Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Attackers hose down Microsoft's Jet DB Engine

____/ Jerry McBride on Wednesday 26 March 2008 22:05 : \____

> Roy Schestowitz wrote:
> 
>> ____/ Richard Rasker on Wednesday 26 March 2008 16:31 : \____
>> 
>>> What do you do if you find an exploitable flaw in your code? Well,
>>> nothing, of course -- at least if you're Microsoft:
>>> 
>>>
>>
>
http://www.channelregister.co.uk/2008/03/26/jet_database_engine_security_flaws/
>>> 
>>> Apparently, Microsoft "thought it had blocked the attack vectors."
>>> Incompetent idiots.
>>> 
>>> 
>>> Richard Rasker
>> 
>> Just don't bet your next elections on Microsoft's negleigence.

                                                        ^^Oops, typo


>> ,----[ Quote ]
>> | Problems found in an audit of Diebold tabulation records from an Ohio
>> | November 2006 election raise questions about whether the database got
>> | corrupted during the tabulation of election results...
>> | 
>> | The database is built from Microsoft's Jet database engine. The
>> | engine, according to Microsoft, is vulnerable to corruption when a lot
>> | of concurrent activity is happening with the database, such as what
>> | occurs on an election night [and Microsoft advises againt using Jet in
>> | a complex environment]...
>> | 
>> | The report mentions that election staff had trouble with the server
>> | crashing and freezing on election night....
>> | 
>> | The report notes that with punch card machines election officials used
>> | to be able to determine definitively if all ballots had been counted
>> | in the results....
>> `----
>> 
>> http://blog.wired.com/27bstroke6/2007/04/diebold_vote_da.html
>> 
>> Regarding Microsoft's excuse, previous reports contradict this. Microsoft
>> seems to have just felt a little lazy. No competition = complacence.
>> 
> 
> Why would ANYONE build a mission critical app (vote taking) using a
> Microsoft tool that even Microsoft says not to be used in mission critical
> situations. DIEBOLD should be held responsible for knowingly using faulty
> tools from a KNOWN faulty software maker.
> 
> Unbelievable.

That's the {everything Microsoft}^tm mentality. DNS servers too, until you
realise they can easily be hijacked.

-- 
                ~~ Best of wishes

.oʍʇ sɐ buıɥʇ ɥɔns ou s,ǝɹǝɥʇ 'ɹǝpuǝq 'ʎɹɹoʍ ʇ,uop :ʎɹɟ
.oʍʇ ɐ ʍɐs ı ʇɥbnoɥʇ ı puɐ ...ǝɹǝɥʍʎɹǝʌǝ soɹǝz puɐ sǝuo .ɯɐǝɹp 1nɟʍɐ uɐ
ʇɐɥʍ 'ɥɥɥɐ :ɹǝpuǝq

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index