dcsimg
Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 46

Thread: Microsoft dominance poses security risk

  1. #31
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888
    My turn for a one liner here. I have to agree with Tiger Shark on his last post catch. You do bring a very high level of knowledge and intelligent opposition in this thread, and I really have enjoyed reading everyones views. But like Tiger Shark stated most of us here are seat-of-the-pants admins. I have to completely run my network, alone, without manuals or anything. I do not even have a college degree, I barely graduated high school. But I do maintain it to the point that my customers stay happy. Just my two cent. Great post Tiger Shark.

    Yeah I know that was more than one line, In retrospect to the other posts in this thread it is.
    I have a question; are you the bug, or the windshield?

  2. #32
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    I know I am dredging up an old thread, but its still got some life in it and I didn't feel this was worth a whole separate thread.

    After posting my review of his book-The Myth of Homeland Security- I exchanged some emails with Marcus Ranum and found a great counter-point article to the CCIA CyberInsecurity paper. For those who don't know- Marcus Ranum is considered to be the "father" of the proxy firewall and he is a Senior Scientist with security firm TruSecure.

    In his paper he says:

    There is no "monoculture" here. My system isn't just Windows. My security is effected (and affected) by a bewildering combination of default settings, software patch levels, default firewall rules (I just plugged it in, honest!), browser settings, and antivirus signature sets. We're not in anything like danger of becoming a "monoculture" unless every system was running the same software load-out, security policy, antivirus product, and patch level. In spite of the dearest wishes of countless system administrators, that simply isn't going to happen! So, as much as I hate to say it, Sun's marketing people may have been right, "The network is the computer" - and the network sure as hell isn't going to become a "monoculture" unless Microsoft builds all the firewalls, all the routers, all the switches, all the web accellerators, all the SQL databases and establishes everyone's security, routing, DNS, and update policies.
    You can read the whole thing here: The Monoculture Hype

    He also has a link to a news story about how the government granted Carnegie Mellon and the University of New Mexico $750,000 to "research" why its bad to have all Microsoft systems.

    I wrote a point / counterpoint type article in which I tried to present both sides of the story in a fair and balanced manner without letting my bias show: Microsoft Monoculture

    Happy Holidays!

  3. #33
    Junior Member
    Join Date
    Nov 2003
    Posts
    1
    Heh another thing that is quite annoying is linux red hat going commercial completly off subject but bleh

  4. #34
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888
    Originally posted here by Dishes
    Heh another thing that is quite annoying is linux red hat going commercial completly off subject but bleh
    uhm.... ok.
    I have a question; are you the bug, or the windshield?

  5. #35
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    I think I can see Dishes' point. It is in itself quite revealing. A lot of the objection to Microsoft is not really about security, it is about money? If the major *nix distros got anything like as popular as Microsoft then they would all go commercial.

    OK, I know that is very cynical, but it is commercial reality? The real reason that a lot of *nix is nominal charge is that no one would actually pay serious money for it? Certainly in a commercial environment, as it is hardly "user friendly", lacks support, lacks basic applications and so on..................and if you did go *nix, where are you going to get the staff? it's bad enough for an MS shop?

    Gates has pitched at the "idiot" market of Corporate desktops and home users with no IT knowledge; and more importantly, no intention of gaining that knowledge?

    I am put in mind of the old saying about "putting all your eggs in one basket" If it is strong, you are OK, if not, you are history. But, say you had three baskets that were not so strong?...chances are you will lose at least one.

    Unless you guys have staff budgets that I can only dream of, you can't afford more than one desktop OS, and if you suddenly suggest spending millions on an unfamiliar OS and apps that will negate all the User training and cost the Corporation millions to even get back to where they were, I think you will find it somewhat "career limiting"

    Gates has made his product, and all the parasites that feed off it "the standard".........we all have to live with that? Just like we canot uninvent thermonuclear weapons?

    It is up to us to make sure that we have "strong baskets"? that's what we get paid for.

    My call on this one is "sour grapes". MS has been allowed to get where it has, the damage has already been done?

    Just my 0.02

  6. #36
    Banned
    Join Date
    Apr 2003
    Posts
    1,146
    Interesting that thread this reared its head again.

    I just finished reading my Security & Privacy (IEEE) journal (November-December 2003 (Vol. 1, No. 6)). There was a lot of comment on the pro and con of the "monoculture" concept, and an analysis of the concept and its validity (the term comes from the biological sciences) in application to computers and networking. This one journal is worth the price of admission to IEEE and the Computer Society.

    I lean on the con side of the monoculture argument. Microsoft doesn't make the routers, hardware, cable, switches and all the infrastructure--or define the internet protocols. It makes an OS and some desktop software. That is very far from being a monoculture. And, the core systems on the internet are Unix, not Microsoft OS-based systems.

    Most of the security issues we experience are based on how the modern OS interacts with an antiquated, 30-year-old internetworking technology and protocol stack.

    That isn't the core of the security problem on the desktop, though. Where the main problem lies is in how we program and how we teach programming. C and C++ are used in Windows, Linux, Unix and BSD for developing core applications and services. The compilers do not, by default, limit buffers at compile time. That is something the programmer has to do--or remember to do--or know how to do.

    [/sarcasm on] Now, we all know that professional programmers--you know, the ones who wrote all those libraries and includes we use as standard tools in C and C++--they would never forget to force the buffer limits at compile time. So, we know that all those libraries and includes have no errors. [/sarcasm off]

    Oddly enough, C#, the (java/basic/pascal) hybrid Microsoft created for .NET, has some built in controls to prevent buffer overruns.

    Here is the link to Computer Society's Security & Privacy online page:

    http://csdl.computer.org/comp/mags/sp/2003/06/j6toc.htm

    Some of the articles must be purchased, and not all are available in the online version.

