Re: Source Code


http://en.wikipedia.org/wiki/Security_through_obscurity

http://slashdot.org/features/980720/0819202.shtml

I see the slashdot article does not think it is a good idea but why not have
a multi-layered safety and security structure --- eg.

Vista --- external defense of NT

Windows 98 Second Edition --- internal safety of 9x and DOS -- reason being
less services, no or at least limited remote access --- meant to stand-a-lone
and not be networked with everything else ---- just an approach for now until
Microsoft has developed a true and good replacement to the NT source code --
now companies want to have backups of course --- just check out secunia.com
and see all the active vulnerabilities against Windows XP Home and
Professional and Windows 2000 Professional and even some coming against
Windows Vista -- remember Windows 98 Second Edition was supported from 1999
all the way until July 11, 2006 and that is certainly a long time to help
harden the operating system --- it has the life and time to prove that it is
strong

Mozilla Firefox --- supports 256 bit AES cipher strength -- not supported in
IE until Windows Vista

Use open source technologies like Spywareblaster to help prevent baddies
from getting on to your machine

practice safe web surfing methods --- reading in plain text, not using
flash, blocking remote code

keep all software updated

have important computers locked securely in internal rooms with limited access

information only given in companies and technology to their workers on an as
needed basis

workers provided access only with what they need and granted additional
access as trust and skills are built --- give the workers less then they need
and slowly build it up -- although frustrated workers --- safer network and
less likely the company secrets will disappear

treat intranet carefully --and have special dedicated computers for a
minority of workers who need to use VPN to access the company's intranet---

have customized settings and numerous honeypots within the company's
intranet and other methods to catch hackers and deal with attack as needed
and report to proper authorities --- asap --- eg. letting us-cert.gov be
priority number 1

need to implement old-school technologies like wired phones with filters and
treat all information as already compromised because then we can see what has
been compromised and remember without wires the information is freely flowing
through the air and can easily be picked up and sometimes deciphered even if
encrypted if a strong enough encryption has not been used --- what about
someone stealing a session cookie and using it to access the user's email
account?

work backwards like everything has been compromised at the company and then
study our history to see what methods were effective in the past and not
being used today -- for example certain hardware technologies that were great
and laid by the wayside for only a software only or a software primarily
approach method --- we need to use it all and quickly and have stop-gap
methods while better methods can be developed in the future to help safeguard
everyone

these are just ideas and open to discussion and interpretation and I know I
do not know networking like many of the experts do but at least my small
voice may help others use their brains more to help develop better
information security and safety methods for the future

"FromTheRafters" wrote:


"Dan" <Dan@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:22B13749-E86E-4E83-B1DC-AA66C4D11131@xxxxxxxxxxxxxxxx
Here is an article about how the NT source code was leaked and apparently
even DOS source code was leaked back in the day but no one cared because
it
was so old.

Who cares?

Many OSes are "open source" - anybody can see the source
code - it doesn't make any difference. This 'secrecy' isn't an
issue and neither is the leak.

Look for "security through obscurity" and see what experts
have to say about it.

I now ask Microsoft how long will it be before Microsoft has new
operating systems with new source code. Wikipedia mentions Windows 7 will
use the Windows NT source code much to my dismay. How about the successor
to
Windows 7 will people finally get an operating system with new source code
that will be a relief from the tired out code that has caused so many
security problems.

http://news.bbc.co.uk/1/hi/technology/3485545.stm

http://en.wikipedia.org/wiki/Windows_7




.

Relevant Pages

  • Re: Programmers unpaid overtime.
    ... So now you claim your C source code is deliberately obfuscated? ... > As I do hope you are aware, a Turing machine can run Windows 2000 as ... > quintuples, the Turing machine is given enough time and the privilege, ... I didn't show you a four-line struct. ...
    (comp.programming)
  • Re: Video editing in Linux?
    ... whatever you would want, i would have to first get linux installed, ... It is totally viable that you could modify the source code out there ... in the same way that Windows security gets ... i doubt your cpu even hits 10% of its potential ...
    (alt.linux)
  • Re: whats a callback?
    ... That's because you get all the source code and about 3000 other ... > for instance PocketPC Windows doesn't take up that much space either. ... What about the fact that Excel ... will be available after the install of the next MS Office Service Pack. ...
    (sci.electronics.design)
  • Re: Is DNSSEC supported by Windows?
    ... The fact is that my Windows XP ... computers in such a mess because they were angry at APS for firing them from ... is external because it is based on the NT source code. ... Second Edition but hopefully Microsoft can fix it well. ...
    (microsoft.public.security)
  • Re: whats a callback?
    ... That's because you get all the source code and about 3000 other ... > for instance PocketPC Windows doesn't take up that much space either. ... What about the fact that Excel ... will be available after the install of the next MS Office Service Pack. ...
    (comp.arch.embedded)