Are we talking about Windows NT 4.0, Windows 2000, or IIS *.*. Have you all heard anything about win64? Do have any faith that MS is changing to become a more security aware company? MS is staking its life on .NET and Win64. They are working hard to change. *nix has been around for a long time, it is rediculous to think that it would not be secure. MS would never release any software if it had to be bug free before release. No other software get used by more people, so it is no wonder that more bugs are found in it than anyother software. Point being that there are bugs and security flaws in *nix also that have not been found for lack of use. MS plans to use Win64 and .NET to compete with the *nix Java solutions. Do you think that they are going to ignore security as a selling point, for themselves or for *nix against them? MS knows that it HAS TO solve its security problems to compete in the enterprise solutions arena. The have the money, the man power, the motivation, and the skill to get it done. The only question is will you all buy it.
Jay Flowers -----Original Message----- From: Aaron Trevena To: 'ActiveState's Perl Win32 Users list' Sent: 5/7/02 4:07 AM Subject: RE: Secure platforms DO matter! > Not really my point. My point is that the system is only secure as the > people who run it. It is my understanding that most vulnerabilities these > days are not caused by bugs in the systems but rather lack of > knowledge/control of the adminstrators running the systems. The original point was PRODUCTION servers shouldn't run windows. Production servers should have next-to-none downtime, they should also be secure. The skill of the administrator is a straw man. If you are building a production server, then you also employ not only a SECURE platform such as OpenBSD or Trusted Linux or Certified Solaris, but a security policy and trained administrators. You require all three. No ammount of money spent on any one or two will resolve the lack of the third. This particularly goes for platforms - no ammount of money spent on Administrators and Policies will protect you from a software bug that Microsoft hasn't patched and therefore gags the media and its partners about. As for chosing between a good platform poorly implemented against a poor platform well implemented - neither are acceptable but its easier to replace or train poor system administrator than it is to replace a poor platform. Best of all I can spend the money I saved on Licensing (Windows 2000, BackOffice, SQL Server, etc) on training the administrator or a better firewall. There are no circumstances where plastering the cracks are a substitute for fixing the root problem, Windows is not suitable for production use on the Internet. A. -- Aaron J Trevena, BSc (Hons) www.head2head.co.uk Internet Application Developer Perl, UNIX, IIS/ASP _______________________________________________ Perl-Win32-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs _______________________________________________ Perl-Win32-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
