Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : COMS & the Ghost of USRX w/ other STUFF -- Ignore unavailable to you. Want to Upgrade?

To: jhild who wrote (11563)	1/12/1998 2:02:00 PM
From: Dick Smith	Read Replies (2) \| Respond to of 22053

Hacker stuff--- Jhild wonders, "But the article left me a little confused as to whether the "rootshell.com" site was a resource to help solve these problems or a clearinghouse for hackers to pick up more good ideas. Whatever the case, Microsoft seems asleep at the switch." I think that rootshell is some of each... it's definitely a useful resource for hackers, but argues, correctly, I believe, that if the information isn't public, then ONLY hackers will know it. I was able to look at the "bonk" and "boink" source code there, and understand exactly what the attack was. Presumably, the Microsoft developers are looking at this code right now preparing their fix. The real hard problem for Microsoft is getting a fix ready to release. Comments on the rootshell site point out that Microsoft is a closed system, so you can't tell just how their TCP/IP stack works, and why the fix for "smurf" didn't correct "bonk" as well, as it did for Linux. But they also have a lot of users, and getting a fix out, whether just as a single "security patch" or as a ServicePack, isn't going to be that easy. Dick