[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <005601c3e073$18314990$0100000a@MOTHER>
From: yossarian at planet.nl (yossarian)
Subject: Anti-MS drivel
Tobias Wrote:
> > The fact that people use Windows and Office, proves that they can -
basic
> > Vulcan Logic.
>
> No. _IF_ people could use MS Windows/Outlook then things like
> Win32/Bagle-A wouldn't stand a chance because people either knew not to
> start or couldn't execute attachments from within email clients. The
> fact that millions of end users _do_ run email attachments from within
> their email clients shows that they _are not_ able to use Windows. It is
> the wrong operating system for them.
Have you noticed that you can put diesel in a normal car, cause the muzzle
at the gas station is too thick? Ask the local garage how often it happens
the other way around. Who is to blaim - where are talking product liability
here, while most of us are not trained in legal matters - hence the example.
And remember - people are required to have formal training to drive a
car.... With the laters updates for Outlook, most attachments are blocked by
default, and guess what: question No.1 to the helpdesk: how do I turn this
feature off?
When I drove home after reading this thread, I tried to open the hood while
driving - guess what? It does. So things can go wrong when I just push
buttons randomly. But only irresponsible and stupid people will do that!
Yep, cause if the wind catches the hood it wil fold over the windscreen.
Let's sue GM! My car won't even complain when driving in the dark without
the lights on. Technically a piece of cake to fix - my former car put them
on automatically - and the whipers when it rained, too. But the new one
doesn't - my point is that even in car manufacturing with a 100 years
experience, certain security features are lacking in new cars. Remember the
Pinto?
Now the e-mail attachment. E-mail is the killer app, most used PC feature,
so this is where stupid people are bound to do wrong. If you block opening
attachments they'll save it to their desktop and either call the helpdesk
since they can't seem to find the file and start yelling about it, or open
it from the desktop. Believe me, i've seen this happen. What do we do next -
prevent users from starting executables alltogether? Make a .Pol file so the
only executable they can run is winword.exe and outlook.exe? Theoretically
sound, but with the reality in many shops that they give local admin to
users since the customer is allways right, or some other lame excuse, it
won't work. People just clicking everywhere should not be using *any*
operating system, or any other complex device for that matter, like a car.
Why blame a device for complexity some people can't handle? ANY device?
> > The faulty nature does not deter many people from using it, so
> > the flaws cannot be too serious.
>
> A problem is only a problem in the eye of the end consumer if "rien ne
> va plus". Only when a PC won't start up again, the end user knows
> "Uh-Oh...".
>
> In the meantime this same virus and worm ridden system has caused major
> traffic jam on email servers and made the day on the Internet a hell.
Routers choke, servers gasp, let's blame MS, is that it? Let's imagine a
worm that propagates using something like older OpenSSH, open FTP
directories accepting anon, and samba shares - use buffer overflows in
sendmail and apache for effective rights - and CORBA to root. It contains a
mechanism for detecting the network lay-out, along the lines of p0f, and a
tunneling mechanism for additional payload over a P2P like network, with a
TLS communication. And it would trigger at certain intervals ARP flooding to
all systems with DNS and BootPS. At the end of the year it would tell intel
processors it is a 286. To make the fun bigger it would find the installed
certificates on the machine and use it to sign the trojans it installs.
Would networks crumble?
Servers and routers need special care, for cases such as this one.
Complaining about either stupid users or Outlook is not going to change
anything - fix your infra. And chop-bloody-chop with it!
If you are to build a virus, go for the greater numbers. Worms even more so.
So this is what it all boils down to - the risk of the monopoly. And yes
this puts a huge responsibility on MS. Maybe we can blame them, but any
monopoly on the desktop brings this risk. Since standardisation in OS and
applications is corporate policy everywhere, and globalization is real,
there will allways be a monopoly on the desktop with all its inherent risks.
Maybe not MS's but then some other. And guess what? The next one will be
worm and virusridden too That is the reality of being a sysadmin in the 21st
century. If you can't take the heat, stop whining, this is a kitchen you
know.
Powered by blists - more mailing lists