[thelist] FYI - Plug this MS Application Hole

Chris Marsh chris at ecleanuk.com
Thu Sep 4 10:14:07 CDT 2003 

Sarah

> Here's a question for those of you with a better 
> understanding of security 
> issues than I have. Do you think that Microsoft products have so many 
> security problems because they develop sub-par products, or 

The products are not necessarily sub-par, just released too early in
their development cycle.

> because the 
> various flavours of Windows are the most commonly used OS, 

Microsoft, AOL et al thrive on the ignorance of their users. It is
against their business interests to have informed users, because
informed users Do It Themselves rather than installing megabyte upon
megabyte of bloated application to do it for them. Freeserve was a case
in point some time ago with their dial-up accounts. They gave you an
executable file in order to "install" your dialup account, on the
grounds that it was easier than setting up a dialup connection manually.
If you ran the .exe, your machine was tied inexorably to Freeserve
forever. This was opposed to entering a phone number, account name and
password in a dialogue box; <sarcasm>which I must confess I find so
difficult and complex that I have often had to survive without an
internet connection</sarcasm>. Of course, to "add value" to their
products requires lots of "helpful" "shortcuts", "wizards" and
"automated features". The more complex a product becomes the easier it
is to break. This is why burglars prefer to break into houses through
locked doors rather than walls. It would be more ethical to educate
users but 1) This would make less money, and 2) People in general are
lazy and prefer to believe the hype rather than figure it out for
themselves. Therefore Microsoft shelters its users in the short term,
exposing them to many more dangers in the longer term. One can't really
knock them for this, as it's a proven business model that has made a lot
of people very rich indeed.

[..]

Regards

Chris Marsh

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.512 / Virus Database: 309 - Release Date: 19/08/2003

More information about the thelist mailing list