lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6a5e46471001261705o3745be59tcc5f96e953dcd86b@mail.gmail.com>
Date: Tue, 26 Jan 2010 19:05:15 -0600
From: Rohit Patnaik <quanticle@...il.com>
To: rafael@....com.br
Cc: full-disclosure@...ts.grok.org.uk, Valdis.Kletnieks@...edu
Subject: Re: Perhaps it's time to regulate Microsoft as
	Critical Infrastructure?

Rafael,

Well, either Windows will no longer exist, or Windows will be the only thing
that will exist.  Remember, very few people in the government have the
necessary technical knowledge to evaluate operating systems accurately.
Therefore, they will rely on private industry for input.  In practice, this
will mean that Microsoft will get to dictate the standards that every
operating system must meet in order to be approved.

-- Rohit Patnaik

On Tue, Jan 26, 2010 at 4:07 AM, Rafael Moraes <rafael@....com.br> wrote:

> Valdis,
>
> That's the way!!!! The government must have a kind of protocol to allow  OS
> to be released.
> I believe that Windows will no longer exist after that. LOL.
>
> 2010/1/25 <Valdis.Kletnieks@...edu>
>
> On Mon, 25 Jan 2010 20:03:03 -0200, Rafael Moraes said:
>> > This is a subject that need to be discussed very carefully. I agree, It
>> > should be "controlled", but, how far?
>>
>> In particular, one must be *very* careful to not create unintended
>> consequences. For instance, in general the more regulated an industry is,
>> the
>> more risk-adverse the companies get - both because regulation implies
>> "don't
>> rock the boat" and the second-order effects of compliance paperwork and
>> similar
>> issues.  Look at the mountains of paperwork needed to get the FAA to
>> type-certify a new airplane as airworthy - what if Microsoft had to do
>> that
>> level of detail for Windows 8, the next release of Exchange, and the next
>> release of Office?
>>
>> How do you make Microsoft "regulated" in any meaningful sense, and still
>> allow
>> them the ability to ship an out-of-cycle patch?
>>
>>
>
>
> --
> Att,
> Rafael Moraes
> Linux Professional Institute Certified - Level 1
> ITIL Foundations Certified
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