Feeds

* Posts by Matthew Evans

5 posts • joined 3 Jul 2009

Steve Jobs' last words: 'OH WOW. OH WOW. OH WOW.'

Matthew Evans
IT Angle

iWow ?

0
0

Microsoft IIS vuln leaves users open to remote attack

Matthew Evans

Re "What!"

@ Destroy All Monsters

>1) Why would a webserver need to execute uploaded code? Is this a new approach to distributed >computing?

A web server would not 'want' to execute uploaded code. After the file is uploaded to the server (bypassing content filters using this hack), the malicious user would request the file via http, thus executing it.

The effect of this would depend on the permissions which the IIS process runs under. Recommendations are to run this with a low privilege account. This should prevent running services, installing malware, most administrative functions. This is probably why Secunia have given the exploit a low rating.

>2) How does IIS decide whether to execute something if the rule is to _not_ execute something >ending in .asp?

IIS executes ASP files by default (via passing the request to the ASP.dll handler), not the other way around. The general rule is to prevent users UPLOADING executable files like this via a file upload facility.

I know its clever to be down on Micro$oft, but why comment when you don't understand the issue.

10
1

Sony Ericsson goes web crazy

Matthew Evans
Go

we will assimilate your culture

interesting in the chinese sense of the word

lets all get behind android.

all hail our new goverlords!

0
0

Microsoft's Flash-challenger Silverlight 3 hits web

Matthew Evans
Black Helicopters

What will Office web applications actually be?

Installed pretty slick for me.

I am interested in what Office Web applications actually turns out to be. It sounds like it has potential, but I've heard some muttering about it being pretty limited and tied into SharePoint, which sounds like a MS strategy and changes things a bit

0
0

Debian rejects open-source .NET threat claim

Matthew Evans
FAIL

When linux takes over?

Had to guffaw.

"...but when Linux starts really taking over as the standard IT computing platform..."

Its been around for over 10 years, and its sitting at < 1 % of desktop / laptops. Every OEM manufacturer who has a go at selling a Linux desktop / laptop pulls the plug quick smart, because they discover that the market for linux is a small number of shouty techies. Most users just dont *want it*

Linux had its best ever opportunity to grab consumer market share with netbooks. Guess what ? Windows own the vast majority of that market . MS didn't force it down peoples throats, users WANT it. More to the point, they DONT want Linux.

Linux shines as a commodity cheapie web server O/S , beyond that forget it.

Convulsing about Mono on Debian is just .... taking yourself too damn seriously

0
0