Firewall Wizards mailing list archives
RE: You'll never get fired for recommending IBM - sorry - Microsoft
From: MHawkins () TULLIB COM
Date: Tue, 16 Dec 2003 10:56:12 -0500
Sir, an unpatched MS machine with a firewall that had been purposely configured to open 135 for legitimate reasons would have been infected by MSblast. Therefore, your firewall is NOT "under the hood". Since Microsoft keeps huge sections of their code to themselves, no firewall or any other product is able to protect against all these vulnerabilities unless you shut down every port. Yes, such products exist that shut down all ports but you are effectively removing the fuel injection from the car along with the powered windows and the air conditioning all because you know thiefs can break into cars when those features are in use. So, in the same way, a computer with all its ports shut down is a useless computer. A computer with some ports shut is a hobbled computer. If it were not for firewalls Microsoft would be out of business! (And quite a few others too!) Now, that's OK that Microsoft doesn't release their code. I have no problem with that. But when that fact is combined with the enormous head count of Microsoft OS running computers, now the concept of monoculture has some worth. It really has nothing to do with Microsoft. It has more to do with the circumstances we now face in this particular situation. i) explosive high speed Internet access growth ii) little to no foreseeable regulation of Internet use iii) extraordinarily large homogenous OS use iv) huge amount of unpublished code in that single OS v) increasingly sophisticated worm and virus authors vi) worm and virus authors increasingly incented by monetary rewards All these factors and more make OS diversification a serious consideration in the security stance of any organization or individual. Mike H -----Original Message----- From: Breno Jacinto [mailto:breno () gamebox net] Sent: Tuesday, December 16, 2003 11:35 AM To: Hawkins, Michael Cc: firewall-wizards () honor icsalabs com Subject: Re: [fw-wiz] You'll never get fired for recommending IBM - sorry - Microsoft * MHawkins () TULLIB COM (MHawkins () TULLIB COM) wrote:
Hi Marcus, Regarding monoculture, let me use a common analogy. My car is no more or less secure than any other car because it's a car among several manufacturers, with hundreds of car alarm manufacturers and products, services. Imagine a world for car thiefs where 99% of the cars are made by one manufacturer and car alarm manfacturers are only allowed to stick
their
alarms in the passenger compartment. No security device is allowed under
the
hood. There'd be more stolen cars per day than the public would be willing to accept. Things would change. The monopoly would be broken up.
I used to think like this. But notice the sentence: 'No security device is allowed under the hood.'. If we go to computers, this is false. You can run the firewall of your choice, as well as AV, and implement the security policy you want. And thats the point where monoculture doesnt matter. Yes, M$ is lousy when it comes to security. They spent more money on cosmetics than on security. But imagine that Apple had the monopoly, and MacOS X was run by 99% of the world, wouldn't it be the same thing? If people dont care about security, ANY system will be insecure, even the paranoid OpenBSD. The point for Blaster being such a success wasnt for Windows Monoculture. It was because people werent running any firewall to simply block 135 or worse, wasnt even *AWARE* port 135 was open in his computer. This is what has to be changed! Security is not tied to an specific OS, its tied to a decent policy and user education and proper use of security technologies.
Should we accept the same in the computer industry? Can anyone think of a monopoly of a manufacturer good like Microsoft has today?
No this is no good. But it is exageration to say that because of this the Internet is insecure. It's bad 'coz M$ manipulates people, forcing an endless (free software is changing it) dependency game. But this is too off-topic :).
Mike H
cheers, // Breno Jacinto // breno () freeunix com br // Key fingerprint = A5C3 3B22 140D C973 6AC6 2D62 2318 B8FA 15F9 D3FC // Never be afraid to try something new. Remember, amateurs built the // ark; professionals built the Titanic. -- Anonymous _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: You'll never get fired for recommending IBM - sorry - Microsoft MHawkins (Dec 16)
- <Possible follow-ups>
- RE: You'll never get fired for recommending IBM - sorry - Microsoft MHawkins (Dec 17)
- Re: You'll never get fired for recommending IBM - sorry - Microsoft George Capehart (Dec 17)
- RE: You'll never get fired for recommending IBM - sorry - Microsoft Behm, Jeffrey L. (Dec 17)