    So, again you have nihil's tuppence, and my nickel's worth.

  7. #37
    Member
    Join Date
    Oct 2003
    Posts
    62
    I believe that Catch has valid points. besides, research is a very important tool of a sysadmin. tis not to maintain, but to improve. this is why one has "hackers" in the true old school sense, to take apart and improve. I am sorry to say, Tiger Shark and aeallison, that if one does not improve oneself, then one is obsolete. the purpose of IT as in just techology, is to improve and innovate.

    I agree with catch wholeheartedly, on all posts. Mr. bradley, if I may, an aside, your articles on security 101 have proved an invaluable learning source for basics. if I may, make a suggestion, aeallison, perhaps spending 10 mins a day on tonybradley's site may help to enlighten as to securing a windows box. although not failsafe, a begining none-the-less.

    windows is a great operating system, my first love is netbsd, but none-the-less, as msmittens said, apple and microsoft have helped bring us to this point. if your approach is to not want to spend time researching, imho, then do not post subjectively. IT is not a job, tis a passion. ---> ". But like Tiger Shark stated most of us here are seat-of-the-pants admins. I have to completely run my network, alone, without manuals or anything. I do not even have a college degree, I barely graduated high school. But I do maintain it to the point that my customers stay happy. Just my two cent. Great post Tiger Shark."

    I learned that the hard way, besides, Og Mandino I believe once said," The only way to certain success is to render more and better service than is expected of you, no matter what the task may be. This is a habit that is followed by all successful people since the beginning of time. Therefor I saith the surest way to doom yourself to mediocrity is to perform only the work for which you are paid."

    thank you for this thread, tis brilliant (btw has my english improved?)
    HO$H Pagamisa. Pro Amour Ludi....

  8. #38
    rebmeM roineS enilnOitnA steve.milner's Avatar
    Join Date
    Jul 2003
    Posts
    1,018
    Originally posted here by Dishes
    Heh another thing that is quite annoying is linux red hat going commercial completly off subject but bleh
    http://fedora.redhat.com

    Originally posted here by nihil
    OK, I know that is very cynical, but it is commercial reality? The real reason that a lot of *nix is nominal charge is that no one would actually pay serious money for it? Certainly in a commercial environment, as it is hardly "user friendly", lacks support, lacks basic applications and so on..................and if you did go *nix, where are you going to get the staff? it's bad enough for an MS shop?
    Actually that's not 100% true. Most versions of linux come with a variety of applications included. Fedora has comes with the Open Office suite and Evolution; both of which offer excellent functionality.

    As for 'user friendly' I beleive modern *nix distros offer users a good and easy to follow interface. Once the distro is installed there are few difficulties in use. The problem is that the users are familiar with Microsoft look & feel and office product use. However Linux/Open Office/Evolution is not difficult to use in itself, it requires some minimal cross training.

    It is true that setup and installation can be difficult, as can getting good apps beyond the standard workplace productivity tools.

    Oh, and 75% of my IT team have adopted *nix for their desktop and are now migrating our servers (where appropriate) to *nix - They have picked up all the skills themselves without any formal training.

    Unless you guys have staff budgets that I can only dream of, you can't afford more than one desktop OS, and if you suddenly suggest spending millions on an unfamiliar OS and apps that will negate all the User training and cost the Corporation millions to even get back to where they were, I think you will find it somewhat "career limiting"
    Just to add to this we have been testing *nix desktop for some of our 'standard' users and this has proved, in most cases and easy crossover.

    The business case is cost. - Windows & Office Suite cost ~700 plus ongoing upgrade costs forever.

    Some cost is associated with initial *nix training - Hence the experiment we are doing to understand the true natue of this. Initial results show a good cost case for new user requiring new Windows & Office and for existing users the cost case works at upgrade time.

    Steve
    IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com

  9. #39
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888
    S1lv3rW3bSurf3r,
    I am trying to understand your meaning here, I have been called a lot of things in my life, but obsolete seems a bit harsh, I think I will just go crawl back under my rock for a moment and ponder this some more.

    I am sorry to say, Tiger Shark and aeallison, that if one does not improve oneself, then one is obsolete. the purpose of IT as in just techology, is to improve and innovate.
    <sarcasm>And can I assume that this next paragraph is simply a friendly suggestion?</sarcasm> I have only recently learned of Tony's site, and it is close to the top of my very long list of to-do items.

    I agree with catch wholeheartedly, on all posts. Mr. bradley, if I may, an aside, your articles on security 101 have proved an invaluable learning source for basics. if I may, make a suggestion, aeallison, perhaps spending 10 mins a day on tonybradley's site may help to enlighten as to securing a windows box. although not failsafe, a begining none-the-less.
    I am not even going to bother to quote the rest of your post as I am somehow feeling like I am feeding the trolls. Can anyone else make any sense of S1lv3rW3bSurf3r's post? Or am I just lost in a language barrier, If so I apologize to Mr. S1lv3rW3bSurf3r.
    I have a question; are you the bug, or the windshield?

  10. #40
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    AE: I was waiting to see how you reacted to that post..... See how old age is mellowing me..... a few years ago I'd have ripped him a....... Well, you know......

    I was confused by the fact that at the top he had me lumped in with you as obsolete, which, like you, I found a little disconcerting but further down he was nice to me and told me that he agrees and my post was "great".

    I have to admit that I'm hanging on the side of the language barrrier right now, (there's me being mellow again...... Sometimes I miss the old me...... ), but if SilverWebSurfer would like to clarify some of his points I'm sure the two of us would be able to exit our current state of confusion whichever way his reply falls......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •