Giant Hole in M$ Security Shield

Again, researchers have found a way to bypass all M$’s efforts to close the holes in that other OS. A sequence of FTP commands opens a door large enough to drive a truck through and run it around the IIS-encrusted OS.

see TheRegister

Isn’t it about time you quit using that other OS and tried Debian GNU/Linux, an OS that works for you?

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology. Bookmark the permalink.

11 Responses to Giant Hole in M$ Security Shield

  1. It’s hard to do much of anything in the 15 minute time limit. I’lll continue to showcase Debian GNU/Linux.

  2. oldman says:

    “That’s one reason I am making videos. People can see for themselves the performance.”

    Unless you are demonstrating a 64 bit Linux server distribution against Windows 2008 R2 Server, I doubt you are going to show much of anything that is relevant
    performance wise.

  3. That’s one reason I am making videos. People can see for themselves the performance.

  4. oldman says:

    “I don’t like playing M$’s game. It doesn’t work for me. After more than 15 years of re-re-reboots, BSODs and slowing down I had enough. They have earned my disrespect.”

    You can be as disrespectful as you wish Pog, but that disrespect isnt going to get taken seriously by anyone other than those who think like you do as long as you insist on talking about versions of the software that are nearly a decade old now.
    Microsofts is long past server 2003, Pog .Their server OS release windows 2008 R2 whet 64 bit only in the last release and its initial performance in our shop has been rock solid. It has also had zero problems executing any of the 32 bit applications I have thrown at it. While we were “forced” to accept it by virtue of the fact that it was a required component in the enterprise applications that we support, it It has won a place our shop, shop filled with people who are almost as skeptical as you are of its ability to perform on the enterprise tier, by virtue of how it has performed.

    And that is reality.

  5. Hmmm… Then there’s this and this

    Those are real businesses trying to deliver the best service/cost in the real world and they prefer GNU/Linux and Apache. That says something. Notice in the Web-server survey, that M$ has a sharp step up that runs for a while and then drops back. That’s M$ paying GoDaddy to host idle domains on that other OS to make things look better. That says something too. Why, if a product is as good as oldman says it is would they have to pay people to use? Answer: that other OS give less performance or higher cost or both.

    The last server I used from M$ was 2003. It was OK if you did nothing more than use it to authenticate with XP. Try authenticating with GNU/Linux. We had to wait up to 30s to authenticate, just because… I don’t like playing M$’s game. It doesn’t work for me. After more than 15 years of re-re-reboots, BSODs and slowing down I had enough. They have earned my disrespect.

  6. oldman says:

    “I have used a bunch of servers in my life and that other OS makes them feeble unreliable and balky. ”

    Pog, You r experience stopped with a version of windows server that is 3 generations obsolete. Windows 2008 R2 is a 64 bit OS that can more than hold its own with Linux for the applications that run on it.

    “No GUI, no phoning home, no spying on the system…”

    Once can also install Windows 2008 R2 without GUI Pog, we have done it for a number of systems and it works fine.

    As far as spying is concerned, I think you need to give some concrete evidence that this is going on on windows 2008 R2.

    The other saying that I am fond of is “the best tool for the job” We have a number of hybrid Windows/Linux applications that reflect just that philosophy. IN all cases where I was able to ask the vendor why they used windows, the answer was always the same. reduced time to market for presentation interfaces, richer presentation interfaces = more function for their customers, who voted with their wallets.

  7. There is no reason to use that other OS on a server, particularly a web server. If you run applications on top of that other OS that will run atop GNU/Linux why bother? Ask oldman. He is fond of stating folks run applications, not OS. I have used a bunch of servers in my life and that other OS makes them feeble unreliable and balky. The same service running on top of GNU/Linux runs like a champion. I have watched that other OS fumble around under a very light load whereas GNU/Linux just keeps ticking. I was updating a terminal server once with 20 simultaneous users and I could do an upgrade without affecting the users at all. No apparent slowdown and no re-re-reboots. People who have servers working for them don’t need that other OS wasting/corrupting the resource. Take a look at my video of the minimal install. That thing does boot in a few seconds. No GUI, no phoning home, no spying on the system… GNU/Linux just does the job it is supposed to do for the users. That other OS gives first allegiance to M$.

  8. Ray says:

    They’ll just switch to Apache, and Windows.

  9. IIS is available for XP, Vista, or “7”. No need for the server version. Lots of schools, small businesses and individuals running a personal website might use this. I have no idea what the EULA says about this. IANAL etc. see this article.

  10. If the OS under those applications keeps failing, people will choose another OS, given the choice. Choice is beginning to happen in the world. China, for instance, has many OEMs that crank out millions of machines with several varieties of GNU/Linux, Android/Linux as well as that other OS. In China people have the choice of OS on retail shelves.

  11. oldman says:

    “Isn’t it about time you quit using that other OS and tried Debian GNU/Linux, an OS that works for you?”

    People run applications not operating systems. THe applications are what works for them. Few people are going to go through the headache of changing their applications just to deal with an issue that ALL OS’s have.

    And besides, no desktop computer user cares about a transient vulnerabuility in the server class version of windows.

Leave a Reply