RE: CRIME Perspective on Criticisms leveled at Microsoft

From: MAGEE Rob (Rob.Magee@ODE-EX1.ODE.STATE.OR.US)
Date: Tue Apr 09 2002 - 19:00:23 PDT

Next message: Crispin Cowan: "Re: CRIME Perspective on Criticisms leveled at Microsoft"

Previous message: Steve Beattie: "Re: CRIME Perspective on Criticisms leveled at Microsoft"
Maybe in reply to: Barry Shulak: "CRIME Perspective on Criticisms leveled at Microsoft"
Next in thread: Steve Beattie: "Re: CRIME Perspective on Criticisms leveled at Microsoft"
Reply: Steve Beattie: "Re: CRIME Perspective on Criticisms leveled at Microsoft"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sheesh! This reminds me of Harley vs. Honda, PC vs. MAC, Ford vs. Chevy,
Blonde vs. Brunette, Helmet vs. bug-in-the-eye, etc... Since opinions are
being freely thrown about, I take that as an invitation for mine. Thanks!

IMHO, we are truly in computing's infancy now. It's silly, in my mind, to
get feathers all ruffled about which OS is "better", when, actually, they
are all such a long way from being great. Unix "matured", and I use the term
loosely, in a corporate environment where Data was to be protected from
damage, whether malicious or accidental. Windows "grew up" from a bunch of
propeller-heads sitting around in their basements thinking about what Cool
Things they could make their systems do next, with little or no thought
about malicious use. Of course these two perspectives are in conflict. And,
of course MS is having to come to grips with the issues of security, just as
the 'IX's are having to get more "GUI". As always in our capitalistic
society, it's either flow with the changing demands of the customers, or get
run over. So far, it's working.

I work in an MS environment, though I am allowed a couple of rogue Linux
machines to play with. I have supported around 300 users for several years,
and I think most people would agree that the biggest security problem we
have are the users, topmost being management. Passwords handed around,
written on sticky notes, etc. The time we did get hit with the Love Bug
virus happened because a manager, who also had DA rights, decided that mail
seemed slow one day, so he disables Norton AV (sorry Jimmy) on the Exchange
server. Two days later we got hit. Likewise, despite strong counsel
otherwise, our Web team thought that they could secure the Web servers by
playing with file permissions on the server, likewise uninstalling Norton
because of the "performance hit". Then Sircam got us. They still think they
got hacked by Chinese hackers!

My point is, never underestimate human stupidity. The challenge is to find
the proper balance of usability vs. security for each particular situation.
One size does not fit all. Sometimes a MS-style solution is just fine.



(thread truncated for brevity's sake)

Next message: Crispin Cowan: "Re: CRIME Perspective on Criticisms leveled at Microsoft"
Previous message: Steve Beattie: "Re: CRIME Perspective on Criticisms leveled at Microsoft"
Maybe in reply to: Barry Shulak: "CRIME Perspective on Criticisms leveled at Microsoft"
Next in thread: Steve Beattie: "Re: CRIME Perspective on Criticisms leveled at Microsoft"
Reply: Steve Beattie: "Re: CRIME Perspective on Criticisms leveled at Microsoft"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:39:52 PDT