Archive | January, 2003

"A lot of people see this as a wake-up call"

It’s good to see Microsoft recognize that some of their customers choose, for whatever reason, to continue to maintain a six-year-old product. Microsoft extends NT’s life. The software giant prolongs some support for its Windows NT 4 operating system, giving the aging server product another 12 months of patches and fixes. [CNET News.com]

"A lot of people see this as a wake-up call"

The Boston Globe features another article on the foolishness of Comcast alienating their customers with mailing address domain name changes: http://www.boston.com/dailyglobe2/027/business/Change_in_e_mail_riles_users+.shtml

"A lot of people see this as a wake-up call"

How many wake-up calls do we need? Worm exposes laziness and Microsoft bugs. The Sapphire worm that hit servers running Microsoft SQL is a wake-up call for anyone who thought the Internet had become a safer place following increased attention by corporate and government leaders. [CNET News.com]

Beauty and Evil

The Beauty of the Worm. A posting from Peter Kaminski to a mailing list (with permission): It’s a thing of terrorbeauty, this Slammer/Sapphire/W32.SQLExp.Worm. Weighing in at 376 bytes of assembly language code, it is shorter than some email signature blocks. Shorter than the next paragraph. It fits entirely within one UDP packet. The packet goes into a Microsoft SQL Server box, and boom, the machine turns into a zombie, spewing the same packet back out at random IP addresses, over and over and over and over, running in a tight 23-instruction loop, cycling fast enough to fill the network it’s connected to with the… [Joho the Blog]

Mass Manufactured Equipment with Identical Passwords!!!

Sprint DSL’s Gaping Security Hole. An easy-as-1-2-3 admin password on Sprint DSL modems puts users’ e-mail logins at risk, a hacker finds. Security experts say Sprint’s solution — posting a notice on its support site — doesn’t do enough to solve the problem. By Brian McWilliams. [Wired News] Nonsense. Linksys wireless access points come with security turned off and a default site id of “linksys.” Most of the other APs do the same. Software installs with blank or default passwords and the “READ ME FIRST!!!” packaging and files shown to the installer tell the owner to change the setup. OTOH, if you ship with a random password, how do you tell the user? A sticker attached to the device might work. But you can still anticipate the tech support calls will double, and you’ll need a new script for your front line support people with “Okay, now look on the package for a bright yellow sticker labeled PASSWORD. You found it. Okay, now…” Reminds me of The Internet Help Desk from Three Dead Trolls in a Baggie. *Sigh* There are no easy solutions.

IBM has Switchers, too

But I’ll bet their videos aren’t as cool as Apple’s. IBM shows off 10 new Linux users. Claims Linux generated more than $1 billion in revenue for IBM in 2002 [InfoWorld: Top News]

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.