Security·4,733 discussions

Does a Microsoft “monoculture” endanger security?

Locked

Do you agree with Jonathan Yarden that a Microsoft “monoculture” exists? Do you think it poses a threat to global Internet security? Does your organization rely primarily on Microsoft products? Share your comments about considering alternatives to Microsoft software, as discussed in the March 15 Internet Security Focus e-newsletter.

If you haven’t subscribed to our free Internet Security Focus e-newsletter, sign up today!
http://nl.com.com/acct_mgmt.jsp?brand=techrepublic

Topic

Yes and yes.

In reply to Does a Microsoft “monoculture” endanger security?

I believe that the monoculture exists. Especially in the consumer market. Most people have resigned themselves to the level of service they get from computers running popular software. They assume that in order to get by in the Information Age, they simply have to learn to be competent software mechanics in addition to their regular jobs.

I believe this monoculture is a threat to civilization itself. We are passively allowing the “information infrastructure” to rapidly become essential to the functioning of the economy. Yet it is nowhere near as reliable as the plumbing, transportation, nutrition, or even communication infrastructures.

We are increasingly discovering that the security problems in the information infrastructure are caused by undetected and unrepaired software defects that have been in existence for six years or more, and have been passed down through two or three major system upgrades. What producer in any other industry could retain market share, much less dominate the market, by delivering products with defects that cause major disruptions in the business of its customers and the lives of its customers’ clients? So frequently that each defect acquires a cute little nickname? Defects that it has failed to even notice, much less repair, since before the turn of the millennium?

American business is valiantly attempting to boost its IT shops up to higher levels on the SEI CMM in order to remain competitive in the world market. How can it do that if the software that underlies almost every one of its efforts is built by the “medieval guild” methodology of CMM Level One?

People are Missing the Whole Point

In reply to Yes and yes.

I think people have been missing the point that in the first place, the basic rule of law whether written or not is that we shouldn’t try breaking or stealing anything.

This is a case of say when you stumbled upon a house that had its door left open by accident or for some other reason – does that mean that it gives everyone the right to try and steal everything in the house?

Another question is – would you want to barricade your house with high walls, barbed wires, and several security personnel just to protect it? – similar to a jail house?

You see sometimes we blame others too much without thinking/reflecting on whether the premise that we are holding onto is correct or not.

Microsoft or be it other software companies are not to blame. Software was meant to aid people become more productive and provide ease on the stress of manual work. It’s actually the hackers and other computer criminals that are at fault and they’re the ones that we should get mad about.

Nice guys finish last

In reply to People are Missing the Whole Point

Sorry that the world isn’t living up to your standards, but it doesn’t and probably never will.
Cars, houses, and businesses have locks and anti-theft systems. Banks have armoured glass and guards. The people who sell computer systems are aware of the threats to their customers caused by weakness in their code, and they are obligated to try to fix it. We pay them to do that, and we have a right to expect it.
There probably never will be a 100% secure operating system, the question is how hard should we expect a multi-billion dollar firm to work toward that goal?

People are NOT missing the point!

In reply to People are Missing the Whole Point

You said:
“This is a case of say when you stumbled upon a house that had its door left open by accident or for some other reason – does that mean that it gives everyone the right to try and steal everything in the house?”
That is not the point. People who buy MS OS’s do so under the impression that “the house is locked”, not that someone “left a door open by accident”. The problem is that MS has left keys under many of the doormats and under rocks, and anybody with a brain and some determination can get in the house.

You still missed the point

In reply to People are NOT missing the point!

You wrote, “People who buy MS OS’s do so under the impression that ‘the house is locked’, not that someone ‘left a door open by accident.”

Oh, come one. With all the years of bad press about MS’s insecure OS’s, I really don’t think that’s the case. Even if it is, you are still blaming the home builder and home owner for not making the home secure enough, and you’re not blaming the actual criminals who are breaking into the homes. That’s like blaming the rape victim for her own rape, because she wore the wrong cloths and didn’t carry enough mace or a handgun in her purse.

Too much point missing… How about some common sense?

In reply to You still missed the point

Your reason about ‘not blaming the actual criminals’ is correct,
up to a point. It seems to me that when Microsoft incompetence
or intent was realized 10 to 15 years ago the blame falls back to
them for not ‘fixing the problems’ that were clear at that time.
Clearly, it is their intent to NOT fix these problems. So once you
know (either MS or their customers) the blame does fall back on
them for making a conscious decision to use the systems they
know are flawed. Using your rape analogy, the victim is clearly
not to blame in the first incident but if she continues to put
herself in unsafe situations after that knowing the possible
consequences, she increases the risk of a 2nd rape… If she
apply’s common sense about her activities, she minimizes the
risk.

MS system users ALL know the security issues with Microsoft
and they know that all Unix based systems (Unix, Linus, Mac,
etc.) are virtually 100% safe from forced entry and don’t have any
of the countless security issues common in all Windows
products. So at this point I don’t even think the ‘rapist’ can be
blamed, MS has made it a public issue for so long everyone
know of their questionable business practices and ‘seive’
security issues. So the ‘blame’ can only fall back squarely on the
user….
So the question is: Why would ANYONE use a Microsoft
system where ANY level of security is required???
Can anyone answer that question? I haven’t seen any reasonable
answer to that question.

Actually I really like the rape analogy

In reply to Too much point missing… How about some common sense?

Now I wonder how he explains who is responsible for Microsoft getting hit by the “Slammer” worm?

Well it wasn’t the virus writer, it wasn’t microsoft foe supplying a flawed product so it must be Microsoft’s fault for not patching their servers. Right?

But back to reality if Microsoft couldn’t keep their own systems up to date with the latest patches how can we as mere mortals be expected to do better then Microsoft?

Col

That is just ridiculous

In reply to Too much point missing… How about some common sense?

Linux, Unix and Mac are not in any way impervious to forced entry. Every OS has its security flaws that can be and often are abused. Check out any study done on OS security and they all attest to this. They also state that the reason we see so much in the news about windows security is because windows machines are far more prevalent. That’s just common sense. So if you’re just looking to hack a system because you’re some bored juvenile delinquent, you look for anything that can be hacked. There are alot more windows machines, people hate microsoft, people know microsoft products, so it stands to reason that they will be hacked more than linux or other OSes. Yes, it’s true that windows has more inherant security flaws but that doesn’t make linux or any other OS bullet proof by any means.

I don’t think Microsoft ever intended to make computing insecure. Initially, back in the 80s there wasn’t much of a concern for security by the average user and microsoft was focused on simply selling software that everyone would use. They were trying to make money. They did that. They did that better than anyone else out there. Now you have people that resent them for doing so well (even though they probably wouldn’t be able to do half of what they do online or offline without them) out there hacking their systems and software. They are cutting off their noses to spite their face. I wish these stupid little punks would actually contribute something that makes a difference rather than focusing on vandalism. Ok, rant over.

Ridiculous is right in the wrong way

In reply to That is just ridiculous

Absolutely correct – no system is immune to security flaws. However, some are better than others. Absolutely correct that Microsoft were ‘trying to make money’ – they weren’t interested in producing top quality software or systems, they were interested in blasting the competition and getting the goods to market. Now how would such a mentality promote inferior goods ?
Now, I think keyguy shows his true colors with the statement “though they (the users) probably wouldn’t be able to do half of what they do online or offline without them”. Microsoft brought goods to market, their record of inventiveness is less impressive. We wouldn’t have had word processors (Word Perfect?). No web (Netscape, BSD Sockets, FTP, HTML et al ) ???. No servers (IBM, UNIX, LINUX et al ) ??? MS brought computing to the masses but they didn’t invent computing and certainly the whole concept of dumbing down and churning out products to the lowest common denominator implies some sacrifice of reliabilty and/or security.
I would think that the concept of trying to create a world without criminals is unrealistic. So,for me, whether the criminal or the system is to blame, is a moot point. I want to protect my servers, not enter into some universal ‘love in’. Microsoft products have serious flaws and the nature of their proprietry and monopolistic practises (sorry but they were found guilty of this in the US courts and are currently in the European courts for the same stuff) make it extremely difficult for me to do anything about fixing these problems – even though I have the training and the knowledge to do so in a more ‘open’ system such as Linux or Unix.
Is this forum about politics (ie: do you like Microsoft)or about reality (ie: are some products better than others?)

No, it’s not ridiculous…

In reply to That is just ridiculous

Windows is insecure and has a lot of worms and
viruses, not because it’s, unfortunately, the
most used desktop OS, but becase:

a) It did ship with a firewall, but disabled by
default.
b) It insists on defaulting to Administrator
privileges for newly created user accounts.
c) It’s so stupid that it executes any code,
like scripts embedded in messages or ActiveX
controls from untrusted parties.
d) It’s been programmed with ease of use in
mind, not security.

And I could go on and on.

RE: Rediculous is right, in the wrong way

In reply to That is just ridiculous

I think that all of us (MS users AND non-users) can agree that MS software has its vulnerabilities and exploits, probably more that most of the other operating systems combined. I think most of us can also agree that at least some of the problems are due to the wide generalization of the microsoft product line, instead of widening the product line for a more streamlined product. We can all SURELY agree that security is, and always will be, an issue. Now, what do we do about it??? Let’s get some solutions here. One thought: Could the modest windows security possibly be sufficient in an environment where outside intrusions is not an issue? (Granted, there will always be the remote possibilities of some CIA guy sitting outside in a van with high-tech stuff, but considering NORMAL security conditions.) Say, for example, one had double-firewall (one hardware, one software) security on the only connection into the network from an outside source (broadband/internet). Wouldn’t the general windows security with lesser restrictions be a plus in this area? (Providing you can trust your users, of course.)

Rediculous – Maybe not so….

In reply to That is just ridiculous

I agree with you on two points. The vandals creating these virus’
are the prime bad guys here and should be punished when
caught to the fullest extent possible. Also, Microsoft, I think we
all agree did not create this problem on purpose and I’m not
sure people resent Microsoft for making money — after all it’s
what we all hope to do ‘one day’. In fact, as a long time Mac
user I have long supported them since they have created some
key Mac apps. The first software I bought with my Mac in 1985
was MS Word & Excel v1.1.

But, MS did make some bad decisions early in the game and
failed to respond as they should have and could have to fix the
security issues with the Windows platform. They therefore need
to should their share of the blame. The only reason big
customers need to share the blame is that they know of these
problems (for years) and have options to buy a ‘better’ system.

I disagree with your assessment of the other system and their
security issues. It does seem logical that the % user would make
it a bigger target. The other systems do have security issues,
but when compared directly it is clear that MS is proportionally
still infinitely more vulnerable.

As an anadotal indicator I have used Mac since 1985 and have
never had one incident of a virus impacting any system I have
ever used, alone, networked, on-line, etc. On the other side I
have also used PC’s over the years and worked in mixed
environments. I don’t know one PC owner who has not had
major virus and network problems.

True the other systems are not bulletproof but given the track
record of Windows and the relatively minimal problems with
Unix based systems why would anyone choose windows?

I have recently started working in the financial industry and it
seems the only system anyone is willing to recommend for
transaction and datbases is Unix based. Thank goodness.

Perhaps another reason that MS machines are hacked more often
is that ther are a lot easier to hack — As a hacker why would
you try to break into Fort Knox when you could break into your
local small town department store so easily.

Tesla444

Off the Subject

In reply to Too much point missing… How about some common sense?

I would suggest getting off the rape analogy all together. The victim is never to blame no matter what the situation. Now we can go back to discussing the issue.

Get off the Rape analogy

In reply to Off the Subject

I agree we should stay away from the rape analogy. But the fact
remains that the use does have to take some responsibility – not
the innocent user who buys into the Windows nightmare
unwittingly, but those sophisticated users who continue to
support Microsoft without demanding a better product.

It is clear MS will not listen to individual companies or people
but they will listen to one spokesman — Money. Money talks,
if we stop supporting them with $ in a big way, THEY WILL
CHANGE. Even legal solutions don’t work with a company so big
but moving our business with demonstrate the power of Money.

Tesla444

While the idea of boycotting Microsoft

In reply to Off the Subject

So that they will improve their products is the only way that I think they will improve them in a very fast manner the problem still remains on how you achieve this.

I would be the first to drop all Microsoft products but it is always the customer who calls the shots in this area and no matter how hard you try it is up to them to decide what they are willing to use. Now even with all the faults inherent in Microsoft products they still have a lower Total Cost of Ownership than anything else so this is what every company wants the cheapest alternative that is usable.

Changing every thing to Unix/Linux/BSD or whatever is not an option in the business environment as no business who is big enough to affect Microsoft is willing to take that “Leap” into the unknown and attempt to run a network with products that their users don’t know/understand. Microsoft remains where they are just because they already have a user base so large that currently it is impossible to use anything else.

As an example every Computer Usage course offered to anyone so that they can learn to use computers to improve their chances of getting a job only deal with Microsoft Products. Until this changes it will remain a self fulfilling action which spirals down-wards with products that are not secure have far too many features most of which are not understood let alone used and are based on obsolete bloated code.

Just try to find someone who is willing to teach Word Perfect Office 11 which is a better package than the Microsoft equivalent but is only found on a very small number of brand name computers which are sold for a price. This gives the impression that Word Perfect is a second rate suite of applications when in fact they are not but because they all work differently to the Microsoft Office suite they are no longer used and not all that long ago Word Perfect was the Word Processor Standard which everything else was compared to to see how good a job they had done in writing the code.

Col

Inertia

In reply to Too much point missing… How about some common sense?

It’s called inertia… Unfortunately, many
businesses and individuals made the wrong choice
and chose Microsoft insecure products. Now, they
don’t want to throw away all of their investment
and retrain in another platform.

However, I think that, at some point, we need to
analyze our decisions and take a change, even
when this means investing more money. It will
pay in return. I think the market is crying for
a change. We are tired of Microsoft products.

Microsoft and common sense?

In reply to Too much point missing… How about some common sense?

When corporate software from Microsoft doesn’t work properly, crashes frequently and often doesn’t work at all, security is very much a secondary issue.

As an example even the updated “windows installer” is a complete catastrophe.

Surely Microsoft must employ at least one competent programmer (??). As we all know, security is almost completely non-existent but Windows isn’t Unix, so I don’t know what else we can expect! But when very expensive software is flawed or very flawed . . . .

Everyone Knows – NOT

In reply to Too much point missing… How about some common sense?

Everyone in IT may be familiar with security issues related to Microsoft software. However, in my experience, many if not most folks outside IT know NOTHING about the issues.

They’re trying to get online to send pictures or correspond with friends & family. Or trying to manage their finanaces or access various web sites where they have some account or another.

Ask them if they have a personal firewall or anti-virus software. Most can’t even answer those questions.

I believe that Microsoft is aware of the flaws, that some are rather long lived, and that they have focused on consumer convenience to the detriment of security.

Sadly

In reply to Everyone Knows – NOT

Those of us in the IT profession WISH Microsoft WOULD address the issues.

As IT professionals, we are all too aware of the major shortcommings, many of which Microsoft ARE NOT trying to put right.

So what are you trying to get across?

In reply to You still missed the point

That it is OK for Microsoft to sell us software at inflated prices that doesn’t work and it is our fault?

Unfortunately I live in the real world where Microsoft has the market domination and at the very least every workstation for all the end users needs to run Microsoft currently as no one is prepared to learn anything different. At a rough guess from what I have seen in all my customers work less than 10% of any software is actually used and the other 90% is just wasted space for them.

Now Microsoft really got started when they did a deal with IBM and ever since then Microsoft has been synonymous with the PC market. Really is it any wonder that it still commands the lions share of the market?

That is because most end users have at the very least learnt Microsoft and a few have even grown up with these products and they are all that they know and are willing to learn as well. Therefore to save costs companies only use Microsoft products in the work place where they do not have to outlay any money in training. They may constantly be dissatisfied with these products but they stay with Microsoft because more from fear than anything else. Something along the lines of “Better the Devil you know that that that you don’t know!”

Col

It is OUR fault

In reply to So what are you trying to get across?

As IT it is OUR fault that we are using products that do not meet our own requirements. Sure, there is a lot of leaning towards MS from upper management because that is what they have on their home computer and that is what they know, but WE are IT and it is our job to make sure everyone else can do their job and well.

We all know the MS is substandard as far as OS’s are concerned. We all also know that all the junk that MS throws into it’s OS is never used, especially in the workplace.

Users use email, file storage, a couple of apps that are most likely specific to each organization and a word processor.

So, we all need to start a movement to get away from MS products. This movement, if large enough, will do one or two things. It will give us a better working environment since Linux, Netware, Unix, MacOS, etc.. IS more secure than MS could dream of, no matter what any of the MS buffs in this string say! And/or it will force MS to actually fix their OS because they will be losing market share.

How we do this is not by fighting the machine but presenting it to upper mgmt is a fashion that they will like. Man hours, productivity, cost. We gotta count beans like the bean counters to get them to come over to the good side of the force.

We all know that users will whine for a few weeks when they get their new GNOME desktop, they won’t like the email interface, they won’t like star office. After another month they will think it is kind of cute or nifty or they like the look of Xwin or something. Next month no one even remembers what it was like to use MS in the office.

Users will adapt, Mgmt will fall in line if given the proper numbers.

So I say again, it is OUR fault that MS is so junky yet still used. Because we are complacent.

Thanks
Rick

Well once upon a time

In reply to It is OUR fault

I installed a total Linux environment into a new company. There was nothing Microsoft at all in the place and I did this as a form of cost cutting and increased security for the customer. The owner was happy with the costs involved and when the business started I was constantly called back in to “Fix Problems” but every one of these service calls was in reality only to show the end users how to work the system.

Like I can’t install MS whatever why? There where no real apps involved only utilities that the end users thought they needed. I did however use the forerunner of Win4Lin can’t remember its name now and ran Corel’s Word Perfect Office as their main Office apps.

The real problems started when they tried to adapt their accounting packages to Linux as it didn’t work on that platform and it had to be used. Well the long and the short of it was I had to buy a MS Volume Licence Agreement and spend several days installing Windows on 200 computers. Not a very pleasant experience I can assure you, but then again I sought of expected it as well. They currently have Windows Y2k on their workstations and every server in the place retains the Linux that was originally installed.

Not a perfect solution but at least it works and the customer is happy now if only there where the same accounting packages that are so common foe the MS platform available for Linux things would be great. Incidentally they are still using Word Perfect as their main Office App and now wouldn’t consider switching back to MS Office.

Col

I think he’s right…

In reply to People are NOT missing the point!

Whoever said that software MUST be secure? If you want to keep using the house analogy, fine: Is the person who builds your house responsible for making it break-in proof? No they aren’t. That is ridiculous. And microsoft has never claimed or implied that their software is bullet proof. Because no software will ever be secure, just like no house will ever be secure. What’s his face has a point, the criminals and little script kiddies are the ones responsible for the lack of security because they can’t seem to control themselves from breaking into computers. All that needs to happen is for these people to stop. Period. People in general need to take responsibilty for their own actions. That is the only way anyone will ever feel or be secure is if criminals stop this crap. I know it sounds so simple and naieve as to be ridiculous but it just simply is true.

If these assholes stop writing viruses, stop writing spyware and stop hacking into systems we won’t have a need for security. We’ll actually have some freedom and computing will cost everyone alot less.

I say we make the punishment for computer crimes death by hanging and it should be televised and the person whose property was stolen or damaged should be the one to pull the lever. That’s another option anyway.

We should thank the criminals and little script kiddies

In reply to I think he’s right…

For without them constantly attacking we would sink into a lethal lethargy.
Look at the Stink Y2K caused and then the letdown when nothing happened.
Imagine that we were all unaware of the Y2K issues and come January 1 2000 planes started dropping from the sky nukes were launched ETC ETC!
Thank you script Kiddies you keep Microsoft on their toes and cause them to atleast spend a little money on trying to make their products better and less on law siuts against the compitition !

You really are funny…

In reply to We should thank the criminals and little script kiddies

Y2K was an issue with every computer system, not microsoft. It didn’t take illegal activity to see the flaw. Condoning these little punks’ activities just because you don’t like the fact that Microsoft keeps beating everyone is the ultimate in irresponsibility. You and the script kiddies need to grow up.

But Actually

In reply to You really are funny…

“Condoning these little punks’ activities just because you don’t like the fact that Microsoft keeps beating everyone”

Microsoft doesn’t continually beat everyone didn’t they just recently get found guilty in the Courts for breaching something or other?

Didn’t they get found by the US Government to be in breach of the Monopoly Laws?

Aren’t they currently in court for being accused for inflating the prices of their products?

While they might win on the Sales front they do not often win in the courts remember the Netscape debacle?

But Microsoft learnt from that as they effectively stooped Netscape and at the same time made their IE the standard browser and at very little cost I might add in comparison to an all out advertising war with Netscape.

However they have finally found a way to get what they want they just buy a large interest in a company and then insist that they drop any “Open Source” projects. Once Microsoft get their war they then offload the stock quite often at a loss but it is cheaper than using other means to get their way. Just image what would happen if there was an “Open Source” version of Word Perfect available!

Just how long do you think Windows would survive? Once there is a real alternative to the Windows OS that will support the commonly used third party software that is used now you’ll see a marked decrease in the sales of “Windows” and Microsoft knows this that is why they try so hard to prevent this from happening.

Col

Exactly How

In reply to I think he’s right…

Do you suggest we catch these people with 100% certainty that they are the real culprits?

If I remember correctly “Slammer” was blamed on a student in Indonesia who didn’t have a computer or access to a computer so in all fairness exactly how do you expect us to believe he was responsible?

Granted in all likelihood he probably did admit to it {But a few beatings with a rubber hose across the soles of the feet and you’ll admit to anything.} What you have to remember is that a lot of these people live in different parts of the world where you’re “Legal System” doesn’t apply. A lot of these place want a conviction at any cost and are not really interested in catching the culprits just getting a “Result” so they can say we did our bit now you are expected to do you-re’s.

Actually if you want to go back to the beginning of Hacking it started in Australia and when it started there where no Laws being broken no matter just how much damage was being done to the systems that where being compromised. So it is all well and good with you’re simplistic view of things but you might as well say that all road fatalities are caused by speeding & drunk Driving and people should stop this. Unfortunately even with draconian penalties placed on these offenses it has not lessened the number of offenses being committed every year and there are many repeat offenders or in the case of speeding where the Police are not actively involved and rely on unattended mechanical means to gather speeding fines they are subject to Fraud. People can an do alter their number plates to pass the blame onto others who find it almost impossible to prove their innocence.

Col

Crashes and not secure.

In reply to I think he’s right…

Well Windows in all of its versions seems to be the most crashable software around. If you go to the Tek-Tips forum it is absolutely full of crashed windows systems. At our University we dissasembled Win XP and found two instances of 8 bit CPM code in the OS, MS claims there are no more 16 bit codes used, this might be tru, but they forgot about the 8 bit encoding. After numerous virus and trojan attacks we now use a linux server as a firewall and no more virus problems at all. This is over a period of two years. I just made a recommodation to our Uni to forbid the use of MS software at the university grounds. This will take effect at the start of the next semester.

A smart and responible consumer

In reply to Crashes and not secure.

Your response to the Microsoft nightmare is the only possible
route to go. If all companies made this decision Microsoft would
quickly react and maybe even build a decent system, no doubt it
would be Unix based.

Thankyou for taking positive action.

tesla444

Reply To: Does a Microsoft “monoculture” endanger security?

In reply to I think he’s right…

To use the analogy of the house (yet again)….
It’s not the builder/architect’s job to make the house secure. You can however get a third party (security company etc.) to come in and secure it without needing access to any secret/intellectual property type stuff. A house is a house and people know how one works.

If it’s not Microsoft’s job to fix the security holes in their software then how do you expect third-parties to be able to do so without access to source code? Sure it can be done by reverse-engineering, but second-guessing isn’t really the best way to go about fixing security holes in software.

DoomsDay

In reply to People are NOT missing the point!

This is exactly why we switched to a Novell Server. I didn’t have time to babysit a server on a daily basis. I think every system is hackable but I get tired of updating and managing patches and updating virus software. Granted, it’s job security but Windows is a very flawed system and yet people keep buying it. It’s very scary.

Do you have a home security system?

In reply to People are Missing the Whole Point

Do you have a security system in your home? If you answer yes, then you should have kept this thougth to yourself. If you answer no, then maybe you really trust our law/justice system to the point that you think they will prevent anyone from breaking into your house. Or, maybe, you think that the chances of someone picking your house is very slim. Either way, you are missing the point in that man is basically evil by nature. Whether you get mad at the criminal that’s stealing your stuff through the front door (the thief) or at the criminal that is robbing you through the back door (through a legally approved monopolistic scheme), you are still getting ripped off. Its not about getting mad, its about education of the masses and exerting enough pressure on the Software Giant to clean up there act/software. I am sure there must be enough money in their coffeurs to create some resemblance of software that at least gives the appearance of caring about security.
Oh well, I guess we can carry on status quo – – A security patch a day, keeps the thieves away (and keeps the anti-virus business in the fray). Hey, I’m a poet and I didn’t even know it.

Something to think about!

Well put

In reply to People are Missing the Whole Point

You can’t blame Microsoft for the sins of others. They didn’t know how bad the neighborhood was going to get when they built their house. I believe MS is doing their best in this area. Think of all the unknown vulnerabilities MS is expected to discover before anyone else does. Also, Windows is under attack, put Linux or some other OS on the top where MS is now and you’ll see the same thing happen to them.

Microsoft is doing their best

In reply to Well put

Yes, I agree, Microsoft is doing their best and it’s not good enough. That’s why a competitive system is so great. Someone can come along and do better. Certainly it took a little while to come up with a competitive model that Microsoft couldn’t crush, which is what they do really well. But now a strong competitor is here in the form of open source and that can only make all parties better or weed out the pretenders. If you can’t be patient, just use a non-M$ operating system.

No, YOU’RE missing the point

In reply to People are Missing the Whole Point

While it may be true that the responsibility for the act of exploiting a security flaw lies with the person doing the exploiting, the responsibility for the security flaw being there lies with the manufacturer of the software. No-one is stating that there is a right to steal or destroy data, but in the same way that one expects a modern house or car to have reasonable security (lockable doors and windows, a burglar alarm) one should expect software to be written with reasonable security as one of its prime considerations. We expect people to respect the privacy of our homes and cars and not to break into them, and where caught, we punish people who break those rules; at the same time, however, we recognize that there are always going to be people who break those rules, so we design our houses with that in mind, to reduce or eliminate the likelihood of their being broken into. Consider this; your friend has just bought a new house in a bad neighbourhood. It’s a very nice house, full of modern conveniences, all the bells and whistles, and looks impressive. He tells you, however, that the builder has supplied it without locks on the doors and windows; the builder will also not provide measurements so that he can fit his own locks. In addition, the builder states that any attempt to work out the details of the doors and windows and the locks required and provide those details to anyone else so that locks and alarms can be made violates the terms of the sale, and the house may be repossessed immediately. Your friend is worried, but he bought the house anyway, regardless of the area and the security faults because he likes the convenience features. What would you think of the builder, and what would you think of your friend?

Brilliant Analogy

In reply to No, YOU’RE missing the point

Thanks. T appreciate the perspective and accuracy of your post. I think it hits the nail right on the head.

Which Nail?

In reply to Brilliant Analogy

While the analogy may have hit a nail, I don’t believe its the intended nail. The conclusion I draw is that the friend made an assessment of the situation knowing the benefits and flaws and determined that the benefits out weighed the flaws and purchased the home. Now, the friend gets to deal with the flaws and enjoy the benefits. It looks to me like a whole lot of business decisions I’ve seen. If there is a morality play on stage in this scenario, I missed it.

I got some nails for ya…

In reply to Which Nail?

If i can be so bold as to add to the analogy (hopefully, to illustrate why we should be upset with MS.)

MS is one of only a handfull of contractors who can build a home, anywhere. A number of the other contractors only provide the foundation, and give you the plans for all the really cool stuff the MS ‘contractor’ will build for you (some provide modular rooms, others just provide really good materials).

So, your two options are: to hire some artisans to build you a house using the foundation provided from one contractor, and integrating whatever modular rooms and features you want in your house, possibly using plans provided from various other contractors. Or, to get the prefab home filled with features you might not want or need, but that requires you to hire some house staff (IT pros) to scare off anyone who tries to get in through the many openings in your house, paint over or fix what the vandals destroy, and just generally keep your home safe, constantly. Of course, occasionally the prefab contractor will come by with an oddly shaped window or door to discourage someone from accessing that particular opening, but you can be sure these tenacious criminals – who we’re ALL very mad at and want to see strung up just as much as the prefab contractor – will find a way inside eventually.

Worst of all, every couple years the prefab contractor will want to cause a major upheaval in your life by redesigning the overall layout and features of your house. Then, you need to relearn where the various rooms are, and what features have been added, or removed whether you liked them or not, but it never really solves the problem you have with people coming in your house uninvited… i could go on, but my company has an all MS network that needs me to make sure no one is coming through an open window.

peace

This whole analogy is just stupid

In reply to I got some nails for ya…

First of all, there are plenty of people brilliant enough to create an OS that is as secure as all of you people want it to be and has all of the features you want, but guess what? They are all a bunch of sissy whiners who would rather complain about the piece of crap OS everyone is using now rather than actually DOING something to compete.

The fact is WE HAVE ALL SETTLED (well those of us that use Microsoft) so get over it or choose another OS. It’s really that simple. You have control over your life. If using Microsoft’s OS and other software is such a burden, then stop using it. Tell your dumb ass bosses that they are retards and that you won’t be a part of supporting microsoft anymore and quit. But do me a favor and stop whining about Microsoft here in these foums. And frankly, I wish tech republic would actually have something fresh to say once in a while. This stupidity is far beyond tired. Microsoft is here until someone beats them. That’s just the way it is, and no amount of bad mouthing or whining will ever change that.

When it comes to security…

In reply to No, YOU’RE missing the point

Very nice post.

Let me make another analogy: someone might buy a door for its house, thinking its wood made, and it surely seems to be so. Some time later, this person, who was happy with its door, discover that a thief entered its house just by kicking the front entrance: the door was not wood, but paper made. Let?s say somebody lied about the properties of the door.

All in all, every door has its own weak points. Its just a matter of right information, fair cost and benefit.

Poor analogy

In reply to No, YOU’RE missing the point

The whole house v software analogy is flawed anyway.

A house is simply a container it does not carry out a process and it is equivalent to your computer hardware which cannot do anything on it’s own. Computers don’t get hacked the software running on/in them does. For an analogy to be drawn there would have to be some way of taking control of the people in the house and making them work for you.

I cannot break into someone’s house and then have that house automatically start breaking into every house in the neighbourhood until there were non left to break into or until the neighbourhood refused to let me be part of it.

If it were possible for this to happen then I WOULD want barbed wire and guard dogs and machine guns and anything else I could find and I would be wanting to know why the housebuilder sold me a house designed to provide comfort and security but failed to deliver.

A closer analogy would be that of your car which is a machine designed to carry out a function and has a security mechanism to stop others from hijacking its function but even this is less than perfect for the same reason stated above.

It is no accident that we use the term virus, it is the nearest analogy we have – it causes the body to function beyond our control and it spreads to others causing the same effect.

Another close but somewhat sensitive analogy is that of religion. It can be ‘implanted’ into the people inside the house causing them to change their function and also causing them to subsequently ‘infect’ others around them. In the case of cults that cause behaviour unacceptable to the majority this is a particularly close analogy.

