[IP] more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake

To: ip@xxxxxxxxxxxxxx
Subject: [IP] more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake
From: David Farber <dave@xxxxxxxxxx>
Date: Fri, 13 Jan 2006 16:47:12 -0500
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <082001c61887$58f52430$66e237c0@xxxxxxxxxxxxxxxxxxxxxx>
Reply-to: dave@xxxxxxxxxx



Begin forwarded message:

From: Bob Frankston <Bob2-19-0501@xxxxxxxxxxxxxxxxxx>
Date: January 13, 2006 4:21:41 PM EST
To: dave@xxxxxxxxxx, ip@xxxxxxxxxxxxxx

Subject: RE: [IP] Steve Gibson: MS WMF is a Backdoor, Not a CodingMistake

As one of the Groklaw commenters reminds us, Gibson also wanted totake out the raw sockets calls in Windows because he thinks that theyare a security hole when removing them only creates the illusion ofsecurity.

Just reading his analysis, the WMF is a classic operating system bug– a callback from a protected context. Given that the code has beenaround for a long time and seemed to work I can understandoverlooking it. Calling it a conspiracy is very strange. It’s notcompletely different from the more subtle bug in expanding JPG files.As to asking Microsoft to patch all old versions of Windows they did-- the patch is called XP.

I do appreciate his explanation even if I don’t agree with hisconspiracy theory.

Ideally there would be no bit rot in the world but the solution issimplicity rather than a combinatorial explosion of systems mixedwith patches.

Let’s not confuse naïve hindsight analysis with understanding – itmakes it more difficult to address the issues.

It’s also important to realize that the processor is not the onlyexecution engine – all applications are execution engines that applypolices. Befuddling them is a standard attack vector – especiallywhen the execution engine is a clerk interpreting a baroque policy(such as cellular plans).

As noted in Schneier’s comments on identity – we can’t fix humanfactors attacks with a simple technical patch as Gibson seemed towant to do with raw sockets.




-----Original Message-----
From: David Farber [mailto:dave@xxxxxxxxxx]
Sent: Friday, January 13, 2006 15:47
To: ip@xxxxxxxxxxxxxx
Subject: [IP] Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake







Begin forwarded message:



From: Matt Manor <kingmanor@xxxxxxxxx>

Date: January 13, 2006 12:54:39 PM EST

To: David Farber <dave@xxxxxxxxxx>

Subject: Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake



Steve Gibson: MS WMF is a  Backdoor, Not a Coding Mistake



http://www.groklaw.net/article.php?story=20060113111825193



http://www.grc.com/sn/SN-022.htm



  Those of you using Microsoft Windows 2000 or XP will want to follow

this story:  Steve Gibson has examined  WMF  and he now believes it

was  deliberately coded.   It looks to him that Microsoft put a

backdoor into Windows, which can be triggered even if Active X is

turned off and security is at high.





-------------------------------------

You are subscribed as BobIP@xxxxxxxxxxxxxxxxxx

To manage your subscription, go to

  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/




-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] query A question of unlimited powers
Next by Date: [IP] more on query A question of unlimited powers
Previous by thread: [IP] query A question of unlimited powers
Next by thread: [IP] more on Steve Gibson: MS WMF is a Backdoor, Not a Coding Mistake
Index(es):
- Date
- Thread