On Fri, 10 Oct 2003 14:32, you wrote: > On Friday 10 October 2003 13:52, Jaco Swart wrote: > > This woman is fed-up: > > > > http://www.usatoday.com/tech/techinvestor/2003-10-07-msftsuit_x.htm > > > > and I wish her well! > > > > rgds > > Jaco > > I'm sorry, but I don't agree. So microsoft make lousy software; it's her > choice to use it. I think saying she doesn't have any choice but to use it > is a pretty weak argument. I beg to differ. MS have been so successful with their lock-in activities that it is, in practice, impossible for the ordinary PeeCee owining "Jo(e) Citizen" to avoid Windows. Ok, ok, _we_ all have learnt how to do without 'Doze for most of our computing. However, I venture to say that almoset none of us on this list are "Ordinary Jo(e)s". Just try to exchange files with a MS 'Doze user in the course of ordinary day to day social and business intercourse. Once I had the timerity to send an Ordinary Jo person, who is no fool, a .pdf file instead of a .doc file and promptly got cut out of the discussion. Send even 'one of us' a kword file and be asked to translate it into a different format.
> Secondly, I think it's unreasonable to expect companies to sell "secure" > products. No it's not. QNX has been solid from the start. In the 'Free World' look at OpenBSD, Theo has done, virtually single handedly, what MS should have got their horde of minions to do years ago. They can afford it too. > Mainly because what is secure today, at the time of shipping, > isn't a few months down the track. Security is a process, not a product, > right? That's true. > So it's the user's responsibility to keep up with patches. No, it's the responsibility of both the manufacturer and the distributer. That's what happens with your car. If a tyre manufactuer discovers a fault in their product, the all the cars are recalled and the tyres changed at the manufacturers expense. Please explain why your computer be should any different? > Too many > people are still running the default install months or years after release, > without any patches, without even a firewall. These people won't be any > safer running Linux either. If they ran Linux, they would _have_ to learn a thing or two in order to be able even to install and boot it, so they might just have gathered enough knowledge from fora such as this one to know what to do, even if it is the knowledge that they Must Consult Someone Experienced. > It's up to people to take responsibility for > themselves. If they really need security and don't have the knowledge to > keep up with it themselves, then they should pay someone who does. Yes indeed, but our Ordinary Jo(e) would not even know that that was necessary. The computer sales person will never risk a sale by telling O.J. that he actually has to learn something about the product he is about to purchase. > Otherwise they shouldn't be silly enough to keep sensitive information like > SSN numbers on their computer :) > > I wish her well raising awareness about Microsoft's lousy security, but I > don't think she's going to win this court case, nor should she. Much as I > dislike Microsoft and would like to see them take a fall, I don't think > they're the criminals here (note that's "here" - very different from saying > they're not criminals full stop ;-) - the crackers who stole her SSN number > are the criminals. If one believes in corollaries, btw I do, the words "And lead us not into temptation." also mean "Do not tempt others". In that case MS are as guilty as bright red sin. Personally I hope that the US Judicary at least get the message that MS are as far from "Pure as driven snow" as it is possible to get. I would like to see some sort of product verification system which might hopefully sort out fraudulently crap computer products from those which at least attempt to be safe and secure by design. It's interesting to note here that the US DoJ use OpenBSD for their servers. > I don't mean to rant, but this seems akin to blaming the builder of your > house when you get burgled, instead of the burglar. What makes it worse is > that 90% of people leave their front door wide open, and I suspect will > still be inclined to blame the builder if they see others doing it :-) I would agree with you if the builder had actually fitted locks which worked more effectively than magnetic catches, like the one on your 'fridge door, but he ( MS ) hasn't even attempted to so do until only very, very recently. -- Sincerely etc., Christopher Sawtell
