Tuesday, July 3, 2001

Gibson Meets with MS -- 9:26 am CST, Update by A.T. Hun

Steve Gibson reported on a conference call he had with Microsoft officials on the subject of raw socket support in Windows XP. Granted, Gibson has a tendency to be melodramatic, but their cavalier attitude toward security (especially in light of their .NET strategy) is disturbing to say the least. This comment frightened me the most:

Because of the danger of abuse of full raw sockets, all other operating systems restrict its use to only the most highly privileged applications running with "root" privileges. But as we heard in today's meeting, the need to run Win9x legacy applications under Windows XP has forced the notion of "privilege" to be discarded and thus eliminated a crucial layer of protection. All Home Edition Windows XP applications will, therefore, be running as "root" . . . and a dangerous capability that was never meant to be globally available to all applications -- and which ISN'T in any other systems which offer full raw sockets, which have retained the notion of "execution privilege", -- has been made available to all applications.

The emphasis is mine. If this is true, it means that Windows XP will be just as vulnerable to the myriad of viruses, Outlook hacks, and the rest as Win9x. Thanks for nothing, folks. I saw this on Linux Today.

J.t.Qbe comments: Gibson has reason to be melodramatic: he's been a victim of "Microsoft security" and sees the greater danger looming in Windows XP. Read this article, everyone, and consider how much YOU believe Microsoft's claim that .NET will keep your data safe and secure in light of their refusal to take even the most basic security precautions in their software.

The Master comments: The problem Gibson is complaining about isn't really UNIX socket support in XP-the problem is that XP is so insecure that someone can crack into an XP machine and rootkit it, then be able to do anything they want because the full socket implementation allows packet address hiding. These problems already exist in Linux and UNIX, but those OSes are more secure than XP. Kinda. It's awfully easy to make a UNIX box that is easily cracked too . . .

Monday, July 2, 2001

Anachronox Patch 1.01 -- 9:06 pm CST, Update by A.T. Hun

ION Storm's Joey Liaw updated his .plan with word that the first patch for Anachronox has been released. He also goes into some details on their attempts to fix the Win2K crashes.

Here are some mirrors for the 4.1M patch: Eidos, FilePlanet, Blue's News. Now please give me the demo :)

Return to Wolfie Interview -- 8:57 pm CST, Update by A.T. Hun

Gamespot caught up with id's Kevin Cloud and pried for all the information they could get on Return to Castle Wolfenstein. I'm really interested in this game. I hope the flamethrower is as cool as it appears in the screenshots. Thanks Blue.

M$ Wages War -- 8:48 pm CST, Update by The Master

There's a fascinating article up on Business 2.0 titled Microsoft Wages War on Open Source. Give it a read.

I think most of the folks who've been watching this silly Open Source retoric from M$ realizes the simple truth-M$ is afraid that Open Source will create some software they must have, and because of the open source licenses, they will not be able to co-opt it into their systems and charge up the ying-yang for it.

That's just too bad Microsoft. I feel real bad for you and your massive revenue stream. Blech.

Past Two Days' News

The Haus is powered by:

All original information on this website is copyright © TheHaus.Net, 1999-2005. The use of original images, text, and/or code from this website without expressed written consent is prohibited. The authors of this site cannot be held responsible for any damage, real or imagined, which comes from the use of information presented on this site. All trademarks used are the properties of their respective owners. This site is not to be used as a floatation device (but if you try, I want a video tape of it).