Re: Public announcements of SQL Security Vulnerabilities

From: Neil Pike (neilpike@compuserve.com)
Date: 08/02/02

• Next message: Suresh Channamraju: "Re: Appling hotfix 8.00.0636 (Security Bulletin MS02-039)"
• Previous message: Greg Smith: "Re: Permission to Users under DB"
• In reply to: BP Margolin: "Re: Public announcements of SQL Security Vulnerabilities"
• Next in thread: BP Margolin: "Re: Public announcements of SQL Security Vulnerabilities"
• Reply: BP Margolin: "Re: Public announcements of SQL Security Vulnerabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 02 Aug 2002 08:04:15 +0100
From: Neil Pike <neilpike@compuserve.com>

 BP,
 
> I'm sorry, but I just have to respond to your post ;-(

 And I'll come back on yours ;-)
  
> I wonder how Microsoft would feel if every time that a virus exploits a hole
> in one of their products, MS customers around the world sued Microsoft.

 You mean no-one has tried yet?
 
> The reason that's it's "not easy" to sue the hackers is because the code
> with the flaw was written by Microsoft, not by the hacker.

 But the worst you could blame the original programmer for is incompetence.
The hacker is actually trying to cause damage/harm to data/systems/network.
 
 I seriously doubt that most hackers would be able to pay any significant
damages/costs even if sued - they certainly aren't going to have professional
insurance!
 

 Neil Pike MVP/MCSE. Protech Computing Ltd
 Reply here - no email
 SQL FAQ (484 entries) see
 http://forumsb.compuserve.com/gvforums/UK/default.asp?SRV=MSDevApps
 (faqxxx.zip in lib 7)
 or www.ntfaq.com/Articles/Index.cfm?DepartmentID=800
 or www.sqlserverfaq.com
 or www.mssqlserver.com/faq

• Next message: Suresh Channamraju: "Re: Appling hotfix 8.00.0636 (Security Bulletin MS02-039)"
• Previous message: Greg Smith: "Re: Permission to Users under DB"
• In reply to: BP Margolin: "Re: Public announcements of SQL Security Vulnerabilities"
• Next in thread: BP Margolin: "Re: Public announcements of SQL Security Vulnerabilities"
• Reply: BP Margolin: "Re: Public announcements of SQL Security Vulnerabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Public announcements of SQL Security Vulnerabilities ... but I have to wonder if the hackers weren't publishing the security ... holes, would Microsoft have become as security conscious as they, hopefully, ... (microsoft.public.sqlserver.security) Re: Flaw in RPC Endpoint Mapper - NT 4.0 FIX ... Hackers may bring the server down but they ... It is not a national security matter. ... > This is not a direct link to 911, but I think the FBI needs to put pressure ... > on Microsoft to fix a major security FLAW on Windows NT 4.0. ... (microsoft.public.security) Re: Vista wins the race! ... Microsoft fixes new faults in Windows ... Microsoft was so worried about the hole, which allowed hackers to break into ... Users surfing the Web were the first targets, security experts said. ... (comp.sys.mac.advocacy) Re: Vista wins the race! ... Microsoft fixes new faults in Windows ... Microsoft was so worried about the hole, which allowed hackers to break into ... critical security fix a week ahead of a regularly scheduled update. ... (comp.sys.mac.advocacy) Re: Vista wins the race! ... 2007 Microsoft fixes new faults in Windows Associated Press ... Microsoft was so worried about the hole, which allowed hackers to break ... out the critical security fix a week ahead of a regularly scheduled ... (comp.sys.mac.advocacy)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint