Where's the "one click exploit" for Linux?

Richard Rasker · External Since: Jul 27, 2005 Posts: 170

The Linux vs. Windows security discussions have an all too familiar
pattern: someone reports the latest weekly critical one-click Windows
vulnerability, and Windows advocates fall over themselves to present
excuses, and start mentioning woeful tales of hacked Linux boxes.

Yes, Linux gets hacked on occasion, as it's not invulnerable.

But I have one request: please show me those one-click exploits for Linux.
I can't seem to find any, except for Windows (where they seem to be the
rule rather than the exception). I must be looking in the wrong place, as
all those Windows experts say that Linux is just as vulnerable as Windows.

So even with Linux' smaller installed base, there must be a few at least.
But I can't find 'em. And oh, throw in a few of those dreaded "social
engineering viruses" for Linux as well for good measure, as I can't locate
a single one of these either.

I don't understand. Where is the "easy-to-install" Linux malware?

Richard Rasker

--
Windows: One wrong click and you're buggered

ed · External Since: Nov 20, 2006 Posts: 877

On Sun, 01 Oct 2006 11:46:03 +0200
Richard Rasker <spamtrap.DeleteThis@linetec.nl> wrote:

> The Linux vs. Windows security discussions have an all too familiar
> pattern: someone reports the latest weekly critical one-click Windows
> vulnerability, and Windows advocates fall over themselves to present
> excuses, and start mentioning woeful tales of hacked Linux boxes.
>
> Yes, Linux gets hacked on occasion, as it's not invulnerable.
>
> But I have one request: please show me those one-click exploits for
> Linux. I can't seem to find any, except for Windows (where they seem
> to be the rule rather than the exception). I must be looking in the
> wrong place, as all those Windows experts say that Linux is just as
> vulnerable as Windows.

If a program runs as root, then it's just as exploitable as a program
that runs as administrator.

The thing with Linux is that this is all too obvious and, linux is based
on UNIX principles where the purpose historically was to have the
central computer do the work, and every user has a dumb terminal, it's
been just so for a very long time. root has the rights, in windows land,
the user has the rights since there is no central computer, the computer
is on the desktop, so everyone is their own administrator.

There can be problems, for instance, if one were to have their shell set
to run "sudo dpkg -i " when one clicks a .deb file. If one has NOPASSWD
in their sudoers then someone could email a .deb file that has rm -rf /
in the preinstall section. That would be bad. But this sort of thing
does not happen often. It's just as problematic on windows. If I email a
..exe that does something similar... and the user is using a certain
version of OE then the headers could run that program. Or screensaver.
etc.

> So even with Linux' smaller installed base, there must be a few at
> least. But I can't find 'em. And oh, throw in a few of those dreaded
> "social engineering viruses" for Linux as well for good measure, as I
> can't locate a single one of these either.
>
> I don't understand. Where is the "easy-to-install" Linux malware?

It's all about the programs. If something has to be user friendly for
market adoption then I guess we might see some of this. I hope we do not
compromise security for usability. I think it's possible for us to have
both, but lets not rush for it. Things have been just fine for
functionality for many years, why change now. It's about getting things
done, not pleasing every idiot.

--
Regards, Ed :: http://www.s5h.net
proud unix hacker
Mr. T is behind you right now. You just can't see him.

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2362

On Sun, 01 Oct 2006 11:46:03 +0200, Richard Rasker wrote:

> But I have one request: please show me those one-click exploits for Linux.

The key word there is "exploit". Lack of an exploit does not indicate lack
of vulnerability. It just means nobody bothered to exploit the
vulnerability.

It's like claiming your house is impervious to burglars because, despite
your front door and windows all being unlocked, you've never been
burglarized.

Lots of apps that run on Linux have had flaws capable of being exploited
with "one click". The latest Firefox patch had at least 3 of them. They
have existed in email clients, media players, etc...

Your argument is a fallacy. Lack of attack does not equal immunity from
attack.

> So even with Linux' smaller installed base, there must be a few at least.

