[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [dvd-discuss] OT: Was Re: Bush taps Clarke - Now: Raw sockets
- To: dvd-discuss(at)cyber.law.harvard.edu
- Subject: Re: [dvd-discuss] OT: Was Re: Bush taps Clarke - Now: Raw sockets
- From: Michael.A.Rolenz(at)aero.org
- Date: Tue, 16 Oct 2001 13:07:46 -0700
- Reply-To: dvd-discuss(at)cyber.law.harvard.edu
- Sender: owner-dvd-discuss(at)cyber.law.harvard.edu
Actually I think Gibson is pushing your a) and b) below. But your argument
is well taken. The whole notion that only "safe and approved software
blessed by the wonderful __________[fill in the blank with microsoft,
"our" government, NSA, CIA, FBI, GW Bush's best advisors, Steve Gibson,
Atilla the Cyberhun or other]" does NOT provide security anymore than
microsoft is providing standards (if they are standards why are they
changing every two years and providing me with NOTHING more in
functionality!!!!!!). There's enough stuff already out there that can be
misused. Gibson's point is to not add more to it. I'm inclined to let
Microsoft release XP, let the chaos reign and when people realize that the
chaos can be ended by doing "uninstall windowsXP" maybe people and our
leaders will wake up, realize the dangers of this monopoly and THEN solve
start solving the RIGHT problems.
lunatic@hatari.dhs.org
Sent by: owner-dvd-discuss@eon.law.harvard.edu
10/16/01 09:49 AM
Please respond to dvd-discuss
To: dvd-discuss@eon.law.harvard.edu
cc:
Subject: [dvd-discuss] OT: Was Re: Bush taps Clarke - Now: Raw sockets
On Tue, Oct 16, 2001 at 08:54:05AM -0700, Michael.A.Rolenz@aero.org wrote:
> Steve Gibson has some interesting comments on raw sockets in WindowsXP
on
> this website (www.grc.com).
Mr. Gibson's website has lost any and all credibility with his discussion
of
raw sockets. I have never found Gibson to be knowledgeable about security
and
technical concerns - the only real purpose he serves is to interest people
in
security who wouldn't otherwise be interested.
He is showing that he wuite clearly has little to no understanding of the
issue. The exploits facilitated by raw sockets are still possible without
raw
sockets. There are numerous spoofing techniques which have the same
effect.
Perhaps Steve should get on the case of the ISP's who are enabling
spoofing
attacks by allowing:
a) source-routed packets
-and-
b) packets with source-IP addresses that do not match the subnet they
came
from
to be routed across their networks. I should be able to put broken
packets on
my network. My ISP should prevent me from putting broken packets on their
network.
Gibson routinely takes an approach of "keep only safe equipment on the
net,"
while not contributing to the discussion of "given that we cannot trust
every
piece of equipment on the net, how do we protect ourselves?"
> Given some of his recent experiences with DOS
> attacks, I can understand his concerns. There certainly is the potential
> for widespread misuse given the expected distribution of WindowsXP.
Feh. It could be done before. Is Steve going to start arguing that the
distribution of the DDK be restricted too now... He's arguing to push raw
sockets to SYSTEM access only... well, drivers have that access..
> OTOH,
> I'm getting pretty tired of hearing about nimda, code red1, code red2,
etc
> by the talking heads on the tube and NOT hearing them say "OK the
internet
> is down today thanks to another "feature" created by microsoft"
Everybody
> keeps reporting on the evil wicked hackers without focusing on the real
> culprit-microsoft.
This, I agree with you on. But, Gibson is not making matters any better.
He's
yelling and screaming "These people are selling you defective products!
Here's
my product which will allow you to continue to be bound by the monopoly."
Steve's job is to hawk his own "security" software.
PK