"[T]he link is formatted to take advantage of an Internet Explorer flaw
that allows an attacker to hide the true destination of the link; in this
case, the address bar in Internet Explorer displays "www.fdic.gov," while
the actual Web site is at a different address in Pakistan." -
http://zdnet.com.com/2100-1105_2-5146716.html?tag=zdfd.newsfeed

And I wonder who in Pakistan would want to know about the financial details
about American citizens? Who in Pakistan would want to exploit the fears of
the American populace for their own nefarious purposes? Who, indeed?!

Is MS glacial response to fixing the address bar flaw also helping
terrorists fund future attacks on the innocents?

Stop dragging your feet MS, people are now possibly being terrorized in
their homes because of your Swiss cheese software! Get a temp fix out that
informs people of the misdirection at the very least, if it's really that
effin' hard to fix fully.

PROTECT YOUR CUSTOMERS FROM YOUR MISTAKE, *NOW*!

This should be a lesson to everyone why you can't put all of computer
security eggs in one monopolistic basket!

Demonstrations of the Address bar vulnerability:

http://www.microscum.com/misc/devil/

http://www.microscum.com/misc/intransigence/intransigence.htm

Download & setup up Mozilla as your default browser, that way when you click
on a link in email, you'll know what website you're really being taken to.

http://mozilla.org/download.html

Protect yourself, because MS's desktop monopoly gives them absolutely no
incentive to fix their own mistakes for their monopoly locked-in customers!

There should be an investigation into how MS's desktop monopoly has weakened
the safety of the general public!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Just quit with scare tactics, Kurt. Do you really think terrorists are in their bunkers on a lap-top trying to obtain your bank account number? This is a pathetic attempt to promote your ridiculous website (yes, RIDICULOUS). You are a JOKE. Get a life you
former band-geek turned computer-geek.

LOL, Chris.... I agree with you

Kurt don't post in here if all you say is bad thing about
Microsoft. You probably have XP and Office anyway and
like them. Go away.

>-----Original Message-----
>Just quit with scare tactics, Kurt. Do you really think
terrorists are in their bunkers on a lap-top trying to
obtain your bank account number? This is a pathetic
attempt to promote your ridiculous website (yes,
RIDICULOUS). You are a JOKE. Get a life you former band-
geek turned computer-geek.
>.
>

Xref: kermit microsoft.public.windowsxp.general:934204

Sounds like you are very jealous of Kurt. He is a bright
light amongst a bunch of dimwits.



>-----Original Message-----
>Just quit with scare tactics, Kurt. Do you really think
terrorists are in their bunkers on a lap-top trying to
obtain your bank account number? This is a pathetic
attempt to promote your ridiculous website (yes,
RIDICULOUS). You are a JOKE. Get a life you former band-
geek turned computer-geek.
>.
>

Go Chris, Go Chris, Go Chris.

>-----Original Message-----
>Just quit with scare tactics, Kurt. Do you really think
terrorists are in their bunkers on a lap-top trying to
obtain your bank account number? This is a pathetic
attempt to promote your ridiculous website (yes,
RIDICULOUS). You are a JOKE. Get a life you former band-
geek turned computer-geek.
>.
>

Chris Lanier wrote:

> Just quit with scare tactics, Kurt.

No scare tactics, I just asked some relevant questions, you filled in the
fear in your own mind. My intention wasn't to scare but to inform.
Ignorance isn't really bliss, Chris.

Sure, I was trying to goad MS to get off it's big fat monopoly-bloated ass
and actually do something, even if it's only a temporary fix. But I was
also very serious about my call to investigate into how MS's desktop
monopoly puts the general publics security at risk.

> Do you really think terrorists
> are in their bunkers on a lap-top trying to obtain your bank account
> number?

Do you really think they are living in bunkers in Pakistan? ROFL!

Are you so naive to think that they wouldn't try to get Americans to pay for
terrorist attacks against Americans? Didn't they use our planes against us
last time? Did they not try to disrupt our financial system with their
previous attack on the financial capital of our country? Didn't you read in
the article that this was a very sophisticated scam?

This isn't fear mongering, these are just very apropos questions to ask, in
light of the details presented by the article I quoted from.

> This is a pathetic attempt to promote your ridiculous website
> (yes, RIDICULOUS). You are a JOKE.

I'm not joking. People need to learn to do for themselves when it comes to
their computer security. MS has proven time and again to be either
incapable, or unwilling to protect their monopoly locked-in customers from
MS's security-challenged software.

> Get a life you former band-geek
> turned computer-geek.

Actually, I quit band to play football. 4th-string fullback. But that was
more than a 1/4 of a century ago.

"Those were the days, my friend . . . ."

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

see
http://support.microsoft.com/?id=833786
For advice and guidance on protecting yourself from these sites.

User who are still concerned about this issue may also wish to look at a
third party tool/plug-ins at
(Note :- not Microsoft recommended or supported by us. This is one of a
number of such third party tools)
http://xforce.iss.net/xforce/alerts/id/159

--
--
Regards,

Mike
--
Mike Brannigan [Microsoft]

This posting is provided "AS IS" with no warranties, and confers no
rights

Please note I cannot respond to e-mailed questions, please use these
newsgroups

"kurttrail" > wrote in message
...
> "[T]he link is formatted to take advantage of an Internet Explorer flaw
> that allows an attacker to hide the true destination of the link; in this
> case, the address bar in Internet Explorer displays "www.fdic.gov," while
> the actual Web site is at a different address in Pakistan." -
> http://zdnet.com.com/2100-1105_2-5146716.html?tag=zdfd.newsfeed
>
> And I wonder who in Pakistan would want to know about the financial
details
> about American citizens? Who in Pakistan would want to exploit the fears
of
> the American populace for their own nefarious purposes? Who, indeed?!
>
> Is MS glacial response to fixing the address bar flaw also helping
> terrorists fund future attacks on the innocents?
>
> Stop dragging your feet MS, people are now possibly being terrorized in
> their homes because of your Swiss cheese software! Get a temp fix out
that
> informs people of the misdirection at the very least, if it's really that
> effin' hard to fix fully.
>
> PROTECT YOUR CUSTOMERS FROM YOUR MISTAKE, *NOW*!
>
> This should be a lesson to everyone why you can't put all of computer
> security eggs in one monopolistic basket!
>
> Demonstrations of the Address bar vulnerability:
>
> http://www.microscum.com/misc/devil/
>
> http://www.microscum.com/misc/intransigence/intransigence.htm
>
> Download & setup up Mozilla as your default browser, that way when you
click
> on a link in email, you'll know what website you're really being taken to.
>
> http://mozilla.org/download.html
>
> Protect yourself, because MS's desktop monopoly gives them absolutely no
> incentive to fix their own mistakes for their monopoly locked-in
customers!
>
> There should be an investigation into how MS's desktop monopoly has
weakened
> the safety of the general public!
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"
>
>

wrote:

> Kurt don't post in here if all you say is bad thing about
> Microsoft.

Why? Is there some rule somewhere hidden in MS's Terms of Use, that says
that only comments kissing MicroAss are appropriate here, that I'm unaware
of?

> You probably have XP and Office anyway and
> like them.

Office XP. And that's what got me started on my campaign against Product
Activation. I spent hours on the phone on the night of the 4th of July,
2002, just to be able to use the copy of nearly $500 worth of software I
legally purchased. After that I started to educate myself about, and I've
tried to help educate my fellow consumers, by going into the belly of the
beast, this den of MicroSychophants, and showing people how weak MS's & it's
supporters arguments are for advocating MS's PA pogrom on it's paying retail
customers.

> Go away.

Oh yeah, that will work! LOL!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Office is easy to install.

>-----Original Message-----
wrote:
>
>> Kurt don't post in here if all you say is bad thing
about
>> Microsoft.
>
>Why? Is there some rule somewhere hidden in MS's Terms
of Use, that says
>that only comments kissing MicroAss are appropriate
here, that I'm unaware
>of?
>
>> You probably have XP and Office anyway and
>> like them.
>
>Office XP. And that's what got me started on my
campaign against Product
>Activation. I spent hours on the phone on the night of
the 4th of July,
>2002, just to be able to use the copy of nearly $500
worth of software I
>legally purchased. After that I started to educate
myself about, and I've
>tried to help educate my fellow consumers, by going into
the belly of the
>beast, this den of MicroSychophants, and showing people
how weak MS's & it's
>supporters arguments are for advocating MS's PA pogrom
on it's paying retail
>customers.
>
>> Go away.
>
>Oh yeah, that will work! LOL!
>
>--
>Peace!
>Kurt
>Self-anointed Moderator
>microscum.pubic.windowsexp.gonorrhea
>http://microscum.com
>"Trustworthy Computing" is only another example of an
Oxymoron!
>"Produkt-Aktivierung macht frei!"
>
>
>.
>

Bill G wrote:

> "Sounds like you are very jealous of Kurt. He is a bright
> light amongst a bunch of dimwits."
>
> We know that you wrote this Kurt. Go back to your Dungeons and
> Dragons.

LOL! Sorry, but you'd be wrong.

http://www.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=dimwits+author%3Akurttrail

"Dimwits" wouldn't be part of my normal extemporaneous writing style here,
and I can only find one instance where I used the singular form of the word,
and that was in a work of fiction, and was not part of any dialogue [except
the one that was going on in my own head at that time.] ;-)

http://www.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=dimwit+author%3Akurttrail

Oh, sorry, what's this "Dungeons and Dragons," you mentioned? Is this the
PBS cartoon for pre-schoolers?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Xref: kermit microsoft.public.windowsxp.general:934284

What are your talking about Office is easy to install.
its sounds like you don't know how to install software.

>-----Original Message-----
wrote:
>
>> Kurt don't post in here if all you say is bad thing
about
>> Microsoft.
>
>Why? Is there some rule somewhere hidden in MS's Terms
of Use, that says
>that only comments kissing MicroAss are appropriate
here, that I'm unaware
>of?
>
>> You probably have XP and Office anyway and
>> like them.
>
>Office XP. And that's what got me started on my
campaign against Product
>Activation. I spent hours on the phone on the night of
the 4th of July,
>2002, just to be able to use the copy of nearly $500
worth of software I
>legally purchased. After that I started to educate
myself about, and I've
>tried to help educate my fellow consumers, by going into
the belly of the
>beast, this den of MicroSychophants, and showing people
how weak MS's & it's
>supporters arguments are for advocating MS's PA pogrom
on it's paying retail
>customers.
>
>> Go away.
>
>Oh yeah, that will work! LOL!
>
>--
>Peace!
>Kurt
>Self-anointed Moderator
>microscum.pubic.windowsexp.gonorrhea
>http://microscum.com
>"Trustworthy Computing" is only another example of an
Oxymoron!
>"Produkt-Aktivierung macht frei!"
>
>
>.
>

Mike Brannigan [MSFT] wrote:

> see
> http://support.microsoft.com/?id=833786
> For advice and guidance on protecting yourself from these sites.

Oh yeah! The average computer illiterate is lucky if he find his way to
Windows Update, let alone some obscure support document hidden among tens of
thousands of other ones.

Fix the problem! Stop the brush off! People are getting screwed even as we
speak.

>
> User who are still concerned about this issue may also wish to look
> at a third party tool/plug-ins at
> (Note :- not Microsoft recommended or supported by us. This is one
> of a number of such third party tools)
> http://xforce.iss.net/xforce/alerts/id/159

It's just plain safer to use another browser, till you guys get your asses
in gear, and even then it's just a matter of time, before your next security
vulnerability is found and exploited en masse. Smaller targets are just a
hell of a lot easier to miss, than the monopoly-bundled browser in MS's OSs.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

wrote:

> What are your talking about Office is easy to install.
> its sounds like you don't know how to install software.
>

Can't ya'll read? I was talking about Activation! It installed just fine,
Office's PA just didn't like my hardware changes, and I had spend hours on
hold waiting to get it activated.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:

> To all people with the rude comments:
> I wish I would've had the chance to kick your mother's in the stomach
> before you were born.

Thread-Topic: MicroMonopoly aids Terrorism?
thread-index: AcPisgFN5Ay7Klq5Tm6U/xQJ20oFkA==
X-Tomcat-NG: microsoft.public.windowsxp.general
From: =?Utf-8?B?a3VydHRyYWls?= >
References: >
Subject: RE: MicroMonopoly aids Terrorism?
Date: Sat, 24 Jan 2004 11:41:05 -0800
Lines: 14
Message-ID: >
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
Newsgroups: microsoft.public.windowsxp.general
NNTP-Posting-Host: tk2msftcmty1.phx.gbl 10.40.1.180
Path: TK2MSFTNGP08.phx.gbl!cpmsftngxa07.phx.gbl
Xref: TK2MSFTNGP08.phx.gbl microsoft.public.windowsxp.general:859761

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Microsoft has an automated system now. Just call in and
say your Office XP CD Key then they give you the CD key
to type in. Simple. I did once on Windows XP it was
simple.

>-----Original Message-----
wrote:
>
>> What are your talking about Office is easy to install.
>> its sounds like you don't know how to install software.
>>
>
>Can't ya'll read? I was talking about Activation! It
installed just fine,
>Office's PA just didn't like my hardware changes, and I
had spend hours on
>hold waiting to get it activated.
>
>--
>Peace!
>Kurt
>Self-anointed Moderator
>microscum.pubic.windowsexp.gonorrhea
>http://microscum.com
>"Trustworthy Computing" is only another example of an
Oxymoron!
>"Produkt-Aktivierung macht frei!"
>
>
>.
>

wrote:

> Microsoft has an automated system now. Just call in and
> say your Office XP CD Key then they give you the CD key
> to type in. Simple. I did once on Windows XP it was
> simple.

The last time I was had to call I was also asked to explain why their
copy-protection was forcing me to phone activate. Like the average schmoe
knows!

The Office PA phone reps all seem to be confrontational, and I'm not the
only one who has has that eXPerience. And that doesn't change the fact,
that I, as a paying customer have to jump thru MS's hoop to use the effin'
very expensive software that I bought with my hard-earned money, while the
people actually pirating the effin' software don't have one bit of problem.

And none of MS's changes in PA policy will get my hours waiting on hold
back. Copy-protection is about stoping pirates, it's about stopping paying
customers. The pirates will get around the copy-protection every time. And
not only that, but the paying customer is also paying a premium to cover the
costs of piracy on top of PA too. PA is a totally anti-consumer technology,
and is of absolutely no benefit or use to the any consumer. Yet the
consumer pays for the development of he copy-protection used against them,
and pays to cover the losses due to real piracy too.

Would you buy underwear for yourself that had a chasity belt hidden inside
of it, and only the underwear manufacturer had the key to unlock it?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

"kurttrail" > wrote in message
...
> Mike Brannigan [MSFT] wrote:
>
> > see
> > http://support.microsoft.com/?id=833786
> > For advice and guidance on protecting yourself from these sites.
>
> Oh yeah! The average computer illiterate is lucky if he find his way to
> Windows Update, let alone some obscure support document hidden among tens
of
> thousands of other ones.

That's exactly why this IE URL spoofing issue is a whole lot of nothing.
The average computer illiterate is going to fall for phishing whether or not
the URL is spoofed using this issue or another issue or isn't spoofed at
all. I can think of a lot of ways to spoof a URL for which there is no
patch and for which multiple browsers are vulnerable. The average person
would trust a popup window that doesn't even have a URL field in the window,
or that uses the http://user@domain URL spoof, and then there's ARP
spoofing, man in the middle attacks, DNS spoofing and cache poisoning,
sniffing, Dsniff, and all sorts of vulnerabilities in web browsing and
TCP/IP that aren't Microsoft's fault and for which there are no patches.

It's true that Microsoft has been waiting to deploy their fix for an
unusually long time [I would guess they've already coded the fix a while
ago], but I have to imagine there's a reason for their decision to do this,
given the flack they've already received over this.

If the average user can't find his way to Windows Update, despite having the
windows update agent installed and an icon right on his start menu, then
that average user is going to be vulnerable to all sorts of things no matter
what OS and browser he's running and what patches the vendor does or doesn't
release. [It also sounds like you're demanding that Microsoft release a
patch to protect its customers, but then state that most customers probably
wouldn't be able to install the patch if one was available.]

Anyways, security isn't just patches. A user that can't read articles on
how to be secure is going to fall for phishing. It's not really the best
idea to verify the identity of web sites by using the Address: field in the
browser, period.

Karl Levinson [x y] mvp wrote:

> "kurttrail" > wrote in
> message ...
>> Mike Brannigan [MSFT] wrote:
>>
>>> see
>>> http://support.microsoft.com/?id=833786
>>> For advice and guidance on protecting yourself from these sites.
>>
>> Oh yeah! The average computer illiterate is lucky if he find his
>> way to Windows Update, let alone some obscure support document
>> hidden among tens of thousands of other ones.
>
> That's exactly why this IE URL spoofing issue is a whole lot of
> nothing. The average computer illiterate is going to fall for
> phishing whether or not the URL is spoofed using this issue or
> another issue or isn't spoofed at all. I can think of a lot of ways
> to spoof a URL for which there is no patch and for which multiple
> browsers are vulnerable. The average person would trust a popup
> window that doesn't even have a URL field in the window, or that uses
> the http://user@domain URL spoof, and then there's ARP spoofing, man
> in the middle attacks, DNS spoofing and cache poisoning, sniffing,
> Dsniff, and all sorts of vulnerabilities in web browsing and TCP/IP
> that aren't Microsoft's fault and for which there are no patches.
>
> It's true that Microsoft has been waiting to deploy their fix for an
> unusually long time [I would guess they've already coded the fix a
> while ago], but I have to imagine there's a reason for their decision
> to do this, given the flack they've already received over this.
>
> If the average user can't find his way to Windows Update, despite
> having the windows update agent installed and an icon right on his
> start menu, then that average user is going to be vulnerable to all
> sorts of things no matter what OS and browser he's running and what
> patches the vendor does or doesn't release. [It also sounds like
> you're demanding that Microsoft release a patch to protect its
> customers, but then state that most customers probably wouldn't be
> able to install the patch if one was available.]
>
> Anyways, security isn't just patches. A user that can't read
> articles on how to be secure is going to fall for phishing. It's not
> really the best idea to verify the identity of web sites by using the
> Address: field in the browser, period.

You have every right to your opinion, unfortunately not everybody is as
computer literate as you, and just wouldn't expect that the address bar
would display anything other than the site of the web page that they
navigated to. Hell, I bet there are a lot of people that have only heard of
the term "phishing" in passing and think it's some reference to the band
Phish, and aren't aware that it's talking about scamming them.

It's MS's flaw that's being used to help validate a scam, or potentially
much worse considering the source of the scam.

This needs to addressed immediately, and not wait to be part of some IE
rollup patch. MS needs to stop dragging it's heels. And there should be an
official investigation in MS glacial pace of supplying a fix, and into how
their Monopoly OS is actually a menace to the general public's computer
security.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:

> You have every right to your opinion, unfortunately not everybody is
> as computer literate as you, and just wouldn't expect that the
> address bar would display anything other than the site of the web
> page that they navigated to.

I think the point is that too many people don't look at URLs anyway.

> It's MS's flaw that's being used to help validate a scam, or
> potentially much worse considering the source of the scam.

IIRC there was some talk at the time that mozilla also had a (much less
severe) problem with these kinds of URLs.

> This needs to addressed immediately, and not wait to be part of some
> IE rollup patch. MS needs to stop dragging it's heels.

If I thought they were waiting to include it in a roll-up fix then I
would/will agree with you. I've not seen anything pointing to that myself,
I'm assuming that fixing this is more trouble than it appeared at first and
they've had to go back to it a couple of times.

> And there
> should be an official investigation in MS glacial pace of supplying a
> fix,

Official on the part of whom? Who has jurisdiction here? I can't help think
you are over-reacting a little Kurt. Of course, I am not going to tell you
that you are not entitled to your opinion, I'm just advancing the reasons
why I don't feel the same.

> and into how their Monopoly OS is actually a menace to the
> general public's computer security.

How about an investigation into how the general public is a menace to their
own computer security?

There are plenty of scams and worms out there which do _not_ rely on an OS
exploit to spread and they are among the most "popular".


--
--
Rob Moir, Microsoft MVP for servers & security
Website - http://www.robertmoir.co.uk
Virtual PC 2004 FAQ - http://www.robertmoir.co.uk/win/VirtualPC2004FAQ.html

Kazaa - Software update services for your Viruses and Spyware.

Robert Moir wrote:

> kurttrail wrote:
>
>> You have every right to your opinion, unfortunately not everybody is
>> as computer literate as you, and just wouldn't expect that the
>> address bar would display anything other than the site of the web
>> page that they navigated to.
>
> I think the point is that too many people don't look at URLs anyway.

Says you. And if it really is true, is that a good enough reason for
accepting MS's slacking?

>> It's MS's flaw that's being used to help validate a scam, or
>> potentially much worse considering the source of the scam.
>
> IIRC there was some talk at the time that mozilla also had a (much
> less severe) problem with these kinds of URLs.

Pray tell, like what? I overheard these two people talking once, and you
know what, they were saying that GW Bush is really Gay!

>> This needs to addressed immediately, and not wait to be part of some
>> IE rollup patch. MS needs to stop dragging it's heels.
>
> If I thought they were waiting to include it in a roll-up fix then I
> would/will agree with you. I've not seen anything pointing to that
> myself, I'm assuming that fixing this is more trouble than it
> appeared at first and they've had to go back to it a couple of times.

http://www.iss.net/support/product_utilities/

Didn't seem so hard for these guys! MS could license it from them. What's
more important MS's customers security, or MS releasing their own in-house
developed patch?

>> And there
>> should be an official investigation in MS glacial pace of supplying a
>> fix,
>
> Official on the part of whom? Who has jurisdiction here?

US Gov't. MS is still an American company. The Justice Dept. or even
Homeland Security, since it's MS's OS that has been the one that has been
exploited, time & again, at the expense of the security of the general
public.

Melissa, Code Red, Slammer, Blaster, Sobig, Swen, Bagle. It's MS's
fat-assed monopoly target that's putting the general public at risk. And
now MS is dragging of their feet on this address bar exploit! How many
times does a target have to get hit before ya'll wake up and smell the
coffee?!

> I can't help
> think you are over-reacting a little Kurt. Of course, I am not going
> to tell you that you are not entitled to your opinion, I'm just
> advancing the reasons why I don't feel the same.

Had this been the first or second time, you might be right. The
over-reaction is now is hiding your head in the sand and hoping that it will
all blow over, after time and again MS's Holey Software gets exploited at
the expense of the general public.

>> and into how their Monopoly OS is actually a menace to the
>> general public's computer security.
>
> How about an investigation into how the general public is a menace to
> their own computer security?

I ain't there fault that MS OS is the target of every computer literate
loonie on the effin' planet.

Are you telling me no one has ever pulled the wool over your eyes?
Everybody is a potential sucker, even the members of MENSA, but so many
people wouldn't be suckered with any one computer nasty, if MS wasn't the
only real OS choice for the Desktop.

> There are plenty of scams and worms out there which do _not_ rely on
> an OS exploit to spread and they are among the most "popular".

That's total BS, almost all of them rely on running on one company's OS.
And that's the biggest security hole in this nation's computer security.
Yes, there are some pests made for some other server OSs, but they've had a
totally negligible impact on the overall general public computer security,
and only helps to prove that having multiple OSs in the server market, helps
to diminish the effect of viruses and the like, on the public. A desktop OS
market with 5 or 10 players would be intrinsically much more secure for the
country, and the world as a whole, than having one big, fat target that
can't help from getting hit over & over & over & over & over again.

Wake up and smell the coffee, coppertops, because soon it will be just some
burned black crud at the bottom of the pot.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Take a closer look at your list.
Many of those such as Blaster would have been a non issue if users had
simply used the patch that was available for weeks before Blaster came
on the scene.

It largely comes back to the users.
If the user will not properly protect their computer especially when
given a few weeks notice, their is little that can be done.
In your narrow minded way, you choose to focus all the blame on
Microsoft.
Your infantile website is a testament to you and your misguided ideas.

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://www3.telus.net/dandemar/


"kurttrail" > wrote in
message
Garbage snipped

> Melissa, Code Red, Slammer, Blaster, Sobig, Swen, Bagle. It's MS's
> fat-assed monopoly target that's putting the general public at risk.
And
> now MS is dragging of their feet on this address bar exploit! How
many
> times does a target have to get hit before ya'll wake up and smell
the
> coffee?!
More of your garbage snipped
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> ****************
> "Trustworthy Computing" is only another example of an Oxymoron!

Jupiter Jones [MVP] wrote:

> Take a closer look at your list.
> Many of those such as Blaster would have been a non issue if users had
> simply used the patch that was available for weeks before Blaster came
> on the scene.

They are total non-issues for Linux or UNIX users.

> It largely comes back to the users.

No, it comes down to having only one Desktop OS target.

> If the user will not properly protect their computer especially when
> given a few weeks notice, their is little that can be done.

If there were multiple Desktop OS in the PC market, less people at any given
time would be affected by any one computer nasty.

> In your narrow minded way, you choose to focus all the blame on
> Microsoft.

They are the one's who have been proven to use predatory monopolistc tactics
to maintain their Desktop OS monopoly. And it's their big fat target that
keeps getting hit.

Multiple targets are just plain safer than one big target.

Please try to explain to everyone how having only one big target of an OS is
safer for society as a whole, if you disagree with my previous sentence.

> Your infantile website is a testament to you and your misguided ideas.

Thanks you! You just don't know how much it pleases me to know, that my web
site upsets you so, that you have to express your opinion of it with no
prompting on my part whatsoever.

>> Melissa, Code Red, Slammer, Blaster, Sobig, Swen, Bagle. It's MS's
>> fat-assed monopoly target that's putting the general public at risk.
>> And now MS is dragging of their feet on this address bar exploit!
>> How many times does a target have to get hit before ya'll wake up
>> and smell the coffee?!
> More of your garbage snipped

Have a nice day! :)

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

"kurttrail" > wrote in message
...

> > Take a closer look at your list.
> > Many of those such as Blaster would have been a non issue if users had
> > simply used the patch that was available for weeks before Blaster came
> > on the scene.
>
> They are total non-issues for Linux or UNIX users.

Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.

Right, Linux has fewer vulnerabilities than Windows.

Right, users that can't configure and patch Windows would magically be able
to keep Linux secure.

Right, Linux web servers are hacked less frequently than Windows web servers
according to www.zone-h.org

> No, it comes down to having only one Desktop OS target.

Right, switching to Linux or more than one desktop OS makes companies more
secure / easier to secure.

> If there were multiple Desktop OS in the PC market, less people at any
given
> time would be affected by any one computer nasty.

> Multiple targets are just plain safer than one big target.

Riiiiiight. Maybe if www.debian.org was running some Windows servers, they
wouldn't have been hacked a few months ago.

In the past 12 months, Microsoft, Linux, Cisco and others all had highly
critical remote vulnerabilities discovered that required patches. And *nix
already owns the lions share of web servers. So how would switching to
heterogeneous OS environments do anything to increase security or reduce
support costs? Or would it actually increase support costs, double or
triple the amount of work and patches required, and increase the likelihood
that a company would make critical security mistakes that lead to a
compromise?

Sure, like you, I find it puzzling that Microsoft hasn't released a patch
for the IE URL issue yet. But that doesn't make your pro-*nix statements
above true.

I never said I was upset.
Why do you continually feel the need to project your own feelings on
others?
I simply consider the source Kurt!

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://www3.telus.net/dandemar/


"kurttrail" > wrote in
message news:%23L$%
Your gasrbage snipped
> Thanks you! You just don't know how much it pleases me to know,
that my web
> site upsets you so, that you have to express your opinion of it with
no
> prompting on my part whatsoever.
More garbage snipped
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> **************
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"
>
>

Karl Levinson [x y] mvp wrote:

> "kurttrail" > wrote in
> message ...
>
>>> Take a closer look at your list.
>>> Many of those such as Blaster would have been a non issue if users
>>> had simply used the patch that was available for weeks before
>>> Blaster came on the scene.
>>
>> They are total non-issues for Linux or UNIX users.
>
> Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.

