Hackers don't discover security flaws..

GrandMasterTerwynn · Post by **GrandMasterTerwynn** » 2004-02-26 12:57pm

They wait for MS to do it for them. Or, at least, so says this article.

For those of you who'd rather not read the article, here is a quick summary:

Malicious hackers and vandals are lazy and wait for Microsoft to issue patches before they produce tools to work out how to exploit loopholes in Windows, say experts.

Brother-Captain Gaius · Post by **Brother-Captain Gaius** » 2004-02-26 12:59pm

Interesting. Given their incorrect usage of "hacker", it's not surpring they're capable of such idiocy.

General Zod · Post by **General Zod** » 2004-02-26 12:59pm

replace the term "hacker" with "script kiddie", and that article could be perceived as more accurate

Embracer Of Darkness · Post by **Embracer Of Darkness** » 2004-02-26 01:21pm

Bah, simply flawed propaganda. *Dismisses with a wave of the hand.*

Xon · Post by **Xon** » 2004-02-26 03:12pm

Embracer Of Darkness wrote:Bah, simply flawed propaganda. *Dismisses with a wave of the hand.*

Actually, this has a large amount of merit.

Unless sourcecode to exploit the security hole is publicly released, its a shit load easier to reverse engineer a 50kb patch to figure out the exacts of the exploit. Then they rely on the lazy idiots who dont update their computers for infection.

General Zod · Post by **General Zod** » 2004-02-26 03:19pm

ggs wrote:
Embracer Of Darkness wrote:Bah, simply flawed propaganda. *Dismisses with a wave of the hand.*
Actually, this has a large amount of merit.

Unless sourcecode to exploit the security hole is publicly released, its a shit load easier to reverse engineer a 50kb patch to figure out the exacts of the exploit. Then they rely on the lazy idiots who dont update their computers for infection.

those are what you call script kiddies, as opposed to an actual hacker.

SPOOFE · Post by **SPOOFE** » 2004-02-26 03:29pm

Hmm... so it's better to not release security patches, eh?

General Zod · Post by **General Zod** » 2004-02-26 03:52pm

if microsoft got the code right in the first place, they wouldn't need patches.

darthdavid · Post by **darthdavid** » 2004-02-26 03:54pm

No it's better to download security patches as soon as they come out to avoid getting the virii designed to work with the holes they fix.

Embracer Of Darkness · Post by **Embracer Of Darkness** » 2004-02-26 05:09pm

Darth_Zod wrote:
ggs wrote:
Embracer Of Darkness wrote:Bah, simply flawed propaganda. *Dismisses with a wave of the hand.*
Actually, this has a large amount of merit.

Unless sourcecode to exploit the security hole is publicly released, its a shit load easier to reverse engineer a 50kb patch to figure out the exacts of the exploit. Then they rely on the lazy idiots who dont update their computers for infection.
those are what you call script kiddies, as opposed to an actual hacker.

I really hate quoting large amounts of text just to make one comment, but... My point exactly, Darth_Zod.

Also, this article was obviously written with some intent to make crackers and whatnot look incompetent, despite the fact that it takes alot of intelligence to do what they do, and a vast majority of them aren't malicious.

Sharp-kun · Post by **Sharp-kun** » 2004-02-26 06:56pm

Darth_Zod wrote:if microsoft got the code right in the first place, they wouldn't need patches.

True, but on the other hand, its impossible to predict every flaw. The fact that its taken this long to find some shows how hard they were to find.

They need to cut down, but no OS the size of Windows is going to have no security flaws.