Re: Firewalls.....

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 08/13/04

Date: Fri, 13 Aug 2004 13:46:22 -0500

In article <cfgq72$hi9$>, Martin wrote:
>> I find it funny that Microsoft can't build something that professionals
>> have confidence in, while these same professionals recommend "other"
>> products.
>I don't find it funny, it makes me feel like crying.

For the most part, I can set back and laugh.

What if Boeing were to copy Microsoft's habbits?
'What do you think, Ed, is our new 787 ready?' 'I haven't heard any
reports from our beta-testers last month about unexpected crashes,
so go ahead..' (Seen on Usenet)

>Come on, how much effort does it take to do array bound checking? It's
>basic stuff to prevent a buffer overflow. How many buffer overflow
>defects do you hear about in MS software? Pathetic

I can assure you that they don't hold a monopoly on that.

>I'd never trust a microsoft OS to be exposed directly on the internet.

I dunno, I think I might agree with Leythos here. I think MS has fixed
the more gross errors in the IP stack, so simply shutting down the unwanted
services would go a long way to reducing the risk. The problem is that the
average user now seems to be unable to read, or even think about such
complex tasks as running a computer.

>> What is it that these aftermarket programmers can get right
>> that Microsoft can't (or won't).
>maybe they learnt to program in the old school way, like I did.

You also have to look at the pointy heads attitude. Fixing holes in a
released product doesn't sell - doesn't bring in the bux. The sheep
are going to buy the new version anyway, and we can maybe put the fixes
in there if we have time. Additionally, the monolithic model of the
software (everything is in there) means you may have unintented
consequences when you fix something here, because something over _there_
depends on an undocumented quirk, written by a guy who has been gone for
the past six years. Everyone has heard many horror stories about patches
and updates gone wrong, such that a lot of professionals will not install
a new patch for a week or a month, to allow time for other fools to
trash their systems by updating. Even MS got bit that way a year or two
ago with one of the major security updates. A worm came through that place
and had them off the air for a day or so.

>not really. Have you ever tried using a secured MS browser?

No, the last version of MS I used didn't even have networking capability
(MS-DOS 5.0), nevermind a browser.

>I've recently introduced 2 entire companies to Firefox, they can't believe
>the difference it makes. Faster, no multiple windows opening, firewalls
>not constantly sending out alarms...there is no excuse for it. If
>Mozilla (bless 'em) can do it, so should MS be able to.

No, they can't. MS makes it easy to use. That means that security can
not be part of the equation. By the way, when I do use a browser, I
use a text based one, as noted in my reply to Leythos.
>> The compter has been sending mail to a site in Reston, as well as
>> sites in Russia, Hungary, and Nigeria every morning. I don't know what it
>> is, but it's been happening every day since I got mis-directed to that
>> gerbil-in-duct-tape pr0n site - must be OK.
>If that is your understanding, then it is fine. Most people would THINK
>a little, something most users don't do

I wonder if it's that radiation thing coming out of the display that drains
any intelligence out of people - they're like zombies, clicking on icons,

>> [Aside - wonder how many people even know where those countries are?]
><cough> I hope that wasn't a serious question.

I'd be willing to put a bet that a quarter of the world's population
doesn't have direct access to a map or atlas, and probably can't tell
the current name of Rangoon Burma, nevermind that funny country East
of whereever it is that they are holding the Olympic games now.

         Old guy