No, there musn't. Attack rate appears to not be liear in regards to
installed base, but rather exponential or logarithmic. Part of this is
that there is an extensive network of attackers attacking Windows, and they
share their code and discoveries amongst themselves. That means one flaw
can result in hundreds of different attacks.

> But I can't find 'em. And oh, throw in a few of those dreaded "social
> engineering viruses" for Linux as well for good measure, as I can't locate
> a single one of these either.

Nobody said you could. Linux isn't yet popular enough to get them.

> I don't understand. Where is the "easy-to-install" Linux malware?

There's been plenty of that.

http://www.theregister.co.uk/2001/09/07/linux_trojan_spotted/
http://www.symantec.com/security_response/writeup.jsp?docid=2003-011412-3316-99

And here's something written by Bruce Perens a while back that sums up the
situation:

http://lwn.net/1998/1119/Trojan.html

Sinister Midget · External Since: Jun 17, 2006 Posts: 746

On 2006-10-01, Richard Rasker <spamtrap RemoveThis @linetec.nl> posted something concerning:
>
> The Linux vs. Windows security discussions have an all too familiar
> pattern: someone reports the latest weekly critical one-click Windows
> vulnerability, and Windows advocates fall over themselves to present
> excuses, and start mentioning woeful tales of hacked Linux boxes.
>
> Yes, Linux gets hacked on occasion, as it's not invulnerable.
>
> But I have one request: please show me those one-click exploits for Linux.
> I can't seem to find any, except for Windows (where they seem to be the
> rule rather than the exception). I must be looking in the wrong place, as
> all those Windows experts say that Linux is just as vulnerable as Windows.
>
> So even with Linux' smaller installed base, there must be a few at least.
> But I can't find 'em. And oh, throw in a few of those dreaded "social
> engineering viruses" for Linux as well for good measure, as I can't locate
> a single one of these either.
>
> I don't understand. Where is the "easy-to-install" Linux malware?

http://tinyurl.com/prfft

It's somewhat less than one click to get started. But it's considerably
more once the ball gets rolling. It's considerably worse than the types
of malware you'll normally see on that other thing you mentioned, too.

--
Windows: Because _everyone_ needs a good laugh.

Roy Schestowitz · External Since: Jun 26, 2005 Posts: 24199

__/ [ Richard Rasker ] on Sunday 01 October 2006 10:46 \__

>
> The Linux vs. Windows security discussions have an all too familiar
> pattern: someone reports the latest weekly critical one-click Windows
> vulnerability, and Windows advocates fall over themselves to present
> excuses, and start mentioning woeful tales of hacked Linux boxes.
>
> Yes, Linux gets hacked on occasion, as it's not invulnerable.
>
> But I have one request: please show me those one-click exploits for Linux.
> I can't seem to find any, except for Windows (where they seem to be the
> rule rather than the exception). I must be looking in the wrong place, as
> all those Windows experts say that Linux is just as vulnerable as Windows.
>
> So even with Linux' smaller installed base, there must be a few at least.
> But I can't find 'em. And oh, throw in a few of those dreaded "social
> engineering viruses" for Linux as well for good measure, as I can't locate
> a single one of these either.
>
> I don't understand. Where is the "easy-to-install" Linux malware?
>
> Richard Rasker
>
You completely forgot use-search-engine-to-compromise-box type of exploits.
You see, with Windows. some exploits only require that you visit a Web site
that has snuck into search engine results pages (SERP's). This has led
Google to going as far as scanning pages for exploits rather than just
caching and indexing them. Windows has increased the workload for services.

ed · External Since: Nov 20, 2006 Posts: 877

On Sun, 01 Oct 2006 14:34:16 +0100
Roy Schestowitz <newsgroups.DeleteThis@schestowitz.com> wrote:

> You completely forgot use-search-engine-to-compromise-box type of
> exploits. You see, with Windows. some exploits only require that you
> visit a Web site that has snuck into search engine results pages
> (SERP's). This has led Google to going as far as scanning pages for
> exploits rather than just caching and indexing them. Windows has
> increased the workload for services.

That is so true.

Before we could host a gazillion email domains on a low end box, now
that O/OE can become a virus mill and clog the servers we have to scan
every email that comes our way for viruses. If we ignore to check the
mail very soon an OE mail client will become a virus mill. It will be
exploited and begin clogging mail servers, which then leads to our /19
getting listed at RBL sites. Not something we want.

This extra work has changed our network, we now require a huge CPU
overhead to scan mail. That pushes our profit margin to breaking point.
BUT, when this was done on an Exchange server (before my days at the
company) we needed dual/quad boxes to handle the load, the
administration was manual. Through UNIX we have changed much for the
better, now we have a handful of boxes operating smoothly and is fully
automated.

We also don't have to spend an ass load on exchange licences. Perhaps
this was MS's goal, make the mail server do more work, thus original
work has to spread over more boxes, more boxes = more licences.

For 5 PC's to do this work (I'm not going to compare throughput here,
just the cost of 5 PCs to do the job).

MS stack:

MS exchange: 276.53
MS Windows 2003: 217.98
Virus scanner: 40
Uptime: ~90-180 days

Linux/BSD stack:

Debian/OpenBSD: Free
Qmail: Free
Scanner: Free
Uptime: 600days, and counting

This comparison extends also to our web farm. But more importantly the
DNS.

DNS had to be managed via the MS DNS administration controls. This was a
real pain. The control took forever to load about 10,000 domains. That
was a real strain, on end users and administrators. Point being, when
the DNS server had to reload it would be offline for about 20 mins, it
would physically stop working.

Thanks to the free licencing of Linux/BSD we could implement a better
DNS cluster and control the records in a database. This allows us to
make bulk changes and updates in a fraction of the time.

Windows trolls, put that in your pipe and smoke on it. The business has
a minor licence fee by comparison. My regret is that through their
continuous trolling companies in the UK are loosing money and it hurts
our economy. If only I could reach all the businesses here and
help/allow them to convert then we would be much stronger economically.

--
Regards, Ed :: http://www.linuxwarez.co.uk
proud unix person
Vin Diesel solved the Da Vinci Code before it was even a book.

ed · External Since: Nov 20, 2006 Posts: 877

On Sun, 1 Oct 2006 10:51:50 -0400
"DFS" <nospam.TakeThisOut@dfs_.com> wrote:

> Richard Rasker wrote:
>
> > I don't understand. Where is the "easy-to-install" Linux malware?
>
>
> All over the web:
>
> www.gimp.org

http://www.gimp.org/windows/

> www.openoffice.org

http://openoffice.bouncer.osuosl.org/?product=OpenOffice.org&os=win&la...en&vers

> www.gnu.org/software/emacs

http://www.gnu.org/software/emacs/windows/ntemacs.html

> www.mysql.com

http://dev.mysql.com/get/Downloads/MySQL-5.0/mysql-essential-5.0.24a-w...2.msi/f

--
Regards, Ed :: http://www.usenix.org.uk
just another unix hacker
No-one ever laughs at what Mr. T is wearing. There's a reason for
that...

B Gruff · External Since: Jun 17, 2004 Posts: 1639

On Sunday 01 October 2006 10:46 Richard Rasker wrote:

> But I have one request: please show me those one-click exploits for Linux.
> I can't seem to find any, except for Windows (where they seem to be the
> rule rather than the exception).

