I stopped considering Microsoft trustworthy a long time ago...

#27

Tone it down a bit, eh? Yes, The Register is a UK site. They often have a UK and European slant to their news posts. The register DID have a site called TheRegUS, with a more North American slant, but it seems that site is not up anymore.

In no way was my previous post (#26) mentioning The Register as a UK site intended as a nationalistic slam on the Europeans.

You were over-reacting.

Theregister is an UK site. So what?

When did we americans become superior to them when in the end we are nothing but a bunch of british, africans, asians, mexicans, some other europeans?

This nationalism is pure bullshit. Some people support Microsoft and Nvidia just because is (mostly) american. What a bunch of losers.

I thought the american way was "equal opportunities" and "choosing the best". It was long ago.

#19 Indeego

The link you provided for theregus does go to the UK site. Check it out.

I don't know anyone that uses auto-update. Who would want to beta test patches for MS?

I'm sure a lot do... just like the morons who love double clicking on e-mail attachments. Can you say vector for 99.9% of e-mail virus infections?

It's all a poor and dangerous crutch to lower the bar of knowledge needed to utilize certain functions. Until the bar can be lowered in a completely safe manner, keep the bar a notch or two higher.

Hmmm .... if people turned off the security okay for Microsoft stuff, then they couldn't automatically download updates from Microsoft. Wouldn't that result in them possibly not being updated to the latest patches? Owie.

In the case of Zone Alarm blocking ActiveX applets... it does it simply and reliably. No ActiveX can run. For that, it works very well. Microsoft Internet Explorer simply bitches with two screens every single time ActiveX is blocked. It makes it a real pain-in-the-ass to block ActiveX.

But, that's why I've only got ZAPro running on our Wintel based FTP servers and not local workstations. A normal user wouldn't put up with it. That's one reason why I've switched two departments (Accounting and Distribution) completely over to Mozilla.

How useful is it if the "outgoing transmission" is just piggybacking by using the browser? You've already allowed the browser to have outgoing traffic. Barrier broken.

Zone Alarm is a useful tool. Not so much for blocking unauthorized incoming transmissions as it is for blocking unauthorized "outgoing" transmissions. Nothing is worse than a "hostage" program trying to call "mommy" and "daddy".

AG #17

Important yes... but as AG #12 showed... they're not the only source for the info. Granted... the Register did 'sorta' say that v2.7 of MDAC will fix the problem... but don't out right say it as they should since this is such an important problem. Instead they lead you to believe that there is no such fix as of yet and that MS is doing nothing to solve the issue.

#14, Actually, the reg is increasingly a reliable site. They have shaped up in the past two years and don't publish as much gossip-as-fact as you'd think. The site is not typical journalism in the first place, every story is hand-written with a style refreshing, IMO.

Their us site is http://www.theregus.com No UK stuff, unless it effects the US as a whole.

#17
Don't rely on Zone alarm or personal firewalls, [b]Perio/b]. Trojans/ worms only need to rely on trusted applications, (i.e. send their payload through IE or win32 services, or can disable Zone alarm itself, negating the need for it period. It's security model is very flawed.

Prepare for the deluge of M$ su><0rs Linu>< owns j00 when the kids get out of school this afternoon.

The reason Tech-Report ran this article from The Register is because it's INCREDIBLY important.

This is a serious vulnerability.

This has nothing to do with Microsoft bashing unless you want to twist the story into it. It's simply a potentially enormous problem that can very quickly wipe out a huge number of systems. It needs to be dealt with, now.

FYI: Zone Alarm has the ability to block ActiveX applets.

Well at least Microsoft is willing to admit it. How many companies would say "ok now we have a problem here and the temporary fix is to remove us from your list of trusted sites." I know Apple, SUN, IBM, etc would rather watch their users get attacked then allow even the slightest bit of doubt in the minds of their costomers.

the fpking recommends Opera too. Works great on slow PC's like his 233 Pii work box and his p5 133 laptop.

What I simply do not understand is WHY OH WHY are sites like the Tech Report using stories from The Register???!? That site is like a disease or a virus. That place needs to die now!! They do nothing else but to promote gossip and or misleading information. They leave out all the details and never truly are on the mark.

Besides... it's a UK site... and we all know the English are a bunch of morons anyways. =)

not really convenient for the reg, moreso typical that is..

the reg is almost as anti-MS as Richard I'll do anything to slander MS Stallman, and I think the Reg would go to the same extents as well..

How convenient that the following was left out of the article on the Register..

"Servers running the latest software, MDAC 2.7, are free from the security hole, as are servers on which an administrator has run the IIS Lockdown Tool, an application that helps secure systems."

http://zdnet.com.com/2100-1105-966575.html

So they found a hole in old software. Gee, never would've guessed that. Perhaps if users and admins were a little more vigilant about keeping their systems up to date, there wouldn't be as many ways for viruses/worms/etc to propogate. Speculation, I know, but every system and every] piece of software has holes/bugs.

I use Opera, but it mangles more than a few sites. I'd say 40% of sites I visit have something go wrong. Opera can never seem to open multimedia links, (i.e. streaming video from CNN or something). You would think, considering the Internet has STANDARDS, that Opera would work with everything. Why it doesn't is beyond me.

Originally Posted by BillTheCat
I use IE, but I use my security settings very carefully. So what if I have to say OK ten times to messages that \"this page may not display correctly\" because I have ActiveX control disabled. I don\'t have to put up with hacking or ads.

<nelson voice> HA-HA! </nelson voice>

I wonder how they'll spin this...

[quote]DPOS: are you really that worried about someone hacking your home PC? this is really more of aworry for high traffice and mission critical webservers running IIS than anything, as with 99.999% of vulnerabilities. No one wants to mess with your home machine except the 12 year old down the street. [/quote]

What a rediculous argument. Worms with rapid propagation could care less about whether a system is a client or a server with "IIS." Worms can MAKE a client system a host/server system, therefore a server with malicious code. Worms require just slightly more effort on the hacker to propagate between client systems, so while they may not "care" about your individual box, you are still very much at risk. In fact, I'd go so far as to say if you are writing a virus nowadays you might as well not waste your time unless it's a worm that auto-propagates throughout networks.

So yes, be very concerned, because there are a lot more clients out there than servers, and they are even more vulnerable than servers since it's hard even for a fscking sysadmin to patch 100% (trust me, removing all MS certs will break a lot of things, and take a lot of time to test.)

BTW I applied this patch on a few servers and clients, removed the MS certs, then ran the Microsoft Security baseline check, and it [itil/i] reports the systems as being vulnerable, as well as pre- SP3 issues, even though I have SP3 on all systems.

[q]On the serious side, I think this is one more reason i enjoy using Opera. It is worth the hassle of a few mangled sites, to sleep better at night. [/q]

Same here man, same here.
Oh yeah, and those mouse gestures sure are nice as well.

How about if everyone stop whining?

I'd like to see Mozilla stand up to the amount of hacking IE has.

I am by no means excusing MS or saying IE is immaculate. What I am saying is to keep things in a little bit better perspective.

DPOS: are you really that worried about someone hacking your home PC? this is really more of aworry for high traffice and mission critical webservers running IIS than anything, as with 99.999% of vulnerabilities. No one wants to mess with your home machine except the 12 year old down the street.

http://www.apple.com/switch/

Microsoft is Evil. Bill Gates is the antichrist. Windows is a plague. It's high time for the write-your-own-software revolution!

On the serious side, I think this is one more reason i enjoy using Opera. It is worth the hassle of a few mangled sites, to sleep better at night.

In before the Fpking ass wipe. :)