Quote:
Originally posted here by Tiger Shark
Wow HT.... Nice rant.... (You forgot the tags BTW.... )
[rant][/rant] and [edit][/edit] should be added as valid tags :)
Quote:
1. I use a firewall at home.... Am I incapable of setting up my domain in such a way that it is protected from the public network yet functions perfectly within it's self... No.... But it's a **** load easier to throw up a firewall and run the domain behind it..... Let's be fair from that standpoint.... Then let's look at Joe Public. It's far from "easy" to close all the ports that M$ has open by default so Joe has little hope of protecting himself. OTOH, if the ports weren't open by default then Joe wouldn't be able to network his two computers.... So he wouldn't buy M$ because his buddies have told him he can't network it.... he'd buy something else, equally full of holes as M$, that fills that "hole" that M$ didn't.... So we're back to square one on that argument....
The firewall makes things easier sure.... but saying you should have it to protect yourself is what's wrong... They're trying to say that having a firewall is needed to protect yourself.... Having a firewall is all fine and dandy.. but the way I see it they're just passing blame.
Quote:
2. Get updates.... Well, we can argue the semantics of the language all day... It's irrelevant really... The issue you really have is the frequency. Now, IRRC, everyone and their dog were bitching, (nice pun huh? ), about M$ issuing a patch every few days... Now your bitching about them issuing a patch "block" every month.... But you praise SUSE 9.1 for issuing a patch every day.... Where's the equity there? You might also remember that M$ issued an emergency patch mid-month last month.... Doesn't that help to satisfy your "only once a month" issue?
I've never once bitched about frequent patches from MS... I prefered it that way... I'd rather know that my computer is up to date immediately, rather than waiting 30+ days for a patch.. Even if they don't put them on on Automatic Updates and put them on another page... or even the MSDN I'd be more than happy with that. BTW if this exists somewhere could someone link me to it? BTW it's SuSE 9.2 :D ... 9.1 is old now.
Quote:
3. Hmmm.... There's AV for *nix.... ClamAV comes to mind.... People in the *nix world see fit to write AV programs.... Could it be that there are viruses in the *nix world? Of course.... Wherever there are people that will try to exploit computers with malware, regardless of the OS, there will be the requirement to have protection for every OS.... So the advice is good....
That's not fair.. I never mentioned *nix in my AV discussion. There will be viruses... but if patches were released more quickly and efficiently and if the OS was coded better... than the need for AV would be greatly decreased... Mind you end-user stupidity plays a huge role in this... but when we're getting computers in that are Fully Patched and up-to-date (in theory) and they're being infected with both viruses and malware across the internet... that tells me there's a problem with the OS... A firewall would prevent this.. but again shouldn't be needed if they released an OS that wasn't full of holes.
If XP was a new OS... I wouldn't complain as much.. but how long does it take to patch major holes in an Operating System? They've had a good amount of time already. Couldn't they in however many years it has been available to the public block these problems that are causing the spread of this malware?
Quote:
HT.... You and I and many members here are quite capable of doing almost anything they want to lock down their computers.... But we are a "little different".... We are in the 1000th of one percent that can do it or even knows it's important and why.... You can't blame M$ for selling a product any more than you can blame SUSE 9.1 for needing an upate every day..... If you think about it they are becoming synonymous....
I can blame MS for selling a product that will no doubt be less effective than Spybot S&D and AdAware SE (both of which are available free of charge)... I'll try their software (assuming they make a trial available) but much beyond that I doubt I'll touch it..
Don't take this, or my previous post, as Microsoft bashing... I use their software quite frequently... I work in a 95% MS Shop... Besides my laptop (Linux) I work with 2 Linux servers, a 2K3 server and a 2000 Workstation... Also an XP VM... of those two servers, one of them is a VM and they prolly account for 25% of the *nix around here... It's not used frequently... I also run XP at home.. I'm even connected to it right now by Remote Desktop... I just have some issues with the way Microsoft describes security... Being the company they are.. they should be working for user education... and pushing to better the IT community. Instead they are trying mask the need for computer knowledge and give users basics... It'd be like handing someone keys and saying here go drive... without ever training them or showing them how it's done... It's not right.
Peace,
HT
