f0dder, I think QvasiModo talks about index.dat files that weren't deleted when clearing history.
Posted on 2006-01-17 19:40:08 by arafel

f0dder, I think QvasiModo talks about index.dat files that weren't deleted when clearing history.

That's right, thanks for clarifying :)
Posted on 2006-01-18 09:08:59 by QvasiModo
...so much for Gibson's "magic value" theories - here's a guy that KNOWS how to reverse engineer, and has actually done it: http://www.sysinternals.com/Blog/
Posted on 2006-01-19 09:28:05 by f0dder
Indeed... :)

Iíve addressed the first two of Steveís observations, but what about his claim that the abort procedure only executes when the SetAbortProc record contains certain invalid record sizes? Iíve analyzed the control flow of the PlayMetaFile function that executes WMF file records and found that, if an abort procedure is registered, it calls it after executing each record except the last record of the file. That behavior makes sense since thereís no need to ask an application if playback should be aborted when the playback is already completed.
Posted on 2006-01-19 11:02:59 by QvasiModo
So he's gone from being a harmless crackpot to a full-blow lunatic with paranoid delusions...

neither said three, or said four; why couldn't told one or two.
making baby, washing dish. That is really harmless thing.
Posted on 2006-01-21 08:10:48 by dcskm4200

Episode 23 available at http://www.grc.com/SecurityNow.htm#23

Posted on 2006-01-21 09:31:04 by farrier
Here's a good article summarising the events http://www.theregister.co.uk/2006/01/21/wmf_fud_from_grc/

They rightly point out, why on earth would Microsoft want a backdoor? And even if they did, they have Windows Update...

And though it's out of date, http://grcsucks.com/ is good background reading abouth Gibson and his cock and bull stories.
Posted on 2006-01-21 09:47:02 by stormix

I mean, so the idea that Microsoft would have malicious intent is completely ridiculous. It was never what I meant to imply when I said "backdoor." "Backdoor" is just, you know, it's sort of the only term we have to describe this new kind of vulnerability that was discovered, you know, very early in 2006 or the end of 2005.

Bwaha, nice try steve-o ;)

: Geeez, how cheesy of him to call his vulnerability-tester "MICE". And as always, there's very little factual information but a lot of blabbering and conspiracy theory in the SecurityNow crap.
Posted on 2006-01-21 12:40:37 by f0dder
Isen't this question close to being politcal or relgose ?
To some people asking this question is blasfemy .
Posted on 2006-02-14 17:53:01 by rob.rice