Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Anti-MS drivel

From: "David F. Skoll" <dfs () roaringpenguin com>
Date: Mon, 19 Jan 2004 19:58:15 -0500 (EST)
On Sun, 18 Jan 2004, Gregh wrote:


I wonder if you would have the job you have or know the things you know were
it not for MS.


I wasn't planning on responding, but I changed my mind.

Of course I can't answer if I'd have the job I have now if not for MS.  That's
a silly question; would you have the job you have now if not for UNIX?  IBM?
The transistor?


I get tired of anti-MS drivel.


*I* get tired of people who dismiss reasoned arguments as "anti-MS drivel."

Look.  I'll try to spell it out simply.

Windows has a severe design flaw that has cost the world economy billions
of dollars.  That design flaw (the encoding of metadata -- specifically,
"executableness" -- in filenames) has been known since at least 1987 to
be highly dangerous in a network environment.  Furthermore, that design
flaw has been exploited several thousand times in the past.  Finally,
that design flaw cannot be fixed without fundamentally changing the way
Windows works.

So where does that leave us in 2004?

It leaves me running Linux, and waking up tomorrow to breakfast on a bagel.
It leaves thousands of Windows administrators staying up all night to ensure
that Bagle doesn't breakfast on their Windows machines.

It's pathetic that 17 years after CHRISTMA EXEC, hundreds of thousands of
Windows machines are succumbing to the same easily-preventable security flaw.
In the last 12 hours, my very low-volume mail server has dropped 16 Bagle
viruses.  By message volume, Windows viruses account for between 4-7%
of our daily mail volume.  Because they tend to be large, they account for
between 30-60% of our mail traffic if you count the number of bytes.

Windows people, I think we have a problem here.


The fact is that around my area the businesses are medium-small to
small and of course home users. Without MS, there wouldn't be
anywhere near the amount of computer users there are now from whom I
can make a living.


This is a revealing statement.  Better to make a buck from people
chronically in need of support due to a crummy operating system, than
sell them something that works and doesn't need support.

Trus me, if MS hadn't come along at the right time, someone else would have
(and I'd be bitching about Apple/IBM/whomever. :-))


MS has weaknesses to be sure but if you think you can write a much better OS
from the ground up with no holes in it, let me know. I would like to use it!


Linux/UNIX/*BSD/etc are much better OS's written from the ground up,
with no *serious design flaws* comparable to the one I outlined in
Windows.  I'd never be as arrogant as to claim that Linux has no holes
in it, but I will go out on a limb and say that for a general-purpose
operating system, the security holes in Linux are due to
implementation errors rather than design errors.

I will keep quiet now. :-)

Regards,

David.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: