"[C]omputer design is being dictated not by electronic design rules, physical layout requirements, and thermal issues, but by the wishes of the content industry." By deliberately breaking audio and video functionality, opening up new avenues for debilitating malware, and reversing performance gains in desktop PCs and third-party components, Peter Gutmann argues "the Vista Content Protection specification could very well constitute the longest suicide note in history."
posted on Dec 23, 2006 - View this thread

Trusted Computing. Microsoft and friends are proposing some major alterations to the way that computers work, the ostensible goal being to increase security. But others say that the real goals are much more insidious.
posted on May 22, 2004 - View this thread

With its latest security update Microsoft has disabled the ability to pass username:password pairs in URLs. If you usually use this format for connecting to your site via either FTP or HTTP, it will no longer work after you install this update.
posted on Feb 4, 2004 - View this thread

Microsoft = Megatarget. A new worm is rapidly spreading across the Internet, functioning like a massive DDOS attack and crippling ISPs in South Korea. It's host? Microsoft SQL server. (Get yor fix on, then reboot!) What impact will it have over here, I wonder...
posted on Jan 25, 2003 - View this thread

While MS-bashing is often too easy, this statement about recent security holes seemed especially astounding: "Outlook Express ships with every Windows system, or rather as part of IE, so it's on every system. But unless it is configured to receive mail, you are not at risk," said Scott Culp, manager for Microsoft security response. Interesting. Unless it is configured to receive mail, like, you know, an email program.
posted on Oct 11, 2002 - View this thread

Did you install it yet? You may want to think twice. That new software update for Windows Media Player isn't just a security update, if you read the End User License Agreement carefully, it states:

"In order to protect the integrity of content and software protected by digital rights management 'Secure Content', Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer."

Does anyone know anything more about this? How about recommendations for a suitable replacement for WMP?
posted on Jul 1, 2002 - View this thread

Microsoft Windows + NSA = loopholes in security: "A careless mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into [almost all versions of] Windows." an interesting article that really shouldnt be surprising, and all the more reason to buy a mac.
posted on Mar 22, 2002 - View this thread

Microsoft to make products more "trustworthy." A lot of buzz words floating around here, like "trustworthy" and "security." Does this mark a true sea change in Microsoft strategy, or is it just a PR stunt, too little, too late? One thing I'll say, though - I never thought I'd hear this coming from Bill: "Users should be in control of how their data is used... It should be easy for users to specify appropriate use of their information, including controlling the use of e-mail they send." (from the AP report)
posted on Jan 17, 2002 - View this thread

FBI warns Microsoft XP users "The FBI is urging computer users to unplug and don't play when it comes to addressing serious security flaws found in Microsoft's new Windows XP program." "Microsoft admitted this week that there are several serious glitches in the new software. " Really?
posted on Dec 22, 2001 - View this thread

"MS releases mother of all IE security patches" Per the article: Microsoft has released a cumulative patch for Internet Explorer which the firm says is a "critical" security precaution against crackers which should be applied "immediately". Time to update/upgrade boys and girls. :)
posted on Dec 14, 2001 - View this thread

The Twenty Most Critical Internet Security Vulnerabilities
This is a list of Internet security tips that SAMS and the FBI updated yesterday. The list is really aimed at IT professionals and does not offer much advice to the home user. My advise for any home user who is worried about viruses and security: 1. Don't use Windows OS, any Windows OS (try Linux or Mac) 2. Remove Outlook from your computer. 3. Don't open e-mail attachments you did not ask for.
posted on Oct 2, 2001 - View this thread

Gartner's opinion proliferates into the mainstream Internet news sources. any further thoughts?
posted on Sep 25, 2001 - View this thread

Gartner Group recommends that IIS users look elsewhere for a better web server.
posted on Sep 21, 2001 - View this thread

New worm doing the rounds. Great.
posted on Sep 18, 2001 - View this thread

Seeing weird things in your website logs today? This will explain it... Running IIS and haven't patched it in over a month? Go here. 13,000 servers have already been affected.
posted on Jul 19, 2001 - View this thread

Win XP's Product Activation as a breeze to hack. Provided that RC1 still ships as is and you keep your RAM locked at a fixed number of sticks, it's simply a matter of keeping a backup of a DBL file. For all the ballyhoo, it's amazing that something this obvious slipped under the cracks. With WPA this sloppy, is this the only half-hearted facet of Windows XP?
posted on Jul 17, 2001 - View this thread

Security Threat! But only if your server's running... No crap. I love the Note on Microsoft's security bulletin for it's recent IIS 5.0 security flaw. Did anyone need to be told that?
posted on May 4, 2001 - View this thread

MSIE leaves the door wide open on your Windows OS... I can't believe that the myriad "security holes" are coincidental... maybe we should call them back doors. I mean, really... who do they think they're kidding? We all know who really wants surreptitious access to our systems. [via Glish]
posted on Apr 3, 2001 - View this thread

One million credit card numbers stolen! News at 11! The FBI has gone public with a rather dry account of a huge organized attack on ecommerce sites, exploiting security flaws in NT which Microsoft fixed and offered patches for nearly two years ago.
posted on Mar 9, 2001 - View this thread

Linux no longer foolproof? And a smile descened upon Redmond...
posted on Jan 22, 2001 - View this thread

Do as we say, not as we do.
posted on Nov 6, 2000 - View this thread

Yet another outlook vulnerability. This one's significantly nastier than the previous ones, because it can attack and run programs on your computer as you download the email from your server
More >>
posted on Jul 19, 2000 - View this thread

New Microsoft Bug Found This one's pretty serious. Because it affects the whole world.
posted on May 20, 2000 - View this thread

Microsoft's latest security loophole involves the much-hated animated paperclip "Office Assistant". Despite its ability to create or delete files, someone chose to mark it as "safe for scripting", allowing it to be controlled by script on a web page.
posted on May 17, 2000 - View this thread

Blame MICRO$OFT for the "I love you" virus, ohh, and it has 40 authors to it
posted on May 16, 2000 - View this thread

[ Damn, it's busy this morning... ]
"Outlook is perfectly safe... perfectly safe; that's why we're fixing it."
posted on May 16, 2000 - View this thread

From Microsoft support: General Information About Using VBScript with Outlook

VBScript is designed to be a secure programming environment. It lacks various commands that can be potentially damaging if used in a malicious manner. This added security is critical in enterprise solutions.

(via Phil Agre's RRE mailing list)
posted on May 14, 2000 - View this thread

You know their server isn't particularly secure; well neither is their browser.
posted on Apr 19, 2000 - View this thread

More news on the IIS exploit After acknowledging the problem last week, Micro$oft is now saying that the backdoor in IIS... is a flaw. M$ Technet seems to have a fix for this problem, delete the offending file! So, if systems are your bag, my advice is to start researching security if you are running M$ internet server products (SQL 7, Exchange, IIS, Index Server, etc.).
posted on Apr 17, 2000 - View this thread