| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: james at wetgoat.net (James P. Saveker) Subject: Knocking Microsoft Some personal thoughts, Yes indeed it's no secret that Microsoft valued functionality over security for many years. I think that's how they are a market leader today. This model could not be sustained however, as with the advent of exponential internet growth security has undoubtedly become a major concern. Microsoft has in there defence started the trustworthy computing scheme, which many would not hesitate to laugh at. However windows server 2003 does not by default load unnecessary services. Microsoft has developed "bits" client to downloaded patches requiring minimal user interaction depending on the configuration. In the enterprise they have improved SMS server to deploy patches across "bits". For smaller business they offer SUS for FREE. The code they produce is far more stringently tested in regard to security than perhaps it was before. The key to increasing the windows security model is not just one thing, however with the advent of granular code patches will be smaller and cheaper to deploy requiring much less bandwidth than today. Longhorn will be a big jump for Microsoft and a major test of the trustworthy computing yada yada. I do not understand why people knock Microsoft so much in regard to security today. I regularly hear people talking about how many vulnerability's Microsoft has and how poor this is. As everybody subscribing to this list and similar zone-h, bugtraq etc will know Linux has many warnings posted also. Yet I rarely hear people talking about that and indeed how it is far more difficult to keep linux distro's up to date. Windows has a far greater end user base than any other operating system. It would be a fair assumption to then say that perhaps virus writers and "hackers" are going to look for ways to exploit windows far more than other "end user" system in order to gain greater penetration. That is not to say that people do not look for sploits in web application servers running nix and other such systems in respect to the amount of nix servers on the net. I don't mean to open an open "sauce" debate but merely say my bit and see others peoples views on the topic. James Saveker "The only thing which helps me maintain my slender grip on reality is the friendship I share with my collection of singing potatoes..." -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3024 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040227/e945649d/smime.bin
Powered by blists - more mailing lists