Re: [ISN] Microsoft developers feel Windows pain

From: InfoSec News (isnat_private)
Date: Sun Feb 10 2002 - 23:58:06 PST

  • Next message: InfoSec News: "RE: [ISN] Interview with an ex-hacker"

    Forwarded from: *Hobbit* <hobbitat_private>
       What isn't clear is how the massive effort will affect Microsoft's
       bottom line, because product groups will be busy learning about
       security--but not building products.
    This implies that they're just getting started, about ten years too late??
       ... For the last two weeks, anyone who has contributed code to the 
       Windows XP and Windows .Net server CDs has been stuffed "cheek by 
       jowl" in classrooms for training, Lipner said.
    Yeah, that'll be a great environment to learn in.  They'll all have
    true depth of understanding when they emerge from *that* sweat-house,
       "Not everyone needs IIS (Microsoft's Web server) by default," he
       said. "Not everyone uses Index Server by default. So today, those
       features are turned off by default."
    Like everyone told them to do yesterday, and the day before that, and
    last week.  It really takes iron cojones to act like they just
    invented this idea.  Unbelievable.
       Gates himself, in a May 1995 memo urging employees to concentrate on
       developing for the Internet, likened such efforts to turning a ship
       the size of the Titanic.
    And we all know how well *that* worked.  Crunch!  gurgle gurgle gurgle
    This analogy is really too good to pass up.  Everything within sight
    is beautifully appointed, polished to a fare-thee-well, and all aboard
    think everything is just perfect.  They're having a great time.  Only
    a couple of people know that the underlying design is fatally flawed,
    allowing a relatively minor scrape to trash the entire thing, but of
    course they're not saying a word unless disaster actually strikes.
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Feb 11 2002 - 04:32:21 PST