How about this:-

http://www.whitedust.net/speaks/3006/

Roy Schestowitz · External Since: Jun 26, 2005 Posts: 24199

__/ [ ed ] on Sunday 01 October 2006 15:52 \__

> On Sun, 01 Oct 2006 14:34:16 +0100
> Roy Schestowitz <newsgroups DeleteThis @schestowitz.com> wrote:
>
>> You completely forgot use-search-engine-to-compromise-box type of
>> exploits. You see, with Windows. some exploits only require that you
>> visit a Web site that has snuck into search engine results pages
>> (SERP's). This has led Google to going as far as scanning pages for
>> exploits rather than just caching and indexing them. Windows has
>> increased the workload for services.
>
> That is so true.
>
> Before we could host a gazillion email domains on a low end box, now
> that O/OE can become a virus mill and clog the servers we have to scan
> every email that comes our way for viruses. If we ignore to check the
> mail very soon an OE mail client will become a virus mill. It will be
> exploited and begin clogging mail servers, which then leads to our /19
> getting listed at RBL sites. Not something we want.
>
> This extra work has changed our network, we now require a huge CPU
> overhead to scan mail. That pushes our profit margin to breaking point.
> BUT, when this was done on an Exchange server (before my days at the
> company) we needed dual/quad boxes to handle the load, the
> administration was manual. Through UNIX we have changed much for the
> better, now we have a handful of boxes operating smoothly and is fully
> automated.
>
> We also don't have to spend an ass load on exchange licences. Perhaps
> this was MS's goal, make the mail server do more work, thus original
> work has to spread over more boxes, more boxes = more licences.
>
> For 5 PC's to do this work (I'm not going to compare throughput here,
> just the cost of 5 PCs to do the job).
>
> MS stack:
>
> MS exchange: 276.53
> MS Windows 2003: 217.98
> Virus scanner: 40
> Uptime: ~90-180 days
>
> Linux/BSD stack:
>
> Debian/OpenBSD: Free
> Qmail: Free
> Scanner: Free
> Uptime: 600days, and counting
>
> This comparison extends also to our web farm. But more importantly the
> DNS.
>
> DNS had to be managed via the MS DNS administration controls. This was a
> real pain. The control took forever to load about 10,000 domains. That
> was a real strain, on end users and administrators. Point being, when
> the DNS server had to reload it would be offline for about 20 mins, it
> would physically stop working.
>
> Thanks to the free licencing of Linux/BSD we could implement a better
> DNS cluster and control the records in a database. This allows us to
> make bulk changes and updates in a fraction of the time.
>
> Windows trolls, put that in your pipe and smoke on it. The business has
> a minor licence fee by comparison. My regret is that through their
> continuous trolling companies in the UK are loosing money and it hurts
> our economy. If only I could reach all the businesses here and
> help/allow them to convert then we would be much stronger economically.

Ed,

Months ago some discussions revolved heavily around the fact that Windows
zombies (botnet) have changed the WWW landscape entirely. The effect of SPAM
(the vast majority of which is spewed out by Windows), for example, are
increased fees (ISP's), inbox bloat (also affects non-Windows users), and
overall congestion (slow connections). And that's just SPAM. DDOS attacks
start an entirely new type of discussion.

The effect Microsoft had on the Web will never be forgotten. I will never
forgive Microsoft for those attacks on my Web site, as well as my E-mail
accounts. Imagine what nerve they must have as they refuse to patch critical
bugs for which exploits already exist 'in the wild'. Imagine the cowardly
Gates who now retires, having promised in the beginning of 2004 that SPAM
would vanish within 48 months. Its scale of attacks only grows by the day
and new ailments crop up by the day, which make everything more malignant
and more severe. The crackers get smarter; Microsoft only gets more stupid.
As I said before, the Internet gradually enters its dark ages. And it repels
many users, kills the use of common comminication methods, and makes
businesses reconsider e-commerce.

Best wishes,

Roy

PS - that thing that replies to you -- just killfile it. It's not worth your
time.

--
Roy S. Schestowitz | McDonald's Certified Sandwich Engineer (MCSE)
http://Schestowitz.com | Open Prospects ¦ PGP-Key: 0x74572E8E
Tasks: 129 total, 2 running, 126 sleeping, 0 stopped, 1 zombie
http://iuron.com - knowledge engine, not a search engine

Richard Rasker · External Since: Jul 27, 2005 Posts: 170

Op Sun, 01 Oct 2006 18:01:29 +0100, schreef B Gruff:

> On Sunday 01 October 2006 10:46 Richard Rasker wrote:
>
>> But I have one request: please show me those one-click exploits for Linux.
>> I can't seem to find any, except for Windows (where they seem to be the
>> rule rather than the exception).
>
> How about this:-
>
> http://www.whitedust.net/speaks/3006/

