[ale] MS trying to blind side Linux via tcp/ip?

Wed Aug 15 15:52:03 EDT 2001

On Wed, 15 Aug 2001, Joseph Andrew Knapka wrote:

> Can you explan this comment a bit more? Assuming zero audience
> familiarity with either Mr. Gibson or Mr. Cringely, preferably.

WARNING!!! This is about to get totally off topic.

The best way to explain things is with links and quotes so here goes
--------------------------------------------------------------------

We mustn't forget GRC founder Steve Gibson, who warned in hyperbolic
multi-colored lettering that Code Red's "'growth line' is actually
exponential!"

We have to point out that only numbers can increase exponentially and
infinitely. Worm infections can't. Since there's a finite number of
unpatched IIS machines, the worm eventually keeps hitting
already-infected boxes. After a while we get a diminishing return.

Gibson tried to argue that the infection's growth would be immense and
sustained. But as early as 3 August the rate of its spread had begun to
decline sharply, because the likelihood of finding a fresh (i.e., unpatched
and uninfected) target had fallen off -- well -- 'exponentially!'

It didn't take long for veteran tech columnist Robert X. Cringely to get
infected with Gibson mania.

"Some experts believe nothing will happen at all but I believe that's just
plain wrong," Cringely writes.

"The information I will use to support this assertion was acquired either
from those, like Steve Gibson, who have disassembled and examined the
Code Red worm or from the officials charged with fighting it, including
sources at the CERT data security coordination center at
Carnegie-Mellon University, eEye Digital Security, in law enforcement,
and at several very large corporations."

Funny how most of those sources are enshrined here in our little Hall of
Shame....

"And what happens on the 20th, when the attack cycle begins," Cringely
asks rhetorically. "It depends on the number of infected machines and
the nature of the chosen target, but the worst case says the Internet
simply comes to a standstill and we go back to watching TV and talking
on the phone until the 28th day of the month and potentially until every
28th day of the month thereafter."

Yeah, right.

http://www.theregister.co.uk/content/55/20908.html

====================================================

Techno-hypemeister and headline glutton Steve Gibson has joined the
Electronic Pearl Harbor dog and pony show alongside numerous
clueless mainstream press columnists, bellowing and trumpeting about
lakes of fire to be ignited by the Code Red IIS worm which is due to
return from dormancy this week.

http://www.theregister.co.uk/content/56/20719.html

====================================================

MEDIA DARLING STEVE Gibson knows how to
stir up a controversy in the computer security world. He
most recently made headlines by predicting an Internet
armageddon -- just because Microsoft will (finally) follow a
well-established Internet specification.

Controversy is nothing new for
Gibson. He has a long history of
tirades against computer security
and Microsoft operating systems. His
doom & gloom dates back almost a
decade.

http://vmyths.com/rant.cfm?id=348&page=4

====================================================

Gibson is ranting as if raw sockets are going to multiply the number of
infected machines connected to the Internet. But that simply isn't true;
the same primary obstacle to getting an attack started remains, spoofing
or none, as Microsoft pointed out in their well-reasoned reply to Gibson:
an attacker first has to compromise a number of client machines with
which to packet the target system.

http://www.theregister.co.uk/content/archive/19925.html

====================================================

According to Gibson's paranoid delusions, everyone with a computer is a
potential criminal, and the only reason the entire Net population hasn't
yet exploded in some mass orgy of evil is because Microsoft has thus far
refrained from unleashing the uncontrollable power of the raw socket.

http://www.theregister.co.uk/content/archive/19623.html

=====================================================

Yet another species of that sort arrived, it seems like it somehow evolved,
mutated; this version has the name of "Steve Gibson" and tries to fool the world
by means of trigger phrases,  emotional manipulation, misinformation,
misdirection, biased software reviews, defamation, libel and finaly slander.

Steve Gibson often is refered to as being a "Security Expert", yet one has yet
to see his appearances on *real* security boards/interviews/gatherings. Where was
Steve Gibson at Defcon/BlackHat Conference ? Why doesn't he comment/ on Bugtraq
or other Security Focus mailing lists ?  The answer is quite simple: he would
get nailed down by arguments and facts from real security experts in less
then a minute. These persons tend not to be very impressed by self-proclaimed
Security Experts and his obfuscation of the real issues and intentions.

http://grcsucks.com/

=====================================================

Dissecting GRC's NanoProbes -- http://grcsucks.com/nanoprobes.htm
-- by Martin Roesch author of Snort

Quotes from the Security Community -- http://grcsucks.com/quotes.htm
-- various

=====================================================

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.