-
January 29th, 2002, 11:04 PM
#1
Junior Member
Looking for accurate info
Helllo ... I am doing an essay for one of my 3rd year Computer Engineering courses and
the topic that I would like to discuss is how Microsoft chose to add features instead of fixing
bugs and other known security issues. Also, I am looking for info on the efffects of these
flaws (Like the IIS problem).
I have been scouring the net for weeks and have <some> good info. I was hoping that some
of you could point me to some appropirtate articles. I need reliable sources; newspapers, gov sites,
CERT articles, etc ... not "MICROSOFTSUCKS.COM" ... I need creditable sources and creditable info.
A lot, suprisingly a lot, of info that I have found is full of assumptions and anti-MS retoric. I have
had a really difficult time finding good info and am beginnig to get frustrated.
I thank all of you for the help.
GoldenSpiral
-
January 29th, 2002, 11:22 PM
#2
Well one would the the MS Windows XP UPnP (Universal Plug and Play)
MS intended it to be one of Win XP's asset features.. now its being a risk to most home and business users..
for more reference visit this thread...
http://www.antionline.com/showthread...hreadid=137558
And i still think that remote desktop is still considered as a security risk..
-
January 29th, 2002, 11:56 PM
#3
I could send you all the M$ related Cert advisories that I have. I have a few years stored up.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 30th, 2002, 12:26 AM
#4
I guess the problem with using the Internet for research is that, although the information is timely, it is not always very accurate since anyone can slap some stuff on a web page and show it to the world.
I reckon that if you've already found some decent sites (CERT etc), your best bet is to try and find some information presented in different mediums. I'd say that the big newspapers and magazines are probably worth searching through. The information they give tends be a lot more accurate. I know at my uni, people grading assignments tend to frown using the Internet as your sole source of reference. The Bureau of Statistics is also a very reliable source with timely information. A lot of places like this have their records online now anyway.
You probably know all of this and if I sound condescending, I apologise. Good luck with the essay =).
OpenBSD - The proactively secure operating system.
-
January 30th, 2002, 12:55 AM
#5
Junior Member
I haven't quite learned how to reply to a singe person ... I tried to email KorpDeath ... but it says
that you don't want to be email via the dicussion board ... so I am posting the relpy here (please
excuse me if it is the wrong way).
It would be really cool if you (KorpDeath) could send me some CERT postings ... I went to the site again and am
wading through advisories as we speak.
Thanks for the help,
GS
-
January 30th, 2002, 01:10 AM
#6
I'll try to get em to you tomorrow. Is that okay?
BTW It says the same thing about you not wanting to receive emails from the boards..... I think we found a problem, because I've gotten emails from people on the board before.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
January 30th, 2002, 02:50 AM
#7
Hello GoldenSpiral!
Good day to you! In addition to the posts from the others above, below are several links containing news articles on Microsoft's security flaws. Hope it helps you out
1) http://search.win2000mag.net/securit...%22security%22
2) http://news.com.com/2100-1001-275366.html?legacy=cnet
3) http://content.techweb.com/wire/story/TWB19980123S0007
4) www.ecommercetimes.com/perl/story/4059.html
5) http://news.com.com/2100-1001-277291.html?legacy=cnet
6) http://www.computeruser.com/articles...1,1126,01.html
7) http://www.techtv.com/news/hackingan...359674,00.html
8) http://www.cnn.com/TECH/computing/99....security.idg/
9)http://www.techtv.com/cybercrime/fea...596912,00.html
10) http://techupdate.zdnet.com/techupda...429536,00.html
A blessed day to all!!!!
"I expect to pass through this life but once. Therefore, if there be any kindess I can show, or any good thing I can do for another human being, let me do it now, for I shall not pass this way again."....William Penn
-
February 2nd, 2002, 10:54 PM
#8
Junior Member
Thanks to all who have helped me out.
GoldenSpiral
-
February 4th, 2002, 03:25 AM
#9
Member
here, try this site, Security Focus.
rgds
de
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|