Friday, May 26, 2000
email relaying
Rob, my
roommate, just found a hole in sendmail. It's not an exploit that
allows one to gain access to the machine, but it would potentially allow
someone to use a system running sendmail as an open relay.
It's not that easy to exploit (thankfully) but theoretically it is.
Mark vs. the Redmond Behemoth
Mark, as you may know by now, hates Microsoft, yet his job requires him to program under Windows NT.
Now, why does he hate Microsoft, and Windows NT? Because it isn't reliable for what he's doing (past project—a phone switch under NT and if that doesn't make you shudder then perhaps you won't mind much if you can't dial 911) yet his job, which he has relunctantly accepted, is to make it reliable.
Towards that end he found a race condition in the NT kernel.
Huge surprise, I know.
Over the course of three hours he was able to work his way up the tech
support ladder at Microsoft (“No, it's not my code you moron! I don't
write in VB! It's VC++ and no, I know it's not in my code! It's in
NTblahblah.DLL now transfer me to someone who can help me!”) and
ended up talking to the developer of that particular piece of the NT
kernel.
“Yup,” said the developer. “That's a bug in our code all right.”
“I'm not arguing that with you. I know it's your bug, but can you fix the bug?”
“Yup, that's a bug.”
“I'm not arguing that with you. I know it's your bug, but can you fix the bug?”
“Hmmmm …. nope. That would require a design change and we [Microsoft] no longer support Windows NT. I can be fixed for Windows 2000 though.”
“We can't use Windows 2000,” Mark said. “Our code requires NT.”
“Sorry, can't fix it then.”
It's nice to know that Microsoft stands behind their quality software.
