[unisog] Is MS and Computerworld that nieve?? [sic]

Glenn Forbes Fleming Larratt glratt at io.com
Fri Feb 18 22:14:13 GMT 2005

On Fri, 18 Feb 2005 Valdis.Kletnieks at vt.edu wrote:

> On Thu, 17 Feb 2005 23:32:28 CST, Bill Martin said:
> > I have not read the article, I just thought it was funny that they
> > calssify "rootkits" new.  Even in the Windows world, NT Rookkit has been
> > around for YEARS!!!
> >
> > MS is as dumb as Jessica Simpson if they really believe that a "windows
> > rootkit" is concept. . . then again. Computerworld is not much better
> > for the pull-out they use.
> You missed the point.  It's like a tobacco company executive - if Microsoft
> admits that rootkits have been around for years, then they'd also
> have to admit that they've been either unable or unwilling to stop
> them for years. Microsoft isn't stupid - they're merely hoping that
> the average "management by > 8x11 glossy" PHB *is* stupid enough to
> sheep the propaganda.

ComputerWorld, on the other hand, *is* stupid - or believes their
readership is.

"...can piggyback on commonly used ports such as TCP Port 135 to
communicate with the outside world..."

As if blocking all the Windows ports to world wasn't the first thing
one learns to do with ACL/firewall/IPS technology.

"There are few strategies for detecting kernel rootkits."

Yeah, one. Forensics.

"The operating system's powerful application programming interfaces
make it easy to mask behaviors on the system. Microsoft Internet

Too easy, sorry.

Glenn Forbes Fleming Larratt         The Lab Ratt (not briggs :-) 
glratt at io.com                        http://www.io.com/~glratt 
There are imaginary bugs to chase in heaven.

More information about the unisog mailing list