Well well, that'd be one of the very first. OK then, if this one is for
real and Linux proves vulnerable, my question is answered - alas :-/

Richard Rasker

--
Linetec Translation and Technology Services

http://www.linetec.nl/

B Gruff · External Since: Jun 17, 2004 Posts: 1639

On Sunday 01 October 2006 18:33 Richard Rasker wrote:

> Op Sun, 01 Oct 2006 18:01:29 +0100, schreef B Gruff:
>
>> On Sunday 01 October 2006 10:46 Richard Rasker wrote:
>>
>>> But I have one request: please show me those one-click exploits for
>>> Linux. I can't seem to find any, except for Windows (where they seem to
>>> be the rule rather than the exception).
>>
>> How about this:-
>>
>> http://www.whitedust.net/speaks/3006/
>
> Well well, that'd be one of the very first. OK then, if this one is for
> real and Linux proves vulnerable, my question is answered - alas :-/

Even if it is, and even if it is, and even if it is and even if it is, would
you rather you heard it from me first, or one of the bluddy trolls? Smile

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2362

On Sun, 01 Oct 2006 19:33:12 +0200, Richard Rasker wrote:

> Op Sun, 01 Oct 2006 18:01:29 +0100, schreef B Gruff:
>
>> On Sunday 01 October 2006 10:46 Richard Rasker wrote:
>>
>>> But I have one request: please show me those one-click exploits for Linux.
>>> I can't seem to find any, except for Windows (where they seem to be the
>>> rule rather than the exception).
>>
>> How about this:-
>>
>> http://www.whitedust.net/speaks/3006/
>
> Well well, that'd be one of the very first. OK then, if this one is for
> real and Linux proves vulnerable, my question is answered - alas :-/

Which just proves my point. Lack of attack does not equal lack of
vulnerability. You really need to stop with this attitude of thinking
you're immunue until proven otherwise.

Jim Richardson · External Since: Jan 15, 2005 Posts: 1227

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 1 Oct 2006 13:09:31 -0500,
Erik Funkenbusch <erik.RemoveThis@despam-funkenbusch.com> wrote:
> On Sun, 01 Oct 2006 19:33:12 +0200, Richard Rasker wrote:
>
>> Op Sun, 01 Oct 2006 18:01:29 +0100, schreef B Gruff:
>>
>>> On Sunday 01 October 2006 10:46 Richard Rasker wrote:
>>>
>>>> But I have one request: please show me those one-click exploits for Linux.
>>>> I can't seem to find any, except for Windows (where they seem to be the
>>>> rule rather than the exception).
>>>
>>> How about this:-
>>>
>>> http://www.whitedust.net/speaks/3006/
>>
>> Well well, that'd be one of the very first. OK then, if this one is for
>> real and Linux proves vulnerable, my question is answered - alas :-/
>
> Which just proves my point. Lack of attack does not equal lack of
> vulnerability. You really need to stop with this attitude of thinking
> you're immunue until proven otherwise.

you keep coming up with that strawman. We don't claim Linux is immune,
merely that it is far less vulnerable than MS-Windows.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFICiPd90bcYOAWPYRAsueAJ4qxTDlbvSG0W8itwGEJf1eGervtACgqv8e
1AJNpIPWWQQkqWQ0YxxEeL4=
=Q1YX
-----END PGP SIGNATURE-----

--
Jim Richardson http://www.eskimo.com/~warlock
All life is a conjugation of the verb "to eat"

Richard Rasker · External Since: Jul 27, 2005 Posts: 170

Op Sun, 01 Oct 2006 13:09:31 -0500, schreef Erik Funkenbusch:

> On Sun, 01 Oct 2006 19:33:12 +0200, Richard Rasker wrote:
>
>> Op Sun, 01 Oct 2006 18:01:29 +0100, schreef B Gruff:
>>
>>> On Sunday 01 October 2006 10:46 Richard Rasker wrote:
>>>
>>>> But I have one request: please show me those one-click exploits for Linux.
>>>> I can't seem to find any, except for Windows (where they seem to be the
>>>> rule rather than the exception).
>>>
>>> How about this:-
>>>
>>> http://www.whitedust.net/speaks/3006/
>>
>> Well well, that'd be one of the very first. OK then, if this one is for
>> real and Linux proves vulnerable, my question is answered - alas :-/
>
> Which just proves my point. Lack of attack does not equal lack of
> vulnerability. You really need to stop with this attitude of thinking
> you're immunue until proven otherwise.

