[OT] Micro$oft versus security
Thomas E. Spanjaard
tgen at netphreax.net
Thu Sep 22 08:20:22 PDT 2005
walt wrote:
Okay, that's why I asked -- I didn't know that. But why take a year
to break a secure hash when you can use a buffer overrun to gain
access to ten thousand Windows machines in a few minutes ;o)
Same can be said of the hundreds of thousands of Apache installations
out there. And Microsoft really works on those kind of issues, but
they're not something their third party developers can work on (as far
as Microsoft-code is concerned). Microsoft however can give advises to
those developers about secure practices, and no doubt buffer overflow
issues have been mentioned to them for several years now. It's only
because of 'recent' policy change that you actually see Microsoft
publishing this.
Cheers,
--
-- Thomas E. Spanjaard
tgen at xxxxxxxxxxxxx
Attachment:
signature.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00017.pgp
Type: application/octet-stream
Size: 187 bytes
Desc: "Description: OpenPGP digital signature"
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20050922/40579249/attachment-0021.obj>
More information about the Users
mailing list