Results 1 to 8 of 8

Thread: FBI Advice For Win Usrs

  1. #1

    Exclamation FBI Advice For Win Usrs

    This is an article from Yahoo! and the full story on the subject can be viewed here. The FBI has reversed its advice for computer users trying to protect themselves against serious flaws in the latest version of Windows: Applying the free fix from Microsoft Corp. is adequate, after all.
    The bureau's top cyber-security unit, the National Infrastructure Protection Center, told consumers and companies Thursday to disregard its earlier advice to go beyond the Microsoft recommendations to protect against hackers who might try to attack Windows computers.

    The FBI said it based its latest determination ``upon a careful review of the written technical materials provided by Microsoft'' and after working with the federally funded CERT Coordination Center, who are researchers at Carnegie Mellon University.

    Microsoft said last month that Windows XP suffers from serious problems that allow hackers to steal or destroy a victim's data files across the Internet or implant rogue computer software. The glitches were unusually serious because they allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet. The problem also affects some copies of earlier Windows ME software, and in some rare cases can affect users of Windows 98

    Microsoft offered a free fix on its Web site the day the vulnerability was announced. But one day later, on Dec. 21, the FBI urged consumers and corporations to go beyond installing that fix and to disable the Windows ``universal plug and play'' features affected by the glitches.

    However, even those warnings came under fire by experts as inaccurate. The steps outlined by the FBI failed to instruct consumers also to turn off in Windows an important, related feature - called a ``discovery service'' - that still left computers vulnerable.

    ``They made an honest mistake, gave the wrong information,'' said Richard M. Smith, an independent security expert in Brookline, Mass. ``All this stuff is so complicated. It shows that even the experts can't keep track of it.''

    At the time, the FBI said its recommendation to shut down the vulnerable Windows features was based on ``technical discussions with Microsoft and other partners in the Internet and information-security community.''

    Outside experts have cautioned that disabling the affected Windows XP features threatens to render unusable an entire category of high-tech devices about to go on the market, such as a new class of printers that are easier to set up. But they also said that disabling it could afford some protection against similar flaws discovered in the future.

    After its first warning, the FBI's cyber-security unit published an Internet link to the Web site for eEye Digital Security Inc., which discovered the Windows flaws. eEye's advisory, published on its Web site, also urged consumers to install Microsoft's fix and cautioned that ``it would be wise'' to turn off the vulnerable features completely.

    The FBI acknowledged Thursday that neither it nor security experts at CERT had independently tested Microsoft's repair solution. But the FBI said, ``We are satisfied that it corrects the problem that could lead to system compromise and affords substantial and adequate protection.''

    Makes ya wonder how secure your XP OS is dosen't it?


    Remote_Access_

  2. #2
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    ``They made an honest mistake, gave the wrong information,'' said Richard M. Smith, an independent security expert in Brookline, Mass. ``All this stuff is so complicated. It shows that even the experts can't keep track of it.''
    How about doing it right the first time, Microsoft, so that this **** doesn't happen every time you release something new? This is one reason why I can't stand them, always offering something that'll be the end-all-be-all yet 1 day later or so, someone's busted it open, got the equivalent of "root", and can do "anything on the computer except connect to the internet". Right on, MS, way to go! As for the "so complicated" comment, I don't see open source being so complicated that the dozens or hundreds of developers can't keep track of it. Ever hear of CVS trees? Mailing lists? Good developers period?
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  3. #3
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716

    Thumbs up

    I'm getting paranoid.
    It's getting so that Internet access
    is no longer a luxury,but a necessity.
    But to stay in the game, it seems
    you have to accept the idea
    of losing control of your machine.
    If you want all those nifty new
    features, you have to accept the
    security risks.
    If you whine and complain,
    Gates accuses you of being
    a Luddite.
    The problem is that technology
    is controlled by optimists
    who only see the advantages
    of progress, but not the security
    issues. Fancy features sell software,
    but security is seen as the realm
    of pessimists and paranoics.
    I came in to the world with nothing. I still have most of it.

  4. #4
    Sounds like Microsoft had to go bribe some fbi guys to get this one covered up right.

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    218
    You would think it would go without saying by now that if you are online, you are vulnerable. Especially if you are using Windows, or any MS product for that matter.

  6. #6

    Exclamation !Parinoid

    I'm getting paranoid.
    - I'm always parinoid on the internet.
    They're always watching!

    It's getting so that Internet access
    is no longer a luxury,but a necessity.
    - How so?

    But to stay in the game, it seems
    you have to accept the idea
    of losing control of your machine.
    - That's an argueable statement. You only lose controll of your machine if you've lost the ability to secure it.

    If you want all those nifty new features, you have to accept the
    security risks.
    - I can do with out the nifty new features. I wouldn't trade security for convienence.

    If you whine and complain, Gates accuses you of being a Luddite.
    - Bah, **** Gates.

    The problem is that technology is controlled by optimists
    - Technology is controlled by those who understand it and know how to use it to their advantage.

    who only see the advantages
    of progress, but not the security
    issues.
    - There are ppl who realize those issues..

    Fancy features sell software, but security is seen as the realm
    of pessimists and paranoics.
    - Call me a paranoic then..

    Remote_Access_

  7. #7

    Re: !Parinoid

    Originally posted by Remote_Access_
    I'm getting paranoid.
    - I'm always parinoid on the internet.
    They're always watching!

    It's getting so that Internet access
    is no longer a luxury,but a necessity.
    - How so?


    Remote_Access_

    Ok, that's it. I can't take anymore.

    Remote_Access_, you are NOT Negative. If your going to copy his style (ie- quote and then reply, most times rather sarcastically) at least do it properly. Learn how to use the quote feature. Please. You''re killing me...Also, I'm aware that my spelling can sometimes leave alot for granted..we all make mistakes. But at LEAST MAKE AN EFFORT!


    I feel much better now that's off my chest....

  8. #8
    Senior Member
    Join Date
    Aug 2001
    Posts
    168
    this is just the follow up report on what i have heard the other day that the microsoft's windows XP is buggy. according to the report from the techtv (http://www.techtv.com) the microsoft team admitted that the windows xp is full of holes in which the microsofts suppies all the patches.

    according to the recent development microsoft said "we are regretfully to inform you that the windows xp, that we are releasing is not yet secure... thus, we are providing recent patches in every holes that has been discovered." ('this is what my friend heard').

    microsoft...windows... still the same..
    \"The more you ignore me... the closer i get!\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •