RE: [Full-Disclosure] lame bitching about xpsp2

From: Todd Towles (
Date: 08/13/04

  • Next message: SGI Security Coordinator: "[Full-Disclosure] SGI Advanced Linux Environment 3 Security Update #9"
    To: "devis" <>, "Full-disclosure" <>
    Date: Fri, 13 Aug 2004 13:30:35 -0500

    I agree that Windows would improve from a core OS rewrite. They need to
    forget DOS (which the can't) and get really permission security. I
    agree. But to blame MS for the current lot of malware still on the
    internet isn't fair. I run Windows XP (along with Linux boxes) at the
    house and I don't pollute the internet with that junk. But of course we
    are computer people and we can't turn that off, we can't think like
    normal people anymore. We are fully aware of the dangers of online
    banking at home directly connected to the internet thru a cable modem
    and no router.

    But sad to say, normal people are not..and will not understand. To quote
    a movie, they are the cattle and we are the cowboys of the new digital
    wild west.

    -----Original Message-----
    From: devis []
    Sent: Friday, August 13, 2004 1:02 PM
    To: Todd Towles; Full-disclosure
    Subject: Re: [Full-Disclosure] lame bitching about xpsp2

    I am getting nimda probes because nimda from a start was made possible
    by MS designing a web server full of damn holes ( read not tested,
    deadlines, time is money ). Do not blame the people not patching their
    boxes, as it is the problem today, but not the problem that caused it.
    That is what i am talking about short term memory. Track problem at
    their source instead of fixing now whats leaking., and will releak soon
    another way. Aren't we likely to see a new worm attacking MS systems in
    the next future ? Of course we will. Time to stop pretending computing
    is easy just to sell their damn sofware, and educate people about
    computer security, which is the reverse of what they have been doing,
    for all these years. Applauding the change of direction ? I don't cause
    it is higly hypocrit, otherwise the new pop up blocker of Internet
    Explorer will block ALL popups.

    Beside, the unix based permissions system has proven far superior, ask
    apple. Still shameful that the default XP install, in 2004, at these
    malware times, still logs you as an administrator . Would you feel safe
    using ur *nix box as root everyday ? I wouldn't.

    If Ms is really serious, they wouldn't design lame things from a start.
    They do want you to have to patch. They do want you to consume and buy
    plenty anti virus, personnal firewall etc etc. Don't beleive me ? Take a
    look at the svchost.exe and how it werks.
    So i hope SP2 will reduce these bogus traffic everyone sees.

    Wake UP before its too LATE.
    My 2 cents.

    Full-Disclosure - We believe in it.

  • Next message: SGI Security Coordinator: "[Full-Disclosure] SGI Advanced Linux Environment 3 Security Update #9"