Full Disclosure mailing list archives
RE: CyberInsecurity: The cost of Monopoly
From: "Joe" <mvp () joeware net>
Date: Sat, 27 Sep 2003 17:32:17 -0400
You did a great job of assuming what was being said here. You have an incredible career in assumption waiting for you.
I couldn't help but interject my 2 cents. Visiting your website I see:
Cool thanks! I decided to add a link to the site just before I posted so it would give the anti-MS folks something to attack. I am glad I could be of assistance to you.
suggests to me that you have some bias against UNIX users, so I've no choice but
Nope, no BIAS against *N*X users unless they are so close minded to think that *N*X is the only thing that will work for something or that everything else is crap without at least sniffing their own fingers. I've used UNIX, I've used/use Linux (run it in VMWARE sessions actually), I've used other OS's as well. My biggest gripe against UNIX users and Linux (want to be UNIX) users are those that feel this is religion and need to be try and convert people. Might as well give some of those puppies a hard copy of the man pages stamped with the word HOLY on it and send them door to door with flowers or something.
I'll respond, though. By the way, it's not the commandline tools that make Windows an insecure and inefficient operating system - if most other Windows
Most Windows users do not use the command line. That is one of my big gripes against Windows Users. Use of the command line actually stimulates mental juices because you have to think a little bit when you type to actually get something to work. My current manager is actually a UNIX guy. Had been for years and years. When he became my manager he knew nothing about Windows and was pretty close minded like you. After 6 months he realized his judgements were based on things he thought he knew versus the truth. Now he will push UNIX or Windows depending on the application needed but for most he sees the benefit and functionality of Windows over UNIX. He still uses his SGI machine though, he backs up his Windows PC to it via FTP.
Then why do you have a Microsoft "Most Valued Professional" logo on your site? This appears to be one of the cheesiest recognitions one could attain, so why not aspire to something less embarrassing?
Ah the MVP Logo indicates I am an MVP. An MVP is not someone who pays money and takes worthless tests for a certificate to say hi, I know what I am doing. I got the MVP recognition for being helpful in the newsgroups and with my website and correct more often than not when doing so versus not helping anyone. I am proud to display that I have been recognized as being a helpful knowledgeable individual. If my focus was Linux or Unix or AS/400 or whatever else I would be recognized in those communities just as well. An MVP rating actually is worth something in terms of sorting the wheat from chaff and when talking bill rates because it isn't something you can buy, you actually have to prove some sort of level of knowledge to get it. Also note there was no aspiration nor goal to become an MVP. I did what I normally do and was recognized for it. Anway, once you get one, you can rip on it. Until then you are a wannabe bitch who is whining because there is something you can't attain. Oh and I know I know... You don't want it. That's fine. You don't see me bitching about not being a recognized Linux person and I don't even want that either.
I couldn't agree with you more that a piece of paper does not a man make, but in the Microsoft arena there are so many "want-to-be's" or
"pretending-to-be's"
that an MC* is a good way to weed through the chaff and know whether or
not we're
dealing with an intelligent, proven individual or someone who merely "tinkers around" with the pretty GUI.
These people exist in more places than the Microsoft arena. Granted there are a lot in there though. I completely disagree that an MC* is a good way to weed anything though. In on of my previous jobs we got an MCSE in and he started speaking and soon as he did that we threw him over to work on OS/2 until he was willing to admit being an MC* meant nothing. There are many MC* folks who are good and knowledgeable and worth hiring. However having an MC* doesn't mean any particular individual is. An intelligent interviewer will know whether someone is intelligent or not by speaking to them in the interview and whatever is written becomes moot. My first job on Windows machines had me being interviewed by a panel and me saying I knew nothing about TCP/IP nor really anything about supporting Windows in a corporate environment. Once I got that out of the way the whole conversation came to what did I do and the details around it. I had a job the next day doing something that I had never done before but with full confidence I wouldn't have much of an issue. Some of the best people I have been involved in getting hired in had no real corporate computer experience, they were simply intelligent people.
The fact that the open source community has a method of patch contribution
does
not weaken its ability to maintain good software - it actually strengthens
it
by not relying on a single entity to keep up with all the issues -
something
Microsoft has obviously lacked in.
Visualize a large company. Now visualize depts around the world coming up with their own solutions for holes they perceive and implementing them or getting fixes from different sources and compiling them and implementing them. Now visualize the chaos as the company tries to keep some form of a standard. I agree that having lots of eyes looking things over is a good thing. I don't agree with them being able to make ad hoc changes.
Then you will need to shut down Microsoft. Microsoft has a long history
of
creating their own standards which cause incompatibility with any other
more
standardized tools in the industry.
However if you have program that says it runs on Windows XP, it runs on Windows XP. You don't have to figure out which company produced your version of Windows XP and then figure out what specific tweaks are needed or even recompile to make it work.
Create what Dilbert calls a "confusopoly"
Before I listen to any opinions you have on how large companies function internally for IT, what is your experience in a large company? How big of an IT dept was the largest? How many employees in the company? How many machines in the company? How many countries were involved with the company?
This makes no sense. There is more safety in open source software to a
hot
dog vendor than there is in any
Yes sorry, I wrote that in a confusing way. Wasn't trying to say that the licensing was specifically bad for a hot dog vendor. It was the chaos. You get a small business and the owner is probably able to sit down and spin up a couple of windows machines and share data between them in relatively short order. With some of the other current geek POP OS's, this is not the case.
What does the average Windows bigot make these days? I noticed you don't have Windows XP or Windows 2003 Server listed on your resume - you might want to consider expanding your skillset and tap those markets.
I don't know what a Windows bigot makes. I do know what I make and I am not a Windows bigot as you probably don't know anyone who has done more INTELLIGENT bitching about MS and Windows in attempts to get things fixed with it. I won't state it here but you would probably be surprised and most likely it would really piss you off that some stupid Windows guy makes that much. I do know that it is not the usual, I am on the high end of the curve for most all IT people who actually do work versus sit and direct down to everyone else what the company direction is. If it helps at all, when an MS headhunter contacted me for one of their Enterprise Level Consulting groups recently I was told they couldn't touch me as a FT employee but could probably afford me if I wanted to do contract work with them occasionally. When I was working with HP the compensation for UNIX admins (AIX/HPUX/Solaris/IRIX/Other) was about 25% better than Windows Admins, I made more than the UNIX admins at that time. The job I took after that involved a considerable pay raise from there. I haven't touched the resume in some time. However I have been involved with W2K3 for quite some time as I was involved with its RDP program and helping with specs and improvements and such. I was the one on the table shouting "tell Marketing to piss up a rope", this product can NOT be called Windows .NET Server. I was actually asking for it to be Windows Server 6.0. Still asking for it in fact. However that name just isn't sexy enough I guess.
So in other words you haven't touched a non-Windows system since the
1980's?
Things have changed.
Umm nope, but again you win the assumption award. I was working on and managing DEC equipment into the 90's. I know of several DEC machines on the internet still right now. Have been playing with LINUX for quite some time which is for the most part (static HTML serving is the exception) where I think it belongs right now. As for the things have changed I am going to try the assumption game and figure you mean *N*X... Yes, but not as much as they should have. Look at the change in MS from the mid-80's to now, *N*X doesn't come close to the change and growth.
And this is acceptable to you?
Nope but I choose to work and help correct versus whine and bitch or say I'm taking my toys and going home.
LOL you can't be serious.
Yep.
Every time there is any significant change in Windows, industry is forced
to purchase
upgraded versions of their software from the manufacturer just to keep it
running.
On the other hand, some of the oldest crap I've had sitting in my home
directory archives
from 5-10 years ago still runs just fine under *nix.
I have an engineering system I wrote for a threadgrinding company in 1985 that is still in production and has been running daily since then. The last update to the code was around 1987-90. It ran on a PC XT until just March of this year when the 10MB hard drive died. It had gone through no less than 20 keyboards (machine shops are hard on equipment). They put the files on a brand new machine running Windows XP and the software fired right up and ran fine albiet much faster. They called me just to let me know that they switched it over. The issues are more in the vendors producing the software than specifically Windows or MS. Keep in mind that if Windows does a switch, it is a logical place where they can say, you need to buy a new version versus putting out an update or saying it will run fine.
