Re: lets vote for better security

From: Michael Pelletier (mjpelletier_at_mjpelletier.com)
Date: 04/10/05 

Date: Sun, 10 Apr 2005 14:46:23 -0700

<Vanguard> wrote:

> "Karl Levinson, mvp" <levinson_k@despammed.com> wrote in message
> news:OLW1zkdPFHA.3296@TK2MSFTNGP15.phx.gbl...
>>
>> "Michael Pelletier" <mjpelletier@mjpelletier.com> wrote in message
>> news:ix56e.31346$Xs.2907@fed1read03...
>>
>>> How many times
>>> have you [Microsoft] been caught "sponsoring" the research behind the
>>> "studies"?
>>
>> If you're talking about the most recent study that claimed that Linux
>> is not
>> more secure than Windows, Microsoft was not "caught" sponsoring the
>> research. The researchers fully admitted this in their report.
>
> Microsoft has to do many of the studies because they might be the only
> that can afford it.

Ah, uh. You really believe that? If you do I am wasting my time trying to
make you take off the self imposed blinders you so proudly wear...

> Many companies have to do their own testing or
> analysis because no one else can afford it or is interested in doing it.

Again, read above. Lame excuse at best...

> So you have to read the report with with the assumption that there may
> be bias, look for that bias, identify it where you find it, and
> determine if it negatively damages the results of that report.

Finally, a little logic. Refreshing, really.

> So where is the study from Redhat regarding their own study saying that
> their OS is cheaper than Windows and, of course, we're not supposed to
> figure there's any bias there, either, uh huh. I suppose you could hunt
> around over at http://www.gartner.com/ to find some independent studies.

Red Hat does not post these, and should not post these. I would not believe
any company that posts "research" that they "sponsored". Honestly, they let
their product talk for itself. That is exactly how it should be. I have
real World experience running a hybrid, for now, systems network. IT IS
CHEAPER. I am not lame nor do I need information spoon fed to me...

>>> 2) Stop bastardizing the standards. Let's face it, Microsoft is not a
>>> company known for developing new Standards on it's own (that work
>>> well and
>>> are well thought out). Let's face it, when technology people around
>>> the
>>> World get together to develop a standard they do a much better job
>>> than
>>> you.
>>
>> I can't really discuss this statement without some examples.
>
> The problem often lies in the standards themselves. Have you actually
> read many RFCs. They are rife with SHOULD and RECOMMENDED statements
> which means you do *not* need to obey them to remain RFC compliant. If
> the SHOULDs and RECOMMENDs were changed to MUSTs and REQUIREDs then it
> would be much easier to measure compliance. For example, an RFC defines
> how to physically encode quoted-printable formatted messages but I've
> yet to see the RFCs declare how MUAs should format the replies to such
> posts. OE "faults" by leaving it as one long logical line which was the
> original formatting, but since no RFC dictates how it should be done
> then OE really isn't faulting. Another example is the Bcc header.
> While most users know that the recipient SHOULD not have the Bcc header
> included in their copy of a received e-mail, reading the RFCs shows that
> it is allowed but "not recommended". Just because the rule is that you
> SHOULD not shove more than 1 billiard ball in your mouth does NOT
> preclude someone from shoving 2, or more, in their mouth and still be
> compliant with the rule. The RFCs are not the shining explicit pure
> standards you profess them to be, and many of the "standards", like the
> sigdash, are not standards at all but rather a de facto convention.

Here let me help out out with the "translation"
        NOT RECOMMENDED -> DON'T DO IT IDIOT
        SHOULD -> DO IT
        SHOULD NOT -> DON"T DO IT
        RECOMMENDED -> DO IT
        REQUIRED -> IF YOU DON'T DO IT YOU ARE AN IDIOT

Does that help? Are you really using this as an argument of why they
intentionally go against the standards? They go against the standards so as
to develop software that REQUIRES (read translation above) you to BUY MORE
WINDOWS SOFTWARE. Even if you disagree at least be honest.

>> A frequent Microsoft explanation for why they did something a certain
>> way is
>> because the customers requested it. This explanation is not
>> necessarily
>> untrue.
>>
>>> 4) Stop trying to make solutions that are inoperable with other
>>> solutions.
>>> IBM did it in the 70s and lost. Digital Equipment Corporation did it
>>> in
>> the
>>> 80s and lost..You piss customers off! Work harder at better solutions
>>> than
>>> working hard at solutions that indenture your customers to you!
>>>
>>> 4) Get real about security. This involves more Q&A. This involves
>>> "less
>>> fluff and more stuff"
>>
>> They have. I'm not sure what reasons you have for not thinking they
>> have.
>
> Once the operating system is developed, it's pretty hard to add more
> "stuff" that isn't itself more fluff.