Will you Wintrolls please stop putting words in our mouths! Linux is *not*
invulnerable - we all know that. It's just way more secure than Windows.

And even if lack of attack were the actual cause, that wouldn't change the
fact that one should stay away from Windows if one cares about security.

Richard Rasker

--
Linetec Translation and Technology Services

http://www.linetec.nl/

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2362

On Sun, 01 Oct 2006 20:48:45 +0200, Richard Rasker wrote:

> Op Sun, 01 Oct 2006 13:09:31 -0500, schreef Erik Funkenbusch:
>
>> On Sun, 01 Oct 2006 19:33:12 +0200, Richard Rasker wrote:
>>
>>> Op Sun, 01 Oct 2006 18:01:29 +0100, schreef B Gruff:
>>>
>>>> On Sunday 01 October 2006 10:46 Richard Rasker wrote:
>>>>
>>>>> But I have one request: please show me those one-click exploits for Linux.
>>>>> I can't seem to find any, except for Windows (where they seem to be the
>>>>> rule rather than the exception).
>>>>
>>>> How about this:-
>>>>
>>>> http://www.whitedust.net/speaks/3006/
>>>
>>> Well well, that'd be one of the very first. OK then, if this one is for
>>> real and Linux proves vulnerable, my question is answered - alas :-/
>>
>> Which just proves my point. Lack of attack does not equal lack of
>> vulnerability. You really need to stop with this attitude of thinking
>> you're immunue until proven otherwise.
>
> Will you Wintrolls please stop putting words in our mouths! Linux is *not*
> invulnerable - we all know that. It's just way more secure than Windows.

There is no such thing as "more secure" Either you are secure or you're
not. Either someone can break into your system or not. There is no "kind
of".

> And even if lack of attack were the actual cause, that wouldn't change the
> fact that one should stay away from Windows if one cares about security.

I think you mean "if one cares about being attacked".

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2362

On Sun, 01 Oct 2006 20:48:45 +0200, Richard Rasker wrote:

>> Which just proves my point. Lack of attack does not equal lack of
>> vulnerability. You really need to stop with this attitude of thinking
>> you're immunue until proven otherwise.
>
> Will you Wintrolls please stop putting words in our mouths! Linux is *not*
> invulnerable - we all know that. It's just way more secure than Windows.

By the way, i'm not putting words in your mouth. You have given that
impression by saying "Where's the exploits?". The only way to read that is
"If we were vulnerabile, someone would be exploiting us". ie, you think
youi're invulnerable because you haven't been exploited.

Otherwise, your comments simply make no sense. Why would you question the
existence of exploits if you know they're possible? That's like
questioning why you've never been hit by a truck.

Roy Culley · External Since: Aug 14, 2004 Posts: 647

begin risky.vbs
<pan.2006.10.01.18.48.43.458431.DeleteThis@linetec.nl>,
Richard Rasker <spamtrap.DeleteThis@linetec.nl> writes:
> Op Sun, 01 Oct 2006 13:09:31 -0500, schreef Erik Funkenbusch:
>
>> Which just proves my point. Lack of attack does not equal lack of
>> vulnerability. You really need to stop with this attitude of
>> thinking you're immunue until proven otherwise.
>
> Will you Wintrolls please stop putting words in our mouths! Linux is
> *not* invulnerable - we all know that. It's just way more secure
> than Windows.

Funkenbusch is the MS apologist for a reason. He cannot accept any
deficiency / criticism of MS. If he ain't paid he should be.