Time to start jumping. I can think of two operating systems that are
superior to
Windows for end-user desktops:
I agree they have come a long way, but disagree on the idea that it is where it needs to be to knock MS off the top.
My belief is, if you're going to do anything, do it with excellence. This is why I don't run POS operating systems.
Sure. But you don't have to have religious ferver over it. I somehow visualize you sitting there typing away with a little bit of spittle coming out of the side of your mouth while you smash away at the keyboard. Probably inaccurate, but your tone and method of writing lends to that visualization. My biggest worry of the day while my systems quietly work away around the clock and around the world is whether I will drive the Jeep with the top off or the truck to the RenFest. I get the feeling yours will be how you will knock someone who thinks MS does a decent job bcause running around saying Linux is the best doesn't seem to be helping it take over the world very well. BTW, another thought came to me while reading your note. Do you have tinfoil wallpaper? No really... Take it easy Jon, joe :o) -----Original Message----- From: Jonathan A. Zdziarski [mailto:jonathan () networkdweebs com] Sent: Saturday, September 27, 2003 3:54 PM To: Joe Cc: full-disclosure () lists netsys com I couldn't help but interject my 2 cents. Visiting your website I see: Main Entry: joe.ware Pronunciation: 'jO-"war Function: noun Date: 2000 : generally useful idea pulled out of the ether by joe: as a: script and/or tool that makes the difficult easy; specifically: system administration tools b: win32 command line tools that almost make UNIX people think that there might be something to Windows after all c: the tools that real win32 admins prefer to use <SNIP> suggests to me that you have some bias against UNIX users, so I've no choice but to take your arguments with a grain of sand as troll bait. I'll respond, though. By the way, it's not the commandline tools that make Windows an insecure and inefficient operating system - if most other Windows developers feel the same way, I now understand why nothing has really been fixed in ten years.
Not an MC* anything. Don't believe I need a piece of paper to say I am capable of anything.
Then why do you have a Microsoft "Most Valued Professional" logo on your site? This appears to be one of the cheesiest recognitions one could attain, so why not aspire to something less embarrassing?
I either do it or I don't do it. It's up to me. In general I feel that if your opinion of me if based on me holding a piece of paper or not is your issue to work out, not mine.
I couldn't agree with you more that a piece of paper does not a man make, but in the Microsoft arena there are so many "want-to-be's" or "pretending-to-be's" that an MC* is a good way to weed through the chaff and know whether or not we're dealing with an intelligent, proven individual or someone who merely "tinkers around" with the pretty GUI.
If I had been heavily involved with the open source stuff, I would work my ass off to lock it down so anyone can read it but not as many people can get changes into it and compiled and out where it can cause
damage. This is how most of the open source community operates, including the Linux kernel, changes of which are heavily filtered. The fact that the open source community has a method of patch contribution does not weaken its ability to maintain good software - it actually strengthens it by not relying on a single entity to keep up with all the issues - something Microsoft has obviously lacked in.
I would also try to shut down the huge numbers of different people/companies all doing similar things but in non-compatible ways.
Then you will need to shut down Microsoft. Microsoft has a long history of creating their own standards which cause incompatibility with any other more standardized tools in the industry.
For geeky tech people, this kind of environment is fine. For the world as a whole and big businesses (100k+ employees) in particular it is too chaotic and uncontrolled. It is why many large large businesses are afraid of using open source products.
This is precisely how Microsoft's anti-competitive nature got started. Create what Dilbert calls a "confusopoly" and make Microsoft appear to be the leader when in reality they are the redheaded stepchild of technology (IMHO of course).
Also the licensing scares many as well. If you have a business that doesn't mind becoming a software design and writing house, it is great, but if you have a company that manufactures a motorcyle or bricks or sells hotdogs, MS makes more sense at this point.
This makes no sense. There is more safety in open source software to a hot dog vendor than there is in any Microsoft product. A small business wanting to run Linux to manage their LAN need not worry about licensing concerns as they're not redistributing anything. They can even install the software on as many machines as they want without worrying about licensing. Microsoft, on the other hand, provides nothing but a hardass system of compliance. They support agencies such as the SPA (or whatever they've morphed into now) which attack small startups and generate profit through litigation. I would submit that open-source licensing such as the GPL is far more beneficial for Bub's Concession Stand than a Microsoft license ever would be.
