August 10, 2008
by Dr Leo Strauss •
Taking a few days off re posting for some RnR. Will still be lobbing in comments. Here’s a montage from today’s trek to Great Falls up the river from the Imperial City.
Aug 11, 2008 @ 20:44:00
“I was very firm with Vladimir Putin [re Georgia] – Hopefully this will get resolved peacefully.”
Aug 11, 2008 (CBS)
Aug 10, 2008 @ 17:34:58
Warning from Jerry Pournelle:
The Future of Vista
“As I write this, there is a flurry of discussion on the Internet regarding the future of Vista. The headline is “Vista’s Security Rendered Completely Useless by Exploit.” http://www.neowin.net/news/main/08/08/08/vista39s-security-rendered-completely-useless-by-new-exploit (and see also http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1324395,00.html ). Of course we have heard this sort of thing before; but this seems serious, and one school says there is no possible fix: the defect is built into the very nature and design of Vista’s memory management. Windows Server 2008 is also said to be vulnerable; it is not known whether the same technique can be used to render Windows XP and previous versions of Windows vulnerable.
The vulnerability, according to the paper presented at Black Hat, is total: an attacker can put any code he likes into any memory location he likes. This would allow commands to upload any and all data on or reachable by the machine, and of course allow adding the machine to an army of zombies . . .” He then adds that:
“Eric Pobirs has read the Black Hat paper and says:
A lot of the issues revolve around accommodating old badly written software. Much of the vulnerability can be eliminated with a few registry entries that breaks compatibility with a lot of that stuff, much as many items were already broken by the existing differences between what XP and Vista allowed to be done in the registry.
Reading the paper shows the problem is not nearly as great as has been reported. The authors’ own conclusions don’t jibe with the claims that this is *completely* (emphasis added) unfixable. Much of it can be addressed immediately by exercising some discretion. Much else is up to third parties to address.”
FYI, if you are using MSFT Vista.
Your Name *
Your Email *
CAPTCHA Code *
Notify me of followup comments via e-mail
Everyone is more or less mad on one point. — Rudyard Kipling
Everyone is more or less mad on one point.
We offer the following list of some of the pieces here we think resonate well over time. The best items answer questions that adapt to new circumstances, yielding fresh perspectives.
You're invited to see for yourself and share your conclusions with the Stiftung Community.
Thank you for being a part of our merry band.