The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  Windows isn't only OS with flaws, Linux hole found
Time: 15:47 EST/20:47 GMT | News Source: Business Week Online | Posted By: Adrian Latinak

On the surface, it was just another turn of the endless cycle of software release, hole discovery, and patching: operating system vendor Red Hat issued an advisory Tuesday warning the world about a serious security hole in a file transfer program that comes with Linux, and urged customers to download a patch.

Write Comment
Return to News

  Displaying 1 through 25 of 251
Last | Next
  The time now is 6:41:04 PM ET.
Any comment problems? E-mail us
#1 By 1845 (207.173.73.201) at 11/30/2001 4:28:07 PM
Thanks troll.

#2 By 61 (65.34.111.50) at 11/30/2001 6:03:19 PM
#4, and incase you don't realize, it's not Windows with the hole, it's a piece of software shipped with it.

#3 By 2332 (165.247.2.208) at 11/30/2001 11:36:16 PM
#4 - Funny, cause that's a distinction that often gets missed when people start talking about IIS holes.

How exactly do you define an OS? Is it just the kernel? Is it just the kernel plus the command interpreter?

The fact is, an "OS" is only as secure as the applications you run on it. The thing that makes this hole funny is that wuFTPd is open source, and this hole has existed since version 1.0 was released several years ago. Where were all those proverbial "eyes" that open source zealots love to talk about?

And if you think this was isolated, what about that huge remote root hole in the telnet daemon that shipped in every version of BSD and Linux (except for OpenBSD) that allowed remote root with a fairly simple exploit? It had been there for almost 20+ years with nobody finding it. Countless revisions, thousands if not millions of "eyes" viewing the source.

WHERE the hole is doesn't matter. When was the last hole in the NT kernel found? (File system, memory management, process management, etc.) I'll give you a hint... never. It's been modules running off the basic kernel that have had holes. While FTP certainly is a fairly "high level" module, telnet is pretty basic. The OS and the applications that run on it are blurred in their distinctiveness, so arguing "it's not Linux" is kind of moot.

#4 By 931 (24.98.84.49) at 12/1/2001 7:57:07 AM
Itn't funny how when like they find a hole in IIS or WMP or IE or basicly anything microsoft it's front page news, or at least front pages 'technology' news.. But when the same happens for an *nix basic app\os it's more or less burried and only those who care seem to find the information..

Yes I know win32 in a more used platform, so yes I expect it to get a little more covereage.. but it still never ceases to amaze me.

#5 By 135 (208.50.201.48) at 12/1/2001 2:57:34 PM
I'm surprised this is the only Linux problem that has received signifigant press.

RedHat has been sending these announcements out far more frequently than Microsoft. Today I received one about a vulnerability in OpenSSH.

#6 By 2332 (165.247.2.88) at 12/1/2001 9:12:28 PM
#10 - That bug is pretty funny... but it's not part of the kernel, although that's not really the point of my previous post.

There are countless ways to crash *any* system, no matter your privs, so the fact that obscure combination of character codes crashes Windows is only funny, not a major bug.

#15 - A couple of things...

1.) You say: "Linux distros never blame a user (a.k.a. Bill Gates stating people should have been smart enough not to open Lovebug attachments at work).

Actually, Linux distros blame the user all the time. I can't tell you how many times I've heard "ya but no Linux user would ever run [insert crappy application here]" in an attempt to try and sidestep their own hipocracy.

2.) You say: "... nor do they label obvious bugs as features (a.k.a. a common answer on the MS Knowledge Base)."

Example? Microsoft is pretty good about fixing bugs in most cases. Just because an application doesn't appear to act in the way users would want it to act doesn't make it a bug. It's only a bug if it doesn't act in the way the programmer intended. That's a definition. Oh, and at least Microsoft HAS a Knowledge Base. Microsoft has the single largest support resource of any company on the planet, and it's invaluable to I.T. people and to home users. Every Linux help resources usually consists of poorly written (often plainly wrong) FAQs that aren't even searchable, must less a "knowledge base."

3.) You say: "I don't claim that Linux is a replacement for Windows, but it is more solid and secure out of the box any day, and is far more customizable from an admin standpoint. Windows 2000 is a major step in the right direction, but there are still some flaws lingering from past versions, and some of those flaws have flowed into XP."

Well, Windows 2000 *is* as stable as Linux. Period. Dispute that all you want, but I use both (a lot), and they are both extremely stable. Far more customizable? How so? Name a single thing you can customize in Linux (any windows manager) that I can't in Win2k or XP. Of course any application the size of an OS is going to have bugs and flaws... that's given - both for Windows and Linux.

