Jump to content

Another thing Linux does better then windows:


Sparda
 Share

Recommended Posts

(I just feel like an angry rant, ignore me if you don't like to read anti-microsoft stuff)

Automatic Updates:

Automatic updates, a good idea, if implemented properly. Microsoft tell you to turn on automatic updates (ignoring the WGA conspiracy) to make your computer more secure. The trouble is it isn't implemented properly in windows.

Now, you may argue that other OS Say Ubuntu) has a system very similar to windows auto updates, and your right. The difference is that windows updates is vulnerable to a DNS attack. If an attacker managed to take over a fairly well used DNS server and pointed updates.microsoft.com (or what ever it is now) at his own server, the attacker could issue fake updates which could literally be any thing (most likely self updating zombie program), at leaste, all the stuff I found about this surrgests MS patches are not digitally signed.

You may think that other autoupdate systems are vulnerable to the same attack (specifically Ubuntu in this instance) but it's not. All Ubuntu repository package updates are digitally signed using PGP. This means that for an attacker to perform an equivalent attack agenst a Linux distro like Ubuntu, he would have to actually brake in to there computers, steal there PGP signing key and then perform a DNS attack before the people at Ubuntu noticed.

If that did actually happen, I guess the people at Ubuntu would immediately revoke there key and some how replace the existing one... some how... but that's irrelevant. What is irrelevant is that Linux is better at another thing then windows. ^^

</rant>

Don't you people just love flame bait?

Link to comment
Share on other sites

Why don't you try it?

Instead of assuming that Windows is vulnerable to someone pretending to be updates.microsoft.com, do it and let us know what you find.

Anyone can speculate and spread FUD around all day long, but until it's actually proven then I don't think your rant has any real substance to it.

It should be fairly simple to prove.

Take another box on your network and use it to arp spoof your Windows box and your gateway. Use this second box to forward all updates.microsoft.com traffic to itself. You'll need to do a little packet sniffing to find the location Windows looks for the updates and what filenames it's looking for. Once you find that, create yourself a non-malicious binary (it will have to be something that installs with no dialog boxes (next,next,finish), or use an MSI file you've created) and let Windows Update download and install it.

If your new program is installed then you've got some proof that Microsoft is lame and that anyone with enough bots in their network can own pretty much everyone on the 2nd Tuesday of every month.

I would like to assume that Microsoft is smarter than that and that they've programmed some checks in their updates, but you really never know. There are some companies out there doing some pretty stupid stuff.

I, for one, am very interested in what you find out with this. Hopefully you'll continue your research and won't stop at just speculation. Or maybe someone else has already done it and a simple Google search will find all you need.

Either way, let us know what you find.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...