Firewall Wizards mailing list archives
Re: @Stake CTO fired for Microsoft comments
From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Sun, 28 Sep 2003 22:31:38 +0530
On 26/09/03 19:12 -0400, Claussen, Ken wrote: <snip>
found a way to keep Open Source software from working on the Windows Operating system? And the cracks on Windows security have little to do
MS VC++ EULA prohibits the developer from compiling GPLed applications with that compiler.
with the Operating system itself (there have been numerous Root level compromises of other operating system) and more to do with the skill of the administrator. How many Windows Servers have you worked with in a
Let me put it this way: Windows ships wide open to attack still. It takes a considerable amount of knowhow to lock down a Windows system properly. And Microsoft documentation which ships with the OS doesn't address these issues at all. IMHO, Unix and Unixlike systems are easier to secure for an administrator.
security context? I can say none of my servers (personal or work) have ever been compromised, and I have worked with hundreds. Let's tone down the rhetoric and get back to discussing security. I have seen people
Good point.
fired for much less than outright bashing of the operating system your company is contracted to audit. I prefer the Pix for firewalling due to the OS being integrated into the security code. A general purpose OS is
So long as you don't turn the SMTP proxy on, its perfectly fine.
always more likely to develop security vulnerabilities than a purpose built operating system. Instead of writing a report (which I have not read) criticizing Windows, would it not have been more productive to
/me goes to read the report before this generates into a /. like thread.
write a report describing methods which can be used to properly secure the OS in a language the average home computer user could understand?
But this is dodging the question that that paper was not aimed at the home user.
Let's face it most of the backlash from these worms is caused by home users who are not the technology zealots that frequent lists such as
Driving a vehicle is a much simpler activity and needs the user to demonstrate knowledge of that activity. Is it asking too much of users to maintain some basic knowledge of their computer systems, like running a updated virus definitions? I might even agree that configuring a firewall might not be doable, but running an updated AV is a must. Its not as if this fact is unknown, but users are too lazy to do that. Security is a process that most people would rather not work on. Security is as much a social problem as a technical one. The paper works on the technical side, which we *can* fix. How to fix the social side is an issue that is yet unsolved. Devdas Bhagat _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- @Stake CTO fired for Microsoft comments Gwendolynn ferch Elydyr (Sep 26)
- Re: @Stake CTO fired for Microsoft comments Joseph S D Yao (Sep 26)
- Re: @Stake CTO fired for Microsoft comments Paul Robertson (Sep 26)
- Re: @Stake CTO fired for Microsoft comments Ryan M. Ferris (Sep 26)
- <Possible follow-ups>
- Re: @Stake CTO fired for Microsoft comments Mike Hoskins (Sep 28)
- Re: @Stake CTO fired for Microsoft comments Mark Teicher (Sep 28)
- RE: @Stake CTO fired for Microsoft comments Claussen, Ken (Sep 28)
- Re: @Stake CTO fired for Microsoft comments Devdas Bhagat (Sep 28)
- Re: @Stake CTO fired for Microsoft comments Roger Marquis (Sep 30)
- RE: @Stake CTO fired for Microsoft comments Frank Darden (Sep 30)
- Re: @Stake CTO fired for Microsoft comments Adam Shostack (Sep 30)
- Re: @Stake CTO fired for Microsoft comments Joseph S D Yao (Sep 26)