> Are we talking about Windows NT 4.0, Windows 2000, or IIS *.*. All. So far every release has been vulnerable. Even the patches are sketchy.
> Have you all heard anything about win64? Do have any faith that MS is > changing to become a more security aware company? MS is staking > its life on .NET and Win64. They are working hard to change. Microsoft are interested only in changing perception not the actual problem. So far all we have had from microsoft is hot air. Sun has been making announcements about actual technology that improves the security of Solaris for its next release. Linux and BSD Unix are audited and have projects dedicated to improving or maintaining security. Microsoft sole project related to security has so far been gagging the security industry and press - trying to pressure organisations and individuals not to disclose problems rather than actually removing the causes. So far the MS Security Czar has been working to restrict ethical and other hackers and pressuring microsofts partners to keep quiet about bugs rather than improving code or auditing code. > *nix has been around for a long time, it is rediculous to think that it would not be secure. > MS would never release any software if it had to be bug free before release. > No other software get used by more people, so it is no wonder > that more bugs are found in it than anyother software. Point being that there > are bugs and security flaws in *nix also that have not been found for lack of use. Actually Apache is used more than IIS yet has far far far fewer bugs, and its been used for longer on more popular sites. And it has many teams inspecting and auditing the source code before they use or approve of it. UNIX may be behind in sales but its installation base is still larger than Windows NT/2K and handles more use. The same goes for Linux and BSD - despite only a few percent difference in market share Windows has a hugely disproportionate share of bugs and vulnerabilities. > MS plans to use Win64 and .NET to compete with the *nix Java > solutions. Do you think that they are going to ignore security as a selling point, for > themselves or for *nix against them? Microsoft attained its position through a mixture of illegal and ruthless business tactics, (breaking IPR, Labor, antitrust and other laws) combined with reckless marketing and bullying of its customers and partners. Making its software secure isn't its aim - reducing awareness, generating hype and buying endorsements is its aim. Its cheaper to buy and bully pundits, analysts and partners than to throw away insecure code or admit that its products are insecure. > MS knows that it HAS TO solve its security problems to compete in the enterprise solutions arena. The have > the money, the man power, the motivation, and the skill to get it > done. The only question is will you all buy it. Microsoft will enter the enterprise arena by leveraging an illegal monopoly, and marketing hype aiming solely at directors who don't understand the technology and are unable to make sound judgements about security. Its worked so far - why fix whats not broken ? regards, A. -- Aaron J Trevena, BSc (Hons) www.head2head.co.uk Internet Application Developer Perl, UNIX, IIS/ASP _______________________________________________ Perl-Win32-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
