Jump to content


Photo
- - - - -

Microsoft or Script Kiddie


  • Please log in to reply
10 replies to this topic

#1 Zapperlink

Zapperlink

    "I Hack, therefore, I am"

  • Agents of the Revolution
  • 951 posts
  • Country:
  • Gender:Not Telling

Posted 26 January 2003 - 03:11 AM

Im sure most of you know already about that worm feeding the net a hoard of packet trash causing the net to run fairly slow. Now I personally didn't see much of a difference but that could be just me. They reported Bank of America online banking coming to a standstill for a few hours. ATM's went down. Man this looks like a clever DDoS on the internet itself. I personally tried many sites off of .au and .nz to see if this really had been occuring or was it a limited 'net downtime' for only certain people. both .au and .nz sites were either not responding or took forever to load. So it was true the net was being seized. By what you might ask. Rumors say its another Microsoft bug exploited and directly related to MS-SQL. The question now is with .NET coming into play and our powers of the net being reorganized into a 'hopefully' more organized system. Should we blame this problem on the Giant corporation... or should we blame the script kiddie who figured out this bug and either passed the information along to which new breeds of worms have been mingling the net for 6 months?

#2 bland_inquisitor

bland_inquisitor

    mod -o- the day

  • Agents of the Revolution
  • 729 posts

Posted 26 January 2003 - 05:19 AM

i have to admit i have a major soft spot in my heart for virus/worm coders. that has always amaxed me that someone could write a program that is so small, yet so loaded with features. To me virii coding is some l33t shit. maybe it would be different if i could do it, but i'd like to think there would still be some romantic notion attached to releasing wildlife into this digital ecosystem we've created. as for who to blame for the worm exploiting an old and well known vulnerability, it's easy. blame the corporation that will not admit their code can have holes. blame the corporation that would rather see you the valued customer suffer than to learn. blame the corporation that will take your money and instead of patching their product, will leave it open until the "upgrade" comes out, so they can use fear of the exploit to keep you coming ack to them and buying the new and shiny versions they releae. hell, they might even leave shit open on purpose because selling upgrades thru fear is a proven business model. our government has been doing it since 1941. sorry, i haven't ranted in a while, had to get that out

whoever said let the buyer beware was probably bleeding from the rectum
george carlin



#3 nick84

nick84

    Member

  • Agents of the Revolution
  • 1,680 posts
  • Gender:Male

Posted 26 January 2003 - 07:10 AM

Now I personally didn't see much of a difference but that could be just me.

I saw a difference, all my sites went down (all on the same host) for an hour or so. - Strange thing is they are running on Apache servers, so if it is related, possibly the host provider had their pipe flooded by other windows machines on their network or something.

#4 Zapperlink

Zapperlink

    "I Hack, therefore, I am"

  • Agents of the Revolution
  • 951 posts
  • Country:
  • Gender:Not Telling

Posted 26 January 2003 - 12:30 PM

It seems that a lot of the traffic issues had a lot to do with overseas connections as well.

#5 StankDawg

StankDawg

    same old Dawg, no new tricks

  • Moderating Team
  • 8,075 posts
  • Country:
  • Gender:Male

Posted 26 January 2003 - 12:41 PM

I disagree on who to blame. Blaming the company that created the hole is like blaming McDonalds for making coffee too hot. Yes, it may be true that the company makes mistakes, but I blame the dumb bitch who spills hot coffee on herself just like I blame the author of the virus for its results.

Yes, the company may have blown it on security, but what if it wasn't microsoft in the example? What if it were linux/apache and the same thing happened? would you chastise them as well?

I just don't like blaming someone else. Television is not responsible for teaching violence. Music is not responsible for teaching hate. The bottom line is that someone wrote the virus and is ultimately responsible.

#6 BoBB

BoBB

    SUP3R 31337

  • Members
  • 155 posts

Posted 26 January 2003 - 01:33 PM

If linux/apache left a known security hole open for 6 months(which would never happen) they would definately be catching alot of flak about it. Probably more than microsoft because its expected of microsoft.

#7 Zapperlink

Zapperlink

    "I Hack, therefore, I am"

  • Agents of the Revolution
  • 951 posts
  • Country:
  • Gender:Not Telling

Posted 27 January 2003 - 11:22 AM

stankdawg brings a valid point though. We often are quick to blame microsoft cause of the buildup of hate towards them from the large amount of BS we have had to deal with from them. However with that hate we must also look at the other side of the road as Stank pointed out. Linux.. yes it patches its stuff in under six months... and doesnt charge people up the ass for the patchfixes ( most commonly found in the form of a new OS ) but linux does have that reoccuring problem that their will always be bugs because its open source. MS you find a bug you had to have been doing something and it happened. Linux you can just read the source. Linux patches the thing overnight.. but like sendmail.. there will be a new bug next week. However with MS you have a bug.. its very big...takes a while for them to even care about it.. then takes even longer to get something to patch it.. unless the patch is made by an outside source.

#8 BoBB

BoBB

    SUP3R 31337

  • Members
  • 155 posts

Posted 27 January 2003 - 11:39 AM

I'll take a small bug every once in a while thats fixed overnight than one huge bug that isn't fixed for 6 months.

#9 twirlz

twirlz

    Default Custom Title

  • Agents of the Revolution
  • 1,200 posts
  • Gender:Male

Posted 27 January 2003 - 12:34 PM

well i think hell has frozen over!
Bill Gates to improve windows security

could it be true?

#10 BoBB

BoBB

    SUP3R 31337

  • Members
  • 155 posts

Posted 27 January 2003 - 04:29 PM

I think we've been throught this before, all M$ developers took a month off to be trained in program security about a year ago or so. It obviously didn't do much.

#11 twirlz

twirlz

    Default Custom Title

  • Agents of the Revolution
  • 1,200 posts
  • Gender:Male

Posted 27 January 2003 - 04:46 PM

well it is hard to break old habits




BinRev is hosted by the great people at Lunarpages!