Not. Do you have a software background? Or are you just an IT guy? Judging
from your comments you DO NOT HAVE a software (ie developer) background. I
suggest you replay the commend to a buddy that does have a developer
background and see what he/she says (or who hard they laugh at you)

> Do you really think that the disk
> cleanup wizard, defragmenter, backup program, calculator, Wordpad,
> Windows Media Player, Windows Picture and Fax Viewer, Fax service,
> Hyperterminal, Paint, and all that other fluff are really part of *just*
> the operating system? Not even the desktop UI is part of the operating
> system (since it can be substituted by some other desktop UI
> *application*).

Security 101:
When building a system, strip it down to just the software I NEED to achieve
the task of the system. This translates to:
        Less software->less bugs->less security holes->less security patches->LESS
PROBLEMS WITH SECURITY.

Got it now?

 
>>> 5) Stop "nickel and diming" your customers! You guys a billionaires
>>> do you
>>> really need more money? Come on. You do not release some technical
>>> resources unless you are a "gold" support customer? What the hell is
>>> that
>>> about?
>>
>> You're complaining about paying for technical support? Do you think
>> those
>> resources cost nothing for MS to create? Do you know of other
>> companies,
>> open source or not, that put out more and better free tech support
>> resources? What other company puts more or less the same
>> knowledgebase used
>> by their tech support onto the web for free?
>
> I get so used to the depth of articles available at Microsoft's support
> site that I quickly get ticked when trying to use knowledgebase's at
> other sites. Fact is, all too often in the newsgroups you end up
> playing babysitter to lazy poster's that can't bother to first go look
> in Microsoft's knowlegebase, and all you end up doing is finding and
> giving them the URL to the article (i.e., you're the gopher for the lazy
> poster).

Yes, I know sometimes people post questions that can be resolved in a 2 sec
google search. Sometimes this bothers me too. Sometimes I help if I have
time, sometimes not. What does this have to do with the original statement?
Stop changing the topic. The statement references that fact that some of
the deep technical information is only available to "gold" members. When
they are the richest company in the World. Why can't they post ALL of the
information? That is the question.

> They had the wherewithall to post to a newsgroup but not
> enough initiative to go look at Microsoft. A lot of companies make you
> pay through their tech support to access their knowledgebase. He wants
> more free support than he already gets. Cheapskate. Well, at least, he
> knows to come to newsgroups for an alternate FREE source of help.

Cheepskate? You ever dive into SMS? I mean really dive into the guts of it.
Deep information is usually only obtained from having a "service contract".
This is done intentionally. In either case let me reiterate my point:

        1) Microsoft is the most expensive solution you can get. Period.
        2) They try to get you to buy more software than you need with their new
licensing scheme
        3) They try to get you to upgrade even when you do not need to. Again, it
is more revenue for them so, why not arm twist.

        If they are going to play all these games with us, why not "toss us a bone"
by giving cheaper tech support. Or post ALL their technical documents on
line.

>>
>>> 6) Stop try to prevent/penalize me from using other solutions than
>>> Microsoft. If I choose to use Apple or Linux it is MY CHOICE NOT
>>> YOURS. If
>>> I want a hybrid solution using Microsoft, Apple, Linux IT IS MY
>>> CHOICE.
>> NOT
>>> YOURS! Stop being so damn arrogant.
>>
>> How have they penalized you?
>
> Yeah, since when has any operating system *inately* supported any other
> competitor's operating system? Gee, I must've missed where IBM's VSE,
> MVS, and VM support HP-UX and even IBM's own AIX, or I missed where
> Solaris supports the full API for Mac OS/X along with *native* support
> for all those Mac applications.

Do read well? Microsft applications NOT OS emulating on another OS. If you
really want I can use words less complex...

> You can find solutions, like OS
> emulators but these run as a native application for the parent OS, and
> they aren't supplied by the parent OS developer. You can even find
> solutions using hardware, like the Sparc boxes running Solaris that let
> you insert a daughtercard that is itself a computer-on-a-card which
> provides the hardware platform on which to run Windows (i.e., the
> daughtercard runs as a slave host under the Solaris/Sparc host) - if you
> want to spend the money on such a solution but it is still not
> *natively* supporting another OS within the parent OS. You can get
> VMware or Virtual PC but you'll have to buy a copy of each OS you want
> to run since none of them are supporting the others. You can multi-boot
> to different OS'es in different partitions but, again, there is no
> "hybrid" solution.

