Re: This week: Linux Kernel Hole, OT

• From: "Thor" <thor@xxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 3 Dec 2003 11:06:33 -0800

*Warning- Soap Box Ahead*

<soap:box>
I wrote an article on Security Focus called "Media Gone Mad" where I
chastised media outlets for spreading utter FUD in regard to booting Win2k
on an XP machine and running the Recovery Console.  One could indeed get to
a console prompt with a blank admin password, but that was it.  They could
do nothing more- other than copy files, one by one (as long as they were not
EFS's by the org OS), to removable media.  They made it out as a "critical
vulnerability" that "bypassed NTFS permissions" and "rendered passwords
useless."  It was Pure-T-Crap: the key is that if someone can walk up to a
machine and boot it into something, nothing else matters.  Hell, just
install XP in a different directory and go nuts, or a million other things.
My point was that the Collective Tech Media, for the most part, has to
sensationalize material to the point of completely misrepresenting the
facts, and in some cases, downright lying.

I feel that another column is in order, where I will charge the media for
general Anti-Microsoft Bias.  For instance, Dennis Fisher wrote:
"Security professionals took note of a critical new vulnerability in
the Linux kernel that could enable an attacker to gain root access to
a vulnerable machine and take complete control of it."

TOOK NOTE?  A class-level vulnerability that effects most distros, and
security professionals TOOK NOTE??  He makes it sound like they raised a
curious eyebrow over the rim of their teacup and went back to reading "Monty
Python, All the Words."  Where is the outrage he and other pour over their
serving of angst?  Were is the dripping sarcasm and mocking of "security
being a priority?"   Had a similar vulnerability been found in Windows, the
Media would be screaming at the top of its lungs: calling for Microsoft
developers to be beaten in the streets, demanding Gates be lynched and
Ballmer be tied to a stump and given a Dirty Sanchez by Alexander Hague.

I feel that many pro-Microsoft folks will take advantage of this, and use it
as a bludgeon against Linux.  I also feel THAT WILL BE WRONG.  I think I
will put a footer in my columns that says "All major software has security
issues, and will continue to.  All major software can be secured if you know
what you are doing.  Learn to secure what you have."  I like Microsoft
products, so consequently I learn them, and I can secure them better- some
like Linux- as long as they learn how to patch and secure it, fine!  I like
redheads! Some people don't; so I can get into Redheads better than those
other people.   Of course, blondes are nice, too  And brunettes are pretty
hot as well.  Hell, even the bald chick on Star Trek was kickin'.  But not
that haggis Vulcan girl - I guess she *could* take those ears and... oh,
sorry, I digress-- 

Back to the Media.  I'm tired of blatant slants against Microsoft (really,
against anyone.) Media, particularly in IT, should let go of the hyperbole,
bias, and sensationalism and stick to the damn facts.

I think I just might get to writin'!
t

</soap:box>




----- Original Message ----- 
From: "shane" <tsmullins@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, December 03, 2003 10:30 AM
Subject: [isalist] Re: This week: Linux Kernel Hole, OT


> http://www.ISAserver.org
>
> hmmm, i thought only microsoft had security flaws?
>
> shane
>
>
>
> ----- Original Message ----- 
> From: "Jim Prato" <jprato@xxxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, December 03, 2003 11:26 AM
> Subject: [isalist] This week: Linux Kernel Hole, OT
>
>
> > http://www.ISAserver.org
> >
> > FYI,
> >
> > jp
> >
> > http://www.eweek.com/article2/0,4149,1400446,00.asp
> >
> > > -----Original Message-----
> > > From: What's New Now from Ziff Davis
> [mailto:whatsnewnow@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> > > Sent: Tuesday, December 02, 2003 5:30 PM
> > > Subject: Linux Kernel Hole
> > > December 2, 2003
> > > Vol. 2, No. 49
> > >
> > > This week: Linux Kernel Hole
> > >
> > > Big Holes Found in Linux
> > >
> > > Wow, and you thought Windows had all the problems. It looks like Linux
> has some similarly nasty vulnerabilities. Discovered during a recent
attack
> on the Debian Project's servers, it turns out that the problem lies deep
> inside the Linux kernel. If you run Linux, you'll want to know about this
> problem - and how to fix it. Our story tells all.
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> tsmullins@xxxxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
> >
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
thor@xxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>

Other related posts:

• » This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT
• » Re: This week: Linux Kernel Hole, OT

1. Home
2. isalist
3. Archive
4. 12-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---