lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040617214130.GA2256@comcast.net>
From: rob at comcast.net (rob@...cast.net)
Subject: MS Anti Virus?

On Thu, Jun 17, 2004 at 11:51:46AM -0400, joe wrote:
> However the worms would be blocked if people had patched their machine or
> otherwise properly administrated the machines they were responsible for. All
> of the worms that I think you are probably referring to all had patches well
> in advance of the worm that impacted it, blaster, slammer, sasser, etc. 
> 
> Home users never should have been impacted as they should be running
> firewall software on the internet connections. The fact that they don't
> isn't MS's fault, however MS is stepping up with XP SP2 to help out. On top
> of that they should be patching when necessary.
[snip]
> Thinking that there will never be code patches required isn't realistic.
[snip]

Can you explain how it's realistic to expect the millions of home
Windows users out there now to know how to properly administrate 
their systems?

If anything that's been discussed here so far is unrealistic, that
must top the list. They're only starting to get the message that
patching is necessary. Very arguably, Microsoft helped create this 
culture of technically inept users who view the computer like any  
other household appliance. And now what? It plans to force-feed
basic computer security training and earthshaking updates down the 
throats of the same users to whom it's been spoon-feeding
computing-through-ignorance babyfood for years and years?

You say "the worms would be blocked if users would..." I say the 
worms wouldn't exist in the first place if Microsoft had written 
their software securely. It's easy for both of us to say, but which 
is easier to actually *do*? Microsoft has little control over what 
end users do, but it has complete control over the design, quality, 
and configuration of the software it ships. With the resources and 
market share they have, they ought to be leading the industry. 
Instead, they are the armpit of the industry.

Folks who have been paying attention o'er the years know the same
lies, half-truths, and PR maneuvering they hear today that they 
heard back then. "It'll be fixed in the next version", eh? You'll
have to pardon me if I don't shit myself repeatedly in fits of 
white-knuckle anticipation of the next version.

---

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