Keith's Profile

Member since January 16, 2006

  • Name

    Keith E.

  • Location:

    Canada

Favorite Files

Recent Posts

  1. Comment - Microsoft Disputes WMF Backdoor Claim

    (Jan 16, 2006 - 9:30 PM)

    I understand SysInternals' Mark Russinovich is presently examining Gibson's source code,
    samples, executables, and so forth. This is being done with Gibson's permission, according to Gibson's own web site comments. See the Discussions area on www.grc.com at:
    http://www.grc.com/groups/news

    Let us wait for the verdict, as to Gibson's correctness from this truly independent and fully neutral third party. At last report Gibson has noted on his web site that he has verified that the backdoor, or whatever we choose to gloss it over as, is in Windows 2000, and he was off now to investigate Windows 98 in detail.

    I do not see much hostility to Gibson in his own public web site discussion area. Let's all vow to accept Russinovich's verdict as a neutral indication as to the facts. I for one shall do so. In the interim, if people have arguments that Gibson is wrong, why not make 'em direct to Steve on is own Web site. Then we can see what Steve has to say more directly. I'm all ears.

  2. Comment - Microsoft Disputes WMF Backdoor Claim

    (Jan 16, 2006 - 1:47 PM)

    It appears that the supposed accidental WMF vulnerability is also in a beta of Windows Vista. See:
    http://tinyurl.com/a5vhc

    Microsoft is quite the incredible company. After all, what are the odds of accidentally packing this thing in a new OS that is claimed to be built on a lot of, if not entirely from, new code?

    Microsoft should stop writing code and enter some lotteries; with such amazing luck at hand, software is a needlessly hard way to make money.

    Of course we know they didn't build the WMF vulnerability into Windows Vista by design, don't we? It was just chance that it got there, of course, as even though the odds of that might be a billion to one, MS is one lucky firm.

  3. Comment - Microsoft Disputes WMF Backdoor Claim

    (Jan 16, 2006 - 11:19 AM)

    Steve Gibson has not to my knowledge said that this WMF backdoor was an evil act deliberately done by MS. The tone and tenor of the podcast suggest only that the "feature" is deliberate (and who knows who put it there--MS, a rogue programmer etc.) and moreover his argument does not rest solely on the claim that a "wrong" instruction lights up the feature, as MS has attempted to assert by implication.

    Microsoft has itseelf has some obvious trouble in trying to front a reason as to why it need not fix Windows 98 and 95, and has claimed there is no need for a fix. Gibson himself has noted he wonders if a Win 98/95 fix is needed.

    There is an old saying up here in Canada that what walks like a duck and quacks like a duck is in fact a duck. Whether it was an intentional backdoor or not, the WMD "feature" does resonably have numerous hallmarks that say it is still a duck, so to speak, whether accidental or not.

    I am keeping an open mind here, as to whether Gibson is correct. But this "bug' seems different tham most other MS OS defects, in that as Gibdon noted the programmtic functionality has no relation to the WMF file.

    I listened to Steve Gibson's Security Now Podcast on the "WMF Backdoor?" possibility (Gibson's own title uses the question mark, presumably to stress it LOOKS as though the WMF issue is less than accidental), and it seems logical there could be a contextual reason why "fixing" the WMF "bug" across platforms is not easy.

    If Gibson is correct, fixing the WMF bug across platforms to Win 98 and earlier would be tricky precisely because the WMF bug is a deliberate "feature"--a deliberately added in back door that appears to ride on some kind of printer-related process in Windows. The backdoor part of the "WMF bug" appears to have been added relatively recently, Gibson suggests, which is why it may not be fixable in most earlier Windows versions. That is, the code it piggybacks on is there in older versions, although evidently not in exactly the same form, but not the backdoor add-on to the code.

    So you cannot fix cross-platform with respect to 98 and 95 easily, as the backdoor itself may not be 98 and 95.

    I personally am keeping an open mind on this issue, as to whether Gibson is correct. In fairness my sense is that he is saying more that it LOOKS like a deliberate backdoor, not that it absolutely is deliberate on MS's part.

    I wonder if the WMF "feature" is not simply a DRM entranceway that MS feels it needed. After all, some recent MS EULAs mention disabling unlicensed uses that MS or its partners conclude are unlicensed. MS would surely need a mechanism to ensure that MS and the "partners" referred to in its EULAs really could get by firewalls or pirate-written hacks designed to prevent a disable order from being given to the rogue PC.

    Interesting question here: Do the MS EULA's (Media Player etc.) that talk about disabling PC features provide enough of a contractual heads-up that a stealth DRM entranceway is essentially, or has been essentially, already consented to by inference by millions of Windows users?

  4. Comment - Microsoft Disputes WMF Backdoor Claim

    (Jan 16, 2006 - 11:10 AM)

    Some soul weakly opined that "Shields Up really only performs a 'peripheral' analysis of a system's security; it is far from in-depth and does nothing to analyze internally a system's vulnerabilities"

    This misses the point, old boy, that the test is only meant to do that. His test is simply in terms of the Internet connectivity in terms of whether remote systems can see a PC. We all know that we must rely on MS for timely OS defect corrections (wink, wink, nod, nod, L.O.L. etc).