Reliance on Microsoft called risk to U.S. security

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri Sep 26 01:52:26 EDT 2003


"R. A. Hettinga" <rah at shipwright.com> forwarded:

>But the security experts said the issue of computer security had more to do
>with the ubiquity of Microsoft's software than any flaws in the software.

There was an example of a point raised in the paper the same day it was
published, when two anti-spam services (monkeys.com and compu.net) were both
DDOSed out of existence by (as the monkeys.com admin put it) "thousands of
separate zombie machines".  Although the anti-spam services were (I would
assume) not running Microsoft software, Windows provided the "convenient and
susceptible reservoir of platforms from which to launch attacks".  In addition
the users of the anti-spam services would be mostly Unix boxen (e.g. Postfix
users pulling in the monkeys.org hash-lists or sendmail users using the
compu.net RBL), so ironically the only systems that wouldn't be adversely
affected by this are the ones that are causing the problem.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list