I'll chip in here. It is not the responsibility of the vendor to ensure that the user isn't a stupid moron. For example, raw sockets in Unix platforms are only available to the root user. A user who always logs in and works as root ... is a moron, and we all know that. Every Linux install routine asks you for an ordinary user name for you to be on a daily basis INSTEAD OF root. The problem with implementing raw sockets and other such features on a consumer Windows base is that all users will have access to them without any prerequisite understanding of them. There is a misplaced interest in calling computers "appliances" and making them user friendly to an extreme. One doesn't pick up a new car and use it without passing a test and being licensed. One doesn't program a cell phone or a VCR without reading a manual (present company excluded, of course <g>). Yet there is a deliberate interest in placing the most vulnerable guts of a computer just a double-click away from users who know nothing about them. That...is Microsoft's fault. Having VB scripting on in Word and having HTML email in Outlook by default so it'll be purty is just stupid. Users who double-click on every attachment they get, addressed to every person they know, are as bad as unlicensed drivers. They may not be responsible for putting all those vulnerabilities into the system, but they definitely should have done a little reading first. A great appliance is the Palm handheld. I have only had my Palm infected by the Anna Kournikova virus twice, and they were both my fault. It's otherwise quite stable and secure. Another would be a kiosk terminal in the mall. A home computer with an internet connection and tons of automated Wingizmos is just not a brain-dead appliance that will keep itself out of trouble in spite of you. I don't look to make Linux any "easier" for new users. I look for new users who will at least recognize problems and devote a few minutes a week to staying on top of their updates. -j On Tue, 3 Jul 2001, Ricky Salmon wrote: <em>> Date: Tue, 3 Jul 2001 09:31:33 -0500 <em>> From: Ricky Salmon <[EMAIL PROTECTED]> <em>> Reply-To: [EMAIL PROTECTED] <em>> To: [EMAIL PROTECTED] <em>> Subject: RE: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM <em>> ... <em>> <em>> Well, to give M$ a little credit (duck), XP is supposed to have a fair <em>> amount of security by default. <em>> <em>> But, there's always that relationship between Security and Usability (is <em>> that a word?). I'm sure some <em>> developers/admins will love the fact that they finally get to use Raw <em>> Sockets, but that in turn decreases <em>> some amount of security. As people continue to add these new features, you <em>> can't always an "Idiot Proofing" mechanism that works well... It's a nice <em>> double edged sword... <em>> <em>> As for current windows machines, a million and one trojans already exist. <em>> So my question is, is it the responsibly of the Vendor to make sure the <em>> users know how to use a computer, or is it the responsibility of the user to <em>> know how to use a computer? <em>> <em>> As much as I love that certain vendor (sarcasm), their main focus is to put <em>> out more productive products with a fair amount of security. There aren't <em>> enough resources in the world to make sure that every Joe Blow isn't leaving <em>> themselves open... <em>> <em>> My 2 cents... <em>> <em>> Ricky <em>> <em>> <em>> <em>> -----Original Message----- <em>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] <em>> Behalf Of John Hebert <em>> Sent: Tuesday, July 03, 2001 9:02 AM <em>> To: [EMAIL PROTECTED] <em>> Subject: Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM <em>> ... <em>> <em>> <em>> <em>> --- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>> > Hmm. Is this about the raw socket deal with Windows <em>> > XP? Raw sockets have <em>> > been available in the UNIX world for a while, so I <em>> > guess that means UNIX <em>> > vendors are no better? <em>> <em>> >From my understanding of Gibson's writings, he says <em>> that raw sockets are a problem in Windows XP because <em>> most people use M$ Windows operating systems <em>> (well, duh) AND M$ doesn't seem to have its act <em>> together when it comes to network security (hmmm, <em>> he's got a point). So, distributing M$ Windows XP <em>> with raw sockets for home users who don't properly <em>> secure their machines will only give DDOS script <em>> kiddies more platforms to attack from. <em>> <em>> :P <em>> <em>> John <em>> <em>> __________________________________________________ <em>> Do You Yahoo!? <em>> Get personalized email addresses from Yahoo! Mail <em>> http://personal.mail.yahoo.com/ <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================ <em>> <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================ <em>> ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ <!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Previous message:</strong> Shannon Roddy: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>In reply to:</strong> Ricky Salmon: "RE: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Next in thread:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade>
<small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:53 CDT</em> </em> </small> </body> </html>
