Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Microsoft MCSE training faulted

From: InfoSec News <isn () c4i org>
Date: Sun, 26 Aug 2001 04:51:59 -0500 (CDT)
Forwarded by: Richard Forno <rforno () infowarrior org>

Part of the problem is that vendors see 'certification' as another big
revenue source...remember the days when computers and software shipped
with buccoo documentation, and the Z89 had pull-out schematics???

Now you might get a 10-page PDF file, half of which is the disclaimer
of liability, with directions to visit the vendors' website for
further help.

Win31, DOS, shipped with 2" thick users guides that folks could learn
from and use as a resource. Now you get next to nothing.

Thus, folks use software they probably don't know as much about as
they should......some might argue a product that's been shipped
incomplete, without the documentation.

So you pay some MCS-whatever to come in and fix what you should have
known in the first place.

FWIS, "security" training should not focus on how to lock NT, Unix,
whatever - rather, it's principles that apply ACROSS computer
platforms that draws on the security functions of the various products
and doesn't operate in a vacuum. Security is 90% great system
administraton and 10% specialized knowledge. This article has got it
backwards!  More specifically, good security starts with effective
software development and testing, of which MS has zero, contrary to
their marketing minions. (IMO, what they sell on the shelves as
'retail' is actually a final wide-scale beta test).

It's all about business, and developing revenue streams.


rick 
infowarrior.org / incidentresponse.com




From: InfoSec News <isn () c4i org>
Reply-To: InfoSec News <isn () c4i org>
Date: Fri, 24 Aug 2001 03:46:11 -0500 (CDT)
To: isn () attrition org
Subject: [ISN] Re: Microsoft MCSE training faulted

Forwarded from: Felix von Leitner <leitner () vim org>

Thus spake InfoSec News (isn () c4i org):

http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-91_STO63028,00.ht
ml



Lack of focus on security in professional training seen as factor in
spread of viruses


Excuse me?

Is it _Outlook_ and _IIS_ and _IIE_ and _VBE_ that get infected all
the time or is it MCSEs or the code they wrote?

The only one who needs security training here is Microsoft.

Felix




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: