Leveraging Linux

Leveraging Linux

Post by Jim Lasco » Sun, 15 Jun 2003 05:54:42



There will probably be no .comment column the week after the first
negligence suit is filed against a firm whose negligent action is the
use of Microsoft software when they should have known better, with the
result being a client's confidential documents having become public.

It is difficult to type when one is laughing oneself into a total
thoracic muscle cramp. And I'm not sure I'll be able to get it out of
my system in a week.

But seriously, folks . . .

I got to thinking about this when I learned that a law firm I know is
about to embrace Outlook as its email client. One need to have paid
only very little attention over the last couple of years to know that
if one wishes to keep a secret, one does not want it ever to pass
through Outlook or to reside on a machine where Outlook is ever used.
(The firm gets its IT services from an outside outfit, which typically
means someone for whom it was an MSCE or the Army, and the Army said
no. There are exceptions, but in my experience there is not a dimmer
string of bulbs on the planet than that made up of MSCE certificants.)
It will be no particular surprise to hear that confidential client
documents have hitched a ride out of the firm on some SirCam variant.

Wonder if the crackerjacks hired by the law firm know to turn off, and
if they do, how to turn off, IIS. If not, there's another little
surprise that could give a cracker hours of amu*t. (Microsoft is
going into the game box business; for many persons of malicious
intent, Microsoft has been in the game box business all along.)

Now we get news that there is a vulnerability in Internet Explorer
which allows unauthorized persons either locally or elsewhere to mine
confidential data from cookies. I've long railed against cookies,
claiming that they are a monstrous potential security hole, and now
Microsoft has removed the word "potential" from that claim. Microsoft
claimed under oath that Internet Explorer is so crucial to its
operating system that its operating system won't work without it. This
means that the vulnerability is as hard-coded as it gets. (Microsoft
says that the fix is to turn off scripting. This renders useless sites
designed specifically for IE. Serves 'em right.)

And that's all before we get into the really juicy stuff.

http://www.veryComputer.com/

Jim

 
 
 

1. SCO fud helps Microsoft leverage Unix in a proprietary way ONLAMP.com

http://www.onlamp.com/pub/wlg/3252
SCO, Microsoft, and Linux
Brian Jepson  May 31 2003

Robert X. Cringely speculates on what's really going on with SCO,
Microsoft, and Linux. I think his basic point is right (that SCO kicking
up FUD will create an opening for Microsoft to leverage Unix or Linux in
a proprietary way), but a peek at an existing product, as well as one
that's in beta right now, suggests something simpler than "Windex" may
be in the works.
---
http://www.pbs.org/cringely/pulpit/pulpit20030529.html
-------

2. UDP sockets- broadcast function on ethernet

3. examples of leveraging netcat

4. How to set up an analog leased line connection

5. comp.os.linux, comp.os.linux.misc, comp.os.linux.security, comp.os.linux.networking

6. Promiscuous socket with two Ethernet adapters

7. uninstall REDhat linux uninstall REDhat linux uninstall REDhat linux uninstall REDhat linux uninstall REDhat linux uninstall REDhat linux uninstall REDhat linux

8. Space left on device, C call

9. Linux in Linux in Linux in

10. proposal: feed smaller mailing lists into linux-kernel, add linux-kernel-core and linux-kernel-bugs

11. DHCP Linux to Linux problem, Windows to Linux works using same PC!

12. linux ppc vs linux alpha vs linux x86?

13. dns issue -- windows=>linux vs linux=>linux