| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jays at panix.com (Jay Sulzberger) Subject: Fw: Re: Odd Behavior - Windows Messenger Service On Sat, 19 Jul 2003 Valdis.Kletnieks@...edu wrote: > On Sat, 19 Jul 2003 11:21:57 EDT, Michael Gale <michael@...esuperman.com> said: > > > Sure it would be great is Microsoft released secured versions of Windows but > > then average users like my parents and sales people would require a greater > > understanding of computers and security in order to use them because they would > > find all these features they so love to be disabled or blocked. > > Many people in the security field think forcing people to have enough of a clue > to find things to enable them would be a Good Thing. > > How much random scanning on port 135 would there be if Windows simply > prohibited wide-open sharing of C$ and anonymous enumeration of accounts? > Yes, people would then have to *think* about who they really wanted to share > their data with - which is more work than Redmond has traditionally wanted > users to do. > > However, I am of the opinion that the Redmond model is a false time-saver, > because it trades the "5 minutes to figure out how to share only the folder you > want with only the other machines you want" with the "days lost when you get > hacked by something via a wide-open share". This is the paradigm case of "first, even most blunt, cost benefit estimate". oo--JS.
Powered by blists - more mailing lists