I don't agree another way would be any more rewarding. I generally enjoy myself and am extremely well compensated.
What does the average Windows bigot make these days? I noticed you don't have Windows XP or Windows 2003 Server listed on your resume - you might want to consider expanding your skillset and tap those markets.
A long time ago I started out on Commodore Pet's, moved through Sperry Univac and IBM Mainframes, moved through DEC PDPs and VAXes, moved through Sun Sparcs, ended up in Windows and think it is some of the more realistic systems I have seen for the world of users as a whole versus a world of IT people.
So in other words you haven't touched a non-Windows system since the 1980's? Things have changed.
insecure (heh) at times
And this is acceptable to you?
, but making decent strides while trying hard to support legacy systems
LOL you can't be serious. Every time there is any significant change in Windows, industry is forced to purchase upgraded versions of their software from the manufacturer just to keep it running. On the other hand, some of the oldest crap I've had sitting in my home directory archives from 5-10 years ago still runs just fine under *nix.
If something came out tomorrow that I truly felt blew MS out of the water across the board and was the thing that would win out across the world, I would jump.
Time to start jumping. I can think of two operating systems that are superior to Windows for end-user desktops: - OSX (rumor also has it Apple is coming out with an x86 version) - The RedHat 9 Linux distribution (easier install than Windows, _BETTER_ GUI, and great gui tools) Both have *nix backends that are shelled with extremely customizable, easy-to-use GUIs. You don't have to know any more unix commands to use either than you'd have to know DOS commands to use Winders. Not only is the backend superior to Windows, but the front-ends have now gotten to a point where the Windows nuts I work with prefer them over Windows' GUI. Gnome has certainly come a long way on Linux!
I haven't seen it yet and don't expect to see it any time really soon.
Just keep your head in the sand and you won't have to worry about it.
As for me, I will hoepfully be retired and out of the biz in 5-6 years.
Keep on scripting! Won't be long now.
I intend to spend my 40's, 50's, 60's, 70's+ on a beach somewhere with some little intelligent hottie whose worst worry is what color to dye her hair this
week. So you prefer emotionally shallow pets?
This stuff isn't religion, it's a job to pay for some of the fun things in life.
My belief is, if you're going to do anything, do it with excellence. This is why I don't run POS operating systems.
Finally, anyone who thinks that MS is the reason for all the viruses and worms and exploits running around is deluding themselves. Every multiuser system especially any that share information in some way shape or form is insecure in some way. I would say some of the safest machines on the internet today are PDP 11's running RSTS/E. Not because there aren't holes but because no one is trying to figure out their holes. If MS were gone tomorrow, the focus would simply turn to
whomever had the most popular OS. Anyone who believes that the anti-virus market didn't create itself, more specifically without business "arrangements" with Microsoft is also deluding themselves. It was the RED PILL, the RED PILL you were supposed to take! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Re: Pudent default security - Was: CyberInsecurity: The cost of Monopoly, (continued)
- RE: Re: Pudent default security - Was: CyberInsecurity: The cost of Monopoly Frank Knobbe (Sep 30)
- Re: CyberInsecurity: The cost of Monopoly Florian Weimer (Sep 28)
- Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly) Curt Purdy (Sep 28)
- Re: Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly) George Capehart (Sep 29)
- Re: Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly) Michael Scheidell (Sep 29)
- Re: Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly) George Capehart (Sep 29)
- Re: Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly) Michael Scheidell (Sep 29)
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Curt Purdy (Sep 28)
- RE: CyberInsecurity: The cost of Monopoly Jonathan A. Zdziarski (Sep 27)
- RE: CyberInsecurity: The cost of Monopoly Joe (Sep 27)
- RE: CyberInsecurity: The cost of Monopoly Jonathan A. Zdziarski (Sep 27)
- RE: CyberInsecurity: The cost of Monopoly Joe (Sep 27)
- RE: CyberInsecurity: The cost of Monopoly Jonathan A. Zdziarski (Sep 28)
- WINDOWS XP software restriction policy [path rule] bypass... bipin gautam (Sep 28)
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Curt Purdy (Sep 30)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly morning_wood (Sep 30)