lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: mvp at joeware.net (joe)
Subject: M$ Getting Better?

You realize of course this is silly? You start off with saying that the
majority needs to realize that they shouldn't be using MS because they are
bad and that they hold majority because they are criminals and do bad things
and that people should go buy something that isn't MS. Then you go on about
how ANYONE who holds majority is a bad thing. 

Will you just continually run around complaining about whomever is on top?
Or is it simply that MS happens to be on top now and you aren't happy with
that? What is it that you really want, diversity of choices, no one to get
too far ahead of anyone else, or you don't want MS to be in the market at
all? You have the former in your hand already. The middle is very difficult
given normal markets unless there is complete and total and easy interaction
between the competitors with no clearly better product in any category
including price, security, and functionality. The latter seems to be closer
to the truth because you think they are bad though I wouldn't hold your
breath in your shoes as if it got very bad and MS was as evil as you say
they are, they could simply buy Red Hat and SUSE set the developers up
writing Mine Sweeper 2.


BTW, you can push for and support and say how good your favorite flavor of
OS is without tearing at other OSes or whining how bad they are. People
telling me I shouldn't buy MS software because they are criminals or that
they suck just makes me laugh. People telling me look at this really cool
feature here, makes me look. There are many folks out there pushing open
source solutions who never even say MS and do a good job of it because they
are clear headed, open minded, and pushing the good things about the stuff
they are pushing. They aren't sitting there going M$ sucks because you can
search on fines and see that they are criminals or that the entire Windows
line sucks and needs a redesign because I heard that on FD once and sounds
cool to say. 


I disagree that you can't have security with a single majority used product.
It just takes work to lock the product down which is occurring. Having
multiple products is good for choice, so you can choose the correct tool for
the correct application. However, having multiple tools can also be
administratively intense and costly, especially when trying to integrate the
solutions for a strong woven overall solution. Having two many products or
vendors within a single company actually hurts security as it becomes too
much to maintain, manage as all Oses and products have to be patched at some
point. The centralized on a given product/vendor, the easier to do that
overall management. What I am saying is that running Windows, Linux
(multiple flavors at multiple revs with multiple custom mods), BSD (multiple
flavors at multiple revs with multiple custom mods), Unix (multiple
flavors), OS/400, VMS all together doesn't make a company safer, it makes
them more insecure or costly. They either have to hire more people who have
good knowledge of each of the platforms or they hire a few people who are
good at a couple of them and cover for the others. Ask anyone who has worked
in a sufficiently large company and they will tell you that large diversity
in platforms is a nightmare to deal with. 




-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Eric Paynter
Sent: Monday, June 21, 2004 1:21 PM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] M$ Getting Better?

On Mon, June 21, 2004 8:43 am, joe said:
> Last time I heard, IE was the most popular browser with something like 
> 70%+ of the browsing done with IE. As for browsing OSes I think I 
> recall hearing that XP was over 50% of the machines and that Windows 
> machines as a whole accounts for over 90%.

All you have to do is search google for the words "Microsoft" and "fined"
to see how many times they have been convicted of braking the law to
maintain that market share. They use unfair and illegal tactics to hold the
fort. That's why people don't like them.

Are you happy doing business with criminals?


> Why do you feel you have to go around whining? It is almost as if you 
> are trying to justify your decision.

No, not justify. The reason is to attempt to bring awareness to the fact
that the only reason Microsoft holds the balance of power is because people
continue to support them. And that alternatives are available, but they are
struggling. Until the majority starts to realize that there are
alternatives, MS will hold their seat of power. But with more awareness, the
alternatives will grow. So people go around "whining" to spread awareness of
the alternatives. Perhaps with greater awareness, MS will be held
accountable by their (ex-)customers, who will vote with their dollars by not
purchasing MS products.


> When you break up with a g/f (or b/f?)  do you go around telling 
> everyone how horrible that person is or do you just go find someone 
> else. If the former, you have deeper issues. If the later, apply that 
> your OS choice and be done with it, I think you may be happier.

See above... it's not a significant other we're talking about here. It's a
dominant market player who controls innovation and has severly hurt the
high-technology industry. A better analogy is a tyrant dictator who needs to
be unseated. Only through education can people begin to realize just how
unethical Microsoft has been. And perhaps with that education, they will
stop buying products from the company that regularly violates the law and
inhibits innovation. Then we will see the alternatives grow and real
innovation will occur.


> No company that sells a product for real money can win against a 
> product that is free unless the product being sold offers some sort of 
> value that doesn't exist in the free one.

Not true. The company that sells a product for real money can win against a
product that is free because they have real money for marketing. And they
use it to convince (non-technical) CEO's and other large-dollar decision
makers that the alternatives are not safe. The other products, whether free
or for sale, have no defense because they simply don't have the resources to
combat the multi-billion dollar marketing campaigns that MS puts forward.

And before people say this is too off topic, I suggest it is strongly
on-topic. Having a single product account for a clear majority of the market
is dangerous from a security perspective because it reduces diversity. As
we've seen time and time again, a single worm can bring the entire global
network to its knees. The dominance of one system means the dominance of one
exploit. We need more diversity to maintain security of our systems. If MS
continues to grow and stamp out the alternatives, we will continue to be in
very very bad shape and we will continue to see mass e-epidemics occur. No
matter how secure MS makes their products, there will always be
vulnerabilities found.

-Eric

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