I wasn't refering to the SMB community, but IMHO even they will be choosing simplicity (don't think I've ever used that term with Microsoft considering their use of a registry as one example) over security that will someday bite them in the butt. The paper was refering to the government and society in general. Even medium businesses and larger better get their head out.
One of my standard rec's after auditing Windows networks is to go to Netware or UNIX on the server side and Linux on the client-side. With Open Office and Crossover, 90% of Windows can be eliminated while introducing a MUCH more secure networking environment. The following sentence from the work cannot be argued and it applies to networks as well, "In the broadest sense, economic diversification is as much the hallmark of free societies as monopoly is the hallmark of central planning." And we all better wake up and see that Microsoft is the "central planner" here and Bill Gates is Big Brother. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity zar Richard Clarke -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Florian Weimer Sent: Sunday, September 28, 2003 3:21 AM To: Curt Purdy Cc: 'Rick Kingslan'; '*Hobbit*'; [EMAIL PROTECTED] Subject: [inbox] Re: [Full-Disclosure] CyberInsecurity: The cost of Monopoly On Sat, Sep 27, 2003 at 01:12:01PM -0500, Curt Purdy wrote: > I think we have lost the point of the thread CyberInsecurity: The Cost of > Monopoly which states your exact point that diversity is the most important > aspect of network protection. I often hear such claims, but I'd rather see companies to allocate adequate resources to deal with a uniform computing environment. Currently, most companies with such an environment do not deploy *any* countermeasures. There was a wide range of options to counter the recent malware waves, yet many organziations did nothing. Diversity is good, sure, but unless you can afford the costs of a workforce which is equally skilled on very diverse platforms, you just make things worse. Furthermore, some aspects of diversity are already creating huge problems, e.g. mobile devices which are not configured according to company guidelines, but are nevertheless connected to the company network. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html