RE: Microsoft Can't Win.

From: H C (keydet89@yahoo.com)
Date: 10/09/01 

Message-ID: <20011009214622.36992.qmail@web20503.mail.yahoo.com>
Date: Tue, 9 Oct 2001 14:46:22 -0700 (PDT)
From: H C <keydet89@yahoo.com>
Subject: RE: Microsoft Can't Win.
To: Adam Shephard <adam.shephard@firstfederalbanking.com>

> Well, but wait a second. Had the script mappings not
> been enabled in the
> first place, the admins wouldn't be faced with the
> task of having to disable
> them. This speaks to the entire way MS does
> business.

True, but anyone who has done more than simply use
MS's Office products should know that Microsoft's
business model is to create really complex programs,
hide the functionality in layer upon layer of GUI, and
then give users the default of no security so that
they can configure it to their needs. And again, the
layer after layer of GUI (notice the changes between
NT and 2K? All of my Perl scripts operate at the API
level, so they still work...thank God.) prevents the
user from really understanding what needs to be done
in order to raise the security level.

But my point remains...most of us know that. Anyone
who has installed IIS and doesn't know that shouldn't
be running IIS.

The same thing occurred in the military about 12 yrs
ago. The Beretta 9mm developed an interesting habit
of the slide coming off of the weapon during firing.
Knowing this, _most_ people turned their issued
weapons into the armorer for repair. Those who didn't
got a mouthful of Italian steel.

> Security should be the base. Ultra-security should
> be the goal. MS always
> starts you out from a base of insecurity and then
> tells YOU how to fix
> problems one at a time, once somebody raises a stink
> about the problems.

Right. Exactly. But the "shoulds" won't change until
enough pressure has been put on Microsoft to do so.
Posting to these lists, and a variety of 'groups,
hasn't changed things. I can't believe that Dave
LeBlanc and Eric Schultz haven't seen these posts.
But the point remains...until Microsoft changes their
ways, anyone purchasing and/or using their products
should know that this is the case, and that they need
to take the appropriate steps to bring the products up
to an adequate level of security for their
infrastructure.

> Now they're going to tell you, "Hey, don't worry
> about firewalling. We're
> going to build a firewall right into your OS." This
> from the same people who
> enabled ida/idq script mappings in IIS.

Right. Which is why I will avoid using XP, in other
than a lab environment.

It really boils down to the knowledgeable consumer.

__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com

Relevant Pages

  • Re: Mutli-Page Form Format
    ... There are some newsgroups (not Microsoft) where top ... except when I move from layer to layer ... Remove all margin information from the tag. ... Remove the empty paragraphs at the bottom of each layer - some ...
    (microsoft.public.frontpage.programming)
  • Re: joining a domain through firewall
    ... > from one layer of the dmz to the other layer. ... In addition to the other posts, You can't forget about the epherical ports ... Download details Active Directory in Networks Segmented by Firewalls: ... please direct all replies ONLY to the Microsoft public newsgroup ...
    (microsoft.public.windows.server.networking)
  • Re: The pros and cons of .NET
    ... Microsoft calls it a runtime. ... > However in my opinion did I not tell it right and I knew that I was wrong, ... I have consequently only spoken about a layer which can be used ... >> Mono and Rotor runtimes. ...
    (microsoft.public.dotnet.general)
  • Re: Visio should have better layer system to hide different shapes
    ... Could you provide more information about this suggestion? ... Microsoft Corporation ... > Visio should have a better layer system that resembles the layer system in ... > able to show or hide a different set of the shapes together as a group. ...
    (microsoft.public.visio.developer)