Forwarded by: Richard Forno <rfornoat_private> Part of the problem is that vendors see 'certification' as another big revenue source...remember the days when computers and software shipped with buccoo documentation, and the Z89 had pull-out schematics??? Now you might get a 10-page PDF file, half of which is the disclaimer of liability, with directions to visit the vendors' website for further help. Win31, DOS, shipped with 2" thick users guides that folks could learn from and use as a resource. Now you get next to nothing. Thus, folks use software they probably don't know as much about as they should......some might argue a product that's been shipped incomplete, without the documentation. So you pay some MCS-whatever to come in and fix what you should have known in the first place. FWIS, "security" training should not focus on how to lock NT, Unix, whatever - rather, it's principles that apply ACROSS computer platforms that draws on the security functions of the various products and doesn't operate in a vacuum. Security is 90% great system administraton and 10% specialized knowledge. This article has got it backwards! More specifically, good security starts with effective software development and testing, of which MS has zero, contrary to their marketing minions. (IMO, what they sell on the shelves as 'retail' is actually a final wide-scale beta test). It's all about business, and developing revenue streams. rick infowarrior.org / incidentresponse.com > From: InfoSec News <isnat_private> > Reply-To: InfoSec News <isnat_private> > Date: Fri, 24 Aug 2001 03:46:11 -0500 (CDT) > To: isnat_private > Subject: [ISN] Re: Microsoft MCSE training faulted > > Forwarded from: Felix von Leitner <leitnerat_private> > > Thus spake InfoSec News (isnat_private): >> http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-91_STO63028,00.ht >> ml > >> Lack of focus on security in professional training seen as factor in >> spread of viruses > > Excuse me? > > Is it _Outlook_ and _IIS_ and _IIE_ and _VBE_ that get infected all > the time or is it MCSEs or the code they wrote? > > The only one who needs security training here is Microsoft. > > Felix - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Sun Aug 26 2001 - 07:40:03 PDT