The Active Network
ActiveWin Anonymous | Create a User | Reviews | News | Forums | Advertise | Career Portal | Excel Group Training | Users Online: 239  
 

Recommended Links:

Play your favourite online pokies and take what you win fast at the same day withdrawal online casinos in Australia.

Now, you can buy real Instagram followers.

AWBridal Highly Recommend Wedding & Bridesmaid Dress Online Store

light tower

buy arabic Twitter follower

buy spotify real followers

A great website to buy Facebook followers from is BRSM. They have a great track record!

the Binary Option Robot

Get Windows Tablet & Phones at DHgate.com

neowin.net

Amazon.com

  *  

  How Microsoft missed the boat on zero-day threats
Time: 00:38 EST/05:38 GMT | News Source: ComputerWorld | Posted By: Kenneth van Surksum

On Jan. 15, 2002, Microsoft Corp. Chairman Bill Gates issued a jaw-dropping memo with the subject line "Trustworthy Computing." To stem rising hacker attacks, Gates ordered all Windows development halted and directed his company's full attention to shoring up security.

Microsoft has since poured vast resources into making Windows PCs more secure. And yet the risk of having your PC compromised and your sensitive data used in scams has never been greater, according to a new book, Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity (Sterling Publishing, 2008), by USA Today technology reporters Byron Acohido and Jon Swartz. The authors point to a confluence of factors increasing the danger: a banking system built for speed; a tech industry enamored with commercializing the Internet; consumers hooked on convenience. In these edited excerpts, Acohido and Swartz convey Gates' acknowledgment of the problem.

Write Comment
Return to News

  Displaying Comments 1 through 3 of 3
  The time now is 2:21:20 PM ET.
Any comment problems or spammers? E-mail us
Spammers: Your posts will be deleted - do not waste your time!
#1 By 2332 (76.19.64.137) at 5/26/2008 10:15:41 AM
This article is horrible. The entire premise is that SDL doesn't work because there are still Zero-Day exploits and because attacks on Office are on the rise.

This is a completely false premise.

First, SDL is dramatically decreased the overall number of exploits for Windows and other software that has undergone SDL. Vista, Windows 2003, Windows 2008... all have experienced FAR fewer exploits than their non-SDL predecessors.

Second, the fact that are still zero-day exploits says nothing about SDL. There will ALWAYS be exploits, and at one point or another, ALL exploits are zero-day.

Third, the fact that Office exploits are on the rise is not surprising at all. Indeed, it shows that SDL in fact has worked.

Previously, the bad guys had targeted Windows (both directly, and via included software like IE and Outlook Express) because it was the most direct and easy route into the machine. Now that Windows and most of the included software has been hardened by SDL, they turn to other software that hasn't had a long history of attack attempts. It's simply more fertile ground.

Office 2007 was the first version of Office to undergo SDL, and while there have been exploits for it, it's not really fair to say this shows SDL doesn't work. Since hackers weren't paying much attention to Office in the past, any new attention would result in an "increase" in attacks. This does NOT mean there has been an decrease in code quality or security as a result of SDL.

So, in summary, this is a bunch of crap. Anybody who flat out denies that Microsoft's SDL practices have dramatically increased their security is either ignorant or lying. I suspect it's a bit of both in this case.

#2 By 8556 (12.210.39.82) at 5/26/2008 12:17:21 PM
Exploits are on the rise because most computers still boot to Windows XP.

#3 By 82766 (202.154.80.82) at 5/26/2008 5:22:27 PM
I agree with you RMD. The other aspect that wasn't really touched on too much are the various social engineering exploits. Just ringing up, pretending to be someone and getting a user's password is still easy. Heck, even the "I saw you naked on the internet" spam is unfortunately very successful.

NO OS can protect against these types of attacks and these types of attacks are where the hackers are aiming at.

SDL *has* dramatically improved Microsoft code. One could argue that they should have always done this but come'on, this is reality... its not like they're the only ones that made bad code!

Bobsireno... surely you are not inferring if they booted to Linux or OSX that none of these problems would exist? If you are, then, sorry similar problems would still exist - sure not as many but they would still exist.

If you are inferring they should boot to Vista (to bring us back to the intent of this site :-) then yes, the amount of problems would be far less than XP but the situation would still exist.

Write A Comment [Anonymous]
Please Enter Your User Name & Password: Or Sign Up For A New User Name


Notes:

[b][/b] Bold
[i][/i] Italics
[u][/u] Underline
Hyperlinks are added automatically, there is no need to add HTML code.

Write Comment
Return to News
  Displaying Comments 1 through 3 of 3
  The time now is 2:21:20 PM ET.
Any comment problems or spammers? E-mail us
Spammers: Your posts will be deleted - do not waste your time!
Please Enter Your User name and password:

Sign Up For A User Name

 

  *  
  *   *
 
replica watches