DNS the New Hole?
A few weeks ago, I had a nice sushi lunch with the folks from DNSstuff
Their whole reason for being is that the Domain Name System (DNS) is the new
hacker target, and taking down DNS takes a whole heap of machines along with
Those folks sure were prescient as Microsoft recently
had to patch its DNS implementation -- a patch that itself caused problems
such as Exchange outages.
Nevertheless, Microsoft is "urgently
warning" IT to patch their DNS. The vulnerability can allow spoofing
attacks, although no such attacks have yet been reported.
Do you take DNS security seriously? Share your thoughts and advice by writing
Hyper-V Runs Solaris -- With a Little
Sun and Microsoft get along fine now, thanks to a 2004 deal where Microsoft
paid the Mountain View computer concern some $1.8 billion to settle Sun's lawsuits.
That's why I'm sure that neither company is complaining about Transitive Corp.'s
QuickTransit software which allows Solaris apps -- even those written for SPARC
processors -- to run
under Hyper-V on Intel boxes.
The most interesting part of Transitive might not be its product, but one of
its advisors. Dr. Mendel Rosenbaum is a technical advisor to Transitive. Virtualization
buffs may recognize that as the name of VMware's co-founder and chief scientist.
Is it any wonder, then, that QuickTransit also works with VMware?
Vista Cash Back
Kim Kido bought a Vista PC, presumably with the intention of using and enjoying
the new Microsoft operating system. But Kido hated Vista, and after carefully
reading the tiny print of the legalese-laden license agreement, Kido demanded
a refund from HP.
The bad news for HP? Kido is a blogger, and her entire story of two months
worth of e-mail and telephone calls ended
up on Valleywag. Kido eventually got her $200 back, and HP got far more
than $200 worth of bad press.
Mailbag: Trust Open Source?
Much like a pair of old hippie jeans, turns out open source software can be
of holes, too. So Doug asked readers last week whether they'd still trust
open source -- and if they miss said hippie jeans:
I still have my old, patched, hippie pants. What I miss is being the
size I was when they fit.
As for trusting open source software, or any software for that matter,
my motto is "trust, but verify."
I trust open source 100 percent. I have used Open Office for years, both
on Windows and Mac; I do not use MS Office. I also use Firefox on Windows
and have had no problems -- it's also much faster than IE. Nothing is 100
percent secure (I work in IT and manage Windows desktops/servers, Cisco, F5
Firepass -- they all need to be patched). But 100 percent for open source!
I introduced many people to OO and Firefox and haven't heard any complaints.
Do I miss my hippie jeans (and also my tie-dyed shirts and bell bottoms)?
Sure do...but I still have the long hair!
Actually, I don't trust any computer, no matter who wrote the software.
I manage to make a pretty good living working on them, but I have no delusions
that they are making my life better. If you do trust them, don't cry about
how your life got screwed up. You messed it up putting your faith in a stupid
I will say that you can install any software in an exploitable manner.
Most software can also be installed in a reasonably secure manner. If you
do it right, it will work (yup, even Microsoft software); if you do it wrong,
it won't work well (yup, even Microsoft software). What would be helpful would
be to get past the name-calling and accusations and focus on getting a tool
that does what you need.
Got anything to add? Let us have it! Leave a comment below or send an e-mail
Doug Barney is editor in chief of Redmond magazine and the VP, editorial director of Redmond Media Group.