Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : All About Sun Microsystems -- Ignore unavailable to you. Want to Upgrade?

To: QwikSand who wrote (31652)	5/7/2000 11:41:00 PM
From: Charles Tutt	Respond to of 64865

It's a little like the kid shouting "The Emperor Has No Clothes." Did they hang him for embarrassing the monarch?

To: QwikSand who wrote (31652)	5/8/2000 12:09:00 PM
From: Richard J. Haynal	Read Replies (3) \| Respond to of 64865

Hi, Point being it really is NOT ok to show us how vulnerable we are. Anyone in network security already realizes this and that their job is really "risk management". This is simply wrong. It's not wrong. The people who work security know there is no such thing as a secure network. It's the managers/endusers who don't understand this. In fact, the point I was trying to make is that even the people in network security don't really know how vulnerable we are, because some of the ways in which we're vulnerable haven't even been discovered yet. (The Love Bug is a good example. This is wrong. The "delivery system" used by the "Love Bug" is the same as was used on Melisa and countless others( Visual Basic Script). The "payload" and "signature" was different but that's it and of course that is the part that makes this so bad. There is a Visual Basic interpeter embedded in the OS and it can be called from all types of MS applications that probably shouldn't. It is a design flaw although BG and company would call it a feature (I'm sure the script kiddies think it's a feature). It was an obvious gigantic hole, but everybody chose to ignore it.* Only MS can really take care of this. i.e. turn scripting off! Where were all the knowing network security guys? Again, this has been common knowledge on all the security sites. It's much better when one is discovered by a kid who sends out a Love You worm that throws the problem in the world's face with minimal harm, then when it's discovered by a genuine criminal or spy who uses it to steal or corrupt financial information or to endanger national security. It was a malicous virus. It deleted files. It left a new template with the code all ready in place to delete files, just replace the .gif, .jpg, and *.mp3 with whatever other kind of file extentions you want. He is a criminal. Don't pretend we know. We don't know. That's the point. And when someone fills us in a little, we owe that person some gratitude even as we punish their misdemeanors to maintain the integrity of the rule of law. Again we (or at least some) did know. If you didn't then now you do. MS has included VBS and WHS scripting on your machine. This is the prime delivery method for virus attacks against MS machines.