| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Anti-MS drivel On Fri, 23 Jan 2004 12:58:34 CST, Bart.Lansing@...ls.com said: > Tobias, I have to tell you that >>Customer is king. When a customer "makes > a mistake" then it's not his > own but the vendor's mistake.<< is getting old. > > 1. If the customer decided to > 1. If the customer decided to make a sharp left turn at 120 kph on an icy > mountain road and slid his car off the side of the cliff...or... We have a hundred years of experience and hand-me-down knowledge that let people know this is a Bad Idea. It's in enough lifetime-experience that it's safe to assume that by the time somebody goes to get a driver's license, they've been passengers in enough cars and seen enough movies and TV where cars go sliding off the road during high-speed chases to know that "normal speeds the car tends to stay on the road, high-speed car goes ballistic". It's only been about 5 or 6 years since "Aunt Tilly" was the canonical user, and Aunt Tilly didn't learn about the hazards from daily experience because the hazards didn't exist. I learned a lot about cars from my father, and I learned a lot about things that mattered 50 years ago, were still important enough for him to teach me about 30 years ago, but don't matter at all now, and I certainly didn't learn much about things that came along after *I* hit middle age. > 2. If the customer decided to ignore the product warnings and popped that > can of beans in the microwave then stood there with his face against the > window to watch...or... Bad Example. A can of beans probably won't be that interesting, as the can will probably generate enough sparks and similar that you'll say "Holy S**T" and turn it off within 5 seconds. Trying to make a hard-boiled egg in a microwave... now *that* is less obviously a Bad Idea (as the cooking will appear to progress quite normailly), and particularly dangerous because it's possible for the Bad Things to happen *after* you've removed it from the microwave... > 3. If the customer decided to go scuba diving at 100 meters, ignored the > guages that told him he was out of air, then decided to rocket to the > surface as fast as he could so he could get a breath... Which is why dive instructors will beat this into you over and over and over. > THE CUSTOMER MADE A MISTAKE "If a customer pops a chocolate in their mouth, they hardly expect to have their cheeks pierced". It's the rare software package that says "Caution: Real Crunchy Dead Frog inside" on the packaging. I don't think you can say "the customer made a mistake" when they are using the product in accordance with the manufacturer guidelines they received with the product. http://www.microsoft.com/security/protect/default.asp 1) When did Microsoft start shipping operating systems? 2) When did Microsoft start publicizing the above URL? 3) When did Microsoft start shipping systems pre-configured that way? 4) When did Microsoft make that URL the "first time connected" default for IE? Now if the information that's on that web page was in a big READ THIS FIRST that came with the computer, I'd agree.. But until that day.... The closest comparison I can think of is the state of tobacco advertising before the mandatory Surgeon General warnings - the manufacturers were spending lots of money saying it was cool, and not informing of the risks. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040123/dc29eda7/attachment.bin
Powered by blists - more mailing lists