lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: mike at sane.com (Michael Smith)
Subject: Re: Prudent default security 

>> I'm expecting that bulk admin tools for windows systems will mature
>>greatly
>> over the next year or so.  Hopefully MS will continue to work on the path
>> they have set rather than reinventing the wheel and making all current
>> system and network administration policies and tools obsolete.
>
>Remember - MS is a *corporation*.  They have *no* reason to change path,
>unless
>by doing so they improve *their* bottom line. If they can crush a
>competitor
>and spur sales with a "new improved" product that changes course, they
>will.
>
>People keep acting like MS has some moral or ethical obligation to their
>customers.
>They don't.  That's why they engage in behavior that outsiders find
>revolting - because
>said behavior is good for the bottom line.
>
>And the only way to change it is to make the behavior bad for the bottom
>line (either
>in lost sales when a shop goes Linux, or damages in a lawsuit, whatever...)

I agree whole heartedly, MS has no moral or ethical obligation to their
customers (and shouldn't, other than to try to fix flaws in software they
have sold).  I was only pointing out that the upgrade path that has evolved
through their OSes has made it difficult to maintain or improve
administration tools (as a SysAdmin).  The tools I developed in the early
90s to help me administer a WFWG/DOS network differed from the ones I used
in 95-00 to administer a Win9x network differed from the ones I use now to
admin a W2k/XP network...  while most of the tools I've used to admin the
unix side of those networks are very similar if not the same.

I have absolutely NO problem with MS being engaged in the bottom line.  I am
one of the few here (maybe the only one) who doesn't have a major problem
with @stake letting Dan Geer go...  The bottom line is that if he was
hurting their business by slamming one of their clients, even if he was
correct (which he was), they *should* have let him go.  People seem to
forget that companies exist to make money.  If I had an employee who was
working against MY best interests, you can bet he wouldn't last very long.

I think that companies have an obligation to act ethically, but I also
believe that employees have the same obligations....  they should 'ride for
the brand' as it were.

~mike

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