> And even if lack of attack were the actual cause, that wouldn't
> change the fact that one should stay away from Windows if one cares
> about security.

His pathetic attempt to compare fundamental OS security of Windows to
Linux is just a joke. Windows is insecure by design. Vista will be
insecure by design. I use the word design very loosely here.

--
Is god willing to prevent evil but not able? Then he is not omnipotent.
Is he able but not willing? Then he is malevolent. Is he both able and
willing? Then whence cometh evil? Is he neither able nor willing? Then
why call him god? - Epicurus (341-270 BCE)

ed · External Since: Nov 20, 2006 Posts: 877

On Sun, 01 Oct 2006 19:10:51 +0100
Roy Schestowitz <newsgroups DeleteThis @schestowitz.com> wrote:

> The effect Microsoft had on the Web will never be forgotten. I will
> never forgive Microsoft for those attacks on my Web site, as well as
> my E-mail accounts. Imagine what nerve they must have as they refuse
> to patch critical bugs for which exploits already exist 'in the wild'.
> Imagine the cowardly Gates who now retires, having promised in the
> beginning of 2004 that SPAM would vanish within 48 months. Its scale
> of attacks only grows by the day and new ailments crop up by the day,
> which make everything more malignant and more severe. The crackers get
> smarter; Microsoft only gets more stupid. As I said before, the
> Internet gradually enters its dark ages. And it repels many users,
> kills the use of common comminication methods, and makes businesses
> reconsider e-commerce.

This is all true. I think MS made money through Outlook getting a spam
filter. Ironic how the spam is caused by their own system!

> PS - that thing that replies to you -- just killfile it. It's not
> worth your time.

It's not worth my time, that is correct. But for someone out there who
might stumble upon the item in google groups could be getting the wrong
impression, so I feel compelled to correct it.

--
Regards,
Ed.

B Gruff · External Since: Jun 17, 2004 Posts: 1639

On Sunday 01 October 2006 19:10 Roy Schestowitz wrote:

> Imagine the cowardly
> Gates who now retires, having promised in the beginning of 2004 that SPAM
> would vanish within 48 months.

Nope.

He said "2 years from now", and that was in January 2004.
If you claim you've had spam after January 2006, one of you is wrong...

http://www.cbsnews.com/stories/2004/01/24/tech/main595595.shtml

Roy Schestowitz · External Since: Jun 26, 2005 Posts: 24199

__/ [ ed ] on Sunday 01 October 2006 22:05 \__

> On Sun, 01 Oct 2006 19:10:51 +0100
> Roy Schestowitz <newsgroups.RemoveThis@schestowitz.com> wrote:
>
>> The effect Microsoft had on the Web will never be forgotten. I will
>> never forgive Microsoft for those attacks on my Web site, as well as
>> my E-mail accounts. Imagine what nerve they must have as they refuse
>> to patch critical bugs for which exploits already exist 'in the wild'.
>> Imagine the cowardly Gates who now retires, having promised in the
>> beginning of 2004 that SPAM would vanish within 48 months. Its scale
>> of attacks only grows by the day and new ailments crop up by the day,
>> which make everything more malignant and more severe. The crackers get
>> smarter; Microsoft only gets more stupid. As I said before, the
>> Internet gradually enters its dark ages. And it repels many users,
>> kills the use of common comminication methods, and makes businesses
>> reconsider e-commerce.
>
> This is all true. I think MS made money through Outlook getting a spam
> filter. Ironic how the spam is caused by their own system!

Look no further, buddy. Microsoft sells annual subscriptions for software
(Live OneCare) that covers up critical bugs for another. It arguably keeps
some systems hanging. It's worse than cartridge ripoffs. Imagine the
reaction of the customer if the printers would explode without fresh ink...

>> PS - that thing that replies to you -- just killfile it. It's not
>> worth your time.
>
> It's not worth my time, that is correct. But for someone out there who
> might stumble upon the item in google groups could be getting the wrong
> impression, so I feel compelled to correct it.

I know, but it's a double-edged sword.