Comments on: Web-Based Support

By: Viohophywob

Viohophywob — Sun, 03 Aug 2008 08:53:17 +0000

Thanks for the post

By: Is Your DNS Safe? — Why Now?

Is Your DNS Safe? — Why Now? — Mon, 28 Jul 2008 22:26:03 +0000

[…] posted earlier about the problem with Domain Name Servers [DNS] and the need to make some patches. EBW at Wampum has a post with a […]

By: Bryan

Bryan — Fri, 11 Jul 2008 17:53:56 +0000

Actually, ZoneAlarm didn’t have a problem, per se, until M$ changed the rules. That ZoneAlarm could be patched so quickly indicates that it was a minor change that was obvious.

By: Kryten42

Kryten42 — Fri, 11 Jul 2008 15:59:23 +0000

When I was a consultant working with the mighty M$ some years ago, it was common knowledge that they had an unwritten policy of not acknowledging any problem until there are 250k official complaints. Note, I said *acknowledge*! Took a lot more before a fix would be attempted.

The others, are pretty much the same. And ZoneAlarm is owned by CA now. It wasn’t much good before anyway. They can make it worse. 😉

By: Bryan

Bryan — Fri, 11 Jul 2008 06:41:18 +0000

The big guys got the word months ago, but the first line of defense isn’t told until the shells start landing.

I’ve been in those discussions: “Yes, it’s a weakness, but what would anyone do with it.” You can’t get their attention unless you can show them the exploit. You have to show them the hack before they admit there’s a problem.

The whole Y2K mess was caused by a lot of people refusing to take action until the last minute. I had all of my major programs tested and verified in 1998, but clients still called to ensure their software would work.

As you say, it should be fix it when you find it, so there’s no last minute rush.

By: Badtux

Badtux — Fri, 11 Jul 2008 06:23:24 +0000

PS – especially since it appears that this is a three year old exploit, it’s just that the kid who discovered it couldn’t get anybody to do anything about it until Kaminsky “discovered” it and realized he could create an easy real-life exploit for it. So all this furor for something that could have been quietly fixed three years ago and deployed in a sensible manner. GRRRRRRRRrrrrr!!!!!

— Badtux the Penguinized Penguin
(for the definition of “penguinized” in my previous comment, heh).

By: Badtux

Badtux — Fri, 11 Jul 2008 06:00:40 +0000

The penguinized version. Heh. If you could have actually been sitting in my cubicle on Tuesday as I was reading that alert and contemplating putting out patches to critical Internet infrastructure for major multi-billion-dollar enterprises residing on three different continents with 8 different OS versions and god only knows how many different patch levels, “penguinized” would not be the word I would use to describe what my reaction was, unless “penguinized” means “contains lots of swear words”.

— Badtux the Penguinized Penguin

By: Bryan

Bryan — Fri, 11 Jul 2008 03:16:31 +0000

A bit better overall, but it varies a lot during the day. I still can’t get anyone to admit they changed something, but the problem appeared out of nowhere which indicates that someone made a change.

By: Michael

Michael — Fri, 11 Jul 2008 02:37:30 +0000

FWIW, your DNS seems to be working better now.