Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft's "Dead Cow" Patch Was 7 Years In the Making

timothy posted more than 5 years ago | from the were-they-lean-years-or-fat-years? dept.

Security 203

narramissic writes "Back in March 2001, a hacker named Josh Buchbinder (a.k.a Sir Dystic) published code showing how an attack on a flaw in Microsoft's SMB (Server Message Block) service worked. Or maybe the flaw was first disclosed at Defcon 2000, by Veracode Chief Scientist Christien Rioux (a.k.a. Dildog). It was so long ago, memory is dim. Either way, it has taken Microsoft an unusually long time to fix. Now, a mere seven and a half years later, Microsoft has released a patch. 'I've been holding my breath since 2001 for this patch,' said Shavlik Technologies CTO Eric Schultze, in an e-mailed statement. Buchbinder's attack, called a SMB relay attack, 'showed how easy it was to take control of a remote machine without knowing the password,' he said."

cancel ×

203 comments

Sorry! There are no comments related to the filter you selected.

Now I get it (5, Funny)

Maniacal (12626) | more than 5 years ago | (#25737775)

So that's how they came up with the name 'Windows 7'

Re:Now I get it (5, Funny)

thewils (463314) | more than 5 years ago | (#25737827)

Things look a bit bleak for Windows 2008 then :(

Re:Now I get it (4, Funny)

mfh (56) | more than 5 years ago | (#25737847)

So that's how they came up with the name 'Windows 7'

No, they needed to get some luck for Windows, so they added the lucky number 7 to it. This bug fix was introduced to confuse us all.

Re:Now I get it (0)

Anonymous Coward | more than 5 years ago | (#25737857)

I think someone within Microsoft wanted to name their kid after it

Re:Now I get it (4, Funny)

Yvan256 (722131) | more than 5 years ago | (#25738001)

George Costanza works for Microsoft?

Re:Now I get it (2, Funny)

Anonymous Coward | more than 5 years ago | (#25738131)

someone wanted to name their kid "Dead Cow"?

Re:Now I get it (1)

supersloshy (1273442) | more than 5 years ago | (#25738045)

Argh! You stole what I was going to say 20 minutes before I even said it, you insensitive clod!

Re:Now I get it (1)

morgan_greywolf (835522) | more than 5 years ago | (#25738463)

Nope. It was named for Jeri Ryan's character on Voyager. Someone at Microsoft has a fixation on her ... posterior region.

Re:Now I get it (1)

cp.tar (871488) | more than 5 years ago | (#25739047)

Are you saying that Windows 9 will be the last?

I'll drink to that.

Re:Now I get it (1)

arelas (1336019) | more than 5 years ago | (#25739351)

That would be me!

'been holding my breath since 2001 for this patch' (5, Funny)

Anonymous Coward | more than 5 years ago | (#25737813)

...and boy are my arms tired.

P.S. I'm dead.

I forget... (1)

jcr (53032) | more than 5 years ago | (#25737867)

When did Hobbit write his paper about CIFS (Common Insecurities Fail Scrutiny)?

-jcr

Re:I forget... (2, Interesting)

burris (122191) | more than 5 years ago | (#25737963)

I believe that's "*Hobbit*" ...

(jan '97)

Re:I forget... (4, Informative)

spacerog (692065) | more than 5 years ago | (#25738049)

According to Google, 1997. Yeah, over a decade ago.

CIFS: Common Insecurities Fail Scrutiny [ussrback.com]

- SR

Re:I forget... (1)

megamerican (1073936) | more than 5 years ago | (#25738407)

It must be older than that if the USSR was still around!

Does anyone use this OS any more? (5, Interesting)

WillAffleckUW (858324) | more than 5 years ago | (#25737877)

I mean, seriously, most of us have written it off, and it makes bad business sense too.

At work we've cancelled plans to use Win7 and WinVista and are moving to all Linux where we can, just from a staffing level perspective.

Re:Does anyone use this OS any more? (5, Interesting)

HerculesMO (693085) | more than 5 years ago | (#25738059)

Yes, lots of people still do.

Makes little business sense right now to go to Win7/Vista, but XP is still a smart move for most people.

It's too bad Slashdotters here are so entranced with the platform, they forget what it's supposed to delivery. I don't really care what OS is on the desktop, so long as it allows us to achieve what we are trying to do. Usually, it's the software that does that, not the OS.

Re:Does anyone use this OS any more? (5, Insightful)

Sancho (17056) | more than 5 years ago | (#25738171)

Of course, if the OS is fighting you all the way while you're trying to work with the software, that's a problem.

Re:Does anyone use this OS any more? (5, Insightful)

HerculesMO (693085) | more than 5 years ago | (#25738261)

From my experience, the Linux folks that try to work in Windows just simply don't know WTF they are doing.

Likewise, Windows Admins who work in Linux don't know either.

It's always easy to curse the platform if you don't have the knowledge. I've built stable environments out of Windows and out of Linux, and they all serve their purpose with perfectly fine uptime. Just a different delivery platform for different things.

Re:Does anyone use this OS any more? (4, Insightful)

Sancho (17056) | more than 5 years ago | (#25738351)

I'm not specifically referring to tasks which are "hard to do" in the OS--I'm referring to the incessant stream of vulnerabilities in various components that makes working with Windows a virtual minefield.

Re:Does anyone use this OS any more? (4, Insightful)

HerculesMO (693085) | more than 5 years ago | (#25738781)

In the 7 years as a Windows Sysadmin I've seen my job getting easier and easier by taking a few proactive steps to corporate use of Windows.

For server use, it's perfectly fine. I have a Windows file cluster running over a year without an downtime, but we've taken cluster members offline for patches in turn, and failed back to the alternate which is a net of 0 downtime.

We use strict policies on the desktop, and don't allow users to do things that are going to cause problems. Mostly, this includes *not* giving them administrative rights, though we do delegate some things out.

It's like any other system. The problem is that Windows is so large an ecosystem, and so many folks that 'represent' Windows sysadmins pretty much suck at their job, or are MCSEs on paper and not in practice, then it does a disservice to what I feel is a perfectly fine OS for daily use, and corporate use. I have no 'virtual minefield' because I know my business well, I know my job well, and I perform well in bringing harmony between them (the business and the IT use).

It's like ANY system (*nix included), because if you have an incompetent sysadmin, you will have problems on your domain and infrastructure. If you have a competent sysadmin, you won't see anything wrong. Our users are largely very happy, and that's done by internal auditing (mandatory surveys, as we represent 19000 employees country wide), and consistently the 2500+ userbase I work with and for rank me highest of the family of companies I work for in their satisfaction in their computing needs.

Again, it's not the platform at fault, it's the admins around it. If you feel Windows is a virtual mine field then it may indicate your talents lie elsewhere (*nix), and as such should keep to the business you know, rather than tell folks who run Windows successfully that they have inherent problems at hand they aren't aware of.

Re:Does anyone use this OS any more? (5, Insightful)

malkavian (9512) | more than 5 years ago | (#25739343)

Hear hear. I've been running UNIX and Windows in admin capacity since the early '90s. The biggest problem I've seen at the moment is caused by marketing. Microsoft just refuse to stop advertising Windows servers as being so simple the cat could administer it.
With that message on the table, HR departments get the idea that all it then takes to administer servers is one cat and a magic wand. So they create low paid jobs for 'admins' that don't actually know much about administration (as it's so easy, who actually needs skills in it 'eh?).
UNIX tends to get better results overall, largely because it's seen as a skilled job. They pay the money, they require that you know what you're doing.
Where you get admins that know the detail on Windows to the depth that UNIX gurus know UNIX, comparable results are obtained.

Now, if only Microsoft would stop telling suits that all they need to administer Windows is someone with one finger and half a brain, then the rep. of Windows would increase dramatically. However, there's money to be made today by churning out an MCSE who two weeks ago didn't know what the power cable plugged into. Who cares about the future of the platform when you can advertise tomorrow with a new glossy pamphlet, and make money today? Well, apart from the people who really understand system administration, and hey, what do they know?

Re:Does anyone use this OS any more? (0)

Anonymous Coward | more than 5 years ago | (#25738927)

right, and mac's don't get viruses. and linux is the most secure os. please, the zealotry is amusing at best, annoying at worst.

I now point you to milworm; take note that it has significantly more vulnerabilities to exploit for linux than it does anything else.

Re:Does anyone use this OS any more? (4, Informative)

stevied (169) | more than 5 years ago | (#25738859)

I've hacked an interesting little solution together for my household, which I'm sure would scale. I've been using Linux for about 13 years, and have forgotten more tricks than most people know. Over that time I've done a certain amount with Windows, too, but the lack of a rich toolset and open / free documentation and source always put me off spending too much time on it. I understand things are a bit better now on those fronts, but I chose where to invest my time ages ago. I've certainly not bothered about keeping up to speed, have no experience with Vista, Office, 2007, etc.

Anyway .. I have to provide a Windows environment for a family member who's really not up to learning anything new. I wanted to be able to manage it, secure it, control changes to the configuration, etc., etc., and eventually hit on the idea of just running XP inside VBox on Ubuntu. It starts automatically, changes to the main Windows partition are discarded on each shutdown, and I can do all my management with ssh (and occasionally rdesktop if I need to actually fiddle with Windows, which is rare.) Performance is fine even on old hardware.

Virtualization on the server is obviously mainstream now, and I guess many users are running virtualization software themselves to provide access to apps on other platforms and run old software. I haven't seen much about using virtualization as a platform for managed desktops though, and I reckon it has some advantages: moving images between machines when hardware fails or users move departments; change control; configuration testing, etc., etc. Knowing you've got the exact same disk image in use on a herd of workstations, regardless of hardware, seems like a good thing for peace of mind ..

Re:Does anyone use this OS any more? (1)

HerculesMO (693085) | more than 5 years ago | (#25738983)

You can actually get ESX Server for *free* now, you just don't get management tools.

But if you know Linux well, it should be rather irrelevant. I've been tooling around with it, Hyper-V as well... VMWare still has a lot of advantages but at the cost of Hyper-V.. I dunno which to choose given the performance is similar, but scalability lacks on Hyper-V. I'm sure they will add it in, and for $25 or whatever per server, it's next to nothing to get using it.

Re:Does anyone use this OS any more? (2, Insightful)

qoncept (599709) | more than 5 years ago | (#25738347)

If you've used Windows in a corporate environment and still feel that way, there is something wrong with your organization. I've been with my current company for just over a year now and yesterday I called the help desk for my first Windows related problem. It's stable, period. Now, all the antivirus, security, firewall etc they install makes the thing so slow it's awful to use, but that's beside the point.

One thing is for sure, though. I don't want to make an 'Impress' presentation and send it to a client unless I'm sure they are going to be able to open it in Powerpoint.

Re:Does anyone use this OS any more? (2, Insightful)

tbannist (230135) | more than 5 years ago | (#25738547)

Actually, I thought that was specifically the point. If people hate using their computer, then you're doing something wrong.

It's about getting the job done, but Microsoft has consistently been the roadblock. Microsoft is the barrier to compatibility. They're the roadblock to having everything "just work". The Windows monopoly has to end before we can move forward again.

Re:Does anyone use this OS any more? (4, Insightful)

Duckie01 (10586) | more than 5 years ago | (#25738683)

If you've used Windows in a corporate environment and still feel that way, there is something wrong with your organization. I've been with my current company for just over a year now and yesterday I called the help desk for my first Windows related problem.

Perhaps the gp was on the other end of the line, dealing with the nightmare to keep the rest of the organization including you, clear from it. In other words, your experience with your office desktop computer might say more about the quality of the IT department that installed the OS than about the flaws in the installed OS.

It's stable, period. Now, all the antivirus, security, firewall etc they install makes the thing so slow it's awful to use, but that's beside the point.

No, that is *not* beside the point. You see, if you *need* to bog down your OS with third party software to keep it working reliably at all, I'd say that the flaws in this OS are exactly what causes your pc to slow down to the point that it's awful to use.

One thing is for sure, though. I don't want to make an 'Impress' presentation and send it to a client unless I'm sure they are going to be able to open it in Powerpoint.

Yeah or in something else they might have, like Impress ;) I actually don't know Impress, btw. But I get your point.

Re:Does anyone use this OS any more? (1)

ccool (628215) | more than 5 years ago | (#25739115)

One thing is for sure, though. I don't want to make an 'Impress' presentation and send it to a client unless I'm sure they are going to be able to open it in Powerpoint.

Yeah or in something else they might have, like Impress ;) I actually don't know Impress, btw. But I get your point.

I would normally use PDF in that case. Also, I don't like the fact that they can easily change the presentation if I send a Impress/Powerpoint file...

Re:Does anyone use this OS any more? (3, Informative)

Tubal-Cain (1289912) | more than 5 years ago | (#25738915)

One thing is for sure, though. I don't want to make an 'Impress' presentation and send it to a client unless I'm sure they are going to be able to open it in Powerpoint.

It may give you peace of mind to know that MS released the specs on their binary formats [slashdot.org] in late June, so the OOo team had about 2.5 months to fix their implementations in version 3. If they didn't manage that, they should have them in the next release.

Re:Does anyone use this OS any more? (2, Funny)

boredhacker (1103107) | more than 5 years ago | (#25738313)

Yes, people certainly do still use "this OS" (i.e. Windows)... people who produce costly products with little value.

:P

Re:Does anyone use this OS any more? (1)

heffrey (229704) | more than 5 years ago | (#25738595)

people who produce costly products with little value

The market says otherwise.....

Re:Does anyone use this OS any more? (1)

boredhacker (1103107) | more than 5 years ago | (#25738995)

The market says otherwise.....

Which market are you talking about exactly?

MSFT 5yr [yahoo.com]

GOOG 5yr [yahoo.com]

AAPL 5yr [yahoo.com]

Re:Does anyone use this OS any more? (1)

heffrey (229704) | more than 5 years ago | (#25739207)

Not those markets. I was referring to the sales of Windows. It appears to be the dominant client OS and has growing market share in server space.

Re:Does anyone use this OS any more? (0)

Anonymous Coward | more than 5 years ago | (#25739369)

From your data:

MSFT - Market Cap: 180.58B

GOOG - Market Cap: 91.44B

AAPL - Market Cap: 80.11B

Re:Does anyone use this OS any more? (5, Funny)

heffrey (229704) | more than 5 years ago | (#25738325)

Hardly anybody still uses Windows, it's dying out.

Re:Does anyone use this OS any more? (3, Funny)

Anonymous Coward | more than 5 years ago | (#25738663)

Good riddance, it's been a total pane since day one.

Re:Does anyone use this OS any more? (1)

squallbsr (826163) | more than 5 years ago | (#25738743)

Netcraft confirms it!

Re:Does anyone use this OS any more? (1)

TBerben (1061176) | more than 5 years ago | (#25738763)

Don't be silly, it's neither dead nor dying until Netcraft confirms it.

Re:Does anyone use this OS any more? (0)

Anonymous Coward | more than 5 years ago | (#25739235)

Long live BSD

Re:Does anyone use this OS any more? (3, Funny)

DAldredge (2353) | more than 5 years ago | (#25738487)

I do. And I like Vista too.

Re:Does anyone use this OS any more? (4, Insightful)

Cowmonaut (989226) | more than 5 years ago | (#25739283)

How, HOW is this Flamebait? I happen to like Vista as well, now that SP1 is out and the majority of my driver issues are resolved. In fact, literally the only issue I have with my system currently is a VERY small sector on my hard drive or bad memory space on a single stick. I'm not sure which, I occasionally (3 times a month) blue screen due to an issue relating to one or the other. For all I know, its really my motherboard since memtest and SMART test my hardware fine.

Just because YOU don't like Vista doesn't mean others don't. On my desktop I happen to think my system runs smoother and faster and is easier to fix than with XP. To each his own, like several other +5 Insightful in this thread have mentioned...

Re:Does anyone use this OS any more? (1)

tgd (2822) | more than 5 years ago | (#25738511)

"most of us"

You might want to expand your world-view slightly... even if you are not a fan of their products, living in THAT fantasy world will get you nowhere.

my prayers are answered! (5, Funny)

Trepidity (597) | more than 5 years ago | (#25737891)

Seven years ago, The Register devastated me with this terrible news:

It's backward compatibility that has MS in a trap now. "NTLMv2 was created to address many of these issues, and if Windows came configured to use only NTLMv2 these would not be issues, unless the user knowingly opened himself up to allow communication with older operating systems," Sir Dystic noted.
[...]
However, if for some reason it's necessary for you to use the many thrilling features of Windows networking without NTLMv2, then there is absolutely nothing you can do but pray.

Finally, I can use my favorite thrilling NTLM features without giving in and using NTLMv2!

SMB? (3, Funny)

EraserMouseMan (847479) | more than 5 years ago | (#25737901)

Could a Windows Server Admin worth his/her salt please explain to us what SMB is, who would use it, and if there was a workaround that made the vulnerability a non-issue?

Re:SMB? (5, Informative)

corsec67 (627446) | more than 5 years ago | (#25737971)

SMB [wikipedia.org] is used by Windows for file/printer sharing.

Re:SMB? (3, Interesting)

QuantumRiff (120817) | more than 5 years ago | (#25738141)

Okay Mr. Quick with the link.. Where does the "dead cow" Reference come from?

Re:SMB? (1)

Anonymous Coward | more than 5 years ago | (#25738293)

I don't know, but I know all about super cow powers [launchpad.net] .

Re:SMB? (5, Funny)

Anonymous Coward | more than 5 years ago | (#25738319)

It took me a while, but apparently Sir Dystic was(is?) a member of The Cult Of The Dead Cow (reference [zdnet.com] ).

What a crappy headline. I hate teasers like that.

Re:SMB? (0)

Anonymous Coward | more than 5 years ago | (#25739329)

It "took you a while"? Heavens, the first two Google hits for "dead cow" are the group's homepage and the Wikipedia entry...

Re:SMB? (0)

Anonymous Coward | more than 5 years ago | (#25738481)

From: http://en.wikipedia.org/wiki/SMBRelay

SMBRelay and SMBRelay2 are computer programs that can be used to carry out SMB man in the middle (mitm) attacks on Windows machines. They were written by Sir Dystic of CULT OF THE DEAD COW (cDc) and released March 21, 2001 at the @lantacon convention in Atlanta, Georgia. More than seven years after its release, Microsoft released a patch that fixed the hole exploited by SMBRelay.

Re:SMB? (1, Informative)

Anonymous Coward | more than 5 years ago | (#25738723)

Cult of the Dead Cow, probably. Oldskool hacker group, probably most famous for the Back Orifice trojan^W remote administration utility.

Re:SMB? (1)

Walpurgiss (723989) | more than 5 years ago | (#25737981)

Not really a server admin, but SMB stands for server message(messaging?) blocks. SMB is the MS windows file sharing standard basically, and Samba is basically an implementation of it for linux/unix.

I would hope enterprise environments would use something a bit more sophisticated than windows file sharing. Even then, I doubt any business would have any box with smb/samba enabled without a firewall preventing internet based or external smb connections.

Re:SMB? (1)

blincoln (592401) | more than 5 years ago | (#25738087)

I would hope enterprise environments would use something a bit more sophisticated than windows file sharing.

Such as?

If you have Windows clients and Windows servers, SMB is the most common way to get files between them. This is true whether you're connecting two Windows machines to your home wifi router or you're running a corporate environment with tens of thousands of Windows machines on it.

Re:SMB? (2, Insightful)

Anonymous Coward | more than 5 years ago | (#25738343)

Windows file sharing is far, far more sophisticated than other file sharing solutions that work out-of-the-box in various operating systems. NTFS provides a level of detail and control over permissions that is unsurpassed, and its integration with Active Directory makes other services look like a joke.

Samba's primary weakness is that it doesn't run on a Windows file system.

laptops travel outside the firewall (1)

SethJohnson (112166) | more than 5 years ago | (#25738647)



I agree with your post about SMB and would like to add to it....

Even then, I doubt any business would have any box with smb/samba enabled without a firewall preventing internet based or external smb connections.

The modern computing environment is complicated by laptops that travel outside the corporate network firewall. Users frequently enable SMB on their company laptop when at home or at coffee shops, airports, etc. to transfer files between machines. A (computer) member of a zombie bot herd can then exploit a weakness like this to take control of the laptop and add it to the zombie herd. When the laptop returns to the corporate network, it becomes a zombie recruiter.

This is probably how the Obama campaign was compromised.

Seth

Re:SMB? (0, Redundant)

cloakable (885764) | more than 5 years ago | (#25738009)

SMB is Server Message Block, and is the protocol used by Windows filesharing. People would use it include anyone who has shared a folder under Windows, and virtually any enterprise using an Windows AD domain.

As far as I know, there is no workaround, save perhaps installing Windows Services for Unix and using NFS.

Re:SMB? (1)

pejyel (1275304) | more than 5 years ago | (#25738021)

No need to be a windows server admin.

SMB [wikipedia.org] is the the protocol used by windows for networking (files, printers, etc... sharing).

It might be a bit more famous through the story of its Linux implementation Samba [wikipedia.org] , and the trials Microsoft lost for refusing to open the specifications needed for interoperability.

Windows Server Admin? On Slashdot? Are you kidding (5, Funny)

drachenfyre (550754) | more than 5 years ago | (#25738033)

Like any windows server admin reads slashdot.... And the ones that do aren't going to stick their hands up and say "Oh, pick me" so we can all berate them for their choice in closed source server operating systems.

Re:Windows Server Admin? On Slashdot? Are you kidd (3, Informative)

HerculesMO (693085) | more than 5 years ago | (#25738093)

I do.

You can make fun of me :)

That said, if you have a Linksys firewall in place, it usually takes care of the issue. Granted the attacks you'll get internally *can* happen, but we have managed to circumvent SMB exploitation via policy settings in Windows. It works fine for us, nice to see they finally patched it though.

Re:Windows Server Admin? On Slashdot? Are you kidd (4, Funny)

0racle (667029) | more than 5 years ago | (#25738423)

I do.

You can make fun of me :)

That said, if you have a Linksys firewall

Now you deserve to be made fun of.

Re:Windows Server Admin? On Slashdot? Are you kidd (2, Insightful)

HerculesMO (693085) | more than 5 years ago | (#25738997)

It wasn't meant in seriousness, but if you want to take it and run, feel free.

Just meant that any port blocking software or hardware (as simple AS a Linksys firewall) prevents this from being anything of an issue.

Hell, even Windows built-in firewall will do the trick.

Re:Windows Server Admin? On Slashdot? Are you kidd (1)

DAldredge (2353) | more than 5 years ago | (#25738509)

I read /. and I admin windows and linux servers.

C2MyAzz (5, Interesting)

Anonymous Coward | more than 5 years ago | (#25737923)

Hmm - there was an attack called C2MyAzz that was even simpler than the man in the middle attack. It would just spoof the handshake between client and server. The attacking workstation would watch for client->server message requesting authentication. The attacking workstation would send a packet back to the client before the server, asking the client to send back a clear-text password. Much easier than a man-in-the-middle attack, and it worked well. When it was released, Microsoft's official response was "most organizations use switches and routers, so this is not a problem". Originally released in 2001, IIRC.

Re:C2MyAzz (1)

bertok (226922) | more than 5 years ago | (#25738795)

Except there's several ways of monitoring traffic even on switches.

You can spoof ARP packets and confuse the client, confuse the switch, or use any one of several DNS vulnerabilities. That's not even mentioning WiFi networks!

Sounds like typical Microsoft arrogance.

port 139 (5, Funny)

heffrey (229704) | more than 5 years ago | (#25737997)

Oh well, I guess I'd better block incoming public Internet traffic on port 139 then. That's a shame because it's been so very useful to have an Internet facing SMB share.

Re:port 139 (3, Insightful)

adamruck (638131) | more than 5 years ago | (#25738329)

If you still want that service just run it over a vpn.

Re:port 139 (1)

heffrey (229704) | more than 5 years ago | (#25738365)

If you still want that service just run it over a vpn.

I guess you missed the attempted irony of my original post.....

Re:port 139 (1)

powerlord (28156) | more than 5 years ago | (#25738601)

I agree.

Instead of needing to go out looking for pr0n and Warez they just magically appear in the SMB share.

Sure, not all of it are your tastes, but you can always pick and choose later, right?

Sorry, gotta go, there seems to be a knocking at my door.

Why hello officers ...

Without knowing the password? (5, Insightful)

girlintraining (1395911) | more than 5 years ago | (#25738043)

It's always been easy to take control of a machine without the password. Sit down in front of the computer. Now the only thing stopping you is yourself. Oddly enough, that's what keeps most systems up... The fact that the vast majority of people are honest, decent folk. That, and they don't know what a null pointer is.

Re:Without knowing the password? (1)

morgan_greywolf (835522) | more than 5 years ago | (#25738737)

That, and they don't know what a null pointer is.

Does that help?

Re:Without knowing the password? (0)

Anonymous Coward | more than 5 years ago | (#25738981)

It's always been easy to take control of a machine without the password. Sit down in front of the computer. Now the only thing stopping you is yourself. Oddly enough, that's what keeps most systems up... The fact that the vast majority of people are honest, decent folk. That, and they don't know what a null pointer is.

Missing steps:

  1. Redefine your definition of "take control" from "have root access to the currently-existing data" to allow for "take apart machine then run off with the hard drive". In other words, redefine "take control" to mean "catburgle".
  2. Failing that, have complete world knowledge of all security problems in every OS ever made.
  3. Failing that, have complete world knowledge of all security problems in every BIOS ever made so as to allow you to swap out hardware on machines with actual security, hardware-level.
  4. Failing that, as the parent implies, just go out and get a security fault for the situation. I think they sell them at Wal-Mart now.
  5. Failing that, dereference a null pointer as a normal user. Pray that the OS in question was made in the 80s and has no memory protection.
  6. Failing that, bash the computer in with a pickaxe.
  7. Failing that, try a baseball bat instead.

See? It's so easy and simple!

How long ago seven years really is (0, Offtopic)

jonaskoelker (922170) | more than 5 years ago | (#25738063)

Back in March 2001

Back then I was still in high school [now I'm a Ph.D. student]. The twin towers still stood. The Bush administration hasn't shown its true colors yet. The Fellowship of the Ring was all the buzz, as was the first Harry Potter film. I had just dipped my feet into "this Linux thing", with Red Hat 6.2. Back then, fips [First Indestructive Partitioning System or something] didn't exactly live up to its name. Good thing I never keep backups :(

Think back seven years. Where were you? How many times have you changed occupation, had kids, changed partner, moved to a new city, changed your lifestyle habits, reconsidered your core values and beliefs, or made some other big change in your life?

Re:How long ago seven years really is (0)

Anonymous Coward | more than 5 years ago | (#25738133)

I voted Democrat for the first time in my life last week!

Re:How long ago seven years really is (1)

dannycim (442761) | more than 5 years ago | (#25738151)

You're getting nostalgic / introspective / retrospective over a 7 year old bug?

Call me when they patch a PDP-11 bug. __m_(^,^)_m__

Re:How long ago seven years really is (0)

Anonymous Coward | more than 5 years ago | (#25738361)

In 2001 he was in high school, making him 17. Assuming his consciousness finished booting at about 4 years of age, as mine did, he had 13 years of consciousness when he finished high school. 7 years represents 50% of that lifespan, or 33% of his conscious total so far. Yeah, big numbers!

Re:How long ago seven years really is (1)

dunkelfalke (91624) | more than 5 years ago | (#25738323)

yep, march 2001

had my abitur exams, my girlfriend just dumped me, i finally gave up on os/2 and started to become a fatty i am now.

and about your partitioning problems: back then partition magic was still great.

Re:How long ago seven years really is (1)

Phil Urich (841393) | more than 5 years ago | (#25738873)

yep, march 2001

had my abitur exams, my girlfriend just dumped me, i finally gave up on os/2 and started to become a fatty i am now.

and about your partitioning problems: back then partition magic was still great.

Ye gods, you're right! I've stayed away from that program like the plague for years now, and hey, GParted does everything Partition Magic did but more reliably than even those old versions were . . . but yes, Partition Magic used to get the job done like nothing else at the time could. Wow, it's been ages since I thought of that. PM went downhill while this bug sat unfixed? Yikes.

Actually, for the fun of it I remember exploiting this bug back when I lived in University Residence. I remember, among other things, mentioning to a floormate that kept having virus problems that he should probably at least add a password to his user account, since I knew it was a blank password. I quickly got a (probably undeserved, since this was script-kiddy stuff) reputation as the computer-hacker guy, heh.

Re:How long ago seven years really is (2, Funny)

Knackered (311164) | more than 5 years ago | (#25738393)

How many times have you changed occupation, had kids, changed partner, moved to a new city, changed your lifestyle habits, reconsidered your core values and beliefs, or made some other big change in your life?

None, none, none, none, none, none, none.

I guess I should get out more...

Holding his breath ? (3, Funny)

Tomun (144651) | more than 5 years ago | (#25738153)

"I've been holding my breath since 2001 for this patch"

With lungs like that he should try free-diving!

Re:Holding his breath ? (2, Funny)

AlgorithMan (937244) | more than 5 years ago | (#25738651)

Yeah, he even beats Guybrush Threepwood!

cDc (2, Funny)

alxkit (941262) | more than 5 years ago | (#25738215)

This is not a bug but a fundamental design flaw.

aka "a feature"

What made it worse? Really? (5, Insightful)

140Mandak262Jamuna (970587) | more than 5 years ago | (#25738241)

From the article: To make matters worse, the SMB flaw was already publicly disclosed prior to Tuesday's updates, Microsoft said.

What made it worse? Taking 8 years to fix it or disclosing it before the patch was released?

Further it is not a bug at all. It is essentially badly designed protocol having a hole and instead of abandoning it and making users upgrade, MSFT left this hole open for 8 years. All the in the name of backward compatibility. Why has backward compatibility trumped security for 8 years? It not surprising no one takes MSFT's statements about its commitment to security seriously?

Re:What made it worse? Really? (4, Insightful)

UnknowingFool (672806) | more than 5 years ago | (#25738385)

From the article: To make matters worse, the SMB flaw was already publicly disclosed prior to Tuesday's updates, Microsoft said.
What made it worse? Taking 8 years to fix it or disclosing it before the patch was released?

This is MS modus operandi. You know all those MS based studies that say that MS fixes bugs faster than Linux. Well we never really believed them but they are technically true. See MS only counts the time between when they publicly disclose a bug and when they patch it. They don't count the time between when they find or are informed of the bug. With Linux people the whole process is more transparent. When bugs are discovered in Linux, they are almost disclosed at the same time. So this 8 year old bug will appear on all MS studies as only taking a few days rather than 8 years.

Re:What made it worse? Really? (1)

juan2074 (312848) | more than 5 years ago | (#25738733)

What? Microsoft has a commitment to security?

And yet the world didn't end. (4, Insightful)

Beelzebud (1361137) | more than 5 years ago | (#25738253)

How many people were actually a victim of this exploit? Is there one documented case of an electronic break-in because of this exploit?

Re:And yet the world didn't end. (1)

Sun.Jedi (1280674) | more than 5 years ago | (#25738731)

How many people were actually a victim of this exploit?

IIRC, it wasn't just the shares that were affected by the port 139 holes.

I'm pretty sure port 139 was abused in very large numbers for silly IRC channel pissing matches. Sending a few hundred 'winnukes' was easier than splitting EFnet, and largely just as effective, except the larger #'s.

Re:And yet the world didn't end. (1)

westlake (615356) | more than 5 years ago | (#25738875)

How many people were actually a victim of this exploit? Is there one documented case of an electronic break-in because of this exploit?

That you can ask this question on Slashdot - and hear nothing in response but the sound of crickets chirping in the background - answers your question, I should think.

Easter egg for Windows 7? (2, Funny)

pcolaman (1208838) | more than 5 years ago | (#25738277)

So does that mean we can expect a Dead Cow Level to be hidden in an included Windows 7 app, a la Flight Sim hidden in Excel 97.

Hidden cows is a pinball egg (0, Offtopic)

Joe The Dragon (967727) | more than 5 years ago | (#25738501)

Hidden cows is a pinball egg

Re:Hidden cows is a pinball egg (0, Offtopic)

meuhlavache (1101089) | more than 5 years ago | (#25738585)

Only Microsoft can hide cows in eggs.

Re:Easter egg for Windows 7? (5, Funny)

dkleinsc (563838) | more than 5 years ago | (#25738669)

That would make it harder to get to than the Secret Cow Level in Diablo II, because in Diablo II all you have to do is go through Hell, whereas with Windows 7 you have to install it successfully.

Re:Easter egg for Windows 7? (1)

jgtg32a (1173373) | more than 5 years ago | (#25738693)

There is no cow level

At least there's a positive side (1)

ZekoMal (1404259) | more than 5 years ago | (#25738455)

Well at least they're fixing things...eventually...

Guess they just keep trying and trying until we have no idea what it is anymore.

Wonder how many decades it'll be until Vista is fixed.

What will the patch break? (1, Interesting)

Anonymous Coward | more than 5 years ago | (#25738505)

So, if I patch my XP workstations, will I still be able to talk SMB to Win98?

(Stop laughing you bastards, I was being serious...)

"Dead Cow" (1)

Jerry Smith (806480) | more than 5 years ago | (#25738823)

Has it anything got to do with the cult of the dead cow? www.cultdeadcow.com ? They got some internetattention for their BackOrifice stuff waaay back, AFAIK.

Turtle (0)

Anonymous Coward | more than 5 years ago | (#25739333)

Ubuntu is our friend, fuck WIN 7. I have a pre beta copy of WIN7 and every time I tell the guys I work with that I want to install it I get dissed hard. Perhaps they will fire me if I even say WIN 7 anymore.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>