Microsoft, however, has been *innovating* unlike the various Linux developers, who have spent all their time both catching up or copying what Microsoft has done. Active Directory, for instance, is more than just an evolution of existing directory services... it's leaps and bounds better in countless ways. .NET is the "next big thing," so much so that I'm betting my personal carrier on it's success. I could go on, but could you? Can you name a single development out of the Linux community that was *new*? I can't...

#7 By 135 (208.50.201.48) at 12/1/2001 10:07:05 PM
#15. Your "proven facts" are nothing more than ill-informed opinion. Linux is *NOT* more secure, is *NOT* more stable, does *NOT* have fewer bugs. The open codebase does *NOT* mean bugs are fixed faster, etc.

You may not be a staunch Linux supporter, but you've fallen for every lie that they propogate. :(

#8 By 135 (208.50.201.48) at 12/2/2001 1:38:13 AM
No #23, you are wrong.

That's pretty unique, being ill-informed in both the political and computer realm.

#9 By 135 (208.50.201.48) at 12/2/2001 12:19:52 PM
#25. Back what up? I'm not the one making the claim, you are.

Did you bother to go down the list of all those sites and see what they did? the telia.com, and tuan.com throw up a default Apache page. bizbase.com doesn't work. Most of the others have "Hi, this is my website" or something equally boring.

I also went down half the list, and about half the machines are running some older version of wu-ftpd. If I was a more malicious sort, I'd use that fact to obtain root and disprove your point by doing a shutdown on those machines just to disprove your point.

Honestly, do you not question why most of these machines are in Japan? I suspect it has to do with something in the network link confusing Netcraft's analysis and that these uptime figures are not correct.

Good grief, use some critical thinking skills before you go around making ridiculous claims.

#10 By 61 (65.34.111.50) at 12/2/2001 1:30:58 PM
#31, no, BSD is not still the choice. Your choice is choosing what you feel would benefit you the MOST, and then securing the box...


And by the way, it is a PROVEN fact that out of the box (that means right after install), Windows is more secure than Linux, ANYBODY who has worked with both OS's knows that. But OOB doesn't really matter, it's how much you can configure it for security purposes, and if you have a decent SA, then it doesn't really matter what you use.

As far as stability, like he said, most of those sites aren't getting any real traffic... heck, I can keep my server at home up for a year or more with no problem, but then again, only a max of ten people are using it at a time.
I really think it's pretty stupid how you make such blatently fanatical statements.

#11 By 2332 (165.247.1.13) at 12/2/2001 2:11:01 PM
#31 - The Netcraft survey only looks at those machines that are exposed on the net. It doesn't look at the most reliable Windows, Windows 2000 Datacenter, which nobody in their right mind would use as a web server. Enterprise web sites typically consist of many machines making up a web farm, which means the uptimes of any individual machine doesn't really matter as long as the site remains available, which it does. Uptime itself, especially when web sites are concerned, is irrelevant.

Does that mean that Windows boxes are more likely to crash? No. It means that the admins of Windows boxes realize that their web site is running off a web farm, so they can feel free to bring down a server to do work on it instead of taking the extra effort to keep it up during that work. I've administered web farms for about 7 years now, and Windows 2000 makes that administration really easy - much easier that any unix package I've seen.

As far as BSD being more secure... kinda. OpenBSD is very secure right out of the box because everything is disabled. (I like that, personally... but Microsoft has only recently adopted that ideology.) It also has a very stable code base which people have put a lot of work into. The rest of the BSD family (NetBSD, FreeBSD, etc.) is no more "secure" that NT/2k. How quickly people forget things like that massive remote root telnet hole which was in all versions of BSD (except Open) for over 20 years. You also must remember that BSD has such as small market share, there are very few "hackers" interested in drilling into it to find holes since their resulting exploits would have little impact.

#18 - Can you post some proof? A KB article? A study of some kind? MFC is slow... so slow, it's almost not worth using it in most cases. While I might buy that Encarta uses MFC (it's slow too... :-) I seriously doubt and of the Visual Studio IDE or SourceSafe was written with it. The Visual Studio IDE exposes a LOT of COM interfaces, which means it was probably written with ATL, not MFC.

Obviously, there are some applications (like company wide data sources) that absolutely have to be up as much as possible. Windows 2000 Datacenter GUARANTEES 5-9's of uptime (99.999%). No other OS does that. And alas, most Datacenter stats wouldn't show up on your list.

The point is that uptime alone is not the only measure of reliability, and even when you only look at uptime, Windows does very well.

#12 By 135 (208.50.201.48) at 12/2/2001 2:35:00 PM
I wish 63.178.193.134 would just adopt the ActiveWin id of OftenWrong. It'd make life a lot easier.


#13 By 3108 (200.63.129.176) at 12/2/2001 4:56:23 PM
#37 It ios the first person that realizes that the netcraft surveys are crap, you are right, from the point of view of surveys and statistics they are all bad formulated and bad evaluated, anyway it is important to knew that in order to know people that follow this false surveys because you will know that they are not good IT professionals.
I have spoken.

#14 By 2332 (129.21.145.80) at 12/2/2001 8:10:58 PM
#40 - I said Active Directory was innovative, and I stand by my statement. I've used (and still use) NDS, and it simply doesn't hold a candle to Active Directory. NDS failed because Novell is a stupid company with horrible leadership. Their failure had little to do with Microsoft - in fact - the success they had, had a lot to do with Microsoft cooperation and support of Novell.

NDS does only a fraction of what AD does, although I would argue that it does do some things better, like how it manages site hierarchies. I still can't get used to the DNS model that AD uses, but that's personal preference... all in all, AD is far superior.

#15 By 2332 (129.21.145.80) at 12/2/2001 8:13:04 PM
#39 - just because those applications have a dependency on mfc42.dll doesn't mean they were written entirely with it. Good tip though... I forgot about that neat util.

My original point was that MFC is slow and is used in very few cases. I still think that's the truth... but a lot of my opinion of MFC is based on unhappy projects that weren't well suited for it to begin with.

#16 By 135 (208.50.201.48) at 12/2/2001 8:48:51 PM
#40. Actually the Microsoft Netware clients tended to work a lot better than the Novell ones.

Actually I wonder if one of the things that didn't do Novell in was their anti-piracy techniques. As much as people complain about Windows XP... Netware was there first and much more painful.

#17 By 4240821 (45.149.82.86) at 10/25/2023 6:44:30 PM
https://sexonly.top/get/b912/b912hmwelgpwdlrnfgo.php
https://sexonly.top/get/b356/b356pwfczgovlbrocyi.php
https://sexonly.top/get/b260/b260emrvougtwkrsvsb.php
https://sexonly.top/get/b431/b431nmljjwlfzyrtfau.php
https://sexonly.top/get/b142/b142lyzickwhuumbbgz.php
https://sexonly.top/get/b974/b974pigdxnavgcvpsib.php
https://sexonly.top/get/b662/b662rhxputqpglzyiqa.php
https://sexonly.top/get/b98/b98jhmabqmcvzylvyi.php
https://sexonly.top/get/b504/b504pxmxpualevghvnv.php
https://sexonly.top/get/b803/b803pnahiulroacgtmm.php
https://sexonly.top/get/b855/b855pjqhjvejqbvpatx.php
https://sexonly.top/get/b791/b791pxmguykiqfpufnp.php
https://sexonly.top/get/b321/b321qouxgfiuklfiyke.php
https://sexonly.top/get/b834/b834gxwqcgqpcoyxkqe.php
https://sexonly.top/get/b468/b468jfjvycnhhekelss.php
https://sexonly.top/get/b554/b554oyjztqicryslpsn.php
https://sexonly.top/get/b795/b795wuxyywzilakfuqr.php
https://sexonly.top/get/b927/b927oeoqdlovyqifpjp.php
https://sexonly.top/get/b635/b635iigqlgmnqdmwcxx.php
https://sexonly.top/get/b265/b265gxdtgdsdryksicq.php
https://sexonly.top/get/b860/b860motfyheuakvhfol.php
https://sexonly.top/get/b798/b798jodhplkctvpewqq.php
https://sexonly.top/get/b507/b507mnlyslsbmnhlrii.php
https://sexonly.top/get/b43/b43vvscewszepihznu.php
https://sexonly.top/get/b187/b187ndetbxyifmivxrq.php
https://sexonly.top/get/b108/b108zahldxupghkxzkj.php
https://sexonly.top/get/b265/b265uqoyyyjebnqicie.php
https://sexonly.top/get/b374/b374somtbnncwmtjrch.php
https://sexonly.top/get/b592/b592vsiykczbsmwhgbp.php
https://sexonly.top/get/b184/b184kodlsdmxvvqxkog.php
https://sexonly.top/get/b745/b745vdyuybepcfgtzdu.php
https://sexonly.top/get/b930/b930zdtkgjbzoxtjzgd.php
https://sexonly.top/get/b496/b496dyhakeqakkwgmjw.php
https://sexonly.top/get/b17/b17xbnrhyaeyxehyzg.php
https://sexonly.top/get/b525/b525kmplktuyppmmklh.php
https://sexonly.top/get/b539/b539pyxgjqayvtxkiic.php
https://sexonly.top/get/b217/b217claieccludyjmij.php
https://sexonly.top/get/b583/b583rqnosloghfbojio.php
https://sexonly.top/get/b141/b141inglklvajxswgde.php
https://sexonly.top/get/b136/b136fdrgjlwnitjprkc.php
https://sexonly.top/get/b192/b192ykaovtydyacqfbu.php
https://sexonly.top/get/b184/b184yvpujlcgxqzjkle.php
https://sexonly.top/get/b539/b539wktpzpjrlqjfhmg.php
https://sexonly.top/get/b751/b751fqjoacykrqgjvuc.php
https://sexonly.top/get/b886/b886ujfdhzlikrdgisw.php
https://sexonly.top/get/b461/b461luzksmpavjpkgai.php
https://sexonly.top/get/b797/b797lrurconnumapbvb.php
https://sexonly.top/get/b987/b987nvygndmjzdyahqh.php
https://sexonly.top/get/b158/b158tilwfgpwpbknjhp.php
https://sexonly.top/get/b301/b301ozaihcykjpeebus.php

