoying married life.
 
Wigglytuff's Avatar
 
Join Date: Feb 2004
Location: lolcat
Posts: 19,642
                     
Quote:
Originally Posted by Fingon
First of all, there isn't a feature were a website can install a program on your system without your knowledge, some sites have used vulnerabilities not "features" to do that.
you are just wrong.

its called activex. dont deny active x exists.
from wiki:
ActiveX and Internet Security

A control using ActiveX technologies. An ActiveX control can be automatically downloaded and executed by a Web browser. An ActiveX control is similar to a Java applet. Unlike Java applets, however, ActiveX controls have full access to the Windows operating system.

The embedding of ActiveX into the Internet Explorer web browser created a combination of functions that has led to an explosion of computer virus, trojan and spyware infections. These malware attacks mostly depend on ActiveX for their activation and propagation to other computers. Microsoft recognized the problem with ActiveX as far back as 1996 when Charles Fitzgerald, program manager of Microsoft's Java team said "If you want security on the 'Net', unplug your computer. ... We never made the claim up front that ActiveX is intrinsically secure." [1] ActiveX as it is currently implemented is intrinsically insecure and is the biggest weakness of Internet Explorer not addressed by Internet Explorer Service Pack 2.

"racism is dead, it died when MLK walked on a bridge and freed the slaves. Now we have a socialist Kenyan president who is not an American and if anyone mentions race they are a reverse racist (while racism is dead, reverse racism is alive and well.) #whattheyteachyouatfox"
Wigglytuff is offline  
post #15 of 15 (permalink) Old Aug 26th, 2005, 01:51 PM Thread Starter
Enjoying married life.
 
Wigglytuff's Avatar
 
Join Date: Feb 2004
Location: lolcat
Posts: 19,642
                     
Quote:
Originally Posted by JenFan75
Because PCs are just an all-around better computer to have. You get more for your money.
so true. these viruses and worms are pricey and windows gets you more than all other os put together.

"racism is dead, it died when MLK walked on a bridge and freed the slaves. Now we have a socialist Kenyan president who is not an American and if anyone mentions race they are a reverse racist (while racism is dead, reverse racism is alive and well.) #whattheyteachyouatfox"

Last edited by Jigglypuff; Aug 26th, 2005 at 02:06 PM. Reason: spelling
Wigglytuff is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the TennisForum.com forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page



Posting Rules  
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome