Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : How high will Microsoft fly? -- Ignore unavailable to you. Want to Upgrade?

To: Bill Fischofer who wrote (63879)	12/24/2001 12:43:52 PM
From: Dave	Read Replies (1) \| Respond to of 74651

Security is a process, not a state. Yes, I know that. It is the Microsoft apologists, the ones who continually insist that the latest patch has finally made Windows secure, that you need to explain that to. These guys just don't get it. Windows was named after its security holes. They were going to name it Back Doors, but that was too blatant. [EDIT]: Actually, security can be a Design Goal too, as well as "a process." It would behoove Microsoft to consider security BEFORE implementing new products, rather than only AFTER exploits have been deployed and reported. Dave

To: Bill Fischofer who wrote (63879)	12/25/2001 6:18:52 AM
From: dybdahl	Read Replies (1) \| Respond to of 74651

Security is more than a process. I agree, that most people today see it as a process - that security needs servicing. But it's also about design and quality. Unpublished bugs and their exploits can be dangerous in the wrong hands, and some exploits can be used for attacks so quick, that detection, patching etc. won't be fast enough, no matter how you do it. The problem with Windows is that: - It contains too much, too new software or is an old version that has documented exploits. - Patching with patches from Microsoft has often been dangerous, which often makes it necessary to test the patches before applying them. - The Windows design inherits too much from the DOS and Windows 3.x design to make it secure easily. - Windows security is often about intrusion into the computer, not protection of one user against another. - It is pretty hard to strip down a Windows system to the absolutely necessary software to run e.g. a webserver. XP Embedded makes it easier, but is not targeted at powerful server systems.