News: First .NET Vulnerability Appears
Security experts say .NET is the target of a new virus, the W32/Donut. Antivirus vendors say it's pretty benign. McAfee says the "uncommon system requirements and replicating environment" should keep the virus in check.
- Posted by: Alexandar Borissov
- Posted on: January 10 2002 17:48 EST
Read First .NET Vulnerability Appears
Awwww, baby's first virus!
- First .NET Vulnerability Appears by sharat nellutla on January 11 2002 12:37 EST
- First .NET Vulnerability Appears by Paul Jaime on January 11 2002 13:10 EST
- First .NET Vulnerability Appears by neunet n on January 11 2002 13:44 EST
- First .NET Vulnerability Appears by win vasion on January 11 2002 16:58 EST
- Serius discussion... by Omar G?mez on January 11 2002 18:15 EST
I think we are more concentrating on .NET than our java community now a days... with number of .NET news.... :)-
I Agree!! One thing is know about the .NET technology - or lack of - so that we are aware of the competition, but another thing is to plaster this site with every little news story to comes out about it.
Damn right, whi the heck posts these silly news anyway - are the owners of this site in bed witht he devil ? . .NET is .NOT here, lets wait till Microsoft cleans up the .NET virus and releases its service packs b/4 comparing.
BTW J2EE is here and it ROCKS so lets talk about.
Guys, look: I am a Java guy not by some kind of religious credo, but by conviction. Fundamented Conviction.
Knowing the competition is probably the best way to build up mass to defeat it: every architecture has good and bad points; trying to match up with .NET's best and being aware of our own worse is nothing but good and healty routine.
I really hope that we don't fall in the classic blindness of believing that "my system is better than yours" kinda thing.
Peace and awareness.
How come I didn't see you post in the same regards when the news are doctored for .Net ? From Christina Purpi, whose experience consisted of writting for the college newspaper and no tech experience comparing .net and j2ee in sdtimes among others ? This coverage has some substance to it, not ramblings based on "he said, she said."
Before critisizing, please make an effort to learn the technologies or atleast grasp as much as it has to offer.
No company will not offer millions down the drain for a junk technologies and there are varied implementations going on at various stages within the industry for .net.
I am basically a Java guy, we should not be critisizing a company or technology just for lack of portabality or whatever. It still is the one largest company in terms of market cap which overpowers in sum some of them working in sun.
So lets time and industry users decide which is best and suits requirments.
I completely agree with Mr.sudhendra.
Lets do our job Perfect.
let the market talk about our success
let the technology talk about it self.
let the technology unfold itself.
bye for now
I don't agree.
My company is trying to choose between Java and .NET.
Informations like that may direct us into adopting Java.
I totally agree with sharat, how about a serius discussion of this issue?
OK - so heres some serious information on the so called .NET Virus.
First, this is not a ".NET virus." It's a standard Windows virus written largely in assembler that happens to locate and modify .NET Framework (MSIL PE) files. So claims that this is the "first .NET virus" are basically inaccurate. Why create such FUD?
Second, to be infected, a user would have to download an infected application to their system and run it locally: it cannot spread through Internet Explorer or through Outlook (which blocks potentially dangerous attachments). In fact, because of the security enhancements in Windows XP (specifically, that the XP loader natively recognizes MSIL PE files) it cannot even trigger and spread if you are running Windows XP no matter how hard you try. In addition, for downloaded code, additional safeguards for managed code also detect this virus and will not run it. In other words, users who are taking standard security precautions (like running the current operating system and not running code they don't know about) won't be infected.
Third, an infected file triggers today's anti-virus software normally -- the Computer Associates eTrust software catches it, for example.
Point I am trying to make here is that this so called .NET virus in no way reflects on the .NET Security Framework. I would recommend people read .NET Security Whitepaper by Foundstone Inc.
before jumping to conclusions.
Ironically, the virus author even talks about how hard it would be to write a real ".NET virus" -- "How easy it sounded, so hard to code it was. C#, such like Java have VERY STRICT type checking. And I figured out that there's NO easy way how to work with stringz - once a string is defined, you CAN'T change it - and I needed to do that, becoz it was very important for viral functionality."
... I would recommend people read .NET Security Whitepaper > by Foundstone Inc. before jumping to conclusions ....
*Sigh* now we are doing .NET homework too. ...
Yeah, you SHOULD do your homework before talking crap about something. Really, if you think about it, how can you do what's best for a company if you don't know all of the tools/platforms that are available? Are you a 'java' guy? A 'Microsoft' person? Just 'PERL'? How can you walk in to a business and offer a REAL solution to their problems if you are only going to evangelize your favorite stuff?