Stardate 20011026.1255 (On Screen): Thomas Greene misses the point about Steve Gibson's concern regarding Win XP. He installed Win XP on his system and let Gibson's
Nanoprobe attack it, and Gibson's system failed to even see that it was there. Greene then asks
If ShieldsUP is a crap toy, and XP really is a weapon broadcasting its deadly raw sockets to the dark side, then Steve is a fraud. But if the XP firewall really offers 'full stealth' right out of the box, then Steve is a fraud. So which is it? The answer is that Gibson doesn't think that these XP systems will be infected by direct attack. He thinks they'll be coopted by email worms or infected download files, which XP's firewall won't help. Once the system is compromised, it will bypass the firewall and make itself known (usually on an ICQ channel or something like that) and permit a script kiddy to take the system over.
However, Gibson's hysteria is misplaced; it isn't necessary to have the ability to do raw IP operations for such a zombie (as they're called) to become dangerous, and it's always been possible for those kinds of infections to IP-spoof; it's just that it was more difficult. XP doesn't change anything important one way or the other. (discuss)
