but he is journalist question mark
----- Original Message -----
From: "Jeff Szuhay" <jeff at szuhay.org>
To: "Squeak Public Maliing List" <squeak-dev at lists.squeakfoundation.org>
Sent: Saturday, August 04, 2001 7:01 PM
Subject: [Computering] The Death of TCP/IP


> Forgive me for posting this here, yet I came across this
> article which is so plausible yet so monumentally horrifying
> that it deserves consideration. You may also want to consider
> Bob's several previous posts on MS and Security.
>
> The internet _will_ have a
> toll booth, and MS will be the onc collecting <shudder>.
>
>  article URL: <http://www.pbs.org/cringely/pulpit/pulpit20010802.html>
>
> The Death of TCP/IP
> Why the Age of Internet Innocence is Over
> By Robert X. Cringely
>
> "As events of the last several weeks have shown, Microsoft Windows,
> e-mail and the Internet create the perfect breeding ground for virus
> attacks. They don't even have to exploit Windows flaws to be effective.
> Any Visual BASIC programmer with a good understanding of how Windows
> works can write a virus. All that is needed is a cleverly titled file
> attachment payload, and almost anyone can be induced to open it,
> spreading
> the contagion. It is too darned easy to create these programs that can do
> billions in damage. ..."
>
> some exercpts:
>
> "The wonder of all these Internet security problems is that they are
> continually labeled as "e-mail viruses" or "Internet worms," rather than
> the more correct designation of "Windows viruses" or "Microsoft Outlook
> viruses." It is to the credit of the Microsoft public relations team that
> Redmond has somehow escaped blame, because nearly all the data security
> problems of recent years have been Windows-specific, taking advantage of
> the glaring security loopholes that exist in these Microsoft products.
> If it were not for Microsoft's carefully worded user license agreement,
> which holds the company blameless for absolutely anything, they would
> probably have been awash in class action lawsuits by now."
>
> and,
>
> "And now, we have the impending release of Windows XP, and its problem of
> raw TCP/IP socket exposure. As I detailed two weeks ago, XP is the first
> home version of Windows to allow complete access to TCP/IP sockets, which
> can be exploited by viruses to do all sorts of damage. Windows XP uses
> essentially the same TCP/IP software as Windows 2000, except that XP
> lacks 2000's higher-level security features. In order to be backward
> compatible
> with applications written for Windows 95, 98, and ME, Windows XP allows
> any application full access to raw sockets.
>
> "This is dangerous."
>
> furthermore,
>
> "According to these programmers, Microsoft wants to replace TCP/IP with
> a proprietary protocol -- a protocol owned by Microsoft -- that it will
> tout as being more secure. Actually, the new protocol would likely be
> TCP/IP with some of the reserved fields used as pointers to proprietary
> extensions, quite similar to Vines IP, if you remember that product from
> Banyan Systems. I'll call it TCP/MS.
>
> "How do you push for the acceptance of a new protocol? First, make the
> old one unworkable by placing millions of exploitable TCP/IP stacks out
> on the Net, ready-to-use by any teenage sociopath. When the Net slows
> or crashes, the blame would not be assigned to Microsoft. Then ship the
> new protocol with every new copy of Windows, and install it with every
> Windows Update over the Internet. Zero to 100 million copies could happen
> in less than a year, and that year could be prior to the new protocol
> even
> being announced. It could be shipping right now.
>
> "Suppose you are a typical firm that also has some non-Microsoft servers.
> You will want to use this new protocol between your Microsoft and non-
> Microsoft servers. Microsoft could charge Sun millions to put TCP/MS on
> their systems. Microsoft can promise open support, but make it
> financially
> impractical. Then use it in a marketing attack against competitors.
> Zero-Footprint network drivers, ODBC, and MAPI are examples of Microsoft
> "open" standards that took years for non-Microsoft firms to use. Almost
> anyone who would have wanted to use these open standards has been driven
> out of business. "
>
> and finally, (here's the horror)
>
> "MS/TCP will ostensibly be a solution to the problems businesses are
> having
> with the Internet. It will assign priorities to packets. It will insure
> that
> all connections and packets can be traced, authenticated, and monitored.
> And since all these connections to the Internet have to be authenticated
> to someone, it will likely be hooked into a credit card or some sort of
> account, from which Microsoft can extract its price as the gatekeeper for
> the authentication via Hailstorm, Passport and .NET.
>
> "But how will this stop the "I just e-mailed you a virus" problem? How
> does
> this stop my personal information being sucked out of my PC via cookies?
> It won't. Solving those particular problems is not the protocol's real
> purpose, which is to increase Microsoft's market share. It is a marketing
> concept that will be sold as the solution to a problem. It won't really
> work."
>
>
>
>
> --
>    **************************************************
>    Jeff Szuhay              A randomly-directed
>    www.szuhay.org           chaotical wetware pattern
>    jeff at szuhay.org          recognizer/generator.
>
>
>    "The idea that Bill Gates has appeared like
>    a knight in shining armour to lead all customers
>    out of a mire of technological chaos neatly
>    ignores the fact that it was he who, by peddling
>    second-rate technology, led them into it in the
>    first place."
>                  -Douglas Adams, on Windows '95
>
>
>
>
>