Re: Open source in the national interest
- From: imhotep <imhotep@xxxxxxxxxx>
- Date: Fri, 21 Jul 2006 01:20:46 -0400
karl levinson, mvp wrote:
"Gerry Hickman" <gerry666uk@xxxxxxxxxxx> wrote in message
news:ORifUT4qGHA.3256@xxxxxxxxxxxxxxxxxxxxxxx
This forum is more for customer support.
If that's true, it's strategically wrong. They should be providing
newsgroups where people can discuss how to IMPROVE security of Microsoft
Windows and how to prevent being a victim of attacks.
They do. They rightly create separate newsgroups and other forums for
separate topics.
The name of this newsgroup is microsoft.public.security *not*
microsoft.public.helpdesk....hence general security discussions touching
Microsoft's products. If you wish to change the name, please do.
You can always directly email Microsoft security issues at
secure@xxxxxxxxxxxxxx I have, and my issues get fixed, faster than
posting to a public newsgroup, and without adding risk to my own machines
from
publicizing the issue. I'm pretty sure Microsoft gets better security
suggestions from key partners and experts than from an open public forum.
Were talking about discussions. More often than not you should discuss these
security topics *before* asking a vendor to change them, yes?
"Customer support" implies it's for these idiots that sit around all day
discussing how to remove SpyWare, but never stop to think about how it
actually got there in the first place.
Not really. "How do I harden my system" and "How do I keep from being
re-infected" are very common questions. "How can Microsoft better harden
my next version of Windows three years from now" is not a very common
question.
And why should it not be? Why not have an open forum to talk about security
now and security that is on the way? Why, in your opinion, should the
discussion be limited to watered down novice topics? Even novices can learn
things from a more complex topics.
It also implies it's for non-technical users only.
Not really. You don't seem to have read much here at these newsgroups
before you criticize and rethink how they should be. There are plenty of
highly technical groups and posts.
I read most posts here, and have done so for some time, and I totally agree
with his assessment. At times it seems more like a "poor man's help desk"
than a real security newsgroup. Again, why not have a multi-dimensional
discussions about real topics on any and all levels?
Has anyone (other than imhotep) ever actually posted something on this
group that informs Microsoft customers how to improve the security of
their systems? The advice I've seen on Technet is lame beyond belief.
When are we going to see some real packet analysis and penetration
testing on this newsgroup? When are we going to see dis-assemblies of
portions of Microsoft code showing where the buffers are vulnerable to
over-run?
Post some. I can't help it if people aren't posting things here.
Maybe they are not because this newsgroup is more of a helpdesk. Maybe you
should criticize people for posting security articles and you would get
more technical people and a better array of discussions.
I do packet analysis on my job. It's just not very useful to most people
here.
I also do packet analysis, and it is very usefull to me. Again, the problem
is you are being a bit of a hypocrite. You are saying this is not the right
newsgroup for real technical questions then are saying why don't you post
your packet trace? So which is it? Helpdesk or a place where people can
post packets dumps?
The post from imhotep is the most sensible thing I've seen on here in
ages.
It's still off topic. You don't choose the topic unless you create your
own
newsgroup. I don't see any problem with the topic of helping customers.
Nor do I. He is saying this groups should not be *limited* to helping
customers. I am saying the same thing.
Besides, it's already posted and discussed at slashdot. Why would you
want
it to be replicated in other places? That's not very sensible.
Sure it is. Sharing a good article is always sensible. Sharing knowledge is
always a good thing.
Sensible would have been posting the original article, instead of some
guy's
total misinterpretation and biased skewing of the article. The last thing
we need is someone running around like Chicken Little, saying the sky is
going to fall when Vista is released. Even Symantec, who wrote the
original
report, don't believe that. The only people who believe that are the
people who misinterpreted the media article synopsis of the original
Symantec
report. And each time this junk gets copied, it gets worse and worse
sounding, like a game of "Telephone." That's sensible?
There was a link to the original article, how is that skewing the results?
What exactly was Imhotep's advice to Microsoft? "Make a more secure
product?" "Tell your customers to buy opensource instead?" That's
sensible?
Sure it is. Are you saying not telling a vendor to make their product better
is not sensible? Hey is opensource makes a better product, if Apple or
whomever makes a better product, yes I would tell people just
that....anything less is *not* sensible.
The real problem is that their are "customers" here and you are afraid of
the "bad press" Microsoft would get in real topics. You just care about an
image where I just want to learn something or possibly share something that
is real. Or at least that is how you are acting.
Imhotep
.
- Follow-Ups:
- Re: Open source in the national interest
- From: karl levinson, mvp
- Re: Open source in the national interest
- References:
- Re: Open source in the national interest
- From: karl levinson, mvp
- Re: Open source in the national interest
- From: Gerry Hickman
- Re: Open source in the national interest
- From: karl levinson, mvp
- Re: Open source in the national interest
- Prev by Date: One Care for Networks
- Next by Date: Re: Open source in the national interest
- Previous by thread: Re: Open source in the national interest
- Next by thread: Re: Open source in the national interest
- Index(es):
Relevant Pages
|
