Re: [fw-wiz] You'll never get fired for recommending IBM - sorry - Microsoft
From: Breno Jacinto (breno_at_gamebox.net)
Date: 12/16/03
- Previous message: Marcus J. Ranum: "RE: [fw-wiz] Security dumming down - the king's clothes"
- In reply to: MHawkins_at_TULLIB.COM: "[fw-wiz] You'll never get fired for recommending IBM - sorry - Microsoft"
- Next in thread: Marcus J. Ranum: "Re: [fw-wiz] You'll never get fired for recommending IBM - sorry - Microsoft"
- Reply: Marcus J. Ranum: "Re: [fw-wiz] You'll never get fired for recommending IBM - sorry - Microsoft"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: MHawkins@TULLIB.COM Date: Tue, 16 Dec 2003 13:35:01 -0300
* MHawkins@TULLIB.COM (MHawkins@TULLIB.COM) wrote:
> Hi Marcus,
>
> Regarding monoculture, let me use a common analogy. My car is no more or
> less secure than any other car because it's a car among several
> manufacturers, with hundreds of car alarm manufacturers and products,
> services. Imagine a world for car thiefs where 99% of the cars are made by
> one manufacturer and car alarm manfacturers are only allowed to stick their
> alarms in the passenger compartment. No security device is allowed under the
> hood. There'd be more stolen cars per day than the public would be willing
> to accept. Things would change. The monopoly would be broken up.
I used to think like this. But notice the sentence: 'No security device is allowed under the
hood.'. If we go to computers, this is false. You can run the firewall
of your choice, as well as AV, and implement the security policy you want.
And thats the point where monoculture doesnt matter.
Yes, M$ is lousy when it comes to security. They spent more money on
cosmetics than on security. But imagine that Apple had the monopoly,
and MacOS X was run by 99% of the world, wouldn't it be the same
thing? If people dont care about security, ANY system will be
insecure, even the paranoid OpenBSD.
The point for Blaster being such a success wasnt for Windows
Monoculture. It was because people werent running any firewall to
simply block 135 or worse, wasnt even *AWARE* port 135 was open in
his computer. This is what has to be changed! Security is not tied to
an specific OS, its tied to a decent policy and user education and
proper use of security technologies.
> Should we accept the same in the computer industry?
>
> Can anyone think of a monopoly of a manufacturer good like Microsoft has
> today?
No this is no good. But it is exageration to say that because of this
the Internet is insecure. It's bad 'coz M$ manipulates people, forcing
an endless (free software is changing it) dependency game. But this is
too off-topic :).
> Mike H
cheers,
// Breno Jacinto
// breno@freeunix.com.br
// Key fingerprint = A5C3 3B22 140D C973 6AC6 2D62 2318 B8FA 15F9 D3FC
// Never be afraid to try something new. Remember, amateurs built the
// ark; professionals built the Titanic. -- Anonymous
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Marcus J. Ranum: "RE: [fw-wiz] Security dumming down - the king's clothes"
- In reply to: MHawkins_at_TULLIB.COM: "[fw-wiz] You'll never get fired for recommending IBM - sorry - Microsoft"
- Next in thread: Marcus J. Ranum: "Re: [fw-wiz] You'll never get fired for recommending IBM - sorry - Microsoft"
- Reply: Marcus J. Ranum: "Re: [fw-wiz] You'll never get fired for recommending IBM - sorry - Microsoft"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
