That's a good point, but it obviously was not followed by any company that deployed Microsoft desktops. The review process had to be bullshit because the result has absolutely no configuration control besides firing people. It really galls me when I hear that argument used against free software.
The last big company I worked for had tried to tighten up on what got installed on top of Windoze, but it was a charade given all the holes in the platform itself. I remember them making a big deal out of deploying IE 5.x. They stuck posters in the elevators about it coming. About the same time, I got a mail bomb in Lookout that called IE to open dozens of porn browsers and thrashed my hard drive doing God knows what. The Exchange administrator told me this was "a normal part of advertising" and not to worry, she go them all the time. Yeah, she had the ability to remotely operate any desktop in the company. I tried to explain just how bad that was, but she thought I was paranoid. It was totally clueless. I don't want to even think about how infested those machines must have gotten. Windoze and *nix, especially GNU, are worlds apart when it comes to security. Using a distribution like Debian, I know that real testing was performed before release, that the application won't without warning and irreversibly break others, and that I can have real configuration control if I wanted. That configuration control is the first step in real security that the Windoze world will never give you. On Tuesday 18 May 2004 11:19 pm, Bryce T. Pier wrote: > You don't just install a new app, no matter how much you believe it to be > secure, wonderful, etc. without a good reason and a lot of review. Why? > Because each additional package on a system, windows, unix, whatever, is > another possible attack vector.
