Forwarded from: Jason Coombs <jasonc@private> Cc: Paul Robichaux <paul@private>, InfoSec News <isn@private>, Dan_Verton@private, rforno@private, full-disclosure@private Paul Robichaux wrote: > I erred ... but I think Roberta Bragg said ... > http://mcpmag.com/security It was very good of you to acknowledge, Paul, that your response was in error. Mistakes happen... I personally make several per day. Often in writing. One's goal, if one cares about security, must be to understand the source of behaviors, biases, preconceived notions, misunderstandings, etc. that one exhibits in connection with mistakes, even if a given symptom has only been observed once, and trace those flaws to their root cause -- then reprogram. Roberta Bragg makes a sincere attempt to respond to the report, but she does so with emotion rather than critical thinking and an open mind. Roberta is currently unwilling to accept, emotionally, that she is personally supporting a malicious entity that is still engaged in unfair and unreasonable attacks against good people. This is a normal response that people go through (denial) when they are struggling to come to terms with having enabled (co-dependency) a substance abuser. The thinking is something like this: "Microsoft can't be evil because if they are then what does that make me?" To add context, my professional background includes almost being published by Microsoft Press recently in the security area... Until Microsoft saw that the security advice being offered by my book told too much of the truth, and much of it just wasn't compatible with corporate monopolistic self-interest. Here is my response to her article. Since you appear to be an ally of hers, perhaps you'll forward my comments to her personally. 10/1/2003: Jason Coombs says: Roberta has been so badly compromised by her own bias that she isn't aware that she completely missed the point of the report. The Microsoft monopoly is causing severe harm, and its potential for new specific harm increases (force multiplication) as the monopoly grows. A necessary step in the process of information security is selecting software that is designed with open, provable security features -- until Microsoft changes its abusive, monopolistic behaviors (which come from the top of the company) it will never build a trustworthy product. Roberta chooses to trust Microsoft because she is underinformed. Perhaps she has smelled the truth and opted for a financially-comfortable condition of denial where she can help further Microsoft's cause while looking the other way when Microsoft commits terrible offenses. This way the stink doesn't create a denial of service condition for her personal bank account balance. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Oct 03 2003 - 01:20:03 PDT