Re: Windows Server 2003 Security Guide available

From: Lucas Holt (luke_at_foolishgames.com)
Date: 04/29/03

  • Next message: Cesar: "Latest MS SQL Server vulnerabilities revealed"
    Date: Tue, 29 Apr 2003 15:45:59 -0400
    To: bugtraq@securityfocus.com
    
    

    You do not need Microsoft Office to open word documents.. AppleWorks
    will do it, and maybe open office/star office? Granted, Microsoft has
    a monopoly. I think you can open word documents with Wordpad which is
    free (and lousy). If you are reading a windows security document, you
    probably have a windows box with wordpad. There used to be a word 97
    viewer as well that was free.

    Plain text files would be the only "safe" format. Even Acrobat
    documents have security problems.

    Another thing that troubles me about this debate is MITM attacks
    period. Lets face it, any file format is susceptible to this sort of
    thing. I could put up a fake microsoft MSDN library website and use
    DNS poisoning to give developers bad documentation.

    What next? Force users to use SSL for all websites? Stop using the
    internet all together?

    >
    > What I found interesting is that some of the documentation is in
    > Microsoft Word or MS Excel format. This implies that to take full
    > advantage of the information, you need to own an MS Office license.
    > Is this another example of abuse of monopoly? For that matter, are
    > .doc
    > or .xls documents necessarily safer than .exe's? You decide...
    >
    > --
    > David.
    >

    Lucas Holt
    Luke@FoolishGames.com
    ________________________________________________________
    FoolishGames.com
    JustJournal.com

    "The next generation of interesting software will be made on a
    Macintosh, not an IBM PC."

    -- Bill Gates (unconfirmed quote)


  • Next message: Cesar: "Latest MS SQL Server vulnerabilities revealed"