HOW MUCH $/TIME/SECURITY NEED TO BE LOST BEFORE MS IS HELD ACCOUNTABLE??? (NM)

Discussion in 'Security Software' started by MIKEY, Aug 12, 2003.

  1. MIKEY

    MIKEY Guest

     
    MIKEY, Aug 12, 2003
    #1
    1. Advertisements

  2. MIKEY

    John Winfrey Guest

    I would also add if you take the time to look at the Cert announcements.
    it's not just MS that is being attacked. Our old buddy the pigeon is right
    up their as well as Unix. It isn't the company that you look for retribution
    from it's the bastards that write the code. Maybe we should look at the
    irresponsible people that publicize a vulnerability without allowing the
    companies to responded.

    --

    John


    [/QUOTE]
     
    John Winfrey, Aug 12, 2003
    #2
    1. Advertisements

  3. MIKEY

    MIKEY Guest

    HAHA! Isn't the Department Of Homeland "Security"'s
    primary concern SECURITY? Yet they are standardizing on
    WIN. Oh, and tell the folks trying to renew their MD
    drivers licences about "conscious choices"... haha can't
    beleive i'm this bored to reply... 8^)


    .
    [/QUOTE]
     
    MIKEY, Aug 12, 2003
    #3
  4. The patch was released well in advance (relatively speaking) of this worm.
    It is not practical to expect that MS can do anything but provide the fix.
    If end-users do not install provided fixes, then I believe that the blame
    changes hands somewhat.
     
    Keith W. McCammon, Aug 12, 2003
    #4
  5. MIKEY

    |{evin Guest

    Probably the same amount of time that will be lost due to clueless
    people not learning how to operate and secure their machines.
     
    |{evin, Aug 12, 2003
    #5
  6. You had almost a month to take action and avoid trouble. If you had
    Automatic Updates running, you never would have seen the worm.

    In other words, it's your fault for not paying attention to security
    issues. Sorry, that's the way it is in the wild and wooly Internet.
     
    Kent W. England [MVP], Aug 12, 2003
    #6
  7. MIKEY

    MIKEY Guest

    The question still remains:

    How much money, time, productivity needs to be lost?

    Think about it!

    How much to you *personally*?

    How much from the government?

    How much from businesses?

    How much?

    Aren't you sick of it? I sure am! So-long MS!
     
    MIKEY, Aug 13, 2003
    #7
  8. And hello vulnerabilities in Linux

    Nothing is secure dear.

    Patch management is needed for EVERY OS.
    --
    "Don't lose sight of security. Security is a state of being,
    not a state of budget. He with the most firewalls still does
    not win. Put down that honeypot and keep up to date on your
    patches. Demand better security from vendors and hold them
    responsible. Use what you have, and make sure you know how
    to use it properly and effectively."
    ~Rain Forest Puppy
    http://www.wiretrip.net/rfp/txt/evolution.txt
     
    Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], Aug 13, 2003
    #8
  9. MIKEY

    |{evin Guest

    Ok.. go install Linux... leave it default.. don't install any patches
    or updates.. see how long you last on the internet. Are you related to
    Tracker or something?
     
    |{evin, Aug 13, 2003
    #9
  10. I'll bite on this one. No, the Department of Homeland Security is not
    primarily concerned with computer security. They are worried about things
    like bombs and real viruses that acutally kill us. They didn't choose
    Windows because they feel it is the most secure. They are using it becuase
    they feel it is the most effective tool to to place in fromt of all the
    staff members.

    Besides, the current administration has received a ton of election money
    from MS. Money talks. The open source crowd cannot compete against
    Microsoft money. Bush was considered a joke 2 years before the election,
    but he really knew how to put together a huge war chest. Money matters.

    If you are seriously looking for the most secure system,
    1) learn how to use OpenBSD
    2) learn about the processes of security - especially the human side.

    Read the comments that the DOD gave for not funding OpenBSD - it sounds to
    me that they feel it is too secure. It seems they worry more about OpenBSD
    in the hands of hostile nation-states. But it does seem that they know the
    value of OpenBSD. "In the 2003 competition among military academies and
    grad schools, in which they competed to provide the best defense against
    cyber attacks launched by National Security Agency specialists, the judges
    acknowledged that in the final analysis, use of OpenBSD was a determining
    factor in the winner's ability to fight off attacks."
     
    Robert Folkerts, Aug 13, 2003
    #10
  11. You make a good point. You have to trade away the feature race to get
    the stability needed to hammer away at the security weak points.

    OpenBSD started with the same crappy weak security as the old BSD. But
    they focussed on security at the expense of adopting features and built
    a rugged, hardened OS.

    But you don't get Microsoft's business with that sort of plan.
     
    Kent W. England [MVP], Aug 13, 2003
    #11
  12. MIKEY

    Jeff Cochran Guest

    Put up or shut up. File your case in federal District Court.

    Jeff
     
    Jeff Cochran, Aug 13, 2003
    #12
  13. I think it is worthwhile to point out that even OpenBSD can develop problems
    both in the default install and in the process for downloading trojaned
    updates.. and OpenBSD has only a small fraction of the lines of code and
    functionality of Windows, such as a GUI. If OpenBSD has trouble keeping
    OpenBSD 100% secure, that puts into perspective that keeping Windows secure
    is not as simple as the average lay person would have you believe.
     
    Karl Levinson [x y] mvp, Aug 14, 2003
    #13
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.