Re: WIN2000NT False prophets(!).
From: Steve Winograd [MVP] (bcmaven_at_mvps.org)
Date: Sat, 19 Nov 2005 17:05:41 -0700
In article <WEOff.20499$mF5.firstname.lastname@example.org>, Martin
Spencer-Ford <email@example.com> wrote:
>>>>Thanks for your reply, Martin. I think that disabling the Messenger
>>>>service by default came in SP2:
>>>Thanks for correcting me Steve - I knew it was in one of them patches :)
>>>Still leaves me wondering why the change in policy - especially after
>>>such a long history of being a default service, not that i am
>>>complaining, one less thing to adjust.
>> You're right, Martin. Microsoft used to make all Windows features
>> available by default. Users didn't have to install or enable anything
>> to have full functionality.
>> In reaction to the spread of malware, often through security holes in
>> its own products, Microsoft made a major shift, implementing a
>> "Trustworthy Computing" initiative throughout the company. Part of
>> that initiative is a philosophy that they call "Secure by Design,
>> Secure by Default, Secure in Deployment and Communication". They
>> first applied in to Windows in XP SP1 and Windows Server 2003. See:
>> That philosophy includes disabling features, like the Alerter and
>> Messenger services, that are vulnerable to attack and are unnecessary
>> for most users. Users who need those services have to explicitly
>> enable them. Everyone else is protected automatically.
>It was a long time coming, but vastly appreciated by many a support
>engineer - my self included. To me this thread has turned into an
>interesting and educational one. Many thanks for being a part of that
>conclusion, Steve ... appreciated.
You're welcome, Martin!
BTW, They're carrying this philosophy much further in the upcoming
-- Best Wishes, Steve Winograd, MS-MVP (Windows Networking) Please post any reply as a follow-up message in the news group for everyone to see. I'm sorry, but I don't answer questions addressed directly to me in E-mail or news groups. Microsoft Most Valuable Professional Program http://mvp.support.microsoft.com