Reality bites but stubborn attitudes hurt

In reply to People are Missing the Whole Point

Yes. I agree. Microsoft is endangering and making everyone dance to their tune by selling faulty applications. Can you imagine how it would look if it was possible to stand back from the earth a ways, see through the buildings and WATCH the millions of people working, swearing, patching and crying because their machines are hacked/broken/virused/data stolen/etc??? If Microsoft could see that, they would never stop it because they have such POWER over the “commoner”! LOL
But, for us to whine about a reality that will never be changed no matter how we try, then we fall into stubborness and stupidity. NO ONE should steal or harm, but when will that happen?! So. Get on with it, protect your equipment and users and data. At least you will be able to sleep at night knowing you did all you can!

blaming hackers and or Microsoft is not the issue

In reply to People are Missing the Whole Point

This issue is about security. I think that it is important to not lose focus by laying down blame on companies and hackers. Todays computing world is what it is. Microsoft did a great thing years ago by bridging the gap between cryptic computer programming and the average user by creating robust and highly effective computer products that were useful to normal people who did not spend their time programming code 24/7. As a result, their products caught on and now they are the successful organization that they are. Unfortunately, their very size is what makes them the prime target for individuals who choose to spend their time developing code to break into other systems (hackers and the like).

Whose fault is it? Who cares! The situation exists. And it is our responsibility to know how to best protect our datasystems from attack given this communications climate.

To answer the original query of this thread, yes – I think that if you subscribe to a Microsoft monoculture then you are opening up yourself to vulnerability. They make a kick-ass desktop OS and office productivity software which all of my clients use. However, due to the patchwork that is required of anyone relying on MS software these days, I use MS software for desktops and go with other technologies like Novell and Linux for server platforms and email. Even though these platforms are not foolproof either, I rest a little easier mixing up the technologies a bit in my network because I have found that this makes complete system invasions and data theft/loss much less likely.

MS makes the computer layperson lazy!

In reply to blaming hackers and or Microsoft is not the issue

I disagree that they did a great thing several years back by moving from the “mysterious DOS” to Windows. It would have taken a minimal effort to teach kids growing up in the eighties how to work in a DOS environment. If this had happened, those same kids would be much smarter about their computers today. Operating DOS is not that much more difficult than working in Windows, it’s like the difference between learning to drive and automatic car vs. a manual, it just takes a little more practice.

DOS is too powerful

In reply to MS makes the computer layperson lazy!

We cannot simply give EVERYONE access to DOS, because DOS is too powerful a tool when put into the wrong hands (as viruses so clearly demonstrate even today). Windows may not have the best or the greatest security, but Windows does have one great advantage against the uneducated user: difficulty against simplicity. Does anyone share my pain in remembering how many screens one has to go through to make major settings changes in MS? (The stuff MS doesn’t want the average user to get to, they bury under twenty windows in an obscure corner that the average user would not find by mishap or wandering about!) Therefore, in a way, Windows did us a favor by getting away from pure DOS. Besides, imagine the security problems we’d have from hackers if we all still used DOS. No logins/passwords, no accounts, just pure, unrestricted access. Go figure.

Finally an intelligent answer

In reply to blaming hackers and or Microsoft is not the issue

You’re getting paid far too little for what you do man 🙂

Naive view

In reply to People are Missing the Whole Point

That view is rather naive. You do have a point mind you, but that attitude will not prevent folks that don’t share your viewpoint from breaking into your systems and stealing data, wreaking havoc and causing you lots of work and stress.

You missed the point

In reply to People are Missing the Whole Point

If I leave the front door on my house open then the law in my state (Ohio) says that I have given an open invitation for any and all to enter. If I place a swimming pool in my yard and leave the gate open then it is considered an open invitation to the community to swim. With this in mind it is the companies falt for leaving the door/gate open. Not to mention all the back doors that have been built in to modern software by the programmers, do you think that Microsoft has checked every line of code for the back door left by the deviant programmer that just got mad at “Daddy Bill”?

Another stupid law…

In reply to You missed the point

They just created that law so that the defendants in every breaking and entering case would have something to argue in their defense. God forbid people should have common sense, or that someone should have the freedom to leave their doors and gates unlocked. That’s the problem. These criminals have actually gotten people to think that it’s ABnormal to keep their houses (or computers as the stupid analogy continues) unlocked. That it’s ABnormal to CHOOSE to trust your fellow man (or hacker, as the case may be). THAT is the real issue involved in ALL of this. These scumbags should all be shot as an example and have their heads stuck on pikes. Then we should take digital pictures and post them all over the web.

These criminals have made people afraid. And people that are afraid generally aren’t rational. To force a company to be accountable for your security is ludicrous. Microsoft doesn’t OWE us any security. They claim they are trying. I believe them, but if it isn’t good enough then go with something that IS secure. Or better yet, leave all of your doors completely unlocked and start trusting people again. Who cares if some kid sees your collection of transvestite porn anyway? 🙂

OK but what happens

In reply to You missed the point

When you leave a Back Door open that you didn’t know existed are you still leaving an open invitation for every boy and his dog to come in play around and take whatever they like?

This is the difference between most other products and Microsoft software in all other products you’re able to see what is happening how to lock the individual things up so that no one can gain easy access to them or at the very least there is some form of preventative security in place to make it harder to get in.

Now with Microsoft this isn’t the case they even go as far as getting every end user to agree not to look at the code so you are prevented by the law from doing everything possible to secure the system. In a case like this exactly how can you be said to be leaving an open invitation to anyone to enter and do what they like without any comeback against them.

If it was a builder who hid a back-door that was un-lockable and people entered you’re house you would have a come back against the builder if the laws where you are, are what you claim them to be eg an open invitation to everyone to enter so under the very same statement that you applied Microsoft should be responsible for all the flaws that they have built into their systems. However in the real world Microsoft have the money to stretch things out until you are bankrupt or dead either way even if you are in the right you end up losing. It is only when Governments are willing to take action against corporations that there is any chance of getting a result that might improve the product but at this stage where the “Legal Whores” are involved they are not interested in fixing the problems but only in money which they think fixes everything.

Col

Naivete

In reply to People are Missing the Whole Point

As long as we live in an imperfect world there will always be individuals that defy the law and attempt to exploit any opportunity they can for personal gain, regardless of legality.

Absolving software companies of blame because the law states that electronic theft and vandalism are illegal fails ingnores other legal concepts such as “Due Care” and “Contributory Negligence”.

A responsible software vendor will recognize that fact and do everything in their power to ensure that their products are secure. Those that don’t, and leave their customer’s data exposed and vulnerable to explotation, leave themselves open to legal action.

And that is the problem

In reply to Naivete

Terms like “Due care” and “Contributory Negligence” are just another way of saying “Let’s find another way to sue someone because we were too stupid to know that our computers could be broken into” and in the end, the lawyers get the money and everyone else loses in every conceivable way.

I swear there are teams of layers that scour through the dictionary to find ways to sue people.

I agree with shakespeare…

That’s not the point

In reply to People are Missing the Whole Point

The point is not whether Microsoft makes buggy
software. The point is that Microsoft *should*
be legally held liable of all the bugs
introduced in their products. It’s that way in
other industries, like the automotive industry.

Defective software causes loses and may cause
people casualities. Thus, they must be held
liable for all the trouble they cause us and the
world everyday.

Here is the point !

In reply to People are Missing the Whole Point

The USA has Lemon Laws
If a car had as many faults as Windows you could take it back to the dealer and get a brand new one ! FREE !
But Microsoft cons us into buying their crap again and again with the promise that the next one will be better and more secure !
Why hasn’t someone lauched a class action against Microsoft due to this practice I do not know.
Does anyone remember the AMIGA ? Commodore biult about the worlds best computer and OS there but Microsoft and IBM ran them out of business.
But People are still keeping the AMIGA alive
you can buy a brand new Amiga one with Power PC G4 chip and an os that can emulate a Mac faster than a Mac runs it’s self at the same time as it emulates a windows PC !

Just to let you know I both love and Hate MicroSoft
I am a support tech and without MS windows I wouldn’t have a job. But I still hate the crapy way they do things

Hackers, Crackers, and Phreaks

In reply to People are Missing the Whole Point

I want to point out that hackers are not to be equated with crackers, phreaks or other nutcases who are distructive. Hackers, check this out on your next internet search, vehemently deny any relation to crackers or phreaks or anyother criminal types who do distructive things. A hackers is a teck savy individual who modifies code to his or her own purpose and then frequently put it out into the open source community for others to use. Hackers are the ones who game us Linux, BDS, etc.

Fix the problem, not the blame

In reply to People are Missing the Whole Point

In the real world there are bad people and enemies both
here and abroad. There are also the creatively inept. Not
all bugs are malicious. The fundamental flaw is building an
insecure monolithic network, OS, and CPUs that all respond
to the same bug or hack. Diverse networks, OSes, and
CPUs moderate the risk just as heavy water moderates
nuclear energy. I don’t know about you but when bugs are
flying around my house I close the Windows. WinX is much
more secure running as a recoverable guest OS on a Unix
host. I can clone and recover that. I cannot easily do so in
native Windows simply because “they” consider their
intellectual property more important than mine or yours.
Another fundamental flaw.

Software Mechanics

In reply to Yes and yes.

Sorry, but most folks in my company don’t assume they need to be “software mechanics” they WANT to be software mechanics.

Most of their problems are self-inflicted. We build them an image and will create custom images or do custom software installations after testing but my customers would rather play IT professional and then ask for help AFTER they’ve botched the system.

People using Macs are no better and lock their systems just as frequently, BTW.

And the biggest security holes are still caused by social engineering. Yes if the flaws weren’t in Windows they couldn’t be exploited but our systems would be far from closed because we can’t enforce any good security practices.

So even if Microsoft could wave its collective hands and fix all the flaws, or we could find and switch to an OS where none of those flaws existed, we would still be compromised.

Some do, some don’t

In reply to Software Mechanics

A few points:
Various measures are available to secure Windows workstations, at least to some extent, from wannabe IT experts.
Enforcement begins with education. Reminders and tips, along with accountability specified in employee manuals, have proved highly effective in keeping employees attentive about what they should be doing with their work time.
Every workplace is different. The systems used, therefore, must be solid. A secure and stable foundation will keep the vast majority of employees’ attention on their work as opposed to under the hood.

If this is correct

In reply to Some do, some don’t

Exactly how did Microsoft get hit by the “Slammer” virus when they had produced patches to block that venerability?

If Microsoft is unable to keep their Web Interface from being attacked particularly when they have released the patches to prevent the problem in the first place exactly how are we puny mortals expected to perform a better job than Microsoft can?

Col

Great Wall of China

In reply to Software Mechanics

Hi,
Your comments about social engineering reminded me of the Great Wall of China.
Several hundred years ago China felt very threatened by barbarians beyond its borders, so Emporer Somebody or Other decided to build the Wall. It was truly impregnable, but China was still invaded many times afterwards. How? Bribe the gatekeeper!!!

Microisoft and the Nutbar Attitude

In reply to Yes and yes.

Yup… indeed so, we’re in a monoculture dominated by Microsoft and Co. Just go into any computer store and request a new PC with the latest version of Linux as the O/S …lets say Red Hat’s Fedora… a nice piece of work in progress. They’ll look at you like your from outer space …and you’ll be treated just about the same way, like some kind of geeky nutbar…. “Fedora??!! what t’hells that?” they will say… Needless to say it’s XP the so-called “included free” version or nothing… coming to you complete with enough security holes to drive a freight train through. Hmmm… maybe there’s method in all this madness after all… to create a huge demand for a “newer, better, more secure” product perhaps? “have we gotta deal for you”… “Longhorn”!! Well, let’s hope it’s got some beef to it, and not just another case of mad cow disease.

Unfortunately, here in North America marketing realities demand that new product be displayed with the latest amd greatest version of Gatesware complete with it’s obligatory copies of Outlook Express and IE. If Microsoft does fear anything about Linux, it’s on the lucrative server side of things, where most of those those so-called geeky guys know better, and it’s through their proxy-hired-gun SCIO that Microsoft hopes to throw sone fear and the cold threat of a libel chill into the heart of the open source movement.

Richard

Weak links and monocultures

In reply to Does a Microsoft “monoculture” endanger security?

For the most part ANY monoculture is a threat to the security and well being of an organization.

Whether the monoculture is an operating system, a mind set or a crop of corn, it creates a situation where large parts of an organization’s functions could crash if something successfully attacks the monoculture.

You might consider a monoculture to be a weak link in an evolutionary chain. While it may promote efficiency through mass production, it creates a vulnerable spot that can cause a major catastrophy when injured.

And worse yet, that ‘injury’ could be caused by a simple mistake.

Security Philosophy

In reply to Weak links and monocultures

We always have to remember that security no matter how good it is can be broken. You see even the most expensive and secure safes, locks, and etc can be broken by persistent and determined criminals.

This is the same with software. Whatever encryption or security measures/infrastructures that are built in to the software can eventually be broken.

Software is built by man, ergo man can definitely destroy it.

Honest to goodness discipline and education is the key to ultimate security.

Defiantly YES

In reply to Does a Microsoft “monoculture” endanger security?

But then again you can have the “Windows” OS for all workstations and have a Unix/Linux or whatever gateway so none of the end users notice it at all.

This is at this point in time the only real alternative as almost everyone knows Windows and next to nothing about any of the other OS’s that are available. I’ve even had customers insist that they go only Microsoft because Microsoft was responsible for the computer market while totally incorrect this is the belief in most parts of the world but there are currently some countries who are bucking this and going with something else and when that happens who knows what flaws will be found in the competing OS’s. Currently the Microsoft Product is the most attacked system because of its basic design, lack of thought about security from its very inception and the worst yet our own lack of willingness to adopt a different technology.

While Linux is touted as the next OS by some if it was to become as popular as Windows currently is I do not doubt for a minute that those nasty little people out there who just live to break systems will get far more “Clued Up on Linux” and find way to break this as well.

What is required is a vast number of different OS being used world wide to make the systems more secure and at the same time mixed up as well so you can have a BSD/Linux/Solaris/Windows network that is harder to breach than purely any of the single OS networks that we so often see in the work place.

Currently Windows is on the nose with a lot of System Admins and the like but if it was reversed I’m sure that Linux or whatever would have just as many complaints about its shortcomings and that Windows would be looked as the next great thing to come. What is required is some serious competition with our basic Operating Systems no matter who supplies them and with this competition we will eventually see better products! Any company who can dominate the marketplace for as long as Microsoft is going to get tired and let their guard down at least a little but what is the main problem here is not so much how the OS’s are being developed but just how computer usage is growing. 7 years ago the internet wasn’t much of anything and more a curiosity than anything else but today we are no longer just looking for a computer but way to connect to the Net wireless-ly and as fast as possible. Everything that we want is a contradiction to really good security and that is what is driving the market {Our Need For Speed} nothing else!

Just look at every bit of hardware/software that we buy today we always want the fastest for the buck not the most stable.

Col

Linux/Unix lacks many of holes of Windows

In reply to Defiantly YES

There is a common misperception that if Linux was as popular as windows, there would be more attacks and hacks. This is patently false. The essential architecture makes Unix and Linux more difficult to attack. Also, most secure web sites and internet interfaces run on Unix/Linux. Hackers have a great deal more motivation to hack a Unix operating system than Windows.

With Linux, the kernel is undergoing constant revision and refactoring, and it is far fewer of the cheesecake buffer overflow errors that plague windows. Also, the security model in Linux is far more secure.

It is possible to configure a very insecure Linux box, but it is far easier to build a very secure Linux box than Windows. You can put a Linux box naked on the internet if it is properly configured and periodically patched. However, no matter how often you patch a Windows box, it will be hacked eventually unless it is 3 layers deep behind a firewall.

Windows needs to be re-written from the ground up, which has never happened.

Depends on the Administrator not just the OS

In reply to Linux/Unix lacks many of holes of Windows

Security also depends on who is administrating a Linux or Windows box. I work in a mixed environment of Macs, Linux, and Windows.
Some of our Linux boxes were hacked! This
was due to improper security during setup
which was not followed. One of the reasons
why Windows boxes get hacked was due to
the fact that the default install has
the Everyone Group given full control!
Linux and Unix in comparison have very
restrictive rights by default. If the
administrator is security aware, he would
change the default permissions for Windows.
Also, one should always perform OS updates
for any platform which some people don’t do!

I would prefer not to get into any debates on
which OS is better. To me they are resources
that are used to suit different needs that based
on user needs for certain applications or functions the company requires for business.

It’s a hard job

In reply to Depends on the Administrator not just the OS

After entering the computer field in the early ’70’s, I’ve seen many changes over the years. The on that upsets me the most is the lack of any real competition to Microsoft and the damage Microsoft has done to the world of software and inovation. Indeed, at first I was so glad that there was becoming one standard operating system, but in time I saw that the OS was not a reliable nor as expandable as others I’ve worked with. Indeed, it has become almost a threat to coporate productivity even in the hands of well trained and well experienced system / network / database administrators. Working with the new Win3KS in the past few months has been horrid. After spending much money on getting a dozen Win3K servers up and running, we finally trashed the OS on them after about six months and put RH9P on them all and things have been hevenly since.

When we got security tight, nothing could get done unless you re-created things (too much to go into here). When we proted things from our Win2KS and Win2KP machines, things did not work. The Win3KS SQL caused most all of our existing applications to fail when attempting to access the database. Those that did work worked well. Again, when we moved them off Windows and onto Linux, the security issues all melted away and the SQL problems vanished completely. We are now moving completely to RH and MySql in order to improve security, ease of maintenance and just the entire robustness of our system; can sleep well at night knowing that the system is stable and that the chance of a security problem is almost non-existance without hampering productivity.

Herman R. Willett
Sr. Systems Engineer
Dynamic Industries

It isn’t so much a common misconception as

In reply to Linux/Unix lacks many of holes of Windows

A simple fact of life. Yes Unix/Linux is far more secure as it isn’t possible to download a file and have it exectutue under these OS where as under Windows it is possible. Buffer overflows are almost unknown in Unix/Linux as well but what I was attempting to get at is that while these OS’s are more secure than Windows because they will not run things that Windows will there are still Viruses being written for Unix/Linux and while they do not exploit the same weeknesses as Windows they still exploit weeknesses in the code.

And if you would like to go back into theearly days of the internet before it was in the public domain there where hackers who hacked Unix for their own needs. Sorry but it is a fact of life that anything man made can be broken by man if he is interested enough.

Col

But…

In reply to Defiantly YES

“But then again you can have the “Windows” OS for all workstations and have a Unix/Linux or whatever gateway so none of the end users notice it at all.”

I am working in that situation now: a Novell gateway protecting Windows boxes. The problem is that to be successful in business you have to let data pass through the gateway to the desktops. Even with high level security tools scanning email attachments, a non-IE default browser, and a complete ban on instant messaging, our desktops still get infected with malware that uses various holes in the Windows OS for entry.

While your suggestion has some merit, it will only work if you block _all_ data from outside.

We still have the end user

In reply to But…

Linux is a fine OS, but recent changes in Red Hat make the OS more expensive to own than Windows. We have the issue of our clients, the thorn in an administrators side. They are used to the Windows interface and its like teaching an old dog new tricks. If I introduce an upgrade, such as Office 2003 into the mix, I get confusion and mayhem, much less a whole new OS and app. software. I tried introducing Red Hat Linux 9.0 using X interface and Open Office to a test client. It looks the same, some of the functions are the same, but its not close enough to be an ideal candidate for replacing my Windows enviroment. Now, on the other hand I have integated Linux into the network on a less of an impacting way. I have a linux firewall/router and a Samba file server. I have had no complaints and have not been hacked yet. Now, I will be the first to say that Linux is more stable, but everyone knows Windows, Its in every home. Linux is very close and I think with a little more work, we’ll have a total corp. level enviroment. For now I will stick with my hybrid Linux/Windows enviroment.

But then again

In reply to But…

Nothing is Fool Proof is it?

For sure – but …

In reply to Does a Microsoft “monoculture” endanger security?

I agree 100% with the assessment here. Problem is that most corporates look at more than just technical ability, training & license costs, they also have to consider the longevity of the company / distribution itself; (to quote my finance manager: “Whatever Microsoft’s faults they’ll still be here in 3 years time, can you say the same for ?”). Corporate conservatism will always be the biggest barrier to Linux desktops.

I think Jonathan is painting a Biased picture

In reply to Does a Microsoft “monoculture” endanger security?

The article seemed pretty much one sided against Microsoft. ANY Operating system is Vulnerable if enough people pour their resources into finding a way. The thing I dislike about Linux is that every tom , dick or Sue can grab the source code for the OS and hammer away at it, modify it, exploit it etc. Microsoft responds well to reported exploits. Micorosoft also maintains a list of devices and software packages that are “Microsoft approved”. Microsoft just seems like a product much higher on the food chain then Linux for those of us who rely on stability, support and longevity.

Face it, Microsoft has a monopoly for one reason. They are good at what they do and their products do what we need them to do.

Really

In reply to I think Jonathan is painting a Biased picture

Face it, Microsoft has a monopoly for one reason. They are good at what they do and their products do what we need them to do.

Sorry but I?ve just picked myself up off the floor after this last comment of you?re. Sorry but Microsoft doesn?t have its current Monopoly for any other reason than it is good at what it does {MARKETING} nothing else. They could sell snow to Eskimos and at the same time get a legal ruling that the stuff that fell from the sky was illegal as it breached their patent.

Their products are hardly all that great they just sought of work some how nothing else.

As far as every Boy and his Dog being able to access the Linux Source Code what makes you think that the same doesn?t apply to Windows? Do you honestly think that the EULA is really likely to stop someone who is really interested in looking and playing? After all where do you really think that all the Viruses/Trojans/Worms have come from recently and how they specifically attack various parts of Windows?

The reality of the present situation is that any ?Source Code? is available to look at if you really want to but why are you just drawing a line at the Linux Distro?s? As UNIX was here a long time before Microsoft and no doubt will still be here a long time after Microsoft. There are also numerous other OS?s available to use if you really wanted to get away from Microsoft. I?m thinking however you have only known Microsoft products so you are ?Scared? of the unknown!

Col

stupidity

In reply to Really

I see noting wrong with the comment two posts above, I can do everything I want to do with windows and more, It is easy to see why companies adopt this, “if it’s not broken then don’t fix it attitude.”

OK, so now you can access the windows source code, but thats only because it was leaked, and it was only a small percen tage of the source that was leaked…

As more people move towards linux we are seeing more hacks, exploits and tricks used to gain access to linux systems, It has been found that the leaked microsoft source code came from a core dump of a linux machine.
A few months ago debian effectivly rolled back a few years in security as a hacker uploaded source code to the main database, which put in a known exploit, – which was left unchecked and subsequently distributed.

I’ll agree with Johnathan, diversity can only be a good thing, if only because it will keep the script kiddies on thier toes.

But I warn you this, Linux is not the be all and end all of security, just because you have linux installed, doesn’t mean you can sit back and relax.

Firstly I really don’t consider Linux as a viable

In reply to stupidity

OS for most people and I have constantly said that if suddenly Windows was to vanish overnight there would be just as many holes found in unix/Linux/BSD or whatever OS was chosen as the alternative OS.

The Bottom line is that they are all man made and therefore have flaws inherent to them no matter how carefully they are worked upon. It doesn’t matter the name one iota as they all have their faults. But as you have said that you see nothing wrong with Windows because you can do everything that you require it therefore follows it must be perfect doesn’t it?

Maybe some people don’t do what you do and require different platforms to work on and different OS to work with I for one know that Windows is incapable of working on some of my more data intensive requirements in a timely manner but then again if you consider one complicated calculation that requires over 5 days to perform on a Dual Processor Xeon platform satisfactory under Windows well that’s all good and well. Incidental under Unix it only required 2 days to complete the same task with a similar computer.

Buy the way what Microsoft is getting so worked up about being leaked is really nothing at all and was not the OS’s fault but the operator so blaming Linux for this is not only silly but shows just how far you are prepared to go in defending Windows as the premium Platform to work off.

And just to show how far from the mark you are when was “Slammer” released? And then when was the Windows little bit of Source Code released?

If you honestly answer the above question it will become obvious to you that what was leaked is really nothing to be worried about as it was already available to anyone how actually wanted to look.

Col

Linux is *not* as vulnerable as Windows

In reply to Firstly I really don’t consider Linux as a viable

Your first statement is false. Popularity is not the only reason Windows is attacked, and obscurity is not the only reason Linux is not. The servers with the most valuable data to hackers tend to be Linux and Unix based for a reason – these OSes are more secure.

The biggest drawback to Linux is the technial savvy required to install it and modify the installed software. Package managers and update programs from distributions have simplified this process, but when something goes wrong, it can be a pain to fix and well beyond the average Windows user to address. Until Linux becomes easier to use, it will probably remain a server or special purpose OS.

Windows needs a rewrite. Right now it is an onion built on layers of old code that are rife with vulnerabilities. The number of buffer overflow attacks on Windows is staggering. There have been no kernel and service related buffer overflow issues in Linux in years. For Linux, even suspected but unproven security issues are addressed long before they are problems.

The default installation program for most Linux distributions result in a very secure machine. If you put a new Windows box on the internet fresh out of the box, it would be compromised within hours.

Almost there!

In reply to Linux is *not* as vulnerable as Windows

I think your statements are right on Chris. Right now I am using Xandros and so are my kids and we love it. Would never think of going back to windows.

Linux will continue to get more user friendly. On the server side as well. I’m with a startup that you basically put the cd in and as long as the hardware is on the supported list, it autoloads everything. We go further than that though. Our firewall then lets you create all of your rules in plain english sentences,with drop down menus for each option word. When you are done, the iptable codes that have automatically been written have been displayed. Click on done and its implemented.
You don’t have to be Linux geru to take advantage of Linux if it is packaged properly. All products should be produced to save time and money, not create headaches.

Yep that is a great

In reply to Almost there!

Beginners Linux to start off with but you will soon find it too restricting and then you will have to move to something like RedHat, Mandrake, SUSE or if you really want to go the hard way Debian which is the most Rock Solid Linux I’ve ever used. But it comes at a price and that is end user friendliness.

Col

While true it is still the companies

In reply to Linux is *not* as vulnerable as Windows

Who build at best silly network configurations which allow their systems to be compromised.

While I do agree that the Default installation of any Linux is far more secure than the default Windows installation there are still holes that need to be plugged. After all remember that the first hackers who started the whole thing off where working with Unix systems and they ran riot without any hindrance for the first 4 -5 years.

Granted that was a long time before Windows or the PC for that matter but it was still a Unix system that was breached. From memory it was the University of Melbourne where the first attacks where traced to.

Col

Linux

In reply to stupidity

I work with Linux myself, but I think that the point is the future. If Linux becomes the dominate system, the hackers would go after them too. The only reason why a hacker seems to go after Microsoft is that it is the dominate OS. They know that they can do the most harm, and there are enough people who use default security to make the hackers job easier. So I see that Linux will have its hacks as Windows does now.

Yeah!!

In reply to Really

I am no microsoft fan. But one thing is certain, Microsoft creates the most user friendly products of the entire line of the competing products, be it in the field of OS or Office products or IDE’s. I know many of you are going to come firing at me saying that this product is better or that one is… Well I am not going to disagree with you guys. If you like some other product, that is good. But you will have to agree that most people like what Microsoft offers and continue to use them, even though so many options are there. If we are talking about OS’s Windows NT was successfull in booting out Netware, but Linux has been trying to do the same for the last 10 years and the success has been … well … not that outstanding. If you look at Linux products now a days, most of them are trying to copy the features of Windows. I agree that Microsoft has been doing that for years, but my point is till date no one copies and improvises features as Microsoft and that is what is their greatest asset. Marketing effort is helpful ofcourse, but I personally believe that you can sell oyesters saying they contain real pearls for a short period, sooner or later people are going to open em and find that there are no pearls inside. If you are saying that Microsoft has been able to do it for 2 decades now, I would say hats off to them. They are great. One more thing as far as “Scared” of the unknown is concerned, I for one has been using Linux as a secondary OS on my PC for the last 6 years. Its really sad that even though I tried to make it my primary OS at least a dozen times, I had to revert back to Win family for one reason or the other. One of them being my 65 year old mom finds “Linux winux are too difficult”, when she uses my machine.

SM

Well if Linux is so much of a

In reply to Yeah!!

Secondary OS and isn’t really any competition to Microsoft why exactly did they buy a large share of the Corel Corp and at the AGM insist that they drop their Open Source products? After Microsoft got their way they then off loaded the Corel shares and now we have no Corel Linux or any of their applications {software} being developed for Linux.

Kind of makes you think doesn’t it?

But then again that is one item the Microsoft can not be sued for as it was a vote by share holders and not those anti competitive practices that they are currently in Court over. Whoops that’s for over pricing their products and not any form of anti competitive practices this time isn’t it?

Col

Funny

In reply to Well if Linux is so much of a

Yes it does make one think. Microsoft has always been proactive so when we see them licensing SCO and helping to fund SCO’s lawsuit (albeit indirectly) you have to know that Microsoft is scared s&^%$less of linux. Everyone sees it as a threat. And they should. They ARE copying the features of windows, and it’s smart of them to do so. Why not? Microsoft has been doing it for years. Finally some people are actually stepping up to take on Microsoft the american way; with cut-throat competition. Linux is getting easier to use and a lot of the open-source, freeware apps out there are just as good as microsoft’s offerings. Now microsoft is doing what apple did way back; they are pricing themselves out of the market. Money rules everything and that is why, in the next 5-10 years, linux and open-source will be the clear victors. Support will be where the money is and microsoft will either have to offer their own flavor of linux and support for it or go the way of the dinosaur. You watch, it is going to happen.

RE: think Jonathan is painting a Biased picture

In reply to I think Jonathan is painting a Biased picture

Just because “…every tom, dick, or sue” can grab the source code, doesn’t mean the every “…every tom, dick, or sue” can understand it. Every change that “…every tom, dick, or sue” tries doesn’t get added to the source.

What I have noticed is most windows user’s complain about Windows not running correctly, when the get hit with one of the many ways hackers, viruses, or trogens get into thier systems threw one of the many holes in the OS, but linux scares them because the source code of most software is open.

There is a choice here, you can live with the secuirty holes in Windows, or you can looking into other Operating Systems.

But

In reply to I think Jonathan is painting a Biased picture

I think that the reason that a lot of people are involved on a Linux project is because Mircosoft Windows lack of security on an online enviroment.

The problem with Microsoft is that has been always thought for a non online enviroment (eg a network which is not permanently conencted to the Internet, or a stand alone computer). In such enviroment Microsoft products works just fine, but it still has a lot of flaws like the blue screens.

However on an online enviroment there are many known issues with Microsoft’s OS which makes enterprise data vulnerable. For this reason I think that a mixed enviroment Linux/Unix servers with Windows Workstations (where no data should be) is the best enviroment possible today.

It’s what makes Linux sucure

In reply to I think Jonathan is painting a Biased picture

It’s every Tom, Dick and Harry that makes open source secure. For every bad guy looking at the code there are thousands of good guys making sure vulnerabilities are found and corrected. Open source does not rely on security by obscurity.

U. S. Dept. of Justice supports a monopoly?

In reply to I think Jonathan is painting a Biased picture

I am assuming that your moniker of USDOJ = US Dept. of
(non) Justice.
“Face it, Microsoft has a monopoly for one reason.” I
thought we got rid of that.

I have Apple OS-X. I run Microsoft VPC (was Connectix two
years ago) and any guest OSes I want to toy with. I rarely
need WinX. So, you are wrong about the monopoly or not
doing your job.

One of the famous early Unix pioneer programmers
divulged that he’d buried in code a personal login to all
Unix systems with his code. Now a commercial
programmer he made the point that while an open
hackable code might be alarming, the situation is much
worse in companies that can hide what they are doing. And
we all know how trustworthy Microsoft is right? Enron
anyone?

I do not think you grasped the many posts. Most IT pros
will tell you that they are not good at what they do. Clearly
Microsoft and end users, and malware code writers all need
to share the blame. Clearly there are massive problems.
MS was warned about leaving XP open to DOS attacks
before they shipped it by crack Windows programmers.
Now we all get hundreds of emails from hi-jacked WinX
boxes. E-mail for many has become a useless burden,
abandoned by millions.

I run WinX and Linux as secure and recoverable guest OS
volumes using MS VPC on OS-X. I have yet to find a Virus
that hit my systems. I have operators Use OS-X Mail and
Safari to browse. They only run one app on Win2000 where
I don’t even bother with updates or anti-virus because I can
recover the full system in minutes and they don’t use the
major malware conduits, IE and Outlook.

Yes it does, but…..

In reply to Does a Microsoft “monoculture” endanger security?

The monoculture does endanger security, but part of the problem is in the users, as well as the product itself. Hackers and terrorists will attack MS products because it is so pervasive, but even if they got their act together and made a quantum leap in software security, there would still be attacks because it is almost everywhere. Users need to learn hot maintain the software and learn about best security practices because users are a part of the problem when patches are not applied, bad passwords are used, etc.
Corporations need to understand how important security is and the security groups need to evaluate their company’s or agency’s enterprise architecture and security practices. If the IT group can’t have the funds to purchase the proper tools and staff to run them, it doesn’t matter if it is an MS product, Linux or Solaris.
Also, having alternatives does help, but there still needs to be enough staff and funds to maintain everything.

Mix it up

In reply to Yes it does, but…..

Using only Microsoft products is the security equivalent to having only one password for all of your apps or only one key for every lock you own. Open source offers a break in the exploit chain. If you only have Microsoft products it’s one stop shopping for known exploits. Rightly or wrongly Gates is a target, after years of targetting other software companies (Netscape….) with their embedded software the hen has come home to roosto on Microsoft. As an IT security specialist I advise all of my clients to diversify their apps for protection purposes. The more difficult it is to gain a foothold on a system the more likely you are to be ignore or bypassed by hackers.

You said it.

In reply to Mix it up

I just tried to install Norton SystemWorks to diagnose and correct some performance problems on my laptop. Not only did the installation fail, but first it irretrievably uninstalled the copy of Norton Anti-Virus that I already had. It messed my hard drive up so bad that I had to have the tech guru at my office take a crack at it on his lunch break, and I still had to beg Symantec for help.

The consensus is that I’ll have to wipe the hard drive and reinstall EVERYTHING!

But after manually deleting program fragments and cleaning up registries, my computer works almost as well as it did a week ago, with the exception of having no virus protection.

Thank the goddess that my firewall is a McAfee product, not Norton. So the SystemWorks installation process did not destroy it. As long as I don’t open ANY e-mail attachment, I’ll probably be safe for a couple of weeks.

That’s when my wife gets her new Mac and I inherit her Mac laptop.

Happy happy joy joy!

Inertia

In reply to Does a Microsoft “monoculture” endanger security?

People like to keep doing what they are already doing.
Microsoft has defined the art of desktop inertia.
It is easier to keep using what you are already using. Energy, and work is required to deviate from a standardized enterprise software platform.
As we all know, untill there is an actual unsolveable problem with windows, nothing will stop the inertia. It will be slowed, deflected, but I doubt people’s habits will change.

HT

Look to the younger generation for our salvation.

In reply to Inertia

Each year a greater number of kids comes out of school having been reared on Macs. They have no inertia favoring the use of PCs.

Apple already has formed a department dedicated to corporate marketing and a few corporations are listening. They can’t help noticing the almost zenlike sense of peace that prevails in the Macintosh ghettoes of their advertising departments while the rest of their employees sit waiting for technical assistance.

VirtualPC is already on the market. Sure it’s slow but we all know that is an extremely temporary condition when talking about computers.

A “life spiral” is beginning. The more Macs people buy, the more software will be created for them. My own is on the way. I’m looking for a soul-satisfying way to destroy my Windows machine after the fourteen years of agony Windows has caused me. Any suggestions?

While change is good

In reply to Look to the younger generation for our salvation.

A lot of places are leaving the Apple products and changing to the PC’s for the very reasons that you’ve already mentioned. Currently the Qld Police force is dumping all their Apple products and replacing them with Windows based PC’s {What a nasty thought} so for every one large customer that Apple gets they are losing at least 2 of their existing customers.

However it is a good idea to mix things up at least that way you are far less likely to suffer any problems.

As far as installing Norton’s goes if you where installing System Works and failed to un-check the AV box that could account for you’re problems as that is the way that Norton’s is supposed to be installed you only get the updated AV product and have to remove everything then install the AV then System Works. A real pain in the rear end and very time consuming as well. Otherwise it should have proceeded OK.

Just a tip here if you download the “Trial” version of Iolo’s System Mechanic I think you’ll find it will cure you’re current problems and you’ll be able to reinstall the AV then Norton’s but just don’t chose the “Remove Copies Option” as you’ll quite likely ruin the entire system.

Col

Hey, thanks for the tip!

In reply to While change is good

I’ll try the Iolo product.

Cut the red wire… no, the blue one!

In reply to While change is good

“…if you where installing System Works and failed to un-check the AV box that could account for you’re problems…”

Col Luck, you are like a bomb-squad expert, with encyclopedic knowledge of the deadly devices. It is a credit to you, but hardly to the bomb designer. And in this case the “bomb” is Microsoft and Norton.

I’ve been in computer support for 9 years, and I have lost count of how many times I’ve heard someone say, “I installed Norton and now it doesn’t work.” Of course, the user can’t tell you what version of Windows they’re using, or what Norton product, or what version it is and so on. Or even what the meaning of “it” is.

There, I feel better. The main problem in security isn’t the OS but the user! The weak link between the keyboard and the chair. Windows is pretty easy to mess up – for whatever reason – and letting the user have anything more than restricted rights is like putting power tools in the hands of kindergartners. Yet often apps don’t work properly with restricted rights.

And what was MS thinking making an email client that runs code … Oy, don’t get me started!

User-related security problems

In reply to Cut the red wire… no, the blue one!

I agree with your comment about users. Many of the users at my workplace simply refuse to become better educated about the OS they use, no matter which one it is, and we run have run a dual platform for years (Mac and Windows). I can issue a person a brand new Windows computer, but if I don’t restrict their rights, I can go back two weeks later and find a dozen icons in the system tray, indicating every kind of spyware gizmo you can imagine, from weather bugs to wallpaper changers. And they wonder why the machine seems to be responding slower.

Frankly, I think that people have a responsibility to learn to use the tools required on their jobs. If required to use a computer everyday, then the person should learn to do so effectively. Imagine a carpenter who doesn’t know how to use a hammer or saw! The employer has a responsibility to provide some training, but the user also has a responsibility to educate himself.

I couldn’t agree more

In reply to User-related security problems

So true 🙂 I also work tech support and I see the exact same problem every day. At least with windows XP we can lock down the workstation, and it seems to have helped tremendously so far. The users have complained that they can’t install aol instant messenger and the like which makes me very happy 🙂 My boss tends to be too nice and has let that crap be installed in the past, but after showing him and the other department heads how much time it saves us on support calls, they had to agree. So yes, it is usually the user that needs to educate himself but we now have tools to keep that from being an issue too.

But it gets even better

In reply to Cut the red wire… no, the blue one!

With Windows 2003 Enterprise Server Microsoft has put in place a one button external connection to the business network. This is something that the CEO’s and their ilk have wanted for years and exactly what scares the hell out of the IT staff. Now you not only have to secure the network but every one of the users who have external access.

Interesting thought isn’t it?

Col

First you follow the “White Rabit”

In reply to Cut the red wire… no, the blue one!

And then you are given the choice of the Red or Blue Pill and if you take the red one you’ll endup in a place where a Linux screensaver is susposed to impart information.

So take the Red Pill and get with a real OS instead of the constant Beta Versaions that business wants!

Col

I completely disagree

In reply to Look to the younger generation for our salvation.

Macs will never be the leader in hardware or OS. Yes, the Mac OS is nice if you’re used to using a mac, and if you’re dumb enough to keep paying the enormous price for a new mac every few years then I guess you’d HAVE to keep touting it as the best computer out there. But the fact is, Microsoft IS good at marketing, and the majority of people bought into it. They bought it because they were lead to believe that it was the “only” thing out there for business, and because it ran on cheap hardware, there was no contest. And instead of competing, other OS companies just cried and complained. Linux CAN STILL be a complete alternative to windows if the developers continue to incorporate some of the things that have made windows so popular. And since it is free, once it is as user friendly as windows, Microsoft is really going to have a run for their money. As for MACs, because of the price, they will always be a niche market geared towards those that don’t want to mess with fixing their computers all the time and have a LOT of extra money to spend for that luxury.

PC mythology and propaganda

In reply to I completely disagree

“If you’re dumb enough to keep paying the enormous price for a new Mac every few years”

This is simply not true any more, although the persistence of the myth is a credit to Grungeware’s advertising department — probably the only part of the organization that’s really good at their jobs.

Macs are not all that expensive unless you have to buy the cute little iMac in order to be hip. You can get a G4 PowerBook laptop for well under $1,000, or a G4 desktop machine for well under $2,000. Both are performance-competitive with current-generation quality-brand PC hardware unless you’re a videogame junkie (in which case you probably have a PowerStation), or a top-end graphics professional (in which case you wouldn’t be caught dead with a PC at any price).

The modest actual price differential is a classic case of “you get what you pay for.” Contrary to your implication, as the personal computer consumer base continues to expand well beyond the circle of aficionados, they are increasingly LESS fascinated by the prospect of having to become software mechanics in order to get e-mail, read the news, balance their checkbook, and manage their music libraries.

It’s true that Macs aren’t upgradeable and if you want to be compatible with current applications you have to have current hardware. But the multi-faceted advantages of that far outweigh the disadvantage, which has only one dimension: dollars. Each generation of Mac hardware is designed from scratch, and each generation of Mac OS is built from the ground up to integrate with it.

The significance of this is twofold. Macs are not wheezing along on an architecture that has (barely and clumsily) evolved from a text-only, keyboard-only, monochrome, silent, unanimated, single-tasking, non-networked ancestor. And OS/X is not rife with as-yet unidentified security wormholes inherited from three versions ago, nor with the new defects that are inevitably introduced by the exasperated, cloogey upgrading of legacy code instead of building new software with state-of-the-art software development methodologies.

More than half of the Earth’s population is not wired yet. They have no financial or emotional investment in existing IT to guide their purchasing decisions. I would imagine that the current dismal state of the PC/Windows-based “information infrastructure” is enough to make Macs very attractive to them.

MAC mythology and propaganda

In reply to PC mythology and propaganda

It always seems to come down to a mac versus pc debate. The fact is, you have your numbers wrong. Yes you can buy a G4 for a little less than $2000 but the average PC with similar features is around $600. And if you want to go high end, you spend $3000 on a mac and $1200 for a very high end PC. This is a fact and you know it. So no it is not a “modest” difference in price. And when you consider that macs are not upgradeable, the price difference is prohibitive. Yes, macs are better at high end graphics and audio, but not so much better as to justify the price. Now, that IS just my opinion, but if you look at market share accurately, you will see that apple remains a niche market. Enough said.

Cost facts are way off…

In reply to MAC mythology and propaganda

An Emac with SuperDrive and the better than XP Media
system iLife suite of media apps costs $999, hundreds less
than a PC “equivalent”.

I have yet to have a virus hit my system. Just for kicks I run
MS VPC and toy with WinX and Linux. I can clone, test, and
recover OS-X and VPC volumes. You cannot do so on
native Wintel boxes. So, your WinX system is at much
higher risk, you have many patching chores to do, and if
you fail to protect yourself you have hours or days to
restore your system software and settings. I can recover
fully in minutes. There is a real cost in all of that
nonesense. TCO anyone?

A couple more things…

In reply to PC mythology and propaganda

“… as the personal computer consumer base continues to expand well beyond the circle of aficionados, they are increasingly LESS fascinated by the prospect of having to become software mechanics in order to get e-mail, read the news, balance their checkbook, and manage their music libraries.”

That is just another myth propagated by MAC users. Yes, earlier versions of windows were buggy and not nearly as easy to use for beginners. But that just flat out isn’t true anymore. A stock windows xp machine from say, dell can do everything that you just said right out of the box without tweaking a single setting and with no errors or problems. The fact is, XP is finally the OS that everyone that didn’t own a mac wanted. Now, all mac users can claim is that their computers do graphics and audio better. But as I have never used a mac for either graphics or audio because all of the software I’m used to using is PC based, I can’t even comment accurately on that. And frankly spending 50-70% more to test that theory just seems plain dumb. I have a machine that performs almost flawlessly for everything I can think of doing on a computer and it cost me far less than a mac. And when I want to upgrade, I can and my machine will be as good or better than the newest mac and have cost me even less. Why would I spend more? Honestly, give me a GOOD reason and I might consider it 😉

PCs are for techies, and only the ones who don’t worry about security

In reply to A couple more things…

“Yes, earlier versions of windows were buggy and not nearly as easy to use for beginners. But that just flat out isn’t true anymore.”

Huh? If the current versions aren’t “buggy”, then why do we have to install patches so often? I guess you don’t consider security wormholes that threaten to destroy civilization (a little hyperbole there, but only a little) to be “bugs”? Especially the ones that are left over from Windows 98 because in six years Grungeware’s QA staff (if there is one) hasn’t learned how to implement basic code inspections?

“A stock windows XP machine from say, Dell can do everything that you just said right out of the box without tweaking a single setting and with no errors or problems.”

Again, you seem to not define worm infestations, spoofing of e-mail addresses, denial of service, and identity theft as “errors or problems.” Why not? Security has arguably emerged as the dominant concern on this thread.

“The fact is, XP is finally the OS that everyone that didn’t own a mac wanted.”

My office workstation runs Windows 2000 because even large companies with a 24/7 help desk are skeptical about XP.

“Now, all Mac users can claim is that their computers do graphics and audio better.”

No. Those are just the applications that work better even for a professional user. For a less computer-literate household environment all applications are more user-friendly and require less IT expertise.

“And frankly spending 50-70% more to test that theory just seems plain dumb. I have a machine that performs almost flawlessly for everything I can think of doing on a computer and it cost me far less than a Mac.”

I may be wrong about security being the dominant issue on this thread, but cost certainly is NOT. In any event, security is ONE OF the major causes for alarm both on the thread and throughout the consumer market and you consistenly avoid speaking to it. I recently stripped all the account numbers from the family Quicken files on my Windows laptop and my wife keeps all her sensitive business data on a removeable hard drive.

“And when I want to upgrade, I can and my machine will be as good or better than the newest Mac.”

As I said before, Grungeware’s definition of an “upgrade” is a cloogey Frankenstein, created by patching new features into old patched code that already didn’t work right. Until these Windows 98 wormhole trapdoors stop showing up in XP, your assertion is patently false.

“Why would I spend more? Honestly, give me a GOOD reason and I might consider it ;)”

How about peace of mind? Every Mac OS is new software created using the latest project management techniques, from requirements to coding to testing. You don’t have to run code that was created before principles that are standard in every other engineering discipline, like inspections and risk analysis, became part of the software SDLC. And you don’t have to try to forget that, unlike elevators and virtually every other engineering artifact, software DEGRADES with maintenance.

How about productivity? My wife used to spend half her business day cursing at her Windows computer, running system utilities to restore its performance, and checking the trade press for the latest worm and virus identification tricks. Since she threw it out and got a Mac, the only sound I hear from her home office is humming.

Well if that is the case why

In reply to PC mythology and propaganda

Does the Mac have such a small percentage of the overall PC market?

Col

the almost zenlike sense of peace

In reply to Look to the younger generation for our salvation.

It’s not the Macs, those advertising guys are STONED!

At what cost?

In reply to Does a Microsoft “monoculture” endanger security?

What would not be a monoculture? Would it be two OSs, three or maybe 10. Would it be better if every web browser maker had only 20% of the market? How many of you remember the day when you had to develop two versions of a web site? Today, you can hit the majority of users with one version because there is a monoculture in web browsers. Two many OSs and programing languages in an organization dramatically increases the cost of maintaining trained staff in an age when technology is rapid expanding. It would be cheaper for organizations to create good security policies rather than pepper their businesses with an array of different technologies. Whether you like Microsoft or not, IT technology with very similar attributes is a good thing. We call it standards. Standards are easier to enforce within a company instead of cross-company. Most people who are complaining about the ?monoculture? are probably just upset because it is not there culture. If you asked them if it would be ok if Linux had 90% of the market share, they would give you a big ?yes? with a big grin. The Microsoft bashing has got to stop and we have got to get to work (anybody heard of India?)

There are standards

In reply to At what cost?

Web pages should NEVER be written with a particular browser in mind. They should be written to the standards. That way, there is only the need to write one web page and all should be able to read it. If pages are written to the standards and don’t work on a particular browser, then the problem is with the browser not the page.

An important mistake not to make is to believe that something is a standard simply because the most common browser has it.

If we all stick to the standards then the industry as a whole will be better off. More importantly, if the standards won’t ‘cut it’ then it is up to the industry as a whole to ensure that they do.

Ian

Yes, but define “Standard”

In reply to There are standards

One of the definitions of “standard” from yourdictionary.com:
“Something, such as a practice or a product, that is widely recognized or employed, especially because of its excellence.”

I won’t comment on the excellence of the Microsoft product, but you can’t argue it isn’t pervasive.

Just because it isn’t IEEE (or ISO, or whatever) approved doesn’t mean it isn’t a standard.

The fact is that it is much easier to develop a web application that is targeted at a particular browser, because of the support given by the browser manufacturer. Often advanced featuresets are browser dependent, and it’s often far more economical to develop using those featuresets and sacrifice the users not using a compatible system.

Good Standards result from agreement not brute force

In reply to Yes, but define “Standard”

I define a standard as being those that are set by standards organisations such as ANSI, ISO, IEEE, ETSI or in the case of web standards W3.org. True standards are the result of all parties coming to an agreement. They may not be the best solution but they are generally a workable solution.

A prime example of the advantages of standards is in the cellular (mobile) phone market. The Europeans, under ETSI, agreed on a single standard (GSM). Once all the vendors were using compatible equipment, they were able to turn their attention to the handsets and the base equipment. This meant that once a handset was developed, there was a much larger potential market for that handset. There was also much more competition between the vendors to produce better handsets and equipment. That is why the GSM handsets are much more advanced then those for CDMA or TDMA. In effect, a reasonable standard is much better than a bunch of competing proprietary solutions because they allow the market to become truly competitive.

Extensions developed by individual large organizations are NOT standards. More often than not, they are mechanisms designed to force the lock-in of clients and developers.

The same thing goes for web development as for programming. “If the code that you produce can only be used on one platform, then the code no longer belongs to you, it belongs to the platform vendor.” If the platform vendor for any reason decides to change their extension, then you are forced to play catch-up. More importantly, you have no choice which vendor to use as it would cost too much to port the code to a new platform.

In Microsoft’s current battle with Linux, Microsoft is trying for all it can to ensure customers have no choice but to continue to use Windows, thereby ensuring that it does not need to compete in a free and open market place. Such behaviour is neither good for the customers, for the industry as a whole nor even Microsoft itself, in the long term.

Anyone who buys into this entrapment process by using proprietary extensions is simply a part of the problem and is stopping the true innovation that only a competitive market can bring.

Ian

Almost 70% of web servers areLinux

In reply to At what cost?

Look at the web server market:

http://news.netcraft.com/archives/web_server_survey.html

M$ might own the desktop, but they are losing share on infrastructure more every day.

Microsoft does not follow standards. Their policy is embrace and extend. In translation, they take a standard and break it into something proprietary. This was at the heart of the lawsuit from Sun that Microsoft lost. Microsoft is already attempting to patent their release of XML used in Office, among other derivatives of open standards.

Microsoft breaks standards, locks in users, and excludes competition unfairly. This is at the heart of a monopoly. This is what they have done Netscape and almost every other vendor who has competed directly with them. Linux is the only source of competition where they continue to remain unsuccessful.

Linux is not one distributors. There are at least 5 large distributions. Software written for one release of Linux almost always works in any other release of the same kernel version. There is and always will be one Windows vendor.

Linux cannot replace Windows for many practical reasons (yet?), but standards is not the issue.

Right, because we need different tools for Japanese and German steel.

In reply to At what cost?

Wait, we don’t!!!

Well, how about that! If everybody agrees on standards (like you suggest), then we actually can build tools that work on every product.

If you want a more IT-related example, then let’s go back to your web site example. People were forced to write two versions of their website because of the browser vendors refusing to use the standards. Because of illegal leveraging of their monopoly in operating systems (as found in a court of law), *one* of these vendors was able to establish a monoculture in the browser market ***WHILE STILL REFUSING TO ADHERE TO THE STANDARDS***.

Today, people who want to adhere to the standards *still* have to write two versions of their websites… one that adheres to the standards, and one that works around the bugs of IE.

And one of the strengths of Linux is that there can NEVER be a Linux monoculture. Anybody can roll their own distribution (that adheres to the Linux Standard Base standards) and include whatever version of the kernel, X server, web server, email client, office suite, etc., etc., ad nauseum. The barrier to entry in the Linux Distribution market is so low that there are litterally *hundreds* of them.

Mind you, some people argue that this is also a *weakness* of Linux, and I’ll concede that point if you’d like. You must admit, however, it prevents establishment of a “Linux Monoculture”.

One final note, there are several Linux distributions that come from India. The question isn’t “will the MicroSoft monoculture be broken”, it’s “*when* will it be broken”. This entire thread is moot.

If Microsoft is successful there will be

In reply to Right, because we need different tools for Japanese and German steel.

No Linux in most of the Western WOrld at least. Currently SCO’s legal action is being blown out of all proportion as it originally started out as a Law Suit against IBM for “Breach of Contract” but somehow this has been turned into a Copyright issue. This happened when SCO attempted to “Blackmail” large companies who use Linux into paying them a fee to protect themselves against potential Law Suits for Damages suffered by SCO {Allegedly.}

While I still don’t fully understand exactly how a Breach of Contract issue somehow became a Copyright issue that is what is currently happening and SCO has enough money to stretch things out to suit themselves. Didn’t I read somewhere a few weeks ago that some Judge ordered SCO to make the alleged violations in the Source Code of Unix available to anyone who wanted it? I still haven’t seen details on how to get a copy of this code but no doubt SCO is appealing that decision and has got a stay of execution until the appeal is heard. After all they do not want to release the alleged offending code only to see it changed so there is no longer an issue, or worse still have someone find out that it was in fact copied into Unix from Linux and that SCO is breaking the Licence agreement that they where willing to support while the previous CEO was there.

But no matter what happens in the current Court Action China will not outlaw Linux and will prosper by the very fact that they have the advantages of having willing people who are capable of writing code for the basic Kernel or apps in a very short time to do a special job or whatever. This is something that any company no matter how big they may be can never hope to emulate. Even Microsoft with all its programing staff is outnumbered by at least a factor of 10 to the 10th power of people willing to spend their time fixing/writing code so that the current Linux Kernels/Applications work correctly and develop new applications as the need arises. No company can hope to compete against this type of thing as they have to pay their staff where as the bulk of the Linux developers do it for the fun of it or just because it is there and they want to show just how good they actually are.

I for one don’t doubt for a single minute that the alleged offending lines of code in Linux would be replaced in a very short time by these developers and then Linux would leave Unix in its wake and lead to the death of SCO.

Col

Reputation at risk

In reply to Does a Microsoft “monoculture” endanger security?

Not only is security at risk thanks to Microsoft lax security policies and unaddressed security flaws, the reputation of IT staff on the whole are at risk. Users incorrectly direct their anger about their flaky and unreliable desktops on their IT staff when in fact IT staff can do very little to fix the buggy software from the closed source giant Microsoft.

Does a Microsoft “monoculture” endanger security?

In reply to Does a Microsoft “monoculture” endanger security?

First of all there isn’t an operating system that exist that doesn’t endanger internet security. As more and more internet users begin to migrate to Linux or other operating systems and fail to upgrade as security warning are posted the more the security threats will happen with that peticular operating system. I do agree that Microsoft has had their share of exposures but all brands of operating systems have exposures at the same rate if not more.

Prove it

In reply to Does a Microsoft “monoculture” endanger security?

So far I have seen a lot of posts saying “Linux is more secure”, “Windows is more popular and thus more exposed” etc.

Well, prove it. I’m truly tired of evangelists pointing at the other camp decrying security – someone do an analysis of the number of security flaws discovered vs. effort spent looking vs. relative impact.

It’s fine to say that MS is terrible because of the huge user impact, but they have a huge user base. So, where can I find some *facts* about this, rather than religious opinion?

Opensource is more secure

In reply to Prove it

The big reason that open source is more secure than a non open sources is because when a bug is found on open source there will be thousands of people trying to solve it, possibly it will be solved in few days, but on a non open source plataform it will be fix (if it become fixed) in a much longer term

If you visit Microsoft’s Web Site

In reply to Prove it

Somewhere there there is a break down of what patches became available over a specific period of time. At least there was during one of the Partner Briefings a few meetings ago.

MS claimed that they had released 250 patches but that there had been well over 2,000 patches for Linux in the same period.

While a good selling point someone did point out that MS had taken every patch from all the vendors and just added them together so there where quite likely several dozen patches for the same potential flaw but from different vendors.

You would have to look for an impartial study which to my knowledge doesn’t as yet exist. Anything from Microsoft is only going to show whats Microsoft wants shown and the same can be said about any studies from the Linux side just like studies commissioned by the tobacco industry which always came to the conclusion that smoking was not bad for your health.

Until we see some totally independent studies on security and Total Cost of Ownership the issue will remain unresolved and heavily debated.

What most people here are saying is that from their personal experience they have observed whatever they are posting.

Col

Window flows.

In reply to If you visit Microsoft’s Web Site

Some documents leaked out from MS and they showed that the windows system has about 64.000 flaws. This is known for quite some time. There are not tooo many zero’s in this figure. Regards

Potentially Linux is solic

In reply to Does a Microsoft “monoculture” endanger security?

The total number of incidents may be similar, but the extent of the risk and potential damage is less with Linux.

One can go the distance with Linux and use SELinux if they choose to spend about 2-6 months learning it, but the level of security is way beyond the Microsoft side.

For those that can’t stomach the steep learning curve, we have a commercial software that does the same thing. It loads in under 10 minutes and a sysadmin needs a few days to feel comforable with it. With this innovation, Linux is protected from both internal and external attacks. The trusted operating system is the way to go in the future.

This is the route to go if you are a Microsoft shop and you wish to use Linux for a gateway.

stop blaming MS

In reply to Potentially Linux is solic

Wait there a minute…Just for everyone blaming microsoft, for every smart man that builds a security system theres a smarter guy out there that can break it..This is one organization fighting against a world of hackers, so u do the maths…..

However Microsoft

In reply to stop blaming MS

Has a limited number of people available to address issues while the Linux community has a much larger number from all over the world who are only too willing to give of their time to address these issues.

You do the maths and there is only one conclusion possible Microsoft lacks the resources to compete with Linux as their overheads are too limited and too high.

Col

Multi-tier Security is the Only Solution

In reply to Does a Microsoft “monoculture” endanger security?

Yes, Microsoft is the target for the majority of attacks. However, it has become plainly clear that all OS has vulnerabilities. Does a monoculture contribute to security risk? No. Even with a well-diversified OS placement there are enough malicious persons willing to make a living or establish a point that security holes will continue to be discovered and exploited.

The only true solution to security risk is to have a well document security policy that utilizes a multi-tier solution to detect, protect, and notify personnel so these threats can be dealt with.

How exactly do you address

In reply to Multi-tier Security is the Only Solution

Security issues with the Source Code in your preferred OS if you can not access the code in question?

Any other approach to any form of security is flawed by this very action.

This is the limiting factor with Microsoft which doesn’t exist in the Open Source side of the IT industry and it is the major draw back with every Microsoft product.

Col

Just because

In reply to Does a Microsoft “monoculture” endanger security?

You may be right, but untill a product that is as user friendly out of the box happens I don’t see people changeing over.

I know many people who are using other OS’s and they are sincerly unimpressed, at home they are choseing Microsoft just for that reason, and telling their friends of their expirence.
People will continue to chose Microsoft because it makes using the PC easy, and prepaired tools that make it easy for them to be productive with their time.

From what is have seen most people (house wifes)can put together a pc and install the applications and programs with out a hitch. and keep track of their familys business to a T.

Andy

NO

In reply to Just because

Lets call everything by its name, hackers choose Windows to attack because MS is now the dominant player on the field.
The moment that LINUX or/and UNIX or even Mac would possess 85% of the market they would be the new target, and UNIX, LINUX, Mac followers, step down from your pedestal, these OS are as vulnerable as Windows.
The only difference would be that the defenders of today would be the attacker tommorow and opposite.
A world wide agreement and implementation of a 20 year prison sentence for hacking would improve something to the amount of attacks, radical? Yes but what is the combined penalty for breaking and entering, rape and manslaughter?

Monoculture bad, period.

In reply to Does a Microsoft “monoculture” endanger security?

Ignoring the MS/Linux/BSD/Novell/Unix/OSX/etc. arguement, what this boils down to is common sense. If someone (it only takes one) suddenly found out that all (fill in the auto manufacturer of your choice) cars could be unlocked and driven off with one master key, that would be a problem.

The first thing people would say is, “Well, if you want to avoid this, just buy a brand Y car, that will fix the problem. They don’t have this issue.”

Then someone else finds a similar master key for brand Y…

There are centuries of history that show monoculture to be a problem worth considering. Just think of Dutch Elm disease in our major cities a few decades back, or just consider the old saying, “Don’t put all your eggs in one basket.”

Regardless of the OS/Application chosen, there is greater risk when you have a monoculture.

TG

YES: Money is the issue

In reply to Does a Microsoft “monoculture” endanger security?

It is probably impossible by construction to build an OS which is bug-free. However, the amount of bugs in any MS OS is simply unacceptable, since it is not free of charge and, further, the cost to quality ratio is rather poor (the SW itself; plus the continuous updating of the HW needed for new versions to simply run, leave aside efficiency!; plus the corporate costs derived from its flaws, those augmenting exponentially with time). Why would then anybody want to buy such a product? First, because it has been almost a monopoly for a long time and we are, therefore, “prisoners” of MS ; second, because other actual alternatives are either unknown to many people, or just to expensive to migrate to. However, we loose money and MS does nothing about it. Why should they? They are no charitable foundation: They want to make as much money as possible (fair) by any (legal? probably, ethical? not so much) means. Why should they then bother if in any case zillions of people keep on buying their products? Moreover, they even get part of their job done (for free) by letting their customers debug the SW they paid for in the first place. If security is an issue in MS products (and it certainly is!) it will remain to be so as long as they are not forced to take action. The unique way to press in this direction is for MS not to make as much money as they have been making, i.e. for us not to just keep on buying their products regardless.
I’m afraid we have what we have come to deserve.

Ahmen

In reply to YES: Money is the issue

I said something similar up above.

We, as IT, should make the first move to wean our management from the MSFT Teat. We all know that we could provide better protection with better OS’s that run faster, don’t require reboots every time you walk past them, don’t require never ending patching, don’t “upgrade” ever 6 months and require you to pay for their new “features” etc…

The average corporate user doesn’t use any of the “functionality” that MSFT OS’s have anyhow. They browse the web, use email and MS word. A few use PPT and Access/Excel but not many by compairson. So why do we need all that other junk? We dont.

Lets just drop Linux on the desktop, tell the users to deal with it (In a politically correct way of course) and move on. They will get used to it after a few weeks/months and that will be all she wrote.

Or linux servers w/ samba. I have tested it and it works just fine.

The main resistance I get is outlook. Everyone likes outlook and doesn’t want to use anything else. There is an “outlook like” linux application (can’t remember what it is called right now, think it comes from WINE or something) but you have to pay a chunk for it and there is no “demo” that I have found so I don’t anticipate getting any money from the bean counters for an unproved product.

Anyhow, lets start moving towards something other than MSFT and watch the changes ensue.

Is Microsoft making IT unsafe?

In reply to Does a Microsoft “monoculture” endanger security?

umm.. there is no debate. Out of the box windows x anything has way too many security holes in it. It’s like smoking cigarettes – why pay some company to kill you? … so why pay some company to wipe out your company? Linux and Lindows .. more bang for the buck.

It is a big problem for everyone

In reply to Does a Microsoft “monoculture” endanger security?

Microsoft is only part of the problem. True, they need to improve the security of their products, but the customers who buy their products need to know how to use them properly, including the security features. If an IT manager is buying MS products becuase others are, he should reevaluate the requirements of his data center. Picking a product just because someone else uses it is not a good enough reason. If that IT manager wants to buy Linux or a version of UNIX but his boss says to stay with MS, then he should do everything he can to make sure his people are knowledgable about MS products and are taking advantage of training to learn about them. If you have MS Windows 2003 Server just installed but don’t configure it properly and you get hacked, you can’t blame it on Microsoft because that was not something they did wrong. I have seen stories of companies who were hacked or their sites were hit with a DOS attack, or they had data stolen and the main reason was they were not up to the latest patch levels. And the patches were ones that were months old or a year old, so there wasn’t any reason not to have installed them.
Companies also need proper policies for IT management, training and awareness, in addition to hiring knowledgable staff and maintaining their level of experience with ongoing training.
You can’t buy a brand new car and not add gas, oil or other fluids and expect it to run without problems, or leave the keys in it with the door open and the engine on and think no one will steal it. Everyone has to take a certain measure of precautions because we have a responsibility too.

Patches are not for everyone

In reply to It is a big problem for everyone

Yes, if you do not apply a security patch your odds to be hacked is bigger, but patches can not be installed on every system. What will happen if you are a small company with only one server and when you applied the latest security patch your main application stoped working? You wil certainly uninstall the patch and continue working with your application until you find a patch for the patch.

ALCB

But even 2003 has problems

In reply to It is a big problem for everyone

Do you remember the 2003 product launch?

We where told that it was the most bullet proof OS Microsoft had ever produced out of the box which it pretty well was provided that you didn’t enable IE6 which had a gapping hole in it but then again why does a server need IE6?

However if that was the case why include IE6 as an install option?

And Microsoft had know about this problem for months prior to the release of it anyway but failed to draw anyones attention to the hole as it affected everyone of their current OS’s.

Back but back to the main point of your posting that all patches should be installed ASAP well I don’t know about you but every patch/Hot Fix needs to be tested to make sure that it doesn’t cause more problems that it is supposed to cure. I can vividly remember applying a Java Patch only to see all External & SCSI Drives disappear and the network connection as well. As it was impossible to remove the patch and the Roll Back function didn’t work it required a total reload of the system and this time not install the Java Patch. Every company that I’ve ever worked for has always tested any patches before applying them just to make sure that they do not end up with far more problems that what they originally had.

But back to the main issue if even Microsoft can’t keep their systems fully patched exactly how are we expected to?

Remember “Slammer?” Microsoft was one of the first networks to be affected by this so if they are unable to keep their systems secure how are we supposed to?

Col

Hmmm …

In reply to But even 2003 has problems

Patches/Patching/Compiling … they are the same in fact. All OSs need to be patched so that they run smooth and as expected. Remember Linux? I tried the last 2.6.0 and then 2.6.4 kernel, and … it’s not working from the first time, there are things to do/know etc. I am not a master of linux, but still … come on.
Any OS needs to be improved, MS included.
And about the “monoculture”, hmmmm, I don’t think it exists. It is not MS fault that a lot of people uses their product thus becoming “MS addicted”. It is the “others” fault, that let the existing situation appear. What did they do until now? Nothing much if we talk about “home users” – which are the real market! MS has seen that, and moved towards this point. It is from the “home-users” the money comes. And when you are used with a product at home, you expect to have the same one at the office … don’t you agree with me?
It’s IT professionals/developers fault if they can’t built another program a bit more easy to use for the “common people”.
You gave an example in your threads about a network you built from scratch based on linux, and then you had to switch to W2K so that an account program could work. It’s not MS fault that the developers did not made yet the linux program version.
From my point of view, as a businessman (if I?d be one), I’d put all my effort in developing software that has the most “spread and reliable market”, so that I can sell my product to as much people/clients as I can. To make MONEY in fact, why we always hide this thing?
And MS, he knows very well how to do that!
Maybe it is time to stop blaming MS, but us. WE are the ones to blame.
I am tired of hearing “MS is BS, linux is the best!” My opinion, in this right moment is linux has a lot more to improve/do/develop until it becomes a good product, and an easy to use one. It fits all the needs of a “computer geek” like us, but … not everybody is like us. And when you intend to “gain a market” you have to be better than the concurrence. And it is not the case for now. The future … I don’t know. Everything is evolving so fast, that I can’t and I don’t want to predict anything.
About the viruses, what is it about viruses? I think linux does not need a virus, just a guy who knows a little more than you about the program ? how to set its firewall, etc. I read a post on the internet, and I had to check again, who said something like “if you got hacked on your linux machine is not my fault (the hacker), because you had all the time needed to patch your box – you did not do, you suffer the consequences”. What a BS! And, by the way, how many sites running linux were hacked in the last period? Can you remember? Quite a few I can say. And that is not stated to say that linux is not good, but just that there is no ?perfect OS? yet.
And to finish here, I would like to have a product that has the power of a MAC, the stability of a UNIX, and the ease of use of MS. It’s a dream, I know, but … who knows? Maybe exactly from the one you blame right now, we’ll have this OS. I don’t know why I have that feeling. Windows will soon transform in something else … that’s for sure.

Vlodolar I think you are missing my point

In reply to Hmmm …

You are saying exactly what I’ve said through this entire discussion.

But there are some differences in the way we see things. Microsoft bought a lot of the Software Houses out by getting them to agree to write code that would run on Windows without this Windows would never have gotten off the ground.

Now however Microsoft is doing everything possible to protect their market share like in the case of Corel Corp who where developing not only a version of their popular Office and Graphics programs but also a version of Linux. Microsoft in this case bought shares in Corel Corp and then caused Corel to drop all of its Linux Development by getting other share holders to vote it down at one of their shareholder meetings. While there is nothing illegal with this action Microsoft after getting exactly what they wanted sold off most of their Corel Corp shares at a loss I might add. Shades of their attempt to stop dealers installing Netscape on new computers as no one was using IE at the time. Eventually they where found to have acted illegally but by that time the damage had been done and now Netscape has gone the way of the Dodo.

But originally {and I was there at the time} Microsoft encouraged people to take home their products and install them on their “Home” computers so that they could learn to use them. The business liked this as they didn’t need to pay their staff to learn the products and Microsoft got rid of Word Perfect as the standard Word Processor on the market everything worked well at the time at least from Microsoft’s point of view.

Actually it was so successful that Microsoft has reintroduced this policy with their Volume Licence products so if you by a licence for X number of copies of any software the business is able to install the same number of copies on the “Home” computers of the workers of that company. But it goes even further as there is no attempt to track these installations so if a person leaves a company they can take the product with them and any new worker can install the Microsoft Products on their “Home” computer.

Actually you have it all back-wards as Microsoft’s main aim is to dominate the business desktop market and then everyone else will be forced to use the same products if they want any of their electronic transfers to be able to be read on the Microsoft products. Have a good look at Office 2003 or even XP did you realize that they no longer have the Word Perfect converter installed by default? While it is possible to install this converter it isn’t an easy process well at least it isn’t well documented and requires quite a bit of effort to perform.

But I have been howled down for saying that there is no “Perfect” OS and that if Linux suddenly was in the position of Windows there would be as many holes found in it as there are in Windows but they would be of a different sought as Linux doesn’t allow code to execute by itself like Windows does.

While I’m dating myself here I really still prefer Unix with all of its interesting quirks but then again the very first time I ever went near a computer it ran Unix and Microsoft wasn’t even a twinkle in “God Gates” eye.

Perhaps we will soon see a Microsoft Version of Unix which would go a long way to fulfilling you’re preferred dream. Or the other way of looking at it is that Microsoft donated a lot of money to SCO under the guise of buying the right to use the Unix Code so that SCO would start something against the Linux community which by its very nature Microsoft is incapable of competing with if only by weight of numbers in developers who are only too willing to spend hours writing/debugging code for no finical reward. I really don’t know which way to think but I am confused as to how a “Breach of Contract” dispute between SCO and IBM can escalate into the current position where SCO without providing any proof has effect-ly attempted to extort money from companies with threats as they are now claiming not the original “Breach of Contract” by it has turned into a “Copyright” item and no one is showing the slightest concern about this. But Microsoft did put the money men in contact with SCO so at least they could survive the protracted Legal Battle that is to come.

Col

Bull

In reply to Does a Microsoft “monoculture” endanger security?

Everyone is always looking for someone to blame for their errors. What is really endangering global internet security are the users. An application like IE has millions of bits of code. It would be impossible to test every possible scenario before it occurs, because there is no one who could possibly foresee the ingenuity of man.

When you purchase a legimate software from Microsoft, you are added to a user list. When they find a vulnerability, and it’s generally found PRIOR to anyone exploiting it, Microsoft notifies its users. It is user who fails to apply the patch, thereby allowing the security breach.

My goodness! People must grow up, and quit acting as though their computer (s) exist in a vacuu.

I work in Information Systems, but I also have a business on the side. I see soooo many people who daily surf the internet, yet have no virus protection. My company has written a logon script to insure real-time protection stays enabled, because employees disable it because it slows them down. Yes, we have a firewall. Yes, we have a scanner at our gateway, and on the Exchange server, but today you must prepare for any eventuality. I believe the problem we have today is because people are always wanting someone else to do the job they should be doing themselves.

No Bull

In reply to Bull

Read the Post MS Bloat Soft.
The problem is IE like a virus has infected windows Thus exposing all of windows to any weakness in IE.
If Netscape had the same flaws as IE you’d scream blue muder and chuck it ! You’d get Opera or soemthing else.
But if you do that for IE or any thing else that is now an integeral part of Windows YOU HAVE to CHUCK all of Windows and get Linux or a MAC as you have no choice but IE even if you don’t use it !

Bloat Soft MS

In reply to Does a Microsoft “monoculture” endanger security?

MicroSoft’s bigest problem is they keep trying to do everything in one package !
Windows used to be a GUI that loaded on DOS then you added programs to do your work.
Now Windows is trying to be all things to all people. And this is a mistake !
If MS went back to biulding Windows as just a GUI and then biult modular plugins for all the services that might be needed. so great gaping security holes that affect even secure services in the current format of Windows would have little chance of compromising a system as only the modules that actualy needed System, access and interconection would get it not everything from word to the bloody clock !
This would help the IT industry also as there would be competition to biuld these modules for all sectors and thus Higher quality not just the crap that an overworked tech an MS thinks is OK.

“monoculture” exists Yes!

In reply to Does a Microsoft “monoculture” endanger security?

There are serious faults in their basic designs of the products, which opens intrusion. But they as the Market Leader resist incorporating better designs of Competetors.

depends !!!!!!!

In reply to “monoculture” exists Yes!

Well to start with ! MS based operating systems are good with
very flexible designs. It can work with a lot of mother boards,
cards, memories, devices etc. Perhaps, I must I ask you to
recollect your memories of OS/2, which was one of the first OS
to run on protected mode. This very basis provides a vast range
of intrusions which has to be managed by the administrator.

The design is good, other wise it could have never made this far.

Doing their Business

In reply to Does a Microsoft “monoculture” endanger security?

The thing are on run for Microsoft and even they only can’t stop this. They try to do better for all but offcourse money matter. No once will try to stop promoting a fast running product due to some bugs. Over all this could be minimized by efforts.

It’s easy to get brownie points bashing Microsoft

In reply to Does a Microsoft “monoculture” endanger security?

It’s easy to get consensus from techies by bashing Microsoft – their success, and yes, arrogance, has made them walk around with a big red target painted on their corporate butt – but it does nothing to help resolve the problem. Let’s face it – script kiddies and hackers write exploits for Microsoft because a) that’s the kind of computer they’re using in Mom’s basement, and b) it’s a lot more exciting to potentially infect hundreds of thousands of computers than a couple thousand. The other OS’s just don’t have the customer base to make them as attractive a target.

Microsoft OS’s can be hardened. It takes more work than it probably should on the part of the system administrator, but that’s not an excuse for not doing it. Patches can be applied. It’s a pain in the butt, but that’s not an excuse for not doing it.

Going to another OS on the desktop – well, yeah, that’d be nice, but in most environments, there are things like finance applications, custom applications, in our case, lots of academic software, health services software, child nutrition software – all of which is designed for a Windows client/server environment. What do we do – tell the users they can’t use those applications? That’s not the IT department’s decision in most environments. Sure, I’d love to go to an all-Linux environment – it’d make my job easier, and cost a lot less – but then what would the users do for those applications?

Despite the hype, security is low priority for Microsoft

In reply to It’s easy to get brownie points bashing Microsoft

Nobody expects a perfect product and many people in this discussion have made the point that hackers will always be out there finding and exploiting new vulnerabilities. My problem with Microsoft is that it’s not for lack of resources that they have failed to deliver reasonably secure products. They are the richest company in the world. They can afford to and do employ many talented software engineers. They could hire as many more as they choose. As other people have said, some of these flaws are from old code that they have re-used obviously without testing. Meanwhile, they are focusing on developing completely new operating systems and applications such as Longhorn and a slew of technologies that will require everyone to eventually upgrade all their Microsoft OS’s and applications to new versions. Great revenue strategy. For Microsoft. But I don’t see any need for these “new” technologies.

Gates said security was their number one priority how long ago now? Yet new OS versions and applications since that assertion still contained not only the same old flaws from the old, re-used code, but apparently new flaws in fresh code as well.

My only conclusion is that security takes a back seat to new products and features at Microsoft. This is costing their customers HUGE amounts of money. Faced with this, many customers would go to an alternative, but remained locked in because the alternatives for desktops just aren’t ready to challenge Windows. This in turn leads me to believe that Microsoft is, for all intents and purposes, a monopoly in the desktop operating system business. and they use that monopolistic power to overlook product deficiencies that couldn’t be overlooked in a competitive marketplace.

Just my opinion.

What makes it even easier

In reply to It’s easy to get brownie points bashing Microsoft

Is that Microsoft freely admit these very same facts {well at least to their Partner’s at the regular Partner Meetings.}

What most IT people find galling is that while Microsoft know exactly where most of the problems are they are unwilling/incapable of doing anything about them. Perhaps after Longhorn is released there will be some real “Trusted Computing” coming out of Redmond with Microsoft producing their own version of Unix at least that way they would have a relatively stable platform to grow from.

