Security

Our forums are currently in maintenance mode and the ability to post is disabled. We will be back up and running as soon as possible. Thanks for your patience!

General discussion

Locked

Does a Microsoft "monoculture" endanger security?

By debate ·
Do you agree with Jonathan Yarden that a Microsoft "monoculture" exists? Do you think it poses a threat to global Internet security? Does your organization rely primarily on Microsoft products? Share your comments about considering alternatives to Microsoft software, as discussed in the March 15 Internet Security Focus e-newsletter.

If you haven't subscribed to our free Internet Security Focus e-newsletter, sign up today!
http://nl.com.com/acct_mgmt.jsp?brand=techrepublic

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

RE: Rediculous is right, in the wrong way

by itctonguy In reply to That is just ridiculous

I think that all of us (MS users AND non-users) can agree that MS software has its vulnerabilities and exploits, probably more that most of the other operating systems combined. I think most of us can also agree that at least some of the problems are due to the wide generalization of the microsoft product line, instead of widening the product line for a more streamlined product. We can all SURELY agree that security is, and always will be, an issue. Now, what do we do about it??? Let's get some solutions here. One thought: Could the modest windows security possibly be sufficient in an environment where outside intrusions is not an issue? (Granted, there will always be the remote possibilities of some CIA guy sitting outside in a van with high-tech stuff, but considering NORMAL security conditions.) Say, for example, one had double-firewall (one hardware, one software) security on the only connection into the network from an outside source (broadband/internet). Wouldn't the general windows security with lesser restrictions be a plus in this area? (Providing you can trust your users, of course.)

Collapse -

Rediculous - Maybe not so....

by Tesla444 In reply to That is just ridiculous

I agree with you on two points. The vandals creating these virus'
are the prime bad guys here and should be punished when
caught to the fullest extent possible. Also, Microsoft, I think we
all agree did not create this problem on purpose and I'm not
sure people resent Microsoft for making money -- after all it's
what we all hope to do 'one day'. In fact, as a long time Mac
user I have long supported them since they have created some
key Mac apps. The first software I bought with my Mac in 1985
was MS Word & Excel v1.1.

But, MS did make some bad decisions early in the game and
failed to respond as they should have and could have to fix the
security issues with the Windows platform. They therefore need
to should their share of the blame. The only reason big
customers need to share the blame is that they know of these
problems (for years) and have options to buy a 'better' system.

I disagree with your assessment of the other system and their
security issues. It does seem logical that the % user would make
it a bigger target. The other systems do have security issues,
but when compared directly it is clear that MS is proportionally
still infinitely more vulnerable.

As an anadotal indicator I have used Mac since 1985 and have
never had one incident of a virus impacting any system I have
ever used, alone, networked, on-line, etc. On the other side I
have also used PC's over the years and worked in mixed
environments. I don't know one PC owner who has not had
major virus and network problems.

True the other systems are not bulletproof but given the track
record of Windows and the relatively minimal problems with
Unix based systems why would anyone choose windows?

I have recently started working in the financial industry and it
seems the only system anyone is willing to recommend for
transaction and datbases is Unix based. Thank goodness.

Perhaps another reason that MS machines are hacked more often
is that ther are a lot easier to hack -- As a hacker why would
you try to break into Fort Knox when you could break into your
local small town department store so easily.

Tesla444

Collapse -

Off the Subject

by CrazyAl In reply to Too much point missing... ...

I would suggest getting off the rape analogy all together. The victim is never to blame no matter what the situation. Now we can go back to discussing the issue.

Collapse -

Get off the Rape analogy

by Tesla444 In reply to Off the Subject

I agree we should stay away from the rape analogy. But the fact
remains that the use does have to take some responsibility - not
the innocent user who buys into the Windows nightmare
unwittingly, but those sophisticated users who continue to
support Microsoft without demanding a better product.

It is clear MS will not listen to individual companies or people
but they will listen to one spokesman --- Money. Money talks,
if we stop supporting them with $ in a big way, THEY WILL
CHANGE. Even legal solutions don't work with a company so big
but moving our business with demonstrate the power of Money.