Yes, used all of these. Yes, I already know. Read the comment above for a
reiteration of what I was saying. As for a Hybrid solution I mean software
that runs on the OS I CHOSE. I mean not trying to "lock out" other
NON-MICOSOFT solutions on one's computer system network.

> Ford, Dodge, Plymouth, GM, Audi, Volkswagen, Saturn,
> Kia, and many other brands of cars drive on the same road but don't
> expect Ford to provide some "hybrid" solution that gives you the other
> brand cars (ooh, it's a Ford, a mile down it becomes a Subaru, another
> mile and half of the car is GM and the other half is Cadillac, yeah,
> right). Pay for one car, get dozens of models and brand for the price.
> Sounds like a cheapskate, to me. Or maybe he really doesn't have a clue
> on how to run multiple operating systems, concurrently or singly, on one
> hardware platform.

Again, you ignorance is shining like a brilliant diamond of stupidity...Oh,
I forgot, I should use short, less difficult, words.

I am getting the impression you are one of those closed minded individuals
who sees the World one way and does not posses the ability to learn new
things beyond the scope you are comfortable with. If this is so, I am
wasting my time. Maybe I am...

>>
>>> Summary:
>>> Face it Microsoft. If you do not change you are going to lose.
>>> History has
>>> proven this. Already, the EU is looking to replace you, The German
>>> government has already started. You treat you customer like they are
>>> nothing more than mindless revenue streams who's only purpose is to
>>> serve
>>> you and your monetary needs.
>
> As does the grocer, drug companies and pharmacies, department stores,
> and ...
>
>>> You lie.
>
> So far, that assessment is more appropriate applied to yourself.

Ah, yes, be ignorant to the facts. After all, it gives you the ability to
relax in your warm blanket of ignorance...whatever, if it works for you,
who is to say you are wrong. After all, if they did say you were wrong, you
could always deny the facts and remain "warm in your blanket".

Whatever

>>> You arm twist. You mistreat your customers.
>
> Yep, one of their representative right now is twisting my arm to use
> their products, uh huh. There is no other operating system than
> Windows. There are no applications for Windows other than those from
> Microsoft. HEY! Owwww. I said what you want so stop twisting my arm
> already.

read above...

>>> You charge an arm and a leg use your software but then write
>>> "Micosoft is not responsible for anything" on the software
>>> packages...
>
> Don't buy that upgrade or you'll lose your other arm and leg. Then
> we'll be deprived of your precious posts and you'll have to give up
> soccer. ;->

You getting lamer by the second. Read above.

>> Microsoft is crying all the way to the bank. Customers [including you
>> and
>> your employer?] must like being mistreated, because they keep buying
>> Microsoft products despite complaints about the supposedly high price,
>> poor
>> security and poor support.
>
> The only event that I can think of regarding the European Union (EU) was
> remarked in another post at http://snipurl.com/dxef (a Google Groups
> copy of the thread). Microsoft won't be hurt by this decision. The EU
> wanted to show off by flexing their muscle. Microsoft is laughing
> because it really doesn't have to market an N version of Windows XP (you
> cannot force someone to market a product they don't want to market as
> they'll just decide not to produce in that market). If they do market
> an N version, it will be to placate the EU but its effect on the sales
> of the non-N version is as effective as spitting into the ocean to raise
> the sea level. Microsoft can simply charge the same amount for their N
> version as their non-N version which will result is quashing the N
> market because all the users will realize they get more for the same
> money buying the non-N version.
>
You are talking about the separation of the MS media player. This is NOT
what I was referencing. And yes, the EU can hurt Microsoft and I do not see
Microsoft laughing. That is such an arrogant statement. Keep it up.
Arrogance has been the downfall of many companies and cultures. It is not
the direction we should be going in. History has proved this.

The German Gov moved the entire train management organization to Red Hat.
That is everything from desktops to databases, to servers. The EU is also
thinking of doing the same thing. In fact, the German Gov is thinking about
ridding itself of ALL Microsoft solutions. South America is also leaning
towards this type of solution. They have many backers IBM, etc. In either
case read the news I have other things I should be doing right now...

Michael 

-- 
"Microsoft isn't evil, they just make really crappy operating systems." -
Linus Torvald