Tuesday, January 13, 2009

Hack the Gibson #169

Read the reason for these posts. Read Steve Gibson's response.

Steve Gibson says that MSRT runs when restarting the computer:

... And then it runs the next time you restart your machine

This is not true, not only because MS says so (The version of the tool delivered by Microsoft Update and Windows Update runs in the background - emphasis added), but also because it doesn't ask you to restart your computer. A caveat: if it found infections for which a restart is needed to be removed, it may ask you to restart your computer. But in most cases, it doesn't.

There is a discussion of a vaporware project CryptoLink, which seems to be a VPN project, for which no line of code is written at this moment however, by Steve Gibson's own admission. The discussion contains contradictory statements like:

It has a fundamental TNO, the Trust No One model, so that there's no third-party involved.

and

I mean, my intention is that it is an incredibly easy-to-use VPN product that, for example, supports the YubiKey natively, supports Perfect Paper Passwords natively, supports OpenID.

Of course supporting OpenID or YubiKey means trusting third parties to vouch for the current user...

Regarding the voting discussion: no, we don't have all the technology! The fundamental problem of making sure that the one-person - one-vote equation stands does not exists yet. Mind you, that this is different than doing e-Banking for example, because the bank can (and should) know who you are, as opposed to a voting situation where we want to have secret (anonymous) voting.

Regarding the frequent changes in NoScript: first off, you can read the Changelog (even though, based on hist comments, Steve didn't). Second of all, NoScript includes extensive filtering (blacklisting) technologies (mainly related to XSS AFAIK), which are update when methods of bypassing it are found. It is angering to hear Steve implying that the product is "half-baked", without him even bothering researching 2 minutes the issue.

Regarding the self-closing netstat command (BTW, the correct term is not "DOS Box" but "Console"): the user is probably running the command from Start -> Run, instead from a running instance of cmd.exe. This way the console is destroyed as soon as the program finishes. What he should do (and Steve should have recommended) is to start cmd by going Start -> Run and typing cmd[Enter], and at the command line type nestat (or even better, netstat -an, which is much quicker).

No comments:

Post a Comment