|FROM ||David Sugar
|SUBJECT ||Re: [hangout] Pass the bong dude, it's Windows hacking time!
|From owner-hangout-desteny-at-mrbrklyn.com Thu Jun 12 12:31:23 2003
Received: from www2.mrbrklyn.com (localhost [127.0.0.1]) by mrbrklyn.com (8.12.3/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id h5CGVNnT015596 for ; Thu, 12 Jun 2003 12:31:23 -0400
Received: (from mdom-at-localhost) by www2.mrbrklyn.com (8.12.3/8.12.3/Submit) id h5CGVNtO015595 for hangout-desteny; Thu, 12 Jun 2003 12:31:23 -0400
X-Authentication-Warning: www2.mrbrklyn.com: mdom set sender to owner-hangout-at-www2.mrbrklyn.com using -f
Received: from localhost.bayonne.dyndns.org (pool-138-89-103-206.mad.east.verizon.net [18.104.22.168]) by mrbrklyn.com (8.12.3/8.11.2/SuSE Linux 8.11.1-0.5) with ESMTP id h5CGVMnT015589 for ; Thu, 12 Jun 2003 12:31:22 -0400
Received: from 192.168.1.104 ([192.168.1.104]) by localhost.bayonne.dyndns.org (8.12.8/8.12.8) with ESMTP id h5CHScSr005076; Thu, 12 Jun 2003 13:28:41 -0400
From: David Sugar
To: Dave Williams , hangout-at-nylxs.com
Subject: Re: [hangout] Pass the bong dude, it's Windows hacking time!
Date: Thu, 12 Jun 2003 12:29:18 -0400
Content-Type: text/plain; charset="iso-8859-1"
Reply-To: David Sugar
List: New Yorker GNU Linux Scene
Admin: To unsubscribe send unsubscribe name-at-domian.com in the body to hangout-request-at-www2.mrbrklyn.com
Curiously, as it happens, I do still have a significent block of Continental's
stock in my portfolio. I also recall the "cutting edge IT" environment of
Continental Airlines when their entire frequent flier certificate program was
ran on a few dos based desktop PC's in a back office at Rand McNally next to
their print shop, and this was not all that long ago :).
When a managing director appears to demonstrate such complete incompetence in
his job, as a shareholder, I am deeply concerned for the value of my stock.
I think perhaps it might be appropriate for me to share my concerns with
their board. What do people here think?
On Thursday 12 June 2003 11:43 am, Dave Williams wrote:
> This delightful piece of work was found on
> From "Microsoft Launches New Security Certification"
> By Barbara Darrow, CRN
> Microsoft clearly has something to prove when it comes to secure
> computing. At a Microsoft-hosted customer panel Monday, several IT
> professionals acknowledged that the perceived insecurity of Microsoft
> products has caused huge problems, and it really doesn't matter to a
> company CEO if the problems result from faulty software or from risky IT
> "It's Microsoft's fault and it's our fault also," said Gafar Lawal,
> director of architecture at Merrill Lynch. "We were vulnerable [because]
> our process did not handle the number of patches. We also took very
> seriously that our partner [Microsoft] had such a flaw in their code."
> But Lawal and others said Microsoft is not unique in its
> vulnerabilities. "We have a Linux server that has three times the
> critical updates as our Windows server," he said.
> Nathan Hanks, managing director at Continental Airlines, said, "All the
> guys hacking Windows are Linux guys." Continental was hit hard by SQL
> Slammer and "our CEO said we'd failed," Hanks said.
> "We cannot have undocumented servers that are responding to anonymous
> queries ... that allow buffer overruns," Hanks said. "CIOs need people
> in place to figure out why port 1434 is open on publicly exposed
> Lawal said all companies need to have proper processes and personnel in
> place to deal with potential breaches.
> He also said he was impressed with Microsoft's response to the problems.
> Gordon Mangione, vice president of SQL Server, hosted a conference call
> with all the affected CTOs, and within a day Microsoft was mobilizing
> resources, he said. "We don't get that from Microsoft competitors,"
> Lawal said. "Having said that, we said some bad words."
> Having one vendor throat to choke is helpful in crisis situations, Hanks
> said. An IT pro can't go to the CEO and say that a server is down, "and
> hopefully some guy in Amsterdam" will get to a fix when he gets back
> from the "dope house," he said.
> NYLXS: New Yorker Free Software Users Scene
> Fair Use -
> because it's either fair use or useless....
> NYLXS is a trademark of NYLXS, Inc
NYLXS: New Yorker Free Software Users Scene
Fair Use -
because it's either fair use or useless....
NYLXS is a trademark of NYLXS, Inc