worth it
>> A/V at me.
>>
>> Is this truly the risk that one has to take such actions and expect
>> such energy? I don't see that it is. Give me more information that
>> it is a risk and I may change my mind, but right now, I'm just not
>> seeing that it's worth it.
>>
>>
>>
>> Aras "Russ" Memisyazici wrote:
>>> :)
Is this truly the risk that one has to take such actions and expect such
energy?
I don't see that it is. Give me more information that it is a risk and
I may change my mind, but right now, I'm just not seeing that it's worth it.
Aras "Russ" Memisyazici wrote:
> :)
>> http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patc
>>
>>>>> hes_for_you_XP
>>>>>
>>>>> MS claims the patch would require to much overhaul of XP to make it
>>>>> worth it, and they may be right. Who knows how many applications
>>>>>
>>>>>
>>>> might
>>>>
>>>>
>> http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patc
>>
>>> hes_for_you_XP
>>>
>>> MS claims the patch would require to much overhaul of XP to make it
>>> worth it, and they may be right. Who knows how many applications
>>>
>> might
>>
>>> break that were designed for XP if they have to radically change the
>>> TCP/IP stack. Now, I don't know if the MS speak is true, but it
>
> http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patc
> hes_for_you_XP
>
> MS claims the patch would require to much overhaul of XP to make it
> worth it, and they may be right. Who knows how many applications might
> break that were designed for XP if they have to radically change the
> TCP/IP stack. Now, I don't know if the MS speak is true, but it
> certainly sounds like it is not going to be patched.
>
> The other side of the MS claim is that a properly-firewalled XP system
>>
>>>>> hes_for_you_XP
>>>>>
>>>>> MS claims the patch would require to much overhaul of XP to make
it
>>>>> worth it, and they may be right. Who knows how many applications
>>>>>
>>>>>
>>>> might
>>>>
>>>>
On Thu, 6 Mar 2008 11:01:45 +0100 (CET), bzhbfzj3001@sneakemail.com
wrote:
> Actually they can be prevented by instructing the controller to
> filter the adresses the devices send. Then again, that's work, and
> physical attacks are typically considered low-risk, so I guess it's
> not found worth it.
There is a quite viable technical solution in the form of a patch which
solves most of these problems. Also, I heavily disagree that physical
security is of no importance. Nowadays, there are ways to achieve quite
good physical security using disk encryption and mechanisms which lock
Actually they can be prevented by instructing the controller to filter the
adresses the devices send. Then again, that's work, and physical attacks
are typically considered low-risk, so I guess it's not found worth it.
The obvious reason to mention Vista is of course that Microsoft likes
to talk about how they made it oh-so-secure, which is a nice contrast to
leaving a large hole open that they have known about for at least 3 years.
Oh well, I guess we'll just have to wait until someone releases a tool
that uses this vulnerability to break either Vista's activation or its
>>>
>>>>>> hes_for_you_XP
>>>>>>
>>>>>> MS claims the patch would require to much overhaul of XP to make
> it
>>>>>> worth it, and they may be right. Who knows how many applications
>>>>>>
>>>>>>
>>>>> might
>>>>>
>>>>>
Reference:
http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patches_for_you_XP
MS claims the patch would require to much overhaul of XP to make it
worth it, and they may be right. Who knows how many applications might
break that were designed for XP if they have to radically change the
TCP/IP stack. Now, I don't know if the MS speak is true, but it
certainly sounds like it is not going to be patched.
The other side of the MS claim is that a properly-firewalled XP system
> >
> http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patc
> > hes_for_you_XP
> >
> > MS claims the patch would require to much overhaul of XP to make it
> > worth it, and they may be right. Who knows how many applications
> might
> > break that were designed for XP if they have to radically change the
> > TCP/IP stack. Now, I don't know if the MS speak is true, but it
> > certainly sounds like it is not going to be patched.
> >
>
http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patc
> hes_for_you_XP
>
> MS claims the patch would require to much overhaul of XP to make it
> worth it, and they may be right. Who knows how many applications
might
> break that were designed for XP if they have to radically change the
> TCP/IP stack. Now, I don't know if the MS speak is true, but it
> certainly sounds like it is not going to be patched.
>
>>
>>>>> hes_for_you_XP
>>>>>
>>>>> MS claims the patch would require to much overhaul of XP to make
it
>>>>> worth it, and they may be right. Who knows how many applications
>>>>>
>>>>>
>>>> might
>>>>
>>>>
> >
> http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patc
> > hes_for_you_XP
> >
> > MS claims the patch would require to much overhaul of XP to make it
> > worth it, and they may be right. Who knows how many applications
> might
> > break that were designed for XP if they have to radically change the
> > TCP/IP stack. Now, I don't know if the MS speak is true, but it
> > certainly sounds like it is not going to be patched.
> >
>
> Cost of doing business, just consider your responses on a level of
> (time
> == money) && what your response would gain for you or the community. If
> the answer is nothing, then examine whether you still believe it is
> worth it. If yes, just do it. If not, move along.
>
> That is my basic guideline after years of trial by fire.
>
> Also, you will always be misunderstood, be careful in your language,
> but
> http://www.computerworld.com/s/article/9138007/Microsoft_No_TCP_IP_patc
> >>
> >>> hes_for_you_XP
> >>>
> >>> MS claims the patch would require to much overhaul of XP to make it
> >>> worth it, and they may be right. Who knows how many applications
> >>>
> >> might
> >>
> >>> break that were designed for XP if they have to radically change
> the
>
> Cost of doing business, just consider your responses on a level of
> (time
> == money) && what your response would gain for you or the community. If
> the answer is nothing, then examine whether you still believe it is
> worth it. If yes, just do it. If not, move along.
>
> That is my basic guideline after years of trial by fire.
>
> Also, you will always be misunderstood, be careful in your language,
> but
|
