Hi D,
I can't find that line, however.
two things have happened this week
- I get very amusing emails from people who have the sircam virus and
give a supprise Huh, when you say what is the attachment you just sent me
I use Outlook at work, and got Sircam twice (Norton AV did pick it up), another guy here got it 10 times from the same person... a record ? (all with different attachments so therefore I beleive 10 separate infections....obviously a loop going on there!) I have a little goodie installed on my work machine called JustBeFriends which automatically intercepts any calls to/from outlook via macros/vbs etc. Whenever anything 'naughty' is attempted it pops up a little message telling me and giving the option to terminate the culprit, which I always do. My question is... why can't M$ do this. Has anyone seen the ads for Office XP with the line 'stop that nasty virus spreading' or something similar, boasting of the greatly superior security features of XP. Superior to what? Well previous office releases of course. I mean come on... Win2k did the same, over NT. I'm sorry but 'improved security' is not a selling point, its a bloody requirement. Who wants a word processor that is a security risk. Could you imagine it. Yet people buy this crap from MS all of the time. I've just been forcibly (kicking and screaming) upgraded to Office 2k. Its alot bigger isn't it... doesn't do anything more though. So its probably full of crap as well.
- Most of my email accounts have filled up with smug gits (read linux
users) who aren't affected by Code red and are in serious gloat mode.
You've just found another. My boss phoned the other day from his Holiday asking if I knew about this Code Red and whether I had got our web servers patched. When I started laughing he said 'Its a Microsoft thing isn't it?'
Just out of interest how many security holes have been found in apache?
If you exclude things like mod_jserv very very few (you could get a good count by looking up all of the advisories for apache at securityfocus.com ... haven't got time today) but I'm sure its very low. The point is though that IIS is easy (to a good Computer Scientist) to find holes in despite its 'closed source' nature. Just attach your debugger and if you're OK with assembler you can start to find certain patterns of behaviour within the code which suggest vulnerabilities. Apache vulnerabilities have invariably all been patched within a day or two of discovery/report (usually b4 common knowledge / security advisories have been released). The other area MS lose out in this is that not only do they take ages to issues patches after they finally admit that a vulnerability is not an innovative functional addition!!! but that the general animosity held towards them from the hacker community means they receive less 'goodwill' from those who discover vulnerabilities. Thus exploits are usually in the wild and the vulnerability public knowledge before MS do anything about it. Which only makes me grin some more.
Nice one David. see you soon. BTW cannot make the next meet as I'm going on Hol on Aug 12. (sorry, maybe sept.)