More hot summer WinXP action
Readers bemused, confused, and hot under the collar
Alexander J. Vincent is determined to take John Lettice to task on his WinXP security pieces:
I've been reading the articles at The Register with some amusement, some alarm, some disinterest, some of everything. Recently, two particular series of stories have caught my attention. The first is the series on "Steve Gibson Really Is Off His Rocker", regarding WinXP security in respect to raw sockets. The second is on attacks to WinXP's Product Activation and beta availability, and Microsoft's attempts to secure both of these. Your latest article reports WPA is just worthless.
Given the second series of articles, one must really wonder if Steve Gibson is truly off the mark in his statement about how well Microsoft executives understand security. True, we're talking about two different subjects of security here, but security is security... and who says these crackers Mr. Gibson is so afraid of (probably with good reason, considering his site fell to them several times - is www.theregister.co.uk safe from them?) are not already downloading and installing versions of WinXP and looking for additional holes already? Courtesy of the information posted via links from your site and half a dozen others.
Ah, the risks of software and journalism. I'm familiar with both, to some extent. I just think the two editorial positions on which you are reporting security issues with Microsoft's Windows XP product are indirectly conflicting, and thus rather amusing for the irony of it all.
And while we're on the subject of WPA, Craig Barnhart wanted to ask:
Microsoft can't be that dumb can they? One file wpa.dbl is the key to the whole thing! I think you guys need to do a contest on how many viruses will be created to delete that one file by the time Windows XP hits the store shelves. The next question would be, if wpa.dbl is set as read only if Windows can still delete it? If it can't then hackers have it easy. Get an activated wpa.dbl file copy it to that directory and set it read only.
If Windows can delete it with it set to read only that sounds like a huge hole in file system security. Hacker wants to write a virus to kill Windows XP find the API and call it and have XP delete it's own file. If such an API exists do you want to take bets on it being limited to only work on wpa.dbl or will any file be susceptible to being deleted regardless of its read only attribute?
Well, how dumb can Microsoft be? Answers on a postcard please to the usual address. Only one rant per reader.
On a technical note, Tim Epstein contributed this:
Thanks for the link to the tecchannel article. It made good reading, but needs a little more work for anyone who wishes to use their WXP system on a network. The product activation workaround will only work if the MAC address of each system is changed to match the original MAC address of the activated system. The problem here is that duplicate MAC addresses are a really big no no, so you can’t have a networked XP system with this option. For this hack to work, you would need at the least a separate wpa.dbl for each installation (assuming the same amount of RAM), with each having a known and different MAC address for the NIC that the address could be changed to.
I could just imagine the red faces that this would cause if sometime in the future I hook my trusty DIY activated notebook into the WAN of a client and discover that someone else in that organisation has done the same thing using the same wpa.dbl (and thus same MAC address!)