Microsoft blames us for IIS shortcommings?
Warren Togami
warren at togami.com
Mon Oct 15 04:56:36 PDT 2001
They actually hurt themselves by acknowledging this. Nobody believes this
excuse, and normal people did not hear through traditional media that Code
Red and Nimda effects only Microsoft server products. They described it as
generally "Internet worms". It is within Microsoft's best interests to
remain quiet about their own security track record, while their bought media
buddies continue to downplay their culpability.
I'm waiting intently until the day when their rediculous central control
hits the fan, and a major exploit of Passport and/or Hailstorm occurs,
causing severe damage to all those who depend on the centralized
authentication and financial transaction services of Microsoft. Remember
when Hotmail was down and unstable for nearly two weeks? Passport problems.
Passport has also been compromised numerous times in the past. This
undoubtedly will occur again sometime in the future when Amazon, Ebay and
hundreds of other sites depend on Microsoft's centralized services.
Billions of dollars could be lost in the service interruption or security
compromise.
The knee-jerk reaction alternatives from Sun and AOL wont be any better in
this regard either if they stick to a centralized model like
Passport/Hailstorm. Unfortunately an all-eggs-in-one-basket online system
may one day be needed... though I wouldn't trust a single company to be a
centralized authority for something this important. Hailstorm would
effectively make Microsoft handling and taxing your financial transactions.
These kind of things should be regulated like the banks under set rules
under some governing body, with many corporations competing in the same
market. Unregulated online financial transactions are already known to be a
potentially dangerous with Paypal. (Read recent articles on Slashdot to
read about Paypal problems.)
----- Original Message -----
From: "Joseph Phillips" <d-spair at hawaii.rr.com>
To: "Linux & Unix Advocates & Users" <luau at list.luau.hi.net>
Sent: Monday, October 15, 2001 12:57 AM
Subject: [luau] Microsoft blames us for IIS shortcommings?
> In an article released earlier this week, Microsoft in trying to shrug off
> the blame blames the system administrators. Microsoft says that it is the
> fault of lazy and slow administrators that their software is insecure.
> Hmmm... Doesn;t sound like one of their best PR moves to date.
>
> Here's the story.
>
http://www.silicon.com/bin/bladerunner?REQUNIQ=1003143068&30REQEVENT=&REQAUT
H=21046
>
> Deven
More information about the LUAU
mailing list