Full Disclosure mailing list archives
RE: Microsoft wins Homeland Security Bid ( Reuters)
From: Ron DuFresne <dufresne () winternet com>
Date: Wed, 16 Jul 2003 15:20:01 -0500 (CDT)
[SNIP]
I am by no means arguing that Microsoft systems are secure, but I would like to point out that Windows 2000 and XP offer a myriad of security enhancements that, given a COMPETENT installation by a KNOWLEDGEABLE system administrator following DOCUMENTED practices for device hardening, Microsoft products can actually provide a great deal of security (so long as you can implement an effective patch management solution on top of your host hardening procedures). This progressive migration toward a more secure operating platform is further evidenced by the "secure by design, secure by default" shift in security philosophies centered around the release of Windows 2003 Server.
And yet, we are seeing a reitteration of past problems again, cropping up (e.g. the new RPC/DCOM problems and just recently the JET Database Engine buffer overflows). The commitment by M$ seems to remain more in the "quick fix" focus then a "do it right" perspective. And, as related threads outline, the history here is not limited to just coding issues and how they crop up in the areas over and over, but, in how they treat the messenger when confronted with the findings of others about their products. And even this ignores their legal woes with the feds and various states. Sure, M$ can be seen as having taken a baby step or two in order to limit their past attitude of tossing in a kitchen sink with every new product, without regard to how it preforms in more then the isolated/unconnected home environment, now, let's see then actually learn to walk the walk as they talk the talk. Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Microsoft wins Homeland Security Bid ( Reuters) Brad Bemis (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) northern snowfall (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) Valdis . Kletnieks (Jul 16)
- RE: Microsoft wins Homeland Security Bid ( Reuters) Jason Coombs (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) yossarian (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) northern snowfall (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) Blue Boar (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) northern snowfall (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) Ross Dmochowski (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) yossarian (Jul 16)
- <Possible follow-ups>
- RE: Microsoft wins Homeland Security Bid ( Reuters) Jonathan Grotegut (Jul 16)
- RE: Microsoft wins Homeland Security Bid ( Reuters) Brad Bemis (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) northern snowfall (Jul 16)
- RE: Microsoft wins Homeland Security Bid ( Reuters) Brad Bemis (Jul 16)
- RE: Microsoft wins Homeland Security Bid ( Reuters) Brad Bemis (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) northern snowfall (Jul 16)
- RE: Microsoft wins Homeland Security Bid ( Reuters) Schmehl, Paul L (Jul 16)
- RE: Microsoft wins Homeland Security Bid ( Reuters) Brad Bemis (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) northern snowfall (Jul 16)
- RE: Microsoft wins Homeland Security Bid ( Reuters) Jason Coombs (Jul 16)
- Re: Microsoft wins Homeland Security Bid ( Reuters) northern snowfall (Jul 16)