Microsloths new security stance
Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Microsloths new security stance

  1. #1
    Member
    Join Date
    Dec 2001
    Posts
    68

    Microsloths new security stance

    Hello all this morning at about 6:40 .A.M est Bill Gates announced that security would now be at the forefront of all windows products{about time}. Bill also claimed that individuals would receive training in Microsoft Security {any oxymoron if i ever heard one} .:Ladies and gents i can see it now People having a full 7 test certification to secure a product that doesn't truly belong to microsoft , I am curious to hear what you think.



    eViL
    Ee

  2. #2
    Member
    Join Date
    Jan 2002
    Posts
    46

    Talking What I Think?

    I think it is time to stop thinking of Micro$oft products as the defacto standard... god...my stomach just can't take any more of this $hit!!!

  3. #3
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    I'm thinking it's something that Bill wants to get out into the open so that MS will have less heat from everyone, but this is nothing new. Until you get your departments talking to each other and programmers working together (what a concept), security will be limited to what each individual can do, and given the nature of the "code" existing right now for IE, Winblows, etc...I'd say there's a long way to go.

    Steps to take to "secure" MS products:

    1: start talking to each other at work
    2: stop bullshitting around and worrying about politics
    3: walk through every line of miserable "code" and remove bloatware
    4: stop "patching" functions at the end of the code...patch it where it's broken, not at the end you f'ing morons.
    5: check all variables and VALIDATE all user input against a strict function. Put rules on everything.

    Example of #5 (in perl):

    # declare get_name function to get the name from standard input (STDIN)
    sub get_name() {
    print "Enter your name: ";
    $name=<STDIN>;
    # call function check_name() for validating $name
    &check_name();
    } # end the function

    # define the function check_name()
    sub check_name() {
    # check against empty/null lengths and those greater than 15
    if (length($name) < 1 || length($name) > 15) {
    printf "Illegal name length : %d\n", length($name);
    # call get_name again
    &get_name();
    } else {
    # keep going
    &continue_parsing();
    } # end the if check
    } # end the function

    This is a very very simple check for just length and empty/null variables. I could do more, but I don't know if people really want to read all that shite, hehe. If people want it though, I could post varying checks both in shell, in c, and in perl for simple error checking. Maybe if MS starts doing "simple" stuff like this, we'll stop seeing crap like this. How many bugs exist that just come from buffer overflows (unchecked data length), and variable exploits (unchecked variables and assignments)? Too many...way too many.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193

    Post

    What do I think? I'll tell you what - I'm tired of patching their crap os's, apps and browsers. I still have to patch various unixes and other os/apps but M$ keeps us almost daily patching, hotfixing or service pking.
    Trappedagainbyperfectlogic.

  5. #5
    Senior Member
    Join Date
    Oct 2001
    Posts
    293
    micro$oft sux... it's as simple as that...
    zion1459
    Visit: http://www.cpc-net.org
    \"Software is like sex: it\'s better when it\'s free.\" -Linus Torvalds

  6. #6
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Posts
    852

    Re: Microsloths new security stance

    Originally posted by EvIl eLf
    Hello all this morning at about 6:40 .A.M est Bill Gates announced that security would now be at the forefront of all windows products{about time}. Bill also claimed that individuals would receive training in Microsoft Security {any oxymoron if i ever heard one} .:Ladies and gents i can see it now People having a full 7 test certification to secure a product that doesn't truly belong to microsoft , I am curious to hear what you think.



    eViL
    Okay, now I'm confused - you mean Microsoft is going to release software that you don't have to patch 23 times a week? Since I agree with what Vorlin said, Microsoft probably can't pull this off so I'd say that these new statements from Microsoft mean nothing. However, if Microsoft software is more secure in the future, it'll probably only require 15 patches and fixes per week. Of course, I guess that is an improvement Well, at least Microsoft realizes that their software just ain't the most secure in the world.
    - Maverick

  7. #7
    Banned
    Join Date
    Oct 2001
    Posts
    590
    There is something fundamentally flawed with Windows. But I think when it comes to making new products that the M$ marketing department has more to say then engineering does.

  8. #8
    Member
    Join Date
    Jan 2002
    Posts
    34
    I agree with anything said against Microsoft. I've never understood why M$ can't just do one of two simple options:

    1. Distribute Windoze source code, so the leigons of computer literates on the net can help in the monumental task of debugging it. (yeah, right)

    2. Make Windows open-source, like most UNIX-based Os's, and allow an option for people to send the revised code directly back to the programmers, so they can implement it in future versions of Windoze.

    I know that Gates is to interested in $$money$$ to take the time to put a decent OS on the market.

  9. #9
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    Just a thought:
    <breath>I reckon that if even half of the decent programmers out there who are sick of Microsoft OS's, worked together for half the amount of time that is spent bitching about Microsoft dodgy product, they could write an OS that is at least twice as good as any Windows!</breath>
    OpenBSD - The proactively secure operating system.

  10. #10
    Senior Member
    Join Date
    Oct 2001
    Posts
    293
    Originally posted by smirc
    Just a thought:
    <breath>I reckon that if even half of the decent programmers out there who are sick of Microsoft OS's, worked together for half the amount of time that is spent bitching about Microsoft dodgy product, they could write an OS that is at least twice as good as any Windows!</breath>
    We don't need to... we've already got linux!
    but ur right... we shouldn't waste so much time on bitching about M$, we should use our time to do something creative and injoy our interests.... but if "bitching about M$" is ones main interest then I find it quite alright for him/her to do it all he/she wants to... lmao ... we all (well, except Bill Gates) hate M$ and it's unsecured, overgraphical, flawfull programs so let's fight the power and kick them the hell out of the 'puter market! revolution! yea!
    zion1459
    Visit: http://www.cpc-net.org
    \"Software is like sex: it\'s better when it\'s free.\" -Linus Torvalds

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •