Vulnerability Development mailing list archives
RE: Windows XP RC2
From: "Dom De Vitto" <Dom () DeVitto com>
Date: Tue, 21 Aug 2001 18:13:47 +0100
| -----Original Message----- | From: Dennis McHenry [mailto:ronmch () comports com] | Sent: 21 August 2001 04:12 | To: vuln-dev () securityfocus com | Subject: Re: Windows XP RC2 | | Geez, I'm not much for conspiracy theories, so here goes my rebuttal: | | > but what is disturbing is take a guess as to what the "default" Time | > Server that gets used??? | > time.windows.com !!! | What would you rather that they do? Better than MS saying to someone "Get | ready for tens-of-millions of hits on your NTP Server...." Hmmm, 10,000,000 machines requesting one a day * 100-byte request / 86400 seconds in a day = 11574 bytes/sec = 93kbits/second I'm sure connexion could cope :) | > Well for every install M$ can monitor/track who is running XP that has a | > Net connection. | Dial-ups kinda screw this theory up, don't you think? Why ? Every XP machine has a unique SID, why track by IP? Using SIDs would allow tracking through firewalls etc. [ rant on why your self-suggested IP tracking isn't workable deleted ] | I don't see any value of tracking unique IPs using their NTP server. I don't see any value in RealPlayer providing QoS info...oops they actually could track you from something you played back to the credit card/billing details you bought realplayer with. 'Til GRC exposed 'em. | The reregistration process handles people pirating their software. And CSS protects DVDs :) HOW MANY cracks for the activation have there been? | > If your real paranoid one can think well if the NTP is using | > time.windows.com what is stopping M$ from having some hidden app that can | > be communicated to once they grab the IP that queries their time server?! | The market will stop this. No company in their right mind would put coding | like this into their product. It relies on one flawed premise, a flaw which | is easily spotted: "nobody will ever use a packet sniffer and our product." | Besides, they could just have this "Sup3R S3krIt" application phone home. (see RealPlayer above) So you put a packet sniffer on your network, right. Do you own Time Warner? No. So who's going to listen to you? If MS DOES get embarrassed, I guess they'll recall 10,000,000 copies of XP? Right? No. They'll issue a patch, and bury it in the bottomless pit they call a web site. | Microsoft is a multi-billion dollar corporation. There's one thing that | would stop them from doing this: turning their company into a penny-stock | by intentionally putting a backdoor into their software. Nothing will turn MS into penny stock, it has too many people who will lie, cheat and steal at it's beck and call. | It's a *feature* (for real!) intended to make their customers (the one's | that made the company into a multi-billion dollar company in the first | place) happy. Maybe, but then why did it take 15 years to make it into the product? Features get added only if they have 'value', VALUE TO MS. (which may or may not be value to the end user) | Of course I could be wrong, and they may be a front company for the NSA, and | NTP could be a 5uP3R S3krIt project that actually means NSA Tracking | Protocol. The NSA doesn't have $500 billion(IIRC) in cash... ...of the two, I know who I'd trust. Dom
Current thread:
- Re: Windows XP RC2, (continued)
- Re: Windows XP RC2 Derek Kwan (Aug 20)
- Re: Windows XP RC2 John Galt (Aug 20)
- Re: Windows XP RC2 bugtraq (Aug 20)
- Re: Windows XP RC2 Gregory McCann (Aug 20)
- Re: Windows XP RC2 Dino (Aug 21)
- Re: Windows XP RC2 Blue Boar (Aug 21)
- Re: Windows XP RC2 Gregory McCann (Aug 21)
- Re: Windows XP RC2 herrold (Aug 21)
- Re: Windows XP RC2 Michel Arboi (Aug 21)
- Re: Windows XP RC2 Derek Kwan (Aug 20)
- Re: Windows XP RC2 Dennis McHenry (Aug 20)
- RE: Windows XP RC2 Dom De Vitto (Aug 21)
- Re: Windows XP RC2 Jason Legate (Aug 21)
- RE: Windows XP RC2 Dom De Vitto (Aug 21)
- Re: Windows XP RC2 Christopher McCrory (Aug 21)
- Re: Windows XP RC2 Dimitry Andric (Aug 22)
- RE: Windows XP RC2 Petruzel, Oliver (Aug 20)
- Re: Windows XP RC2 fintler (Aug 23)