Re: [Full-disclosure] Steve Gibson smokes crack?
- From: eric williams <nfobro@xxxxxxxxx>
- Date: Fri, 13 Jan 2006 15:37:15 -0500
On 1/13/06, Jason Coombs <jasonc@xxxxxxxxxxx> wrote:
> Stan Bubrouski wrote:
> > Ordinarily I'd argue, but its hard to when we find out Microsoft knew
> > about the bug for a long time and made a concious decision not to
> > patch it even though they knew it could lead to a system compromise.
>
> It's hard to imagine anything other than conscious and willful
> preservation of known backdoors in Windows as an explanation for
> Microsoft's refusal to enable Windows Firewall by default until XP SP2.
>
While I agree with that fundamentally, there is one more point to
stress and that is with the architecture of the GDI and the meta-data
processor design. It seems to me that is where the 'flaw' was
introduced. That design flaw (allowing the content originator to
detemine what processing would take place when a render operation was
aborted) is what led down this path. Those decisions, imho, were made
well before Windows 9x even, so I think there may be some merit to
saying it "was known". I don't know tho' it "was known" means "was
known to be exploitable", per se.
-e
> Microsoft knew for years, if not from the very start, that all Windows
> boxes were by design exposing backdoors on the network, yet they did
> nothing to remedy the situation nor alert any customer to the risk.
>
> This smells to me like a whole slew of intentional backdoors, and I
> don't smoke anything.
>
> Regards,
>
> Jason Coombs
> jasonc@xxxxxxxxxxx
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- [Full-disclosure] Steve Gibson smokes crack?
- From: Morning Wood
- Re: [Full-disclosure] Steve Gibson smokes crack?
- From: Stan Bubrouski
- Re: [Full-disclosure] Steve Gibson smokes crack?
- From: Jason Coombs
- [Full-disclosure] Steve Gibson smokes crack?
- Prev by Date: Re: [Full-disclosure] Re: [ GLSA 200601-09 ] Wine: Windows MetafileSETABORTPROC vulnerability
- Next by Date: Re: [Full-disclosure] Steve Gibson smokes crack?
- Previous by thread: Re: [Full-disclosure] Steve Gibson smokes crack?
- Next by thread: Re: [Full-disclosure] Steve Gibson smokes crack?
- Index(es):
Relevant Pages
|
