April 28th, 2003, 02:01 PM
searching a job?M$ hires hackers!!!
The M$ Server 2k3 use a group of hackers for IVQ purposes.
Just hope those guys are real whitehats ... & not kiddies
full article here ...
One person I have working for me actually used to be a hacker -- he's British -- and we persuaded him there was a career to be had. We took a whole bunch of these people and made them hackers. We had them hack the system. We took the people who were responsible for each component and we did design reviews and code reviews. We created a whole book of common coding problems that lead to security errors, and we took every piece of code in the system and compared them against those rules. We created tools that run across the code and understand almost all the attacks. Microsoft Research built a tool that can find almost all the buffer overflow problems, and compilers added a bunch of checking.
[shadow] SHARING KNOWLEDGE[/shadow]
April 28th, 2003, 02:22 PM
I wouldn't be cought dead working for M$..
All my coleagues are asking me questions about configuring their windows and call me reading their blue-screens..
Like I can do anything about it..
And also.. I dislike working for big impersonal companies.. and Microsoft is just about as big and impersonal as you can get...
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio
the best station for C64 Remixes !
April 28th, 2003, 03:11 PM
I have a favor to ask... would someone please make those little apps for finding buffer overflows available over the internet? (yeah right), I be they'd be most usefull of course their still made by microsoft...
April 28th, 2003, 03:26 PM
I remember microsoft issued a challenge to the l33t when they introduced 2000 server.
I remember they said it was very secure and offered a reward if anyone could break into or crash it.
Oh how I laughed when the server fell over by its self after only 24 hours.
Almost as funny as when Billgatus of the M$Borg was demonstrating windows 98SE support for USB and plugged in a scanned and the machine blue screened.
April 28th, 2003, 03:38 PM
yeah, that all sounds too familiar HAHA!
April 28th, 2003, 03:57 PM
wouldnt surprise me this time if he was demonstrating the power of server2k3 and somebody broke in while he was demonstrating all the 'advanced security features'...
I did not come here to tell you how it is going to end, I came here to tell you how it was going to begin. I\'m going to hang up this phone, then I\'m going to tell these people what you don\'t want them to hear.
April 28th, 2003, 04:22 PM
To be franc, if I was the vice-president of Windows Core Technology, as Rob Short is, I would never say:
"We created tools that run across the code and understand almost all the attacks".
Saying that M$ credibility failed over.
1 thing more: If a blackhat is helping them, there is a chance he inserted its own backdoor into the closesource win ...
wait & see
[shadow] SHARING KNOWLEDGE[/shadow]
April 28th, 2003, 08:33 PM
But even if one did would you even be able to tell it was there with all of the bugs and flaws that are already in it? I dont believe that M$ will ever have a "unhackable OS" like they would like to think they will someday / already have in the past made.
d0m1n10n: 1.Control or the exercise of control; sovereignty: “The devil... has their souls in his possession, and under his dominion” (Jonathan Edwards).
2. A territory or sphere of influence or control; a realm.
often Dominion Abbr. Dom.
April 28th, 2003, 08:41 PM
Nobody will ever make an unhackable OS. As long as humans make mistakes, which will not change anytime soon, the OS'es that we create will have mistakes.
Also- somebody that is doing penetration testing of an MS OS would have zero access to the actual sourcecode of windows. I am pretty familiar with how the code check-in process works at MS, and I would have to say that they have one of the best processes that I have ever heard of. This doesn't mean that their code is any better than anybody elses, they just have very tight controls on their code.
April 28th, 2003, 09:36 PM
people making mistakes isnt the only reason an OS is hackable, theres a simple rule about it: if it can be programmed it can be hacked.