Isn't it astonishing that an exploit which
is being used in the wild, was not patched
urgently? This illustrates Microsoft's
contempt for their users and their lack of
interest in our security.
Isn't it astonishing that an exploit which
is being used in the wild, was not patched
urgently? This illustrates Microsoft's
contempt for their users and their lack of
interest in our security.
The Leader in Network Knowledge
What better way to sell the
What better way to sell the next OS (Fear of the lack of security). To be fair Microsoft can not test for every variable their systems will be deployed in, so in reality the bulk of end users are the "in the wild testers". Shouldn't we get some compensation for our work/risks when involved in using their product. When you get down to the fine print of it all my job is on the line. Let's leave MS for gaming and go back to the AS400, and certain versions of Linux, for the real work at hand.
"back" to the AS/400
Dan,
Some of us have never left the AS/400(iSeries/i5/System i - or whatever IBM is calling it next week) :)
Guess we know a good thing when it just works...and works....and works... :)
D.Rima
Why would you implement the least secure?
Granted they can't test for every variable and I think you have to seperate client from server issues. From 2003 to 2007 there were 134 Secunia issued advisories for WIN2K3. Of those 5% were extremely critical and 46% highly critical. And out of the the total about 8% remain open. The System i (i5, AS/400, AS/400e, etc.) had 1 during the same period. I don't want to admin and tech time managing a security nightmare - I'd rather work on business issues....
Disagree
Dan,
I disagree with your statement entirely. Microsoft is a big target with large customer base. Switch it around and Unix or Linux or whatever you choose to lead the market would be attacked just as severe, if not more than Windows currently is. Microsoft gets all the publicity for hackers/attacks, but I have several Unix/Linux systems that get "security" updates regularly also, but I never see them on the headlines. There are risks with all of them, not just Microsoft products.
Disagree with Disagree
Though MS has a much wider customer base, there have been and are "targets" on AS/400 and newer iSeries and System i systems that would be serious if breached. E.g., check how many Vegas and other casinos have run their businesses on AS/400s (and its successors).
You can 'bet' that casinos understand the differences between how security conscious MS is and how IBM is. They didn't install AS/400s just because it had integrated DB2.
There are more significant examples, but casinos are enough to get the thought across. If you think that there haven't been some highly talented individuals thinking about this, you're wrong. It's one thing to patch (and patch and patch and patch and...) against hobbyists and script-kiddies. It's another thing altogether to go up against the cream of the crop.
Jim - followup on your comment...
Jim,
It's interesting that if MS is such a big company that they should have the resources for a more solid product.
As was pointed out, there's ALOT of AS/400's in VERY high profile risk positions...the casino industry is only a start. And, from what I understand, you can't even buy a beer in the US without it having hit an AS/400 somewhere in the line...
But, alas, What do we hear the bad news issues about? Well the systems that are having problems - and as was stated, that includes Windows as a very high not only target but also system that falls. Ever do any CERT analysis on security issues by system type? :)
You can rest assured that if there were an AS/400 that was crapping out as bad as that Windows box, the popular press would be just as harsh... Interesting that you just don't hear about AS/400's in that negative context frequency...
Ever wonder why? :)
Partially true
Jim,
When you are the big toy on the block it's probable that you will get more than your share of attacks as well as publicity. However, there are some inherent differences between Linux, i5/OS, and Windows that guarantee that Windows/MS will be the one we hear the most about. For a decent comparison of Linux vs. Windows this article does a nice job covering some points: http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/
As the article states there is no virus proof machine. There are systems that are virus resistant. Personally, I tend to think the publicity is well deserved for MS. They started with crappy security and their increased emphasis on security has been a joke. As far as I'm concerned they should have had it from day one. Not 10 years later, not 15 years later. Day one. But it won't hurt them. We bought their products when it had the stability of a Survivor tv show alliance and we buy it today when it has the security of a secret on the Bachelor tv show.
MS patch 07-069 (KB942615)
After installing it on an XP SP2 machine, I started getting error messages when starting IE. In an MS forum, I saw a suggestion to remove it, which fixed the error messages. Am I now vulnerable to whatever was supposedly fixed ?
Post new comment