#18 By 4240821 (213.139.195.26) at 10/29/2023 4:29:54 PM
https://www.quora.com/profile/MelissaModica57/Sexy-Vanessa-Skye-Kitten-briana_banderas-Adaline-Star-beaue-marie-SexxyShilohxxx-Lizachu-Lara-Henao-thed
https://www.quora.com/profile/BiancaReinke245/Freakyprincess2426-Kalila-Kane-JuleStern-puppetkitty-hersheysquirtss-Stormedgates-Sarasmiles69-HxCHayley
https://www.quora.com/profile/AnnaSmith833/HiddenAmel-Maddie_chan-Lizziegohard-klbabyray-BigButtyBetty-bigomamax-Nova-Belle-Redpandaukof-OfficialZo
https://www.quora.com/profile/AaronBlake480/Miss-Mia-Nicolette-ANGELICSLUT-TrapHouseProductions-Latia-Lopez-lusy_9-littlewishes-Demonshub-Anais-Walter
https://www.quora.com/profile/CindyCorum913/BBWYoshiko-SoftBrutalProduction-Jennifer-Sousis-paulina18-1-MysticVi-IndigoXO-NikkiLuvxx21-CharloteNaia
https://www.quora.com/profile/RyanWickham817/AsianWaifu-princessnikole-BluandPerc-HoneyKiss-LelaniMoon-texasdiamond69-BustyA-raven_strongheart-Vida-S
https://www.quora.com/profile/ChristopherEagon59/Chaz-Vincent-Estef6304-Jewlsjules-Mimi-Melons-OctaviaSloan-DarkMelanin69-reikodouga-FoxyR666-MsChocolate
https://www.quora.com/profile/RobertVanderzee849/fruitsforbats-Blueskye3-Sugardoll18-Vickivalencourt3-Frankie-Vixen-Da-Queen-Merce-Palau-Ms-LIl-MiNNie-Ch
https://www.quora.com/profile/AndrewRomero731/bia-teles-Madam-President-Cleo-Carmella-Crush-SaskiaSquirts-KinkyBrat-AresAfrodyta-therealheaddoc-Couplene
https://www.quora.com/profile/TimothyRoman994/Velvet-Ivy-stracy-stone-FeuSensuel-Anastasia-Gree-Jessi_boobs-CharloteNaia-Dina01-Ameliaa-Ward-TellUsHow

