Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Vista "complaints"

from [Thor (Hammer of God)] Network Security [Permanent Link]
Subject: Re: Vista "complaints"
Date: Tue, 27 Feb 2007 06:48:59 -0800 
My thoughts?  Well, I'll tell you ;)

Complete and utter FUD.  Plain and simple.  And while I hate to say it,
reading stuff like that makes me wonder if Whitehouse has any more grasp on
reality than the man inhabiting our own Whitehouse today.

Let's note this passage about what would have to happen *first*:

"The most likely scenario is that a user gets compromised by malicious code,
from a Trojan [horse] or a vulnerability in a third-party application like
Office or a browser."

Oh, the awe a magician can inspire after "The Magic Rooting" takes place.
The UAC would, of course, prevent this from happening in the first place.  I
also doubt the "magic assumptions" of "most users would just click through
without a second thought."  No, users would have to enter the admin username
and password to install the malicious code to begin with. If they are
running as admin, then they would have the opportunity of looking at what
they were running, as well as the standard "This is from an unknown
publisher" dialog even after "just clicking continue."  But you wouldn't be
running as administrator, now would you?  No, you wouldn't.  There are other
technical inaccuracies, but I won't bother going into them because what
comes after "if I can get this installed on the box" simply doesn't matter.

In general, I find ramblings about what diabolical exploits can be crafted
*after* you get whatever code you need installed on the box to be comical.
But when they come from someone who should absolutely know (far) better, it
is simply unprofessional, and comes off like the proverbial "grasping at
straws" for attention. I believe it was Will Rogers who said "People who pay
for things rarely complain.  It's the people you give things to that you
can't please" or something along those lines.  Read: People will always find
something to complain about, and will often go way out of their way to find
justification for it.

Status: Debunked. ;)

And that is the skinny on that.

t




On 2/26/07 8:58 PM, "Murda Mcloud" <murdamcloud@bigpond.com> spoketh to all:


What are your thoughts on this Thor?
http://www.pcworld.com/article/id,129268/article.html

(Surprise surprise ./ are loving this)
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Prevent users/admin from installing softwares., mcclenbw
Next by Date:  RE: Prevent users/admin from installing softwares., Jim Harrison
Previous by Thread:  RE: Vista "complaints", Murda Mcloud
Next by Thread:  RE: Vista "complaints", Devin Ganger
Indexes:  [Date] [Thread] [Top] [All Lists]