[194657] in North American Network Operators' Group
RE: Please run windows update now
daemon@ATHENA.MIT.EDU (Keith Medcalf)
Tue May 16 18:41:43 2017
X-Original-To: nanog@nanog.org
Date: Tue, 16 May 2017 16:41:36 -0600
In-Reply-To: <CAAXNyuD2VvmS8FrfzL900DeTRDfVHSyGG+Ca=rO6tyqUm86hrg@mail.gmail.com>
From: "Keith Medcalf" <kmedcalf@dessus.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> What would be more of an interesting discussion, to me, would be why
> doesn't Microsoft know about these hoarding of vulnerabilities by State
> actors and plug them up?
Some state actors they do know. They custom write the security flaws on th=
e state actors request.
> Are they really that clever of vulnerabilities? Does Microsoft not have
> the resources? Is Windows like the ocean, where there are just hundreds o=
f new
> species awaiting to be discovered?
> Did Microsoft at least know of the NSA vulnerabilities, for example, and
> kept it classified until NSA told them to plug them up?
Of course Microsoft knew, since they wrote in the backdoor in the first pla=
ce. That is why when informed by their employers that the backdoor was goi=
ng to be made public, they could undo the changes they had introduced so ra=
pidly.