Col

Selling Damaged Goods

In reply to What makes it even easier

Why is MS permitted to continue to sell damaged goods at premium prices and the buyer is responsible for patching or repairing their purchase?

Not a global Internet security threat, but …

In reply to Does a Microsoft “monoculture” endanger security?

Microsoft has a responsibility as the dominant developer and supplier of PC software to set the highest possible standards. By and large it does this. However, there are puzzling instances where Microsoft leave open TCP/UDP ports in critical applications and OS systems. Furthermore, browsers such as IE6 (with SP1 and hot fixes forever)are a shambles. I always advise clients to use Opera or Netscape for preference. Regards, David Mawer

Well maybe not for much longer

In reply to Does a Microsoft “monoculture” endanger security?

If the EU Courts get their way not only will Microsoft have a substantial bill but they will lose control of their “Source Code” and we could very well see a SUSE, Mandrake or whatever Open Source version of Windows.

I’m betting if this was to happen Microsoft would have to rapidly improve its act because the other makers would plug a lot of the existing holes before they released their versions as they would need a reason for people to buy their product rather than just keep on with Microsoft.

Now there is something that dreams are made of Open Source Windows pity that if it ever actually happens it will first require bout 10 years for all the legal appeals to be finished.

Col

R.I.P.

In reply to Well maybe not for much longer

“Now there is something that dreams are made of Open Source Windows pity that if it ever actually happens it will first require bout 10 years for all the legal appeals to be finished.”

And by that time a generation of people who have been using Macs since before they could walk will be a powerful market force.

I can’t see that happening

In reply to R.I.P.

As the Mac has such a small market share and while Apple are trumpeting all their successes in getting companies to switch to the Mac’s or iMac for every company/Government Department that changes to the Mac format there is at least one leaving it as well. Apple was the market leader till IBM introduced the PC which is by its very nature far more competitive than the Apple Products which are effectively a closed shop just like Microsoft is in the OS market. While the Apple products have about 5% of the market they will never be a real force to be reckoned with.

Currently Microsoft is getting all worked up about the market share of Linux which right at the moment isn’t even as big as Apples market share. Even then Microsoft has an agreement to provide software to Apple so they are getting an even stronger strangle hold on the market. Granted the new Mac OS is leaps and bounds better than anything Microsoft is offering but almost every PC problem that isn’t hardware related can be traced directly back to the Microsoft OS that is running it.

Over the last few days I’ve been reloading this workstation which Microsoft wants to call a “Server” but it is actual fact a high end workstation with Dual Zeon’s and built in 3 channel SCSI that runs 2 IDE HDD’s and 17 SCSI HDD’s.

After I installed SP3 for MS Office I started losing HDD’s and it all came to a head when on a reboot I lost the main program drive so I was unable to access any of my programs. But what I did find interesting here was that Office reinstalled itself on the C drive without asking for the install disks. Now there is something to ponder when you are working on your Mac without any problems but in all honesty I could build 2-3 computers/software for the cost of 1 Mac so there really isn’t any competition.

Col

US TO BE BLAMED

In reply to Does a Microsoft “monoculture” endanger security?

ADVERTISING IS THE KEY TO SUCCESS, WE HAD BOUGHT INTO A NICELY PAINTED HOUSE FULL OF TERMITES INSIDE, WHO’S BLAME IS IT? I AM JUST A SIMPLE IT SUPPORT TECHNICIAN THAT HAS NO CERTIFICATIONS BUT 10 YEARS OF RELATION WITH MS WHICH SHOULD BE (bs)HAD TOUGHT ME LONG TIME AGO THAT IN THIS SOCIETY WE LOOK AT PRETTY FACES INSTEAD OF LOOKING INSIDE WHERE REAL VALUES ARE, WHO ARE WE TO BLAME, LETS WAKE UP.

Or, as Frank Zappa so eloquently put it:

In reply to US TO BE BLAMED

All that we have is American-made.
It’s a little bit cheesy, but it’s nicely displayed.

But surely

In reply to Or, as Frank Zappa so eloquently put it:

Red Hat is also American made as well as Lycoris so it can not be that the obsession for US made products is the only reason to use Microsoft.

Col

Depends..

In reply to Does a Microsoft “monoculture” endanger security?

On the entire network/infrastructure setup.

First off, understand that MS products were designed for the masses. Ease of use and multiplicity of features was the goal. Linux, Unix, etc. were designed for and grounded in security and reliability while forgoing ease of use and features.

Both of these extremes have been converging over the past 5 years. *nix systems have been adding feature sets and improving interfaces to make administration simpler. Microsoft has been improving on its security standards (the upcoming Longhorn seems a huge step in the right direction).

Therefore, directly comparing the two brings us to the “apples vs. oranges” point. They were not designed to do the same tasks (ideologically speaking).

Now, to return to the subject:

Does having a monoculture endanger security?

Depends on how you use it. Standards are the cry of all technical people. Standards allow movement across platforms, interoperability, redundancy, and if used correctly – security.

If you have one platform, configured one way, then you know your weakness and strengths. We have a native AD installation with W2K clients. We have not suffered from one of the virus outbreaks in the last 2 years. No lost pcs, no corrupted data. This is because we constantly analyze our systems for threats and modify our securities as need be.

I think that one of the biggest problems with MS products are the admins/users. Because of the ease of use with MS products, many are lulled into lax mindsets. *unix admins are used to everything being disabled and having to manually enable/configure services and applications. This required interaction educates the user and reinforces the securtiy viewpoint of *nix products.

In fact, just for the record, I have not had one virus or crippling system issue out of my personal MS boxes. On the other hand, my first Linux install (public Apache, MySQL) was hacked in 2 weeks. Had to wipe and reinstall the box. Learned alot though (Dont run generic processes as root).

Linux in the Enterprise:

Servers, sure.

Desktop, only if RCE2 and Novell can deliver integration and central management like AD or NW.

My 2.5 cents …

Flame suit armed and ready …

😀

No I actually think you have it fairly correct

In reply to Depends..

About the only real issues that I’ve seen with Microsoft products is exactly their ease of use and because of this a lot of small business do not have the qualified IT staff in place to control what happens to the networks.

They tend to believe that out of the box every thing is perfect and just leave it that way and take no additional steps to stop leaks other than an AV product and if you’re lucky a firewall.

Also owing to the fact that some of Microsoft’s patches tend to do more harm than good quite often these are not applied so the problem is only exacerbated.

There was one large company which I used to deal with who had 2,500 odd computers that where running XP Pro on the desktops and then several other servers running Y2k Server. The System Admin when I first started consulting there was a “Lazy Bastard” who never applied any patches and relied on the mail server to stop any incoming problems which was not an effective solution.

Anyway he eventually left that place and a new woman was appointed to the position from outside the business and she immediately went about applying all the required patches but that was where the problems started arising as Microsoft had decided in their wisdom that this particular Volume License version of XP was one of the pirated ones so SP1 would damage the systems. The new System Admin rang me and threatened me with reporting me to Microsoft for selling them a pirate version of the software which of course I didn’t as I put them in touch with one of Microsoft’s Volume License suppliers and it was a legal copy. Microsoft actually have 3 suppliers here and I gave them all three to ring up and get prices from they naturally settled on the cheapest price. But I had to go in there and change the product key over on all 2,500 XP computers which was no fun at all not to mention the time that was required in the change over.

I started off trying to do this change over during business hours but after the first few hours it became obvious that this was not a viable option so as Easter was coming up at the end of the week I arranged to have access to all the computers over the Easter Break and I took my entire staff in there from the Friday on wards and we spent 12 hours a day for 3.5 days before we finished them all.

It was when I presented them with the bill that the problems really started there where 462 man hours involved over a public holiday and I only charged then the normal time rates and did not add any of the penalties that should have been billed for.

The new System Admin thought that for that amount of money we should not only have altered the product key but applied all the updates that where then available even though this was clearly impossible in the time frame that we had available.

But to cut it short every system breach can be traced back to a person who either lacks the knowledge or is too lazy to do the job properly.

But as I like to point out to people in my industry that I deal with even Microsoft got hit by “Slammer” but none of the systems that I was consulting on where affected and so far “Touch Wood” have never been affected by either a Virus {or whatever you like to call them} or an outside breach. There have been a few security breached from internal sources but every one of these has always been traced back to the System Admins not following the procedures that I originally laid out when the systems where installed or upgraded.

But I’m the first to admit that I’ve been lucky so far as with every one of these events we are always playing catchup in an attempt to prevent any breaches and I honestly expect that one day there will be a breach that I wasn’t prepared for.

Col

Monoculture

In reply to No I actually think you have it fairly correct

Ok, so if monoculture is to blame, you’re also one of those that blames the internal combination engine for everything?

Were nukes the cause and problem of the Cold War or was it actually several generations of people deciding that hate was better and easier than understanding and discuss?

Face it, Microsoft isn’t perfect but the benefits have far outweighed the costs. Is there a problem, sure…but what’s the alternative.

By the way, can you read this because I typed it in WordPerfect.

Some interesting off topics thoughts there

In reply to Monoculture

But maybe Microsoft could start by actually producing what they claim to make instead of what we currently get.

I could also argue that it wasn’t the nukes that caused the Cold Way but the monopoly of thought patterns of the people involved at the time {Us verses Them mentality} the nukes where only the weapons of last resort as neither side was going to start something that could very quickly get out of control and destroy both sides. The Cold War was a perfect example of a no win situation.

That is something that we shouldn’t be aiming for in the IT side of things however I could be wrong and the complete destruction of every computer on the face of the planet could be a great benefit to mankind in the long run as they would have to start thinking for themselves once again and not rely on others for the necessities of life. Have you noticed that when this became the accepted belief it was also accepted that the world owed us all a living no matter how slack we actually where?

Col

Yes and Yes.

In reply to Does a Microsoft “monoculture” endanger security?

Analogies seem to be used freely here, so how about the auto industry? Automakers are constantly coming up with new stuff, and if any of that has the potential for harm, IT GETS RECALLED. I agree with an earlier statement that Microsoft never intended to make Windows insecure, there intent was for ultimate interoperability and functionality. That being said, they also have a responsibility to pay attention to security issues related to all their work. The amount of money lost due to lost productivity would be staggering if it could be tabulated! Microsoft needs to be held accountable for neglecting the security issues!
Personally, I can say that none of the computers in my control have ever been infected with any kind of virus, and I am NOT joking. I operate from behind a good corporate firewall on my job, and I have always had a dsl connection going through a router with a firewall at home, and I never open email attachments. It’s that simple.
Microsoft is in large part responsible for the problem, but all the ignorant users give the hackers and script kiddies a reason to keep going. If this in any indication of our suviveability as a species, the human race is doomed! 8(

Not opening attachments is easy

In reply to Yes and Yes.

But a waste of who every ones time in sending the e-mail. How exactly do you get on when you receive an e-mail from lets say your lawyer with an attachment in Word that you need to open sign and return?

Or any of the multitude of other cases where it just is not practical to type in the entire e-mail. Not opening attachments is a “Cop Out” as you are not making the maximum benefit of e-mail but honestly the trick is to know which attachments to open and which ones not to.

I also have never suffered any form of infection on any system that I administer but with a good AV policy in place as well as hiding behind a really good firewall so far I’ve never had an infected attachment get through.

Oh incidental how do you get along with the e-mails from Microsoft with attached hot fixes or whatever that they regularly send out?

Col

Yes. If you believe we can draw parallels

In reply to Does a Microsoft “monoculture” endanger security?

It’s not new to use socio/biological systems to parallel computer
networks and I don’t want to dwell on the obvious. When you
apply the concepts such as “in-breeding” and “bio-diversity”,
you will find computer networks have the same vulnerability as
the bio-engineered crops and highly cultured species such as
the grapevines in Bordeux and Napa. In both cases, a single
ailment or virus can quickly wipe out the entire crop.

Yes, it does represent a threat

In reply to Does a Microsoft “monoculture” endanger security?

Most users have become resigned to using a Windows OS and Internet Explorer as their primary means of accessing the Internet.

Debate can rage for days regarding the monopoly of Microsoft and how it endangers free commerce, but a major point to consider is, as the prevalent forms of access, viruses, Trojans, and spyware are predominately aimed at these products.

If you go to the PC troubleshooting subsection of the Technical Q&A section, 8 of the first 10 questions I viewed were most likely spyware, in Windows systems running IE.

A greater diversity of platforms would make the spread of hostile software a little more difficult.

Firstly a M$ monoculture certainly does exist

In reply to Does a Microsoft “monoculture” endanger security?

But does it endanger National Security probably not. The computers who are in charge of National Security are not on the Internet but on Mil net which is a totally different kettle of fish. Granted the Internet was created for the same purpose that Mil net now serves to have processing capability spread out across the country/planet depending upon the needs.

Now the DOD learnt its lesson with the Internet and fixed most of these with Mil net so in reality there are no real problems with Microsoft being the predominate OS in use but even then I would question that assumption as the mainframe market is still mostly Unix based and certainly has no Microsoft OS running as they where never designed to work on that kind of platform so even if every M$ system was available to whom ever wanted control it is very unlikely that they would have access to any of the really important capacities of the DOD.

The real problem arises because America is a “Free Enterprise” economy and so there are outside developers making everything from electronic control modules to aircraft/ships or whatever, even most of the machining work to make nukes is farmed out with only the really sensitive stuff being kept in house so to speak. So while it may be possible to get the plans for the new beaut Stealth Aircraft it is impossible to do much more and while this is an embarrassment in reality it is nothing more as the real enemy already knows what you are doing.

Back in the days of the “Cold War” both sides knew exactly what each other was doing and there is certainly no reason to believe that any of that has changed now days only the countries who need the data has changed. What a Government Knows and what a Government tells you can be quite different things so while it is a good idea to discuss these potential problems in the end it is nothing more than a pointless exercise in futility as these things have already been thought of by people much brighter than any of us here and with far more money to play with to get what they want.

Now while Microsoft may be big they pail into insignificance compared to what is available to Governments who are willing to spend the money to get exactly what they want no matter which country it is they can divert resources to do what they consider as “Pirotory” actions if that be knowing what the other side has well big deal after all only a fool would attempt to hide the fact that they have ICBM’s as they work very nicely as a deterrent if nothing more and in all likelihood will never be used, in a case like this I would say we have 200,000 nukes when in actual fact there where only 1,000 the numbers are not important except if you can inflate them in a believable way.

Now as far as knowing how to build any form of equipment or knowing what you have big deal so they know you have Stealth aircraft so they know that they are very hard to track if at all possible another deterrent I would shout this from the roof tops and again inflate the numbers the more that they think you have the less likely they are to do anything against you.

Now we come to the real problem an enemy without borders to protect and any form of knowledge about what weapons you possess is unimportant to these people as they can move between countries as easily as you change underclothes so while you may have the capacity to wipe out several countries who you may think may be harboring them with impunity it is very unlikely that you will achieve your objective in any form as some will survive and your actions will only increase the fervor against your country making it a bigger target for attacks again from those with no borders to protect.

These are the real enemy as they have nothing to lose they can attack you when and where they like and then run away and become invisible until they launch their next attack. The current “War on Terrorism” even though it has been sidetracked must fail because we have no fixed enemy only an idea which is impossible to kill. For every one group we attempt to destroy there will be the remains raise up in greater numbers as each of the surviving people of the original group start their own groups.

The only way to prevent them from spreading is to stop the conditions that allow them to prosper so if we where to forget any attempt at revenge and make positive attempts to improve the lot of the places where these people are gathered from it would prevent the idealistic rabid dogs from increasing in numbers with throw away people who are only too willing to become “Cannon Fodder” any engagement like this is not a way but an attempt to genocide which in the current climate is an unacceptable alternative.

Col

[Author]

Replies