17 votes

Microsoft buys Corp.com so bad guys can’t

6 comments

  1. [5]
    joplin
    Link
    So couldn't they have put out a fix in the last 20 years that no longer accepted "corp" as a legitimate domain? That seems way easier and less costly. They could even do an interim release where...

    in early versions of Windows that supported Active Directory — Windows 2000 Server, for example — the default or example Active Directory path was given as “corp,” and many companies apparently adopted this setting without modifying it to include a domain they controlled.

    So couldn't they have put out a fix in the last 20 years that no longer accepted "corp" as a legitimate domain? That seems way easier and less costly. They could even do an interim release where it warned admins that "corp" was going away, and pointing them to a website explaining the problem. Then eventually a release where it no longer worked. Seems like it would have been better for everyone involved.

    The way it stands now, thousands of companies are still sending sensitive information to the domain, even if it is controlled by Microsoft. We don't know what some rogue Microsoft employee is going to do with that information. Or hackers who manage to get access to it within Microsoft's network. Or a government looking to spy on people. This whole thing sounds ridiculous.

    7 votes
    1. [4]
      aphoenix
      Link Parent
      All the software that has this happening is software that is well beyond end of life. If people aren't updating for "literally anything could break and nobody will help you" then they're not going...

      All the software that has this happening is software that is well beyond end of life. If people aren't updating for "literally anything could break and nobody will help you" then they're not going to update based on something they don't understand, like this bug.

      7 votes
      1. [3]
        joplin
        Link Parent
        I'm a little confused by what you're saying. Is it that people are still running Windows 2000 where this bug originated? Or are they using something newer, but still way past end-of-life, that...

        I'm a little confused by what you're saying. Is it that people are still running Windows 2000 where this bug originated? Or are they using something newer, but still way past end-of-life, that they won't update? I realize many businesses don't want to touch stuff that's working, but what surprised me is that it sounds like Microsoft didn't do something else about this in the ensuing 2 decades. (Or did they and I'm just misunderstanding?)

        1. [2]
          aphoenix
          Link Parent
          I'm saying that releasing patches for bugs won't fix this problem, and Microsoft knows that, so they had to make this purchase anyways, if they're going to be responsible. And since they have to...

          I'm saying that releasing patches for bugs won't fix this problem, and Microsoft knows that, so they had to make this purchase anyways, if they're going to be responsible. And since they have to make the responsible choice and make this purchase, it becomes too expensive to also do the software fix, especially for old, unsupported software.

          3 votes
          1. joplin
            Link Parent
            Thanks for the explanation! I get it now.

            Thanks for the explanation! I get it now.

            2 votes