DNS the New Hole?

• By Doug Barney
• 07/28/2008

Those folks sure were prescient as Microsoft recently had to patch its DNS implementation -- a patch that itself caused problems such as Exchange outages.

Nevertheless, Microsoft is "urgently warning" IT to patch their DNS. The vulnerability can allow spoofing attacks, although no such attacks have yet been reported.

Do you take DNS security seriously? Share your thoughts and advice by writing [email protected].

Hyper-V Runs Solaris -- With a Little Help
Sun and Microsoft get along fine now, thanks to a 2004 deal where Microsoft paid the Mountain View computer concern some $1.8 billion to settle Sun's lawsuits. That's why I'm sure that neither company is complaining about Transitive Corp.'s QuickTransit software which allows Solaris apps -- even those written for SPARC processors -- to run under Hyper-V on Intel boxes.

The most interesting part of Transitive might not be its product, but one of its advisors. Dr. Mendel Rosenbaum is a technical advisor to Transitive. Virtualization buffs may recognize that as the name of VMware's co-founder and chief scientist. Is it any wonder, then, that QuickTransit also works with VMware?

Vista Cash Back
Kim Kido bought a Vista PC, presumably with the intention of using and enjoying the new Microsoft operating system. But Kido hated Vista, and after carefully reading the tiny print of the legalese-laden license agreement, Kido demanded a refund from HP.

The bad news for HP? Kido is a blogger, and her entire story of two months worth of e-mail and telephone calls ended up on Valleywag. Kido eventually got her $200 back, and HP got far more than $200 worth of bad press.

Mailbag: Trust Open Source?
Much like a pair of old hippie jeans, turns out open source software can be full of holes, too. So Doug asked readers last week whether they'd still trust open source -- and if they miss said hippie jeans:

I still have my old, patched, hippie pants. What I miss is being the size I was when they fit.

As for trusting open source software, or any software for that matter, my motto is "trust, but verify."
-Dave

I trust open source 100 percent. I have used Open Office for years, both on Windows and Mac; I do not use MS Office. I also use Firefox on Windows and have had no problems -- it's also much faster than IE. Nothing is 100 percent secure (I work in IT and manage Windows desktops/servers, Cisco, F5 Firepass -- they all need to be patched). But 100 percent for open source! I introduced many people to OO and Firefox and haven't heard any complaints.

Do I miss my hippie jeans (and also my tie-dyed shirts and bell bottoms)? Sure do...but I still have the long hair!
-Bob

Actually, I don't trust any computer, no matter who wrote the software. I manage to make a pretty good living working on them, but I have no delusions that they are making my life better. If you do trust them, don't cry about how your life got screwed up. You messed it up putting your faith in a stupid machine.

I will say that you can install any software in an exploitable manner. Most software can also be installed in a reasonably secure manner. If you do it right, it will work (yup, even Microsoft software); if you do it wrong, it won't work well (yup, even Microsoft software). What would be helpful would be to get past the name-calling and accusations and focus on getting a tool that does what you need.
-Anonymous

Got anything to add? Let us have it! Leave a comment below or send an e-mail to [email protected].