-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 17 Oct 2001, Jay D. Dyson wrote: > On Wed, 17 Oct 2001, Mark Kennedy wrote: > > > I disagree that all Microsoft is doing is diverting attention. They > > raise some legitimate questions and concerns. > > I could not possibly disagree more. They are blaming the > discoverers of their flaws for their security problems. That's not only > poor judgment, it's deceptive to the consumer. Contrary to the popular belief I don't think they are able to judge poorly. Remember, they have bigger part or so of the market - this was not done by a chance. I mean, you can win by a chance by you can't hold it by a chance. In this case, it requires a lot of social engineering and this can be observed in the news. They may not be very subtle but I don't think they are stupid and they can patch their deficiencies with brute force when required. > Rather than admit the glaring flaws in their own product, they > decide to publicly bash the firms that are helping people defend their own > networks. > > > Their problems are another topic. But just because they are the source > > of the vulnerability does not undermine their valid concerns on how that > > vulnerability is disclosed. Their real problem, at least for me, is that there is no mandatory applying of security patches. First, admins may be undereducated. Next, when educated at last, they are reluctant to apply a patch because of a fear this will destroy working system. Under Windows system, going back is very difficult (probably a little bit easier with newer Windows), although possible if you spend some bucks on grand backups. Compare this to Linux, when this is quite simple (haha, so you have f**ed up your kernel, the central part of the system? haha, boot from rescue floppy and edit lilo.conf)... > Sure does. Do note that Microsoft only endorses thos products and > services in which they can make a buck. All the while, they go out of > their way to demonize every open source and security-related product and > firm that is given out for free. > > That's not just stupid, it's just another shining example of their > anti-competitive tactics. Well, why do you think that business is about competition :-). It's about making money and nothing else. Competition takes place when there is a conflict, when someone wants to get something and someone is afraid of loosing it. Right now, they (still) don't need to be competitive (that much) so they maximalise their income. If there is any real competitor for them, they are trying to win by the use of their propaganda, just because it is simply cheaper. A few ads/articles in newspapers, a few brochures and whoa! If propaganda doesn't work, they think about changes, which means they identify what they lack and try to incorporate. Thus any competitor not moving fast enough makes them stronger (sometimes, as a meal). Although the article mentioned in the beginning of this thread seems very innocent to me and I can agree with at least 50% of it, there is another point. Their problem lays in what I have already described, and... well, MS is a big beast. Every big beast moves only because it wants to eat something. I think there will be some news related to this topic from them in the future, a month or 5 from now. The propaganda lessons I have learned from my amateur history studies tell me, that the best way is to say something that almost everybody will agree with, at least with most of it, at least with one sentence. Anything will do. After gaining this psychical "foot in the door" (since they are not very subtle, it's rather "leg in the door") you should proceed with next statements and the final is, that you say something bad and stupid but everybody nods and believes it. However, that you say something stupid doesn't mean you are stupid. Quite the contrary, I would say. Just my 0.09zl (equivalent of $0.02 in Polish zlotys). :-). bye T. - -- ** A C programmer asked whether computer had Buddha's nature. ** ** As the answer, master did "rm -rif" on the programmer's home ** ** directory. And then the C programmer became enlightened... ** ** ** ** Tomasz Rola mailto:tomasz_rolaat_private ** -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBO86yoRETUsyL9vbiEQIpvwCfY3teDvtOP+UkDczZcXVmJqDJPQMAn16p pm3/meuRA477Asj+BjHRmETP =gfK5 -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Oct 18 2001 - 10:05:22 PDT