On Thu, 3 Jan 2002, David Kennedy CISSP wrote: > At 10:04 PM 12/29/01 -0700, Ryan Russell wrote: > After watching all the NIMDA hit's we're still seeing, this idea has some > appeal but I also seem to recall a great hue and cry from the digerati when > DCMA and UCITA were interpreted to include a "remote kill" function a > software publisher could trigger that sounds a lot like this. Think back > to July and September, would we *really* want anyone to have the ability > turn off IIS all over the world in response to Code Red or NIMDA? What I propose is a little bit different from a remote kill. A simple expiration, with warnings ahead of time. Think MS's evaluation versions of Win2K for example, which are good for 120 days, and start complaining about 2 weeks before they cut off. I failed to explain part fo my thinking in my first note. Naturally, MS would seemingly note be willing to do such a think, users would complain, etc... And I would never even have considered something like this to be viable. However, MS has already shown a willingness to put Office XP into cripple mode if your system appears to have changed too much, unless you check in. So, I figure if they can do it for copy protection reasons, why not for security? No, I don't expect this to actually happen. This is just one suggestion as to how the problem might be improved. Perhaps having an extreme option might help drive a realistic one. As a side note, one person pointed out that some of these patches are huge, and what about modem users? I can see a couple of solutions; One, some sort of baby patch that perhaps disables a service rather than patching it, until the real patch can be obtained. Two, allow people to buy a subscription. Make MS allow other vendors to have the update images to cut their own CDs, so it's not another profit center, ala Red Hat repackagers. I think the CD image idea has merit. I was at a friends house last night trying to download DirectX 8.1 over a modem at their place. After it died with 1 minute to go, I am now prepping a CD of all the patches they need via my home DSL line. It would be great if I could download an ISO image from MS. Ryan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jan 03 2002 - 12:00:57 PST