[ISN] IMHO: Dear Bill: Don't Do It!

From: InfoSec News (isnat_private)
Date: Mon Apr 22 2002 - 02:02:52 PDT

  • Next message: InfoSec News: "[ISN] Linux Advisory Watch - April 19th 2002"

    Forwarded from: Elyn Wollensky <elynat_private>
    IMHO: Dear Bill: Don't Do It!
    April 10, 2002
    By: Bill Machrone
    Dear Bill:
    By now, everyone's heard about your big push to make Microsoft
    products more robust and more hack-resistant, even at the expense of
    new features. Your email to Microsoft employees was forceful and
    direct, and seemed reasonable enough, but I can only conclude that you
    haven't thought through all of the ramifications.
    For starters, there's a whole industry out there devoted to cleaning
    up your messes. From antivirus packages to security scanners, a lot of
    people depend on the holes in Microsoft code for their livelihood. I
    mean, sure, you've been putting people out of business for
    years--remember the memory management market or the word processor
    market or. the list goes on. But think of the enterprise
    security/antivirus market. These people have built their careers
    around the fear and loathing that springs forth from the use of your
    operating systems and server software. They've taken your courses.
    They've read your books. They've taken the tests and gotten all that
    MSxx alphabet soup after their names. And you would put them down as
    casually as you might flick an ant off your knee at a picnic?
    And consider the poor hackers. All the really smart ones are doing
    truly weird IP hacks and breaking crypto and bringing down
    governments. The ones who can't aspire to that level of greatness have
    Microsoft software to keep them productively occupied. If they don't
    have sitting ducks like Word macros and Outlook, they might get
    serious and start doing real damage.
    Think, too, of the convenience of being able to hack my neighbors' and
    coworkers' PCs. Will we, as old-timers, sit around and reminisce about
    the good old days when we could pluck NetBIOS names and shares out of
    the ether (or out of the air, with Wi-Fi) and run unfettered through
    one another's machines? Will we long for the days when we could
    remotely install a keystroke monitor on a PC and get it to cough up
    another user's innermost secrets?
    And what if Microsoft code becomes too good? It'll bring upgrades to a
    crashing oops, sorry, sudden halt. Think about it--the main reason
    people upgrade is to get away from the bugs of the last version. The
    list of new features that people actually need gets shorter and
    shorter. Will people flock to the new version of Windows that
    automatically uploads new ring tunes to my cell phone? Will people
    bother to buy the next version of Office unless you bundle it with a
    free 60 GB hard drive?
    It'll be The Final Upgrade. You know, like the Apocalypse, or
    something. Just imagine, a place where everything works, where nothing
    crashes, where we're as safe from hackers as the gods were on Mount
    Olympus. Having achieved satori, nirvana, Brigadoon, or maybe just a
    legal parking place downtown, we won't want for anything more.
    In closing, Bill, I'd like you to consider a potential role model for
    Microsoft: Richard Nixon. Wait! Hear me out--you remember those
    scratchy news films of Nixon's "Checkers" speech, when he told
    reporters, "You won't have Dick Nixon to kick around anymore"?
    Just think what a lonely place the Web would be without Microsoft to
    kick around anymore. Sites like Slashdot would shrivel from lack of a
    common enemy. Hundreds of sites that carry security alerts and patches
    (ExtremeTech included) would suffer. Web traffic would plummet. Ad
    banner sales would go into a tailspin. ISPs, with a sudden surplus of
    bandwidth and a precipitous drop in revenue, would fold. All because
    you want to make your company's software bulletproof.
    Nixon came through for us, though. He came back to disappoint us all
    over again. What unselfish giving! The nation flourished, unified by
    the sheer grotesque horror, in a way that was unmatched until the OJ
    trial. But you don't have to go away for 20 years, the way Nixon did.
    Just keep on larding those important new features into XP and Office.
    Move us to a subscription model. Make us suffer. It'll focus us as
    never before, building us and binding us into an international
    Perfection, after all, is highly overrated.
    Best regards,
    - Bill Machrone
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Apr 22 2002 - 05:11:34 PDT