|
|
|
User Controls
|
New User
|
Login
|
Edit/View My Profile
|
|
|
|
Active Network
|
ActiveMac
|
ActiveWin
|
ActiveXbox
|
DirectX
|
Downloads
|
FAQs
|
Interviews
|
MS Games & Hardware
|
Reviews
|
Rocky Bytes
|
Support Center
|
TopTechTips
|
Windows 2000
|
Windows Me
|
Windows Server 2003
|
Windows Vista
|
Windows XP
|
|
|
|
News Centers
|
Windows/Microsoft
|
Apple/Mac
|
Xbox/Xbox 360
|
News Search
|
XML/RSS Newsfeeds
|
Pocket PC Site
|
|
|
|
FAQ's
|
Windows Vista
|
Windows 98/98 SE
|
Windows 2000
|
Windows Me
|
Windows Server 2003
|
Windows XP
|
Windows 7
|
Windows 8
|
Internet Explorer 6
|
Internet Explorer 5
|
Xbox 360
|
Xbox
|
DirectX
|
DVD's
|
|
|
|
Latest Reviews
|
Xbox/Games
|
Fable 2
|
|
Applications
|
Windows Server 2008 R2
|
Windows 7
|
Adobe CS5 Master Collection
|
|
Hardware
|
Microsoft Express Mouse
|
|
|
|
Latest Interviews
|
Mike Swanson
|
|
|
|
Site News/Info
|
About This Site
|
Advertise
|
Affiliates
|
Contact Us
|
Default Home Page
|
Link To Us
|
Recommended Links:
Play your favourite online pokies and take what you win fast at the same day withdrawal online casinos in Australia.
Now, you can buy real Instagram followers.
AWBridal Highly Recommend Wedding & Bridesmaid Dress Online Store
light tower
buy arabic Twitter follower
buy spotify real followers
A great website to buy Facebook followers from is BRSM. They have a great track record!
the Binary Option Robot
Get Windows Tablet & Phones at DHgate.com
|
|
|
|
|
|
|
Time:
00:38 EST/05:38 GMT | News Source:
ComputerWorld |
Posted By: Kenneth van Surksum |
On Jan. 15, 2002, Microsoft Corp. Chairman Bill Gates issued a jaw-dropping memo with the subject line "Trustworthy Computing." To stem rising hacker attacks, Gates ordered all Windows development halted and directed his company's full attention to shoring up security.
Microsoft has since poured vast resources into making Windows PCs more secure. And yet the risk of having your PC compromised and your sensitive data used in scams has never been greater, according to a new book, Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity (Sterling Publishing, 2008), by USA Today technology reporters Byron Acohido and Jon Swartz. The authors point to a confluence of factors increasing the danger: a banking system built for speed; a tech industry enamored with commercializing the Internet; consumers hooked on convenience. In these edited excerpts, Acohido and Swartz convey Gates' acknowledgment of the problem.
|
|
#1 By
2332 (76.19.64.137)
at
5/26/2008 10:15:41 AM
|
This article is horrible. The entire premise is that SDL doesn't work because there are still Zero-Day exploits and because attacks on Office are on the rise.
This is a completely false premise.
First, SDL is dramatically decreased the overall number of exploits for Windows and other software that has undergone SDL. Vista, Windows 2003, Windows 2008... all have experienced FAR fewer exploits than their non-SDL predecessors.
Second, the fact that are still zero-day exploits says nothing about SDL. There will ALWAYS be exploits, and at one point or another, ALL exploits are zero-day.
Third, the fact that Office exploits are on the rise is not surprising at all. Indeed, it shows that SDL in fact has worked.
Previously, the bad guys had targeted Windows (both directly, and via included software like IE and Outlook Express) because it was the most direct and easy route into the machine. Now that Windows and most of the included software has been hardened by SDL, they turn to other software that hasn't had a long history of attack attempts. It's simply more fertile ground.
Office 2007 was the first version of Office to undergo SDL, and while there have been exploits for it, it's not really fair to say this shows SDL doesn't work. Since hackers weren't paying much attention to Office in the past, any new attention would result in an "increase" in attacks. This does NOT mean there has been an decrease in code quality or security as a result of SDL.
So, in summary, this is a bunch of crap. Anybody who flat out denies that Microsoft's SDL practices have dramatically increased their security is either ignorant or lying. I suspect it's a bit of both in this case.
|
#2 By
8556 (12.210.39.82)
at
5/26/2008 12:17:21 PM
|
Exploits are on the rise because most computers still boot to Windows XP.
|
#3 By
82766 (202.154.80.82)
at
5/26/2008 5:22:27 PM
|
I agree with you RMD. The other aspect that wasn't really touched on too much are the various social engineering exploits. Just ringing up, pretending to be someone and getting a user's password is still easy. Heck, even the "I saw you naked on the internet" spam is unfortunately very successful.
NO OS can protect against these types of attacks and these types of attacks are where the hackers are aiming at.
SDL *has* dramatically improved Microsoft code. One could argue that they should have always done this but come'on, this is reality... its not like they're the only ones that made bad code!
Bobsireno... surely you are not inferring if they booted to Linux or OSX that none of these problems would exist? If you are, then, sorry similar problems would still exist - sure not as many but they would still exist.
If you are inferring they should boot to Vista (to bring us back to the intent of this site :-) then yes, the amount of problems would be far less than XP but the situation would still exist.
|
#4 By
4240821
Microsoft VBScript runtime error '800a005e'
Invalid use of Null: 'CLng'
/awin/comments.asp, line 580 | |