[Full-Disclosure] Counseling not to use Windows (was Re: Anonymous surfing my ass!)

From: David F. Skoll (full-disclosure@lists.netsys.com)
Date: 07/14/02

From: full-disclosure@lists.netsys.com (David F. Skoll)
Date: Sun, 14 Jul 2002 17:58:59 -0400 (EDT)

On Mon, 15 Jul 2002, Nick FitzGerald wrote:

> throwing out a blanket "don't use Windows" or "don't use
> <pet peeve network client software>" is not a constructive response.

I disagree. I consider myself a security professional, and I tell all
of my clients not to use Microsoft Outlook. I would consider it a
dereliction of duty _not_ to tell them that. I also tell them they
should switch away from Windows to Linux or some other free UNIX, and
again, I think it's my duty to tell them that.

They are free to take my advice or not, but they understand that if
they do not take my advice with regards to Outlook, I am absolved of
responsibility for any e-mail borne malware.

I think it's important for security professionals to tell people not
to use Windows, if only to open their eyes to the risk they put
themselves at, and also to the fact that there are alternatives out