[ale] OT: A funny one from Computerworld on XP SP2
Robert Heaven
robertheaven at earthlink.net
Mon Aug 23 11:23:59 EDT 2004
Also, I can see it coming... M$ , or any one for that matter, will put
out a software update (which inadvertently has a bug in a start-up
routine that does an accidental buffer overflow under certain
conditions), the user's PC does the automatic shutdown. Then when it
tries to boot up again, it hits the buffer overflow and shuts down...
over and over...
On Mon, 2004-08-23 at 10:57, Robert Heaven wrote:
> If I'm reading this right... M$ has now given the hackers a convenient
> and easy way to shut down everyone's Winbloze computers...
>
> >From a user's perspective they're now faced with 2 choices:
>
> 1. Let the hackers execute malicious code.
> 2. Let the hackers shut down all the computers at will.
>
> That's not much of a choice. I wonder which one would have the most
> impact on a production environment?
>
>
> On Mon, 2004-08-23 at 10:07, Irv Mullins wrote:
>
> > On Monday 23 August 2004 08:45, Matthew Brown wrote:
> > > I cut-and-pasted this one from the ComputerWorld site. It is in the
> > > middle of the article on Windows XP SP2, discussing the benefits of
> > > SP2's new networking security:
> > >
> > > * Protection against DoS attacks
> > >
> > > SP2 should help significantly with denial-of-service (DoS) attacks
> > > caused by buffer overflows
> > >
> > > <http://www.computerworld.com/securitytopics/security/story/0,10801,82920,0
> > >0.html>, when too much data is sent to an application's temporary storage
> > > area -- sometimes causing that excess data to act as executable code. One
> > > of the most popular DoS exploits, buffer overflows will now be prevented
> > > from executing commands and will shut down
> > > systems instead. It's an inconvenience that's worth the peace of
> > > mind that no code can be launched and the device won't be further
> > > damaged.
> >
> > Typical Microsoft 'solution'. All your work will go bye-bye, but that's a
> > small price to pay "to prevent further damage" :)
> >
> > "ABORT, RETRY, IGNORE" offered two too many options for the average computer
> > user, so they went to just plain "ABORT" with Windows. Now they've dropped
> > the "ABORT" option as well. Jeez.
> >
> > Irv
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
>
>
>
> ______________________________________________________________________
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ale
mailing list