From: O'Regan, Emlyn (Emlyn.ORegan@actew.com.au)
Date: Wed Aug 18 1999 - 18:57:04 MDT
> O'Regan, Emlyn wrote:
> > If you stick to Wintel machines, you could argue that since MS says
> their
> > products are secure, and since they have a history of not telling the
> whole
> > story re: APIs for their "OSes", then the security holes must in fact be
> > hidden APIs, and that their system is thus designed to allow this kind
> of
> > radical distributed computing.
>
> A) Microsoft has repeatedly stated that Windows 95/98 is not secure, is
> not
> intended to be secure, and should not be used by anyone who is concerned
> about security. Its security measures are intended to stop curious
> co-workers and children, not experienced hackers.
>
> B) Windows NT security is not any easier to crack than UNIX systems
> (actually I would argue that it is substantially better on average, since
> most UNIX sites are running older implementations with relatively feeble
> security measures, but the lower quality of NT administration
> counterbalances this). The only reliable method is to use a Trojan Horse
> program, and that carries a very high risk of detection.
>
> C) All OSes have security holes. All OS vendors (AFAIK) make a strong
> effort to plug them as soon as they are discovered. The effort they put
> into getting these fixes to customers varies a great deal from one vendor
> to
> another. There is nothing in Microsoft's business practices that
> distinguishes it from any other vendor in this regard.
>
> These points aside, your argument is legally equivalent to claiming that
> the
> company that built your office building should be liable if your office
> gets
> burglarized. It doesn't work that way (which is a good thing, because it
> is
> not possible to construct a perfect security system). The burden of
> ensuring that your posessions are defended by an adequate level of
> security
> (and deciding what exactly is 'adequate') rests entirely on your
> shoulders.
>
> > Perhaps they could even be sued for then patching said holes, for
> > anti-competitive practices?
>
> Would you think this statement made sense if we were talking about Linux?
>
> Billy Brown, MCSE+I
> ewbrownv@mindspring.com
>
Easy there big guy! I was just having a go at MS because they're a big
target (side of a barn?) - looks like I missed anyway. But as Foghorn
Leghorn says, "That's a joke, son".
I'm in league with Satan too by the way; Linux shminux (now minix, there's
another story...). I thought I was on the side of light (Delphi's project
Jedi places it there, at least rhetorically), but then MS bought up lots of
Inprise ne Borland- no sorry, entered into a partnering arrangement
involving licensing & large sums of money moving from MS to Inprise ne
Borland - so evidently I have crossed over to the dark side.
Darth Emlyn
(As long as you've crossed over, why not start using VB?
Nooooooooooooooooo!!!!!!)
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 15:04:48 MST