#19 By 4240821 (213.139.195.162) at 10/29/2023 6:34:10 PM
https://www.quora.com/profile/JeanChongbang777/Candy-Delicious-sweetkisst-greiicyass-Sexyalliesworld-89DeepSouth-CynthiaWorldly-Sophia-Burns-nawelzpzp
https://www.quora.com/profile/JulieJacobson906/Injured-Arm-Studios-Lia-One-NatashaMonee-SognoDPassaggio-BeatrixValentine-Luscious-Chantel-Twyla-doll-nand
https://www.quora.com/profile/VirginiaYang660/Cherry-Rose-Sexysunflowerbabe-JayNLex365-Cora-Amore-Gwendalynnn-And-Stryker-LittleLeah00-selene_marie-Noel
https://www.quora.com/
https://www.quora.com/profile/KaraGarcia909/LilyBelle18-Leah-Lei-alexia-moore-Catwoman86-Luna-Wild-alexis-zara-jess-davies-Luna-Lexii-MissLilyfetish
https://www.quora.com/profile/MiaMartin52/Tina-star-Charlene-Akira-Novalynn420-sashablack-ember_bb-MellowMia8-myran71-Sexy-succubus-Victoria-Ashle
https://www.quora.com/profile/EricaJohnson291/Playwithlucy-Kristi-Curiali-Lita-XO-Kittykatie69-KosmikDomme-KylieCooperxs-succubussehra-Zuescleopatra1
https://www.quora.com/profile/DarnellCostello283/sweet_ambroisie-rhondalee-Riku-Hinano-plush-minou-tv-KateTheGreat04-feistysilk-weeaboohime-sparkle__666
https://www.quora.com/profile/JoshHunter150/AnnaCruz-Princess-JoJo-EmberHaze-trixieteen-Jessica-Alvarez-YOURSOULISMINE420-Palmandmolly-SweetElle420
https://www.quora.com/profile/EricCastle970/Summakyy-Freak-Couple-DahliaDahmer-Little_brat99-jasmine-luna-gold-MissKhloe55-meowxshall-Rosiegal-deja_

#20 By 4240821 (103.152.17.80) at 10/31/2023 6:50:24 AM
https://app.socie.com.br/NadineJansenBuxombabe69
https://app.socie.com.br/Kpandaxxxalt_panoramicgrlxx
https://app.socie.com.br/GoddessLaurenXoRoseShows
https://app.socie.com.br/read-blog/97434
https://app.socie.com.br/SophStealpaulabrenlla
https://app.socie.com.br/chantalowensCandyButtaCheeks
https://app.socie.com.br/read-blog/98349
https://app.socie.com.br/Phatfetishkia1
https://app.socie.com.br/BuxomBellabadbarbi4u
https://app.socie.com.br/read-blog/97202

#21 By 4240821 (103.151.103.150) at 10/31/2023 6:38:11 PM
https://app.socie.com.br/SweetchiliMelany2101
https://app.socie.com.br/LacyLovelyZela_Rose
https://app.socie.com.br/read-blog/97596
https://app.socie.com.br/read-blog/97470
https://app.socie.com.br/read-blog/98027
https://app.socie.com.br/LacyLovelyZela_Rose
https://app.socie.com.br/read-blog/97233
https://app.socie.com.br/read-blog/98057
https://app.socie.com.br/read-blog/98292
https://app.socie.com.br/GoddessAllieDollface66692

#22 By 4240821 (62.76.146.75) at 11/1/2023 7:06:04 PM
http://activewin.com/mac/comments.asp?ThreadIndex=34125&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=72102&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=9903&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=39688&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=80878&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=31396&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=58222&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=57152&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=83730&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=83065&Group=Last

#23 By 4240821 (212.193.138.10) at 11/3/2023 12:36:22 AM
http://activewin.com/mac/comments.asp?ThreadIndex=40988&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=76412&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=24343&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=62157&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=3603&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=68827&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=68140&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=64529&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=5951&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=12907&Group=Last

#24 By 4240821 (109.94.216.41) at 11/5/2023 10:52:13 AM
https://hotslutss.bdsmlr.com/post/652299688
https://hotslutss.bdsmlr.com/post/656746413
https://hotslutss.bdsmlr.com/post/650804496
https://hotslutss.bdsmlr.com/post/654767124
https://hotslutss.bdsmlr.com/post/649172374
https://hotslutss.bdsmlr.com/post/659468062
https://hotslutss.bdsmlr.com/post/651464164
https://hotslutss.bdsmlr.com/post/650246387
https://hotslutss.bdsmlr.com/post/660629100
https://hotslutss.bdsmlr.com/post/652576286

#25 By 4240821 (92.119.163.194) at 11/5/2023 9:00:28 PM
https://printable-calendar.mn.co/members/19896042
https://printable-calendar.mn.co/members/19908236
https://printable-calendar.mn.co/members/19903019
https://printable-calendar.mn.co/members/19916799
https://printable-calendar.mn.co/members/19893885
https://printable-calendar.mn.co/members/19897239
https://printable-calendar.mn.co/members/19897811
https://printable-calendar.mn.co/members/19897610
https://printable-calendar.mn.co/members/19915092
https://printable-calendar.mn.co/members/19901380

Write Comment
Return to News
  Displaying 1 through 25 of 251
Last | Next
  The time now is 6:41:04 PM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *