Ladies and Gentlemen,
Do we have this list for debating about Microsoft products or how frequently
it released patches or to discuss about the *internet and related issues*?
Regards,
M.Venkateswar Reddy
--------------------------------------------------------------
Huawei Technologies,
Shenzhen, China
Off : +86 755 6540476/77
Hotel :+86 755 6602222 Suit:540
* Ideas and opinions expressed in this mail are personal *
--------------------------------------------------------------
----- Original Message -----
From: Samantha Naleendra Senaratna
<[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 01, 2001 12:40 PM
Subject: RE: Any value in this list ?
>
> Hey,
>
> I do not totally agree with Ian. I think Microsoft does not give enough
> emphasis into security in their products. They do a hell of a job on
> marketing their products and making them seem flashy and attractive, and
> only if they put that much work on security. For example six patches were
> put forward only for this month for patching up vulnerabilities on their
> products. It is a fact that most of viruses are propagated via Outlook. It
> is about time that Microsoft gave more thought into this rather than
giving
> excuses because by far they are leading the market in software products as
> well as they have the resources to do it.
>
> Sam
>
> At 11:45 AM 7/31/2001 -0700, Ian King wrote:
> >Randy,
> >
> >People wanted to do more than just exchange text messages, and Microsoft
> >(and other companies) built products to help them do that. Microsoft
> >also produces a lot of information on how to secure its products. I do
> >not have the data at hand, but I have read several times that when
> >Microsoft servers are compromised, it is often because they are
> >misconfigured. The argument then becomes, "Why aren't they easier to
> >configure?" Go back to premise #1, that people want to do more than
> >just exchange text messages - they want collaboration and forwarding and
> >rich attachments and scheduling and all the rest of it. The bells and
> >whistles require lots of knobs and switches....
> >
> >I would also point out that NONE of this class of viruses can infect
> >unless the user executes them! It's not as if Outlook or any other MUA
> >automatically launches these viruses - people who evidently live in a
> >complete vacuum and have never heard warnings about executable content,
> >blissfully double-click on the clearly-identified package, and it blows
> >up in their (our) faces.
> >
> >BTW, internally our mail servers are configured to strip anything that
> >looks remotely like an executable. Sometimes this is a pain (I can't
> >mail a legitimate script to a colleague), but that's the world in which
> >we live - more openness means more opportunity for sabots in the gears.
> >
> >
> >In any event, blaming any one company for viruses because its products
> >are abused, seems way too much like e.g. blaming automobile
> >manufacturers for reckless driving. Sure, no one really needs a car
> >that can do 150 MPH when the limit is 60 or 70, but the majority of
> >customers demand a vehicle that *could* do twice the limit, regardless
> >of whether they take advantage of the capability -- or those vehicles
> >wouldn't sell. Bottom line: blaming the instrumentality is easy, but
> >futile. Human beings are responsible for their own actions, although
> >some wish to evade or abuse that responsibility.
> >
> >Again, this is my own opinion, no one else's -- Ian
> >
> >-----Original Message-----
> >From: Randy Bush [mailto:[EMAIL PROTECTED]]
> >Sent: Tuesday, July 31, 2001 10:07 AM
> >To: Ian King
> >Cc: [EMAIL PROTECTED]
> >Subject: RE: Any value in this list ?
> >
> >from the outside, it appears as if microsoft consciously decided to
> >distribute software with everything enabled so that their product
> >would be perceived as very easy to use. the problem is that this
> >means it is also easy to abuse. so the net is now paying for them
> >having a more salable product. who gains, who is bearing the cost?
> >
> >randy
