RadioRadio
Thursday, December 19, 2002[9:55:36 AM]
Sigh. Have you patched Windows today? Bad guys can own your XP computer if you download an mp3, or if IE even *looks* at a hacked website: "if the user browses to a malicious web site with Internet Explorer directly, the attack will work regardless of the Internet Explorer security settings."
Say somebody hacks into a popular website running Microsoft's webserver, sneaks in an iframe tag to another compromised computer -- anywhere on the web. Now before the popular website's people even notice, thousands or hundreds of thousands of computers are under the bad-guy's control.
Brought to you by "trustworthy computing". Note this is a bug in a feature that is part of Microsoft's long-term strategy of adding every conceivable feature in order to defeat the competition, no matter what the impact on security. You would think that Gates could set aside a billion dollars or so to train his people in the need for security. Think "safety first". But the Microsofties all know how they kill the competition, and they aren't likely to change their ways because Gates has to mumble in public about security. Better to put the money into PR campaigns that 802.11 is unsafe, for example.
© Copyright 2003 john robert boynton.
Last update: 1/2/03; 11:25:40 AM.