1996-01-09 - Re: Microsoft continues to mislead public about Windows securitybugs (a bit long, with references)

Header Data

From: frantz@netcom.com (Bill Frantz)
To: cypherpunks@toad.com
Message Hash: e58d3be87d07dc9304a4db8c2c53649e7ce77ea71e90f749f8237d6f2ed04de5
Message ID: <199601091809.KAA15511@netcom6.netcom.com>
Reply To: N/A
UTC Datetime: 1996-01-09 18:34:32 UTC
Raw Date: Wed, 10 Jan 1996 02:34:32 +0800

Raw message

From: frantz@netcom.com (Bill Frantz)
Date: Wed, 10 Jan 1996 02:34:32 +0800
To: cypherpunks@toad.com
Subject: Re: Microsoft continues to mislead public about Windows          securitybugs (a bit long, with references)
Message-ID: <199601091809.KAA15511@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  0:37 1/9/96 -0800, Lucky Green wrote:
>
>Very true. But why does it always seem to take an exploitable crack before
>companies pay attention to security flaws? Is it because they are unable to
>admit that they have made a mistake? Everybody makes mistakes. What's the
>big deal? I really don't understand it. Any psychologists on this list?

Having, in the past, attempted to sell an Operating System with high
security features, and failed, I think I can give you some insight. 
Security does not sell an OS to anyone, even the Department of Defense. 
People buy OSs to run applications.  The only thing a lack of security in
an OS will do is allow someone in an obscure department (perhaps called
Corporate Security) to say no.

Security is a checkoff item, and if you can convince a retired major that
the OS is secure, then he will approve it.  He is not going to check the
details.  His expertise is in guard stations and chain link fences. 
However, if someone, e.g. the trade press, rubs his nose in the fact that
an OS's security can be breached, then he will take action.  He will
pressure the publisher to release a fix that they say will fix the problem.
 When they do, he will be happy.

Microsoft particulary, is oriented to selling product, not pride in workmanship.


-----------------------------------------------------------------
Bill Frantz                   Periwinkle  --  Computer Consulting
(408)356-8506                 16345 Englewood Ave.
frantz@netcom.com             Los Gatos, CA 95032, USA







Thread