As a MS employee, are you in contact with the other evangilists across N. America? If so, who are they in the Rocky Mountain Region? Thanks! :)

It has always blown my mind that many web sites limit the length of passwords to rediculously small lengths. 8 characters? Are you kidding me? And I'm not talking forum accounts on some script kiddy's web site. These are sites for major corporations that you would expect to have somewhat decent security.

I actually ran into a problem with an account for a major cellphone company, whose name I will not mention (I feel like going outside for a SPRINT). While changing my password, I entered a new value which, unbeknownst to me, was longer than the allowed length. Of course there was no notice of the length restriction, and when I pressed submit, the server happily accepted the new value, truncating it to fit their length requirements. I received no message other than password changed. The next time I visited the site, I couldn't login.

I switched carriers a month later. Can you hear me now?

Touché! Of course, that's kind of old news. Just shows that neither side is completely averse to taking advantage of solutions from "the other side", I guess. ;-)

I’m going to have to agree with G. Andrew. Neither side is fully opposed to using the technology of the other.

The issue is, IMO when one side <a href="http://ihatelinux.blogspot.com/2004/07/thievery-of-linux.html"deliberately attempts to deceive</a> the other or worse, users.

Bah... I forgot that .Text handles URL's automaticly, here it is again but with out the extra charactors:

I’m going to have to agree with G. Andrew. Neither side is fully opposed to using the technology of the other.

The issue is, IMO when one side deliberately attempts to deceive the other or worse, users. ( http://ihatelinux.blogspot.com/2004/07/thievery-of-linux.html )

Exactly, the Hotmail servers were running *BSD (I forget which flavor) for a long time. Sadly when they switched to Windows server they started underperforming. I'm still getting a lot of "the server is busy" messages when I try to read my mail there. :(

It's all about using a hammer to hammer nails and a screwdriver to driver screws. I think Linux boxes make excellent file, mail, and DNS servers. A lot of the hardware routers and firewalls runs Linux as well. Don't let blind prejudice prevent you from using a good tool.

They are also using Microsoft SQL server for the backend....

Put this URL in to test:

http://www.linuxworldexpo.com/live/12/<add something random here>

C'mon guys. These companies are in the business of organizing conferences. Just because they are hosting a linux conference does not mean that they have to go find a linux machine to host the website on.

It would be a different story if this were a linux shop hosting they pages on a windows server.

Give'em a break.

Kinda like how ASP.NET Net Pro Magazine uses .ASP pages for its site? :)

"something that doesn’t always work the way it should with RunAs"

Indeed.

The hyperlink doesn't seem to work. Has this Tech. Report been removed from MSR's website? If not, could you please tell us the title and author (so that we may use the search page to locate it...since I don't see how one can search by Tech. Report number...)

Thanks!

Don't know why the link above isn't working...perhaps a temporary glitch. If you do a search on the main page for WinDiff, you can find the following link:

http://research.microsoft.com/sm/strider/Strider_GhostBuster_July_2004.doc

Thanks A LOT! The Strider Ghostbuster tool looks like a fantastic tool to have in my toolbox (automates the exact technique I've used on way too many infected PCs at work...). The Strider Gatekeeper that's mentioned in the paper sounds similar to a tool I use on all my PCs: StartUpMonitor (available from Mike Lin at http://www.mlin.net/StartupMonitor.shtml ). If I have time, I may try building my own copy of a GhostBuster CD...as I routinely maintain many different "lifeboats".

It's good to see that basic security research is producing viable tools. I'm hoping that these will be incorporated into any future MS anti-virus product!