Re: Information Anarchy

From: George Carlson (gcarlson@MYREALBOX.COM)
Date: 11/03/01 

Message-ID:  <00ce01c163fa$d25e6520$0200a8c0@enterprise>
Date:         Fri, 2 Nov 2001 19:02:23 -0500
From: George Carlson <gcarlson@MYREALBOX.COM>
Subject:      Re: Information Anarchy
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

It Scares me senseless that Microsoft would take this attitude. With all
the hackers out there, do you think not publishing the bugs will stop them?
No, I always assume that what ever I know, they (the hackers/crackers) do as
well. But I cannot function in my job AND debug the code. SO I rely on
these places to tell me about them and force Microsoft into fixing the
problem.

Their bullying will only force me to recommend against their product. I
cannot in good conscious recommend a system that the Hackers/Crackers know
the holed long before I do. It has worked well these past few years with
the security Companies going public, and Microsoft then responding with the
patch.

If Necessary, I would shut down the servers if I learned of a hole, and
Microsoft took the "we will get to it" attitude. Yes, that would disrupt my
clients. But better that than a "Nimda".

And another thing. Microsoft has to acknowledge that not everyone is
rushing to 2000/XP, and needs to issue SP7 for NT4. They risk mass
defection. I know they want us to go to the latest, but in the real world
that is not always possible. Let SP7 be just patches. For any of you who
have had to build a NT 4 server from scratch, you know it is an all day job
now! The installation is easy. It is the 2 dozen post SP6a Patches, each
requiring a reboot, that is the time consumer. I hope they listen. I like
NT/2K. But I am going to start putting Linux on the servers if the
situation does not improve.

George Carlson

-----Original Message-----
From: Windows NTBugtraq Mailing List
[mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM]On Behalf Of Robert Dennis
Sent: Friday, November 02, 2001 5:24 PM
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: FW: Information Anarchy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It scares me senseless to hear Microsoft's recent stand on security.
It has become painfully clear that the practice of "bullying"
partners into compliance is being used by Microsoft now on its
customers. Referring to the security community as "information
anarchists" is frightening.

============================================================================
Delivery co-sponsored by Trend Micro, Inc.
============================================================================
BEST-OF-BREED ANTIVIRUS SOLUTION FOR MICROSOFT EXCHANGE 2000
Earn 5% rebate on licenses purchased for Trend Micro ScanMail for
Microsoft Exchange 2000 between October 1 and November 16. ScanMail
ensures 100% scanning of inbound and outbound traffic and provides
remote software management. For program details or to download your
30-day FREE evaluation copy:
http://www.antivirus.com/banners/tracking.asp?si=53&bi=245&ul=http://www.a
ntivirus.com/smex2000_rebate