[thelist] New Critical Security Patch for Windows....
Shawn K. Quinn
skquinn at xevious.kicks-ass.net
Thu Feb 12 05:48:12 CST 2004
On Thursday 2004 February 12 05:07, Jeff Howden wrote:
> john,
>
> ><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
> > From: John C Bullas
> >
> > Microsoft who art in Redmond.......
> >
> > Thank you for providing virus writers and hackers with
> > the exploits from day one be they security loopholes,
> > possible buffer overruns or missing canaries, that later
> > on enable you to remind us of your beneficence via
> > "windows Update"......
> ><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
>
> technology is built by humans and therefore imperfect. to cast a
> stone at any particular vendor (in this case microsoft) is extremely
> boastful of your own abilities, no?
Even if John is not capable of writing his own operating system, it's
still likely he knows of others with a track record far superior to
that of Windows. I would even feel safer running Red Hat Linux without
a firewall than any version of Windows.
> further, it indicates just how out of touch you are with security
> news online. yes, there are a lot of security holes in microsoft
> products and yes, microsofts products enjoy a rather dominant market
> share. however, the fact remains that alerts from most any
> non-vendor-specific security alert service you sign up to have
> microsoft products in the gross minority, the opposite of what you
> might be inclined to believe.
I would say this is of dubious relevance, when the exploits for them
choke down entire networks and the fallout affects everyone, even those
of us who have long since ceased trusting Microsoft. Also, Microsoft is
not exactly known for brutal honesty when it comes to owing up to a bug
in their software, in particular if it is security-related, and even if
they acknowledge it the impact is ridiculously downplayed. Contrast
this with, say, OpenBSD's same-day update owning up to the one remote
hole in the default install after four years (and the exploitability of
that hole was still in question).
> just something to ponder before you blurt the usual, uninformed,
> anti-microsoft rhetoric you hear from self-proclaimed computer
> experts.
Something else to ponder: Before Microsoft Windows was Internet-capable,
there was talk about *the* Internet worm, as in the ONE Internet worm.
These days, if you try to refer to *the* Internet worm, people will
reply somethign like "Huh? Which one? You mean there's another one out
there now?"
As far as your "uninformed" comment, I've been using computers for quite
a long time. I taught myself BASIC and 6502 assembler language before I
was out of elementary school, and have studied computer network
security ever since getting my first dialup Internet account back in
1996. I'm about as informed as they come. I think it's safe to say just
about every unbiased computer security expert will describe Microsoft's
security track record as "piss poor" with maybe a nominal improvement
over the past few months. (And I would consider an MCSE or similar
credential as prima facie evidence of a Microsoft bias.)
--
Shawn K. Quinn
More information about the thelist
mailing list