Tesla444

Collapse -

While the idea of boycotting Microsoft

by HAL 9000 Moderator In reply to Off the Subject

So that they will improve their products is the only way that I think they will improve them in a very fast manner the problem still remains on how you achieve this.

I would be the first to drop all Microsoft products but it is always the customer who calls the shots in this area and no matter how hard you try it is up to them to decide what they are willing to use. Now even with all the faults inherent in Microsoft products they still have a lower Total Cost of Ownership than anything else so this is what every company wants the cheapest alternative that is usable.

Changing every thing to Unix/Linux/BSD or whatever is not an option in the business environment as no business who is big enough to affect Microsoft is willing to take that "Leap" into the unknown and attempt to run a network with products that their users don't know/understand. Microsoft remains where they are just because they already have a user base so large that currently it is impossible to use anything else.

As an example every Computer Usage course offered to anyone so that they can learn to use computers to improve their chances of getting a job only deal with Microsoft Products. Until this changes it will remain a self fulfilling action which spirals down-wards with products that are not secure have far too many features most of which are not understood let alone used and are based on obsolete bloated code.

Just try to find someone who is willing to teach Word Perfect Office 11 which is a better package than the Microsoft equivalent but is only found on a very small number of brand name computers which are sold for a price. This gives the impression that Word Perfect is a second rate suite of applications when in fact they are not but because they all work differently to the Microsoft Office suite they are no longer used and not all that long ago Word Perfect was the Word Processor Standard which everything else was compared to to see how good a job they had done in writing the code.

Col

Collapse -

Inertia

by felipe_alfaro In reply to Too much point missing... ...

It's called inertia... Unfortunately, many
businesses and individuals made the wrong choice
and chose Microsoft insecure products. Now, they
don't want to throw away all of their investment
and retrain in another platform.

However, I think that, at some point, we need to
analyze our decisions and take a change, even
when this means investing more money. It will
pay in return. I think the market is crying for
a change. We are tired of Microsoft products.

Collapse -

Microsoft and common sense?

by chaz15 In reply to Too much point missing... ...

When corporate software from Microsoft doesn't work properly, crashes frequently and often doesn't work at all, security is very much a secondary issue.

As an example even the updated "windows installer" is a complete catastrophe.

Surely Microsoft must employ at least one competent programmer (??). As we all know, security is almost completely non-existent but Windows isn't Unix, so I don't know what else we can expect! But when very expensive software is flawed or very flawed . . . .

Collapse -

Everyone Knows - NOT

by Alan_ In reply to Too much point missing... ...

Everyone in IT may be familiar with security issues related to Microsoft software. However, in my experience, many if not most folks outside IT know NOTHING about the issues.

They're trying to get online to send pictures or correspond with friends & family. Or trying to manage their finanaces or access various web sites where they have some account or another.

Ask them if they have a personal firewall or anti-virus software. Most can't even answer those questions.

I believe that Microsoft is aware of the flaws, that some are rather long lived, and that they have focused on consumer convenience to the detriment of security.

Collapse -

Sadly

by chaz15 In reply to Everyone Knows - NOT

Those of us in the IT profession WISH Microsoft WOULD address the issues.

As IT professionals, we are all too aware of the major shortcommings, many of which Microsoft ARE NOT trying to put right.

Collapse -

So what are you trying to get across?

by HAL 9000 Moderator In reply to You still missed the poin ...

That it is OK for Microsoft to sell us software at inflated prices that doesn't work and it is our fault?

Unfortunately I live in the real world where Microsoft has the market domination and at the very least every workstation for all the end users needs to run Microsoft currently as no one is prepared to learn anything different. At a rough guess from what I have seen in all my customers work less than 10% of any software is actually used and the other 90% is just wasted space for them.

Now Microsoft really got started when they did a deal with IBM and ever since then Microsoft has been synonymous with the PC market. Really is it any wonder that it still commands the lions share of the market?

That is because most end users have at the very least learnt Microsoft and a few have even grown up with these products and they are all that they know and are willing to learn as well. Therefore to save costs companies only use Microsoft products in the work place where they do not have to outlay any money in training. They may constantly be dissatisfied with these products but they stay with Microsoft because more from fear than anything else. Something along the lines of "Better the Devil you know that that that you don't know!"

Col

Related Discussions

Related Forums