Re: Microsoft Windows Impersonation Privilege Escalation Weakness

Alun Jones wrote:

Imhotep wrote:
"Microsoft Windows is susceptible to a weakness that may allow
attackers to gain elevated privileges. This issue is due to the
ability of services to impersonate clients after they have

I read this a while back. It basically says "if you give your username
and password to a service that pretends to be you, that service can
pretend to be you".

The same "weakness" exists in every other operating system.

You can do better than this, surely - an outdated article that describes
as a weakness a basic, known, issue with handing your authentication
credentials over to another party for delegation.

Come on, where's the insightful Imhotep, the guy who's ahead of the game,
who's predicting where Windows will take a tumble next, and unflinchingly
provides advice designed to protect users, rather than merely scare them?

I've yet to see that Imhotep, but I'd like to believe that if you try
really hard, you can squeeze one such posting out.

[Please don't email posters, if a Usenet response is appropriate.]

Warning! Warning! Alun "spanky" Jones Idiot alert!!!

Still waiting on you stepping up and being a man. You made a comment, got
caught lying, and ran away like a weeping foolish troll you are...come on
are you better than that?

What about the users here? Don't you want to provide honest data? Are you
better than that?

<guess not, you're just another meatball>