[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Operating Systems Security, "Microsoft Security, baby steps"
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Operating Systems Security, "Microsoft Security, baby steps"
- From: "Schmehl, Paul L" <pauls@xxxxxxxxxxxx>
- Date: Thu, 18 Mar 2004 10:22:27 -0600
> -----Original Message-----
> From: full-disclosure-admin@xxxxxxxxxxxxxxxx
> [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of
> Todd Burroughs
> Sent: Thursday, March 18, 2004 2:17 AM
> To: full-disclosure@xxxxxxxxxxxxxxxx
> Subject: [Full-Disclosure] Operating Systems Security,
> "Microsoft Security, baby steps"
>
> Updating any OS is a pain in the ass, but all of them have
> flaws and need to be updated. I find that at least with the
> UNIX-like ones, you can go on the Net and do your updates
> faster than you get rooted.
This is foolish thinking. Do you really think that, when a patch comes
out, *then* the hackers start working on exploits? The exploits were
being used *long* before the patch comes out. The only thing a patch
gets you is protection against *future* hack attempts against *that*
weakness.
Paul Schmehl (pauls@xxxxxxxxxxxx)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html