On Tue, 3 Jan 2006 15:03:31 +0100, Hannah Schroeter <[EMAIL PROTECTED]> wrote:
>On Tue, Jan 03, 2006 at 03:24:22AM -0800, J.C. Roberts wrote: >>My dad (68 years old) has finally succeeded in destroying/infecteding >>his MS-Windows NT4 box, in spite of my best efforts to secure the darn >>thing (e.g. No MSIE, No "Microsoft Networking", stripped of just about >>everything MS-ish and with tons of hand made patches, behind an openbsd >>firewall... and so on and so forth). It lasted a good four years in the >>hands of a typical user that hates computers, clicks on everything and >>still expects everything to "just work" and work properly. > >4 years w/o infection isn't that bad for windoze... :-) Most people would be amazed what is actually possible with Win32. My current record is six+ years but calling the result of my efforts "Microsoft Windows" is a bit of a stretch: [EMAIL PROTECTED] ~ $ ls -lF / ls: /pagefile.sys: No such file or directory total 784 -r-xr-xr-x 1 Administ None 0 Jul 5 2003 IO.SYS* -r-xr-xr-x 1 Administ None 0 Jul 5 2003 MSDOS.SYS* -rwxrwxrwx 1 Administ None 34468 Dec 7 1999 NTDETECT.COM* -rwxrwxrwx 1 Administ None 214416 Dec 7 1999 NTLDR* drwxrwxrwx+ 3 Administ None 0 Aug 18 2003 RECYCLER/ drwxrwxrwx+ 15 Administ None 12288 Oct 26 13:12 _media_/ drwxrwxrwx+ 3 Administ None 0 Sep 7 12:10 _test/ -rwxrwxrwx 1 Administ None 6808 Oct 28 02:10 _viminfo* drwxrwxrwx+ 104 Administ None 28672 Nov 26 01:36 app/ drwxrwxrwx+ 177 Administ None 81920 Dec 31 02:50 arc/ drwxrwxrwx+ 4 Administ None 4096 Jun 23 2004 bcd/ drwxrwxrwx+ 3 Administ None 303104 Aug 18 05:58 bin/ -r-xr-xr-x 1 Administ None 286 Jul 5 2003 boot.ini* -rwxrwxrwx 1 Administ None 8192 Jul 2 2003 bootsec.bin* -rwxrwxrwx 1 Administ None 8192 Aug 15 2003 bootsec2.bin* drwxrwxrwx+ 2 Administ None 0 Nov 26 02:07 cad/ -rwxrwxrwx 1 Administ None 51 Aug 18 05:52 cygwin.bat* -rwxrwxrwx 1 Administ None 766 Jul 12 2003 cygwin.ico* drwxrwxrwx+ 21 Administ None 24576 Sep 28 06:23 etc/ drwxrwxrwx+ 8 Administ None 4096 Apr 20 2004 home/ drwxrwxrwx+ 28 Administ None 77824 Aug 15 2003 lib/ -rwxrwxrwx 1 Administ None 24576 Jan 7 2003 mkbt.exe* -rwxrwxrwx 1 Administ None 368756 Jun 2 2004 mkbt.idb* drwxrwxrwx+ 2 Administ None 8192 Nov 8 22:47 pcbenv/ drwxrwxrwx+ 2 Administ None 4096 Dec 14 11:09 pix/ drwxrwxrwx+ 2 Administ None 0 Aug 15 2003 sbin/ drwxrwxrwx+ 25 Administ None 12288 Dec 23 22:10 src/ drwxrwxrwx+ 3 Administ None 8192 Nov 25 23:06 src_arc/ drwxrwxrwx+ 4 Administ None 40960 Jan 3 12:18 tmp/ drwxrwxrwx+ 23 Administ None 4096 Aug 15 2003 usr/ drwxrwxrwx+ 12 Administ None 4096 Aug 15 2003 var/ drwxrwxrwx+ 3 Administ None 8192 Aug 11 04:48 vey/ drwxrwxrwx+ 41 Administ None 32768 Oct 30 05:35 win/ And yes, it really is Windows NT4 Workstation and is completely missing all the vulnerable crap like MSIE that MS has forced down users throats during the last 10 years. None the less, it still runs most application software reliably (both ms-windows and unix). I have considered attempting similar mad hackery with newer microsoft operating systems like XP and Win2003 but it's simply not worth the time and effort. It's not like Microsoft is willing to pay me to fix their crap and even if they were, the would not like the way I fix it (i.e. removing all of thier supposed technological enhancements like MSIE). As you might notice from the "mkbt.idb" I even audited the mkbt program with the IDA Pro disassembler by Ilfak Gulifanov (http://www.hexblog.com and http://www.datarescue.com/idabase and http://www.datarescue.com/cgi-local/ultimatebb.cgi) before replacing the NT4 boot sector with the boot sector from Win2K to get past the boot disk limitations. It seems Ilfak is getting some (very well deserved) fame these days for his hotfix to the new WMF vunerability. http://it.slashdot.org/it/06/01/02/1153244.shtml?tid=201&tid=218 http://it.slashdot.org/it/06/01/03/1913252.shtml?tid=220&tid=109&tid=172&tid=218 Just because people like Ilfak and I don't have access to the microsoft source code does not mean we are unable to do anything we want to the system. It's just a lot more work. The real problem is releasing patches for a proprietary product when we don't own the rights to it. jcr