Did I say that?

>
> Right, Linux has fewer vulnerabilities than Windows.

Did I say that?

>
> Right, users that can't configure and patch Windows would magically
> be able to keep Linux secure.

Did I say that?

>
> Right, Linux web servers are hacked less frequently than Windows web
> servers according to www.zone-h.org

Did I say that?

Nope to all four! I said in reply to Jupiter that those Windows based
viruses were a non-issue for *nix based OSs.

>
>> No, it comes down to having only one Desktop OS target.
>
> Right, switching to Linux or more than one desktop OS makes companies
> more secure / easier to secure.

Did I say that? Can't you address what I actually write?

Would it have been as easy as it was for the Japanese to destroy & damage as
many ships on Dec. 7, 1941, if those ships were spread out across the
Pacific, instead of being all bottle up in Pearl Harbor?

Is having only one target to hit easier than hitting multiple target with
one shot?

It's a matter of common sense. Not whether one OS platform is better than
another, rather that having multiple OS platforms are intinsically more
secure than only having one.

>
>> If there were multiple Desktop OS in the PC market, less people at
>> any given time would be affected by any one computer nasty.
>
>> Multiple targets are just plain safer than one big target.
>
> Riiiiiight. Maybe if www.debian.org was running some Windows
> servers, they wouldn't have been hacked a few months ago.

It affected one server, not potentially 95% of the Desktop computers on the
planet or anybody else system other than Debian's.

> In the past 12 months, Microsoft, Linux, Cisco and others all had
> highly critical remote vulnerabilities discovered that required
> patches.

Yep, and because there are multiple choices in server networking platforms,
an attack on one platform doesn't take out the others. This is just my
point, but your too much of a "MS uber alles" advocate to see it.

> And *nix already owns the lions share of web servers. So
> how would switching to heterogeneous OS environments do anything to
> increase security or reduce support costs?

It's common sense dude. During the cold war, did the USA & the USSR build
one central location each for all their missiles, or did they spread the
missiles out over vast areas? They spread them out to multiple locations.
Now it would have been easier to control all those missiles if the were
centrally located, but the threat of having them all taken out in one
massive first strike was so untenable, that both countries spread their
missiles to the four winds.

MS's Desktop monopoly OS, is like having all your missiles in one central
location, you risk losing them all with just one shot.

> Or would it actually
> increase support costs, double or triple the amount of work and
> patches required, and increase the likelihood that a company would
> make critical security mistakes that lead to a compromise?

Nope, you answer my question, which you conveniently cut out, first, and
that was, "Please try to explain to everyone how having only one big target
of an OS is safer for society as a whole, if you disagree with . . . .
Multiple targets are just plain safer than one big target."

But you won't, and that's why you cut it out in the first place, because you
know it's a totally indefensible position! And that's why you were trying
to put other words in my mouth and paint me as pro-*nix, to try to bury my
actual point in a blizzard of your Bull Sh*t! Didn't think I'd notice, huh?
Well, don't you ever think you can play games with my opinions, and get away
with it. Better people than you have tried, and failed just as miserably
you have.

Now to answer your question in two parts, "Or would it actually increase
support costs, double or
triple the amount of work and patches required,"

Who knows? Does having multiple Server OSs now, increase support costs,
double or triple the amount of work and patches required, as compared to the
support costs, amount of work & patches for the monolitic Desktop
environment that the general public is forced to accept at present?

"and increase the likelihood
that a company would make critical security mistakes that lead to a
compromise?"

It would affect only that one companies products, hence lessoning the effect
that any one companies critical security mistakes would have on the general
public as a whole. As this is exactly my point.

> Sure, like you, I find it puzzling that Microsoft hasn't released a
> patch for the IE URL issue yet. But that doesn't make your pro-*nix
> statements above true.

I'm not pro-*nix, and I didn't make any pro-nix statements, that was your
fantasy. I am advocating a diverse desktop PC OS market that would by it's
very nature lessen the effects of any one given computer nasty from
affecting potentially 95% of the PCs on the planet.

"Please try to explain to everyone how having only one big target of an OS
is safer for society as a whole, if you disagree with . . . . Multiple
targets are just plain safer than one big target."

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Jupiter Jones [MVP] wrote:

> I never said I was upset.
> Why do you continually feel the need to project your own feelings on
> others?
> I simply consider the source Kurt!

"Please try to explain to everyone how having only one big target of an OS
is safer for society as a whole, if you disagree with . . . . Multiple
targets are just plain safer than one big target."

Stay on topic, answer the question, and stop playing your WinTroll games,
Juppy.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Kurt;
Stay with your facts.
I never even suggested "one big target of an OS" is the way to go.
Those are your words and ideas.
You seem to need to falsely put statements to others in order to
support your ideas.
To bad you can not support your point on its own merit.
Furthermore you start to name calling.
Name calling is strong evidence that you lack the ability to support
your own point of view.
Good bye Kurt.

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://www3.telus.net/dandemar/


"kurttrail" > wrote in
message ...
> Jupiter Jones [MVP] wrote:
> "Please try to explain to everyone how having only one big target of
an OS
> is safer for society as a whole, if you disagree with . . . .
Multiple
> targets are just plain safer than one big target."
>
> Stay on topic, answer the question, and stop playing your WinTroll
games,
> Juppy.
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> ****************
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"

Jupiter Jones [MVP] wrote:

> Kurt;
> Stay with your facts.

I did, notice that I was quoting myself.

> I never even suggested "one big target of an OS" is the way to go.

You were disputing my arguement that MS's monopoy OS is what is the biggest
security hole for the general public by blaming the general public.

> Those are your words and ideas.

Which you were trying to dispute by blaming the victims, rather than the
delivery system of being locked into one big fat target of a Desktop OS.

> You seem to need to falsely put statements to others in order to
> support your ideas.

No, I trying to actually get you to confront my ideas, instead of doing the
side-step shuffle to protect your Masters.

> To bad you can not support your point on its own merit.

I already have, it's you that have not support any contrary point the
dimishes my opinion in the slightest bit.

> Furthermore you start to name calling.

What else could you be called when you only answer that most inconsequential
part of my post, and leave the meat of it untouched? That's exactly the
tactics of a troll.

> Name calling is strong evidence that you lack the ability to support
> your own point of view.

My point has been proved, and only the MicroDeafDumb&Blind can't see it.
MS's desktop OS monopoly is the biggest security risk for the general public
today, because that one giant-assed target can't help from getting hit.

It's a hell of a lot easier to hit one bird with one stone, than two birds
with one stone. I have common sense on my side, you have only your
unwavering devotion to MS to back you up.

Thank you!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Karl Levinson [x y] mvp wrote:

> "kurttrail" > wrote in
> message ...
>
>>> Take a closer look at your list.
>>> Many of those such as Blaster would have been a non issue if users
>>> had simply used the patch that was available for weeks before
>>> Blaster came on the scene.
>>
>> They are total non-issues for Linux or UNIX users.
>
> Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.

Did I say that?

>
> Right, Linux has fewer vulnerabilities than Windows.

Did I say that?

>
> Right, users that can't configure and patch Windows would magically
> be able to keep Linux secure.

Did I say that?

>
> Right, Linux web servers are hacked less frequently than Windows web
> servers according to www.zone-h.org

Did I say that?

Nope to all four! I said in reply to Jupiter that those Windows based
viruses were a non-issue for *nix based OSs.

>
>> No, it comes down to having only one Desktop OS target.
>
> Right, switching to Linux or more than one desktop OS makes companies
> more secure / easier to secure.

Did I say that? Can't you address what I actually write?

Would it have been as easy as it was for the Japanese to destroy & damage as
many ships on Dec. 7, 1941, if those ships were spread out across the
Pacific, instead of being all bottle up in Pearl Harbor?

Is having only one target to hit easier than hitting multiple target with
one shot?

It's a matter of common sense. Not whether one OS platform is better than
another, rather that having multiple OS platforms are intinsically more
secure than only having one.

>
>> If there were multiple Desktop OS in the PC market, less people at
>> any given time would be affected by any one computer nasty.
>
>> Multiple targets are just plain safer than one big target.
>
> Riiiiiight. Maybe if www.debian.org was running some Windows
> servers, they wouldn't have been hacked a few months ago.

It affected one server, not potentially 95% of the Desktop computers on the
planet or anybody else system other than Debian's.

> In the past 12 months, Microsoft, Linux, Cisco and others all had
> highly critical remote vulnerabilities discovered that required
> patches.

Yep, and because there are multiple choices in server networking platforms,
an attack on one platform doesn't take out the others. This is just my
point, but your too much of a "MS uber alles" advocate to see it.

> And *nix already owns the lions share of web servers. So
> how would switching to heterogeneous OS environments do anything to
> increase security or reduce support costs?

It's common sense dude. During the cold war, did the USA & the USSR build
one central location each for all their missiles, or did they spread the
missiles out over vast areas? They spread them out to multiple locations.
Now it would have been easier to control all those missiles if the were
centrally located, but the threat of having them all taken out in one
massive first strike was so untenable, that both countries spread their
missiles to the four winds.

MS's Desktop monopoly OS, is like having all your missiles in one central
location, you risk losing them all with just one shot.

> Or would it actually
> increase support costs, double or triple the amount of work and
> patches required, and increase the likelihood that a company would
> make critical security mistakes that lead to a compromise?

Nope, you answer my question, which you conveniently cut out, first, and
that was, "Please try to explain to everyone how having only one big target
of an OS is safer for society as a whole, if you disagree with . . . .
Multiple targets are just plain safer than one big target."

But you won't, and that's why you cut it out in the first place, because you
know it's a totally indefensible position! And that's why you were trying
to put other words in my mouth and paint me as pro-*nix, to try to bury my
actual point in a blizzard of your Bull Sh*t! Didn't think I'd notice, huh?
Well, don't you ever think you can play games with my opinions, and get away
with it. Better people than you have tried, and failed just as miserably
you have.

Now to answer your question in two parts, "Or would it actually increase
support costs, double or
triple the amount of work and patches required,"

Who knows? Does having multiple Server OSs now, increase support costs,
double or triple the amount of work and patches required, as compared to the
support costs, amount of work & patches for the monolitic Desktop
environment that the general public is forced to accept at present?

"and increase the likelihood
that a company would make critical security mistakes that lead to a
compromise?"

It would affect only that one companies products, hence lessoning the effect
that any one companies critical security mistakes would have on the general
public as a whole. As this is exactly my point.

> Sure, like you, I find it puzzling that Microsoft hasn't released a
> patch for the IE URL issue yet. But that doesn't make your pro-*nix
> statements above true.

I'm not pro-*nix, and I didn't make any pro-nix statements, that was your
fantasy. I am advocating a diverse desktop PC OS market that would by it's
very nature lessen the effects of any one given computer nasty from
affecting potentially 95% of the PCs on the planet.

"Please try to explain to everyone how having only one big target of an OS
is safer for society as a whole, if you disagree with . . . . Multiple
targets are just plain safer than one big target."

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Jupiter Jones [MVP] wrote:

> I never said I was upset.
> Why do you continually feel the need to project your own feelings on
> others?
> I simply consider the source Kurt!

"Please try to explain to everyone how having only one big target of an OS
is safer for society as a whole, if you disagree with . . . . Multiple
targets are just plain safer than one big target."

Stay on topic, answer the question, and stop playing your WinTroll games,
Juppy.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Kurt;
Stay with your facts.
I never even suggested "one big target of an OS" is the way to go.
Those are your words and ideas.
You seem to need to falsely put statements to others in order to
support your ideas.
To bad you can not support your point on its own merit.
Furthermore you start to name calling.
Name calling is strong evidence that you lack the ability to support
your own point of view.
Good bye Kurt.

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://www3.telus.net/dandemar/


"kurttrail" > wrote in
message ...
> Jupiter Jones [MVP] wrote:
> "Please try to explain to everyone how having only one big target of
an OS
> is safer for society as a whole, if you disagree with . . . .
Multiple
> targets are just plain safer than one big target."
>
> Stay on topic, answer the question, and stop playing your WinTroll
games,
> Juppy.
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> ****************
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"

Jupiter Jones [MVP] wrote:

> Kurt;
> Stay with your facts.

I did, notice that I was quoting myself.

> I never even suggested "one big target of an OS" is the way to go.

You were disputing my arguement that MS's monopoy OS is what is the biggest
security hole for the general public by blaming the general public.

> Those are your words and ideas.

Which you were trying to dispute by blaming the victims, rather than the
delivery system of being locked into one big fat target of a Desktop OS.

> You seem to need to falsely put statements to others in order to
> support your ideas.

No, I trying to actually get you to confront my ideas, instead of doing the
side-step shuffle to protect your Masters.

> To bad you can not support your point on its own merit.

I already have, it's you that have not support any contrary point the
dimishes my opinion in the slightest bit.

> Furthermore you start to name calling.

What else could you be called when you only answer that most inconsequential
part of my post, and leave the meat of it untouched? That's exactly the
tactics of a troll.

> Name calling is strong evidence that you lack the ability to support
> your own point of view.

My point has been proved, and only the MicroDeafDumb&Blind can't see it.
MS's desktop OS monopoly is the biggest security risk for the general public
today, because that one giant-assed target can't help from getting hit.

It's a hell of a lot easier to hit one bird with one stone, than two birds
with one stone. I have common sense on my side, you have only your
unwavering devotion to MS to back you up.

Thank you!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Jupiter Jones [MVP] wrote:

> I never said I was upset.
> Why do you continually feel the need to project your own feelings on
> others?
> I simply consider the source Kurt!

"Please try to explain to everyone how having only one big target of an OS
is safer for society as a whole, if you disagree with . . . . Multiple
targets are just plain safer than one big target."

Stay on topic, answer the question, and stop playing your WinTroll games,
Juppy.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Kurt;
Stay with your facts.
I never even suggested "one big target of an OS" is the way to go.
Those are your words and ideas.
You seem to need to falsely put statements to others in order to
support your ideas.
To bad you can not support your point on its own merit.
Furthermore you start to name calling.
Name calling is strong evidence that you lack the ability to support
your own point of view.
Good bye Kurt.

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://www3.telus.net/dandemar/


"kurttrail" > wrote in
message ...
> Jupiter Jones [MVP] wrote:
> "Please try to explain to everyone how having only one big target of
an OS
> is safer for society as a whole, if you disagree with . . . .
Multiple
> targets are just plain safer than one big target."
>
> Stay on topic, answer the question, and stop playing your WinTroll
games,
> Juppy.
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> ****************
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"

Jupiter Jones [MVP] wrote:

> Kurt;
> Stay with your facts.

I did, notice that I was quoting myself.

> I never even suggested "one big target of an OS" is the way to go.

You were disputing my arguement that MS's monopoy OS is what is the biggest
security hole for the general public by blaming the general public.

> Those are your words and ideas.

Which you were trying to dispute by blaming the victims, rather than the
delivery system of being locked into one big fat target of a Desktop OS.

> You seem to need to falsely put statements to others in order to
> support your ideas.

No, I trying to actually get you to confront my ideas, instead of doing the
side-step shuffle to protect your Masters.

> To bad you can not support your point on its own merit.

I already have, it's you that have not support any contrary point the
dimishes my opinion in the slightest bit.

> Furthermore you start to name calling.

What else could you be called when you only answer that most inconsequential
part of my post, and leave the meat of it untouched? That's exactly the
tactics of a troll.

> Name calling is strong evidence that you lack the ability to support
> your own point of view.

My point has been proved, and only the MicroDeafDumb&Blind can't see it.
MS's desktop OS monopoly is the biggest security risk for the general public
today, because that one giant-assed target can't help from getting hit.

It's a hell of a lot easier to hit one bird with one stone, than two birds
with one stone. I have common sense on my side, you have only your
unwavering devotion to MS to back you up.

Thank you!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

"kurttrail" > wrote in message
...

> >>> Blaster came on the scene.
> >>
> >> They are total non-issues for Linux or UNIX users.
> >
> > Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.
>
> Did I say that?

If you weren't implying that users switching to *nix would make them more
secure, then I don't see the point in making that statement at all. Of
course Blaster isn't an issue for *nix users. So what? [unless the
implication was that switching to *nix is better.]

Switching half the desktop computers to *nix would not have made Blaster,
Welchia, SQL Slammer any better. Five computers can potentially DoS a
network, and one infected computer can allow an attacker to bypass the
firewall to compromise the data on the entire network.

> > Riiiiiight. Maybe if www.debian.org was running some Windows
> > servers, they wouldn't have been hacked a few months ago.
>
> It affected one server, not potentially 95% of the Desktop computers on
the
> planet or anybody else system other than Debian's.

Yeah, but that was one he11uva server. It was several servers at several
*nix distribution and development sites that potentially could have
compromised files that are downloaded by *nix users worldwide. AFAIK
Microsoft's FTP and Windows Update servers have never been compromised, and
if they had been, it would be major news, not just "oh, it's just one
server."

> Yep, and because there are multiple choices in server networking
platforms,
> an attack on one platform doesn't take out the others. This is just my
> point, but your too much of a "MS uber alles" advocate to see it.

Wha? I don't care if you choose Microsoft or *nix. If you check my site at
http://securityadmin.info/faq.asp#firewall, you'll see that I point people
to non-Microsoft open source solutions like Knoppix and OpenBSD, even though
my role here and there is not vendor advocacy but in trying to help people
that are already beyond the point of choosing what to purchase.

With the exception of firewalls, I generally don't see people recommending
buying half Cisco and half Nortel switches and routers... because as with
choice of OS, the added cost and complexity of supporting more than one
solution trumps any benefit of changing from homogeneous environment to a
"50% vulnerable to this, 50% vulnerable to that" environment.

Even with all the vulnerabilities in IE, for example, it can make a lot of
sense to standardize just on Windows and IE and no other browser or OS,
because if you use OWA to check your email with Windows integrated
authentication, everyone you switch to *nix or Netscape won't be able to do
that. Frequently, functionality trumps security, and sometimes Microsoft
builds solutions that other vendors choose not to support.


> > Or would it actually
> > increase support costs, double or triple the amount of work and
> > patches required, and increase the likelihood that a company would
> > make critical security mistakes that lead to a compromise?
>
> Nope, you answer my question, which you conveniently cut out, first, and
> that was, "Please try to explain to everyone how having only one big
target
> of an OS is safer for society as a whole, if you disagree with . . . .
> Multiple targets are just plain safer than one big target."

I don't control society. I only control my organization. I have no way of
encouraging other organizations to switch to another OS. The European
community is switching to desktop *nix, and we'll see if the world is any
more secure after that. Somehow I doubt it. And I disagree that switching
half my organization to another OS would help my security, in fact I believe
it would hurt it. Any company or support staff that can't keep a
homogeneous Windows network patched and secure is going to fail even more
miserably at keeping a mixed environment secure, and having Blaster infect
20 machines or half the machines is just as bad as having Blaster infect the
whole network.

Also, security is not about achieving maximum security, it's about saving
money and effort. You choose to implement a certain safeguard not because
it makes you more secure, but because the cost of implementing the safeguard
compares favorably with the cost of other safeguards and the cost of not
implementing the safeguard and becoming compromised. Given that, my
arguments about a heterogeneous environment increasing support complexity is
a direct response to your question.

> But you won't, and that's why you cut it out in the first place, because
you
> know it's a totally indefensible position!

It is defensible. I just defended it.

> And that's why you were trying
> to put other words in my mouth and paint me as pro-*nix, to try to bury my
> actual point in a blizzard of your Bull Sh*t! Didn't think I'd notice,
huh?
> Well, don't you ever think you can play games with my opinions, and get
away
> with it. Better people than you have tried, and failed just as miserably
> you have.

Whoa! Calm down there killer! :D

Fair enough. You mistook me for a pro-Microsoft person too. In my defense,
your anti-Microsoft signature below plus your statements mentioning *nix are
what made me think you're pro-*nix. If you're anti-Microsoft and you don't
appear to be a Mac or BeOS or Amiga or Novell enthusiast...

> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com
> "Trustworthy Computing" is only another example of an Oxymoron!

"kurttrail" > wrote in message
...

> >>> Blaster came on the scene.
> >>
> >> They are total non-issues for Linux or UNIX users.
> >
> > Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.
>
> Did I say that?

If you weren't implying that users switching to *nix would make them more
secure, then I don't see the point in making that statement at all. Of
course Blaster isn't an issue for *nix users. So what? [unless the
implication was that switching to *nix is better.]

Switching half the desktop computers to *nix would not have made Blaster,
Welchia, SQL Slammer any better. Five computers can potentially DoS a
network, and one infected computer can allow an attacker to bypass the
firewall to compromise the data on the entire network.

> > Riiiiiight. Maybe if www.debian.org was running some Windows
> > servers, they wouldn't have been hacked a few months ago.
>
> It affected one server, not potentially 95% of the Desktop computers on
the
> planet or anybody else system other than Debian's.

Yeah, but that was one he11uva server. It was several servers at several
*nix distribution and development sites that potentially could have
compromised files that are downloaded by *nix users worldwide. AFAIK
Microsoft's FTP and Windows Update servers have never been compromised, and
if they had been, it would be major news, not just "oh, it's just one
server."

> Yep, and because there are multiple choices in server networking
platforms,
> an attack on one platform doesn't take out the others. This is just my
> point, but your too much of a "MS uber alles" advocate to see it.

Wha? I don't care if you choose Microsoft or *nix. If you check my site at
http://securityadmin.info/faq.asp#firewall, you'll see that I point people
to non-Microsoft open source solutions like Knoppix and OpenBSD, even though
my role here and there is not vendor advocacy but in trying to help people
that are already beyond the point of choosing what to purchase.

With the exception of firewalls, I generally don't see people recommending
buying half Cisco and half Nortel switches and routers... because as with
choice of OS, the added cost and complexity of supporting more than one
solution trumps any benefit of changing from homogeneous environment to a
"50% vulnerable to this, 50% vulnerable to that" environment.

Even with all the vulnerabilities in IE, for example, it can make a lot of
sense to standardize just on Windows and IE and no other browser or OS,
because if you use OWA to check your email with Windows integrated
authentication, everyone you switch to *nix or Netscape won't be able to do
that. Frequently, functionality trumps security, and sometimes Microsoft
builds solutions that other vendors choose not to support.


> > Or would it actually
> > increase support costs, double or triple the amount of work and
> > patches required, and increase the likelihood that a company would
> > make critical security mistakes that lead to a compromise?
>
> Nope, you answer my question, which you conveniently cut out, first, and
> that was, "Please try to explain to everyone how having only one big
target
> of an OS is safer for society as a whole, if you disagree with . . . .
> Multiple targets are just plain safer than one big target."

I don't control society. I only control my organization. I have no way of
encouraging other organizations to switch to another OS. The European
community is switching to desktop *nix, and we'll see if the world is any
more secure after that. Somehow I doubt it. And I disagree that switching
half my organization to another OS would help my security, in fact I believe
it would hurt it. Any company or support staff that can't keep a
homogeneous Windows network patched and secure is going to fail even more
miserably at keeping a mixed environment secure, and having Blaster infect
20 machines or half the machines is just as bad as having Blaster infect the
whole network.

Also, security is not about achieving maximum security, it's about saving
money and effort. You choose to implement a certain safeguard not because
it makes you more secure, but because the cost of implementing the safeguard
compares favorably with the cost of other safeguards and the cost of not
implementing the safeguard and becoming compromised. Given that, my
arguments about a heterogeneous environment increasing support complexity is
a direct response to your question.

> But you won't, and that's why you cut it out in the first place, because
you
> know it's a totally indefensible position!

It is defensible. I just defended it.

> And that's why you were trying
> to put other words in my mouth and paint me as pro-*nix, to try to bury my
> actual point in a blizzard of your Bull Sh*t! Didn't think I'd notice,
huh?
> Well, don't you ever think you can play games with my opinions, and get
away
> with it. Better people than you have tried, and failed just as miserably
> you have.

Whoa! Calm down there killer! :D

Fair enough. You mistook me for a pro-Microsoft person too. In my defense,
your anti-Microsoft signature below plus your statements mentioning *nix are
what made me think you're pro-*nix. If you're anti-Microsoft and you don't
appear to be a Mac or BeOS or Amiga or Novell enthusiast...

> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com
> "Trustworthy Computing" is only another example of an Oxymoron!

"Karl Levinson [x y] mvp" wrote:

> If you check my site at
> http://securityadmin.info/faq.asp#firewall,

Hi

Karl, note that your site is not available anymore (it has been like that at
least 24 hours now):

"The page cannot be found"


--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter

"Karl Levinson [x y] mvp" wrote:

> If you check my site at
> http://securityadmin.info/faq.asp#firewall,

Hi

Karl, note that your site is not available anymore (it has been like that at
least 24 hours now):

"The page cannot be found"


--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter

Karl Levinson [x y] mvp wrote:

> "kurttrail" > wrote in
> message ...
>
>>>>> Blaster came on the scene.
>>>>
>>>> They are total non-issues for Linux or UNIX users.
>>>
>>> Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.
>>
>> Did I say that?
>
> If you weren't implying that users switching to *nix would make them
> more secure, then I don't see the point in making that statement at
> all.

The point is having one monopoly Desktop OS is a National Security risk
that is as obviously untenable as putting all your eggs in one basket.
It's quite obvious that the Anti-Trust settlement did little to protect
the general public as a whole for the predatory abuses of Microsoft, and
now that monopoly is a major National Security threat.

I'm not advocating any other option than the breakup of Microsoft in
order to protect the general pubic.

> Of course Blaster isn't an issue for *nix users. So what?
> [unless the implication was that switching to *nix is better.]

It was my reply to what Jupiter had said, that's what.

>
> Switching half the desktop computers to *nix would not have made
> Blaster, Welchia, SQL Slammer any better. Five computers can
> potentially DoS a network, and one infected computer can allow an
> attacker to bypass the firewall to compromise the data on the entire
> network.

Again, with this MS vs. *nix phobia. Oy Vey! Can't you get it through
your thick skull, I AM NOT ADVOCATING *NIX. PERIOD! MS needs to be
broken up for the general public good, not to promote the *nis desktop,
but for the safety of our society of individual human beings as a whole
in the digital world.

>
>>> Riiiiiight. Maybe if www.debian.org was running some Windows
>>> servers, they wouldn't have been hacked a few months ago.
>>
>> It affected one server, not potentially 95% of the Desktop computers
>> on the planet or anybody else system other than Debian's.
>
> Yeah, but that was one he11uva server. It was several servers at
> several *nix distribution and development sites that potentially
> could have compromised files that are downloaded by *nix users
> worldwide. AFAIK Microsoft's FTP and Windows Update servers have
> never been compromised, and if they had been, it would be major news,
> not just "oh, it's just one server."

It's been overwhelmed plenty of times. And who needs to hack it? MS
does a good enough job screwing it up all on their own.

>
>> Yep, and because there are multiple choices in server networking
>> platforms, an attack on one platform doesn't take out the others.
>> This is just my point, but your too much of a "MS uber alles"
>> advocate to see it.
>
> Wha? I don't care if you choose Microsoft or *nix. If you check my
> site at http://securityadmin.info/faq.asp#firewall, you'll see that I
> point people to non-Microsoft open source solutions like Knoppix and
> OpenBSD, even though my role here and there is not vendor advocacy
> but in trying to help people that are already beyond the point of
> choosing what to purchase.

You're the one arguing this as MS vs. *nix, I am not. Maybe you need to
step back, and reread this thread to gain some perspective on how you
words belie your protestations of not being an MS advocate.

>
> With the exception of firewalls, I generally don't see people
> recommending buying half Cisco and half Nortel switches and
> routers... because as with choice of OS, the added cost and
> complexity of supporting more than one solution trumps any benefit of
> changing from homogeneous environment to a "50% vulnerable to this,
> 50% vulnerable to that" environment.

In the corporate world where the bean counter overrule common sense,
that probably is the case. But the individual consumer in the privacy
of his home is locked into not having any choice. You want to run the
last PC hardware, with the latest popular titled software, you have to
run an MS Desktop OS. I want for the average individual to have the
same ability to be able to choose between OS's, not only to have
competition bring down the prices of software down to reasonable levels,
but as matter of their computer security.

> Even with all the vulnerabilities in IE, for example, it can make a
> lot of sense to standardize just on Windows and IE and no other
> browser or OS, because if you use OWA to check your email with
> Windows integrated authentication, everyone you switch to *nix or
> Netscape won't be able to do that. Frequently, functionality trumps
> security, and sometimes Microsoft builds solutions that other vendors
> choose not to support.

Or can't use, because MS use of proprietary standards, and others are
unwilling to pay and play by MS's monopoly-protected extortion of
licensing terms.

>
>
>>> Or would it actually
>>> increase support costs, double or triple the amount of work and
>>> patches required, and increase the likelihood that a company would
>>> make critical security mistakes that lead to a compromise?
>>
>> Nope, you answer my question, which you conveniently cut out, first,
>> and that was, "Please try to explain to everyone how having only one
>> big target of an OS is safer for society as a whole, if you disagree
>> with . . . . Multiple targets are just plain safer than one big
>> target."
>
> I don't control society. I only control my organization. I have no
> way of encouraging other organizations to switch to another OS. The
> European community is switching to desktop *nix, and we'll see if the
> world is any more secure after that. Somehow I doubt it. And I
> disagree that switching half my organization to another OS would help
> my security, in fact I believe it would hurt it. Any company or
> support staff that can't keep a homogeneous Windows network patched
> and secure is going to fail even more miserably at keeping a mixed
> environment secure, and having Blaster infect 20 machines or half the
> machines is just as bad as having Blaster infect the whole network.
>
> Also, security is not about achieving maximum security, it's about
> saving money and effort. You choose to implement a certain safeguard
> not because it makes you more secure, but because the cost of
> implementing the safeguard compares favorably with the cost of other
> safeguards and the cost of not implementing the safeguard and
> becoming compromised. Given that, my arguments about a heterogeneous
> environment increasing support complexity is a direct response to
> your question.

No, it's total subterfuge. You talking on the micro level of one
companies network where as I'm concerned with the macro level of the
general public that is made up of private individual human beings, our
human society. If every corporation had no real choice of platforms,
that would put the entire corporate community's computers at greater
risk, just as MS Desktop monopoly puts their locked-in individual
consumers at a higher risk today.

Your homogenous argument may be the practical bean-counter thing to do
on a micro-level of one corporation, but extend it out to every
corporation, and the risk of the entire corporate computing world being
taken out with one shot increases a hundred-fold or more.

>
>> But you won't, and that's why you cut it out in the first place,
>> because you know it's a totally indefensible position!
>
> It is defensible. I just defended it.

No, you did a corporate tap dance that had little to do with protecting
the general public in the privacy of their own homes from the National
Security risk of having on big fat OS target. Corporations can afford
the best and brightest minds to help protect their companies, despite
the inadequacies of any one given platform. The general public is
forced to depend on MS, and has no viable choice in the matter.

>
>> And that's why you were trying
>> to put other words in my mouth and paint me as pro-*nix, to try to
>> bury my actual point in a blizzard of your Bull Sh*t! Didn't think
>> I'd notice, huh? Well, don't you ever think you can play games with
>> my opinions, and get away with it. Better people than you have
>> tried, and failed just as miserably you have.
>
> Whoa! Calm down there killer! :D
>
> Fair enough. You mistook me for a pro-Microsoft person too. In my
> defense, your anti-Microsoft signature below plus your statements
> mentioning *nix are what made me think you're pro-*nix. If you're
> anti-Microsoft and you don't appear to be a Mac or BeOS or Amiga or
> Novell enthusiast...

....then logically you stereotype me as pro-*nix. My assumptions about
your MS advocacy was based on you making this into MS vs. *nix, when I
only mention Linux & Unix in passing in answer to Jupiter, not part of
my main argument. You're going off on that wild tangent, off of one
passing reference shows where your heart is really at. Even your other
wild foray off-topic about using diverse platforms with in a particular
company, was bogus, because at least that company has a choice when it
come to their networking platforms. If every corporation on the planet
were forced to use nothing but MS, like individual consumers having no
real choice but MS, then would you say that was a more secure situation,
than having choices as they do today in the corporate world?

And I'm not really anti-MS, I'm pro-consumer-choice, and MS just happens
to be the biggest obstacle in the way of Consumer Choice. And even
Linux's creator says that the Linux desktop is still 5 to 10 years away.
So maybe corporations & gov'ts can afford to use a Linux Desktop for
pure office purposes because they can afford to support themselves, but
as a consumer multimedia OS, it is still years away at best. For the
average PC consumer, not your corporate big wigs, MS's monopoly hurts
the individual consumer, and by extension the entire general public, not
only with monopoly-protected non-competitive pricing, but also by
risking their computer security of everybody by having everybodies'
*Personal* *Computer* in one big fat monopolistic target of a basket.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Karl Levinson [x y] mvp wrote:

> "kurttrail" > wrote in
> message ...
>
>>>>> Blaster came on the scene.
>>>>
>>>> They are total non-issues for Linux or UNIX users.
>>>
>>> Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.
>>
>> Did I say that?
>
> If you weren't implying that users switching to *nix would make them
> more secure, then I don't see the point in making that statement at
> all.

The point is having one monopoly Desktop OS is a National Security risk
that is as obviously untenable as putting all your eggs in one basket.
It's quite obvious that the Anti-Trust settlement did little to protect
the general public as a whole for the predatory abuses of Microsoft, and
now that monopoly is a major National Security threat.

I'm not advocating any other option than the breakup of Microsoft in
order to protect the general pubic.

> Of course Blaster isn't an issue for *nix users. So what?
> [unless the implication was that switching to *nix is better.]

It was my reply to what Jupiter had said, that's what.

>
> Switching half the desktop computers to *nix would not have made
> Blaster, Welchia, SQL Slammer any better. Five computers can
> potentially DoS a network, and one infected computer can allow an
> attacker to bypass the firewall to compromise the data on the entire
> network.

Again, with this MS vs. *nix phobia. Oy Vey! Can't you get it through
your thick skull, I AM NOT ADVOCATING *NIX. PERIOD! MS needs to be
broken up for the general public good, not to promote the *nis desktop,
but for the safety of our society of individual human beings as a whole
in the digital world.

>
>>> Riiiiiight. Maybe if www.debian.org was running some Windows
>>> servers, they wouldn't have been hacked a few months ago.
>>
>> It affected one server, not potentially 95% of the Desktop computers
>> on the planet or anybody else system other than Debian's.
>
> Yeah, but that was one he11uva server. It was several servers at
> several *nix distribution and development sites that potentially
> could have compromised files that are downloaded by *nix users
> worldwide. AFAIK Microsoft's FTP and Windows Update servers have
> never been compromised, and if they had been, it would be major news,
> not just "oh, it's just one server."

It's been overwhelmed plenty of times. And who needs to hack it? MS
does a good enough job screwing it up all on their own.

>
>> Yep, and because there are multiple choices in server networking
>> platforms, an attack on one platform doesn't take out the others.
>> This is just my point, but your too much of a "MS uber alles"
>> advocate to see it.
>
> Wha? I don't care if you choose Microsoft or *nix. If you check my
> site at http://securityadmin.info/faq.asp#firewall, you'll see that I
> point people to non-Microsoft open source solutions like Knoppix and
> OpenBSD, even though my role here and there is not vendor advocacy
> but in trying to help people that are already beyond the point of
> choosing what to purchase.

You're the one arguing this as MS vs. *nix, I am not. Maybe you need to
step back, and reread this thread to gain some perspective on how you
words belie your protestations of not being an MS advocate.

>
> With the exception of firewalls, I generally don't see people
> recommending buying half Cisco and half Nortel switches and
> routers... because as with choice of OS, the added cost and
> complexity of supporting more than one solution trumps any benefit of
> changing from homogeneous environment to a "50% vulnerable to this,
> 50% vulnerable to that" environment.

In the corporate world where the bean counter overrule common sense,
that probably is the case. But the individual consumer in the privacy
of his home is locked into not having any choice. You want to run the
last PC hardware, with the latest popular titled software, you have to
run an MS Desktop OS. I want for the average individual to have the
same ability to be able to choose between OS's, not only to have
competition bring down the prices of software down to reasonable levels,
but as matter of their computer security.

> Even with all the vulnerabilities in IE, for example, it can make a
> lot of sense to standardize just on Windows and IE and no other
> browser or OS, because if you use OWA to check your email with
> Windows integrated authentication, everyone you switch to *nix or
> Netscape won't be able to do that. Frequently, functionality trumps
> security, and sometimes Microsoft builds solutions that other vendors
> choose not to support.

Or can't use, because MS use of proprietary standards, and others are
unwilling to pay and play by MS's monopoly-protected extortion of
licensing terms.

>
>
>>> Or would it actually
>>> increase support costs, double or triple the amount of work and
>>> patches required, and increase the likelihood that a company would
>>> make critical security mistakes that lead to a compromise?
>>
>> Nope, you answer my question, which you conveniently cut out, first,
>> and that was, "Please try to explain to everyone how having only one
>> big target of an OS is safer for society as a whole, if you disagree
>> with . . . . Multiple targets are just plain safer than one big
>> target."
>
> I don't control society. I only control my organization. I have no
> way of encouraging other organizations to switch to another OS. The
> European community is switching to desktop *nix, and we'll see if the
> world is any more secure after that. Somehow I doubt it. And I
> disagree that switching half my organization to another OS would help
> my security, in fact I believe it would hurt it. Any company or
> support staff that can't keep a homogeneous Windows network patched
> and secure is going to fail even more miserably at keeping a mixed
> environment secure, and having Blaster infect 20 machines or half the
> machines is just as bad as having Blaster infect the whole network.
>
> Also, security is not about achieving maximum security, it's about
> saving money and effort. You choose to implement a certain safeguard
> not because it makes you more secure, but because the cost of
> implementing the safeguard compares favorably with the cost of other
> safeguards and the cost of not implementing the safeguard and
> becoming compromised. Given that, my arguments about a heterogeneous
> environment increasing support complexity is a direct response to
> your question.

No, it's total subterfuge. You talking on the micro level of one
companies network where as I'm concerned with the macro level of the
general public that is made up of private individual human beings, our
human society. If every corporation had no real choice of platforms,
that would put the entire corporate community's computers at greater
risk, just as MS Desktop monopoly puts their locked-in individual
consumers at a higher risk today.

Your homogenous argument may be the practical bean-counter thing to do
on a micro-level of one corporation, but extend it out to every
corporation, and the risk of the entire corporate computing world being
taken out with one shot increases a hundred-fold or more.

>
>> But you won't, and that's why you cut it out in the first place,
>> because you know it's a totally indefensible position!
>
> It is defensible. I just defended it.

No, you did a corporate tap dance that had little to do with protecting
the general public in the privacy of their own homes from the National
Security risk of having on big fat OS target. Corporations can afford
the best and brightest minds to help protect their companies, despite
the inadequacies of any one given platform. The general public is
forced to depend on MS, and has no viable choice in the matter.

>
>> And that's why you were trying
>> to put other words in my mouth and paint me as pro-*nix, to try to
>> bury my actual point in a blizzard of your Bull Sh*t! Didn't think
>> I'd notice, huh? Well, don't you ever think you can play games with
>> my opinions, and get away with it. Better people than you have
>> tried, and failed just as miserably you have.
>
> Whoa! Calm down there killer! :D
>
> Fair enough. You mistook me for a pro-Microsoft person too. In my
> defense, your anti-Microsoft signature below plus your statements
> mentioning *nix are what made me think you're pro-*nix. If you're
> anti-Microsoft and you don't appear to be a Mac or BeOS or Amiga or
> Novell enthusiast...

....then logically you stereotype me as pro-*nix. My assumptions about
your MS advocacy was based on you making this into MS vs. *nix, when I
only mention Linux & Unix in passing in answer to Jupiter, not part of
my main argument. You're going off on that wild tangent, off of one
passing reference shows where your heart is really at. Even your other
wild foray off-topic about using diverse platforms with in a particular
company, was bogus, because at least that company has a choice when it
come to their networking platforms. If every corporation on the planet
were forced to use nothing but MS, like individual consumers having no
real choice but MS, then would you say that was a more secure situation,
than having choices as they do today in the corporate world?

And I'm not really anti-MS, I'm pro-consumer-choice, and MS just happens
to be the biggest obstacle in the way of Consumer Choice. And even
Linux's creator says that the Linux desktop is still 5 to 10 years away.
So maybe corporations & gov'ts can afford to use a Linux Desktop for
pure office purposes because they can afford to support themselves, but
as a consumer multimedia OS, it is still years away at best. For the
average PC consumer, not your corporate big wigs, MS's monopoly hurts
the individual consumer, and by extension the entire general public, not
only with monopoly-protected non-competitive pricing, but also by
risking their computer security of everybody by having everybodies'
*Personal* *Computer* in one big fat monopolistic target of a basket.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Jupiter Jones [MVP] wrote:

> I never said I was upset.
> Why do you continually feel the need to project your own feelings on
> others?
> I simply consider the source Kurt!

"Please try to explain to everyone how having only one big target of an OS
is safer for society as a whole, if you disagree with . . . . Multiple
targets are just plain safer than one big target."

Stay on topic, answer the question, and stop playing your WinTroll games,
Juppy.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Kurt;
Stay with your facts.
I never even suggested "one big target of an OS" is the way to go.
Those are your words and ideas.
You seem to need to falsely put statements to others in order to
support your ideas.
To bad you can not support your point on its own merit.
Furthermore you start to name calling.
Name calling is strong evidence that you lack the ability to support
your own point of view.
Good bye Kurt.

--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://www3.telus.net/dandemar/


"kurttrail" > wrote in
message ...
> Jupiter Jones [MVP] wrote:
> "Please try to explain to everyone how having only one big target of
an OS
> is safer for society as a whole, if you disagree with . . . .
Multiple
> targets are just plain safer than one big target."
>
> Stay on topic, answer the question, and stop playing your WinTroll
games,
> Juppy.
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> ****************
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"

Jupiter Jones [MVP] wrote:

> Kurt;
> Stay with your facts.

I did, notice that I was quoting myself.

> I never even suggested "one big target of an OS" is the way to go.

You were disputing my arguement that MS's monopoy OS is what is the biggest
security hole for the general public by blaming the general public.

> Those are your words and ideas.

Which you were trying to dispute by blaming the victims, rather than the
delivery system of being locked into one big fat target of a Desktop OS.

> You seem to need to falsely put statements to others in order to
> support your ideas.

No, I trying to actually get you to confront my ideas, instead of doing the
side-step shuffle to protect your Masters.

> To bad you can not support your point on its own merit.

I already have, it's you that have not support any contrary point the
dimishes my opinion in the slightest bit.

> Furthermore you start to name calling.

What else could you be called when you only answer that most inconsequential
part of my post, and leave the meat of it untouched? That's exactly the
tactics of a troll.

> Name calling is strong evidence that you lack the ability to support
> your own point of view.

My point has been proved, and only the MicroDeafDumb&Blind can't see it.
MS's desktop OS monopoly is the biggest security risk for the general public
today, because that one giant-assed target can't help from getting hit.

It's a hell of a lot easier to hit one bird with one stone, than two birds
with one stone. I have common sense on my side, you have only your
unwavering devotion to MS to back you up.

Thank you!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

"kurttrail" > wrote in message
...

> >>> Blaster came on the scene.
> >>
> >> They are total non-issues for Linux or UNIX users.
> >
> > Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.
>
> Did I say that?

If you weren't implying that users switching to *nix would make them more
secure, then I don't see the point in making that statement at all. Of
course Blaster isn't an issue for *nix users. So what? [unless the
implication was that switching to *nix is better.]

Switching half the desktop computers to *nix would not have made Blaster,
Welchia, SQL Slammer any better. Five computers can potentially DoS a
network, and one infected computer can allow an attacker to bypass the
firewall to compromise the data on the entire network.

> > Riiiiiight. Maybe if www.debian.org was running some Windows
> > servers, they wouldn't have been hacked a few months ago.
>
> It affected one server, not potentially 95% of the Desktop computers on
the
> planet or anybody else system other than Debian's.

Yeah, but that was one he11uva server. It was several servers at several
*nix distribution and development sites that potentially could have
compromised files that are downloaded by *nix users worldwide. AFAIK
Microsoft's FTP and Windows Update servers have never been compromised, and
if they had been, it would be major news, not just "oh, it's just one
server."

> Yep, and because there are multiple choices in server networking
platforms,
> an attack on one platform doesn't take out the others. This is just my
> point, but your too much of a "MS uber alles" advocate to see it.

Wha? I don't care if you choose Microsoft or *nix. If you check my site at
http://securityadmin.info/faq.asp#firewall, you'll see that I point people
to non-Microsoft open source solutions like Knoppix and OpenBSD, even though
my role here and there is not vendor advocacy but in trying to help people
that are already beyond the point of choosing what to purchase.

With the exception of firewalls, I generally don't see people recommending
buying half Cisco and half Nortel switches and routers... because as with
choice of OS, the added cost and complexity of supporting more than one
solution trumps any benefit of changing from homogeneous environment to a
"50% vulnerable to this, 50% vulnerable to that" environment.

Even with all the vulnerabilities in IE, for example, it can make a lot of
sense to standardize just on Windows and IE and no other browser or OS,
because if you use OWA to check your email with Windows integrated
authentication, everyone you switch to *nix or Netscape won't be able to do
that. Frequently, functionality trumps security, and sometimes Microsoft
builds solutions that other vendors choose not to support.


> > Or would it actually
> > increase support costs, double or triple the amount of work and
> > patches required, and increase the likelihood that a company would
> > make critical security mistakes that lead to a compromise?
>
> Nope, you answer my question, which you conveniently cut out, first, and
> that was, "Please try to explain to everyone how having only one big
target
> of an OS is safer for society as a whole, if you disagree with . . . .
> Multiple targets are just plain safer than one big target."

I don't control society. I only control my organization. I have no way of
encouraging other organizations to switch to another OS. The European
community is switching to desktop *nix, and we'll see if the world is any
more secure after that. Somehow I doubt it. And I disagree that switching
half my organization to another OS would help my security, in fact I believe
it would hurt it. Any company or support staff that can't keep a
homogeneous Windows network patched and secure is going to fail even more
miserably at keeping a mixed environment secure, and having Blaster infect
20 machines or half the machines is just as bad as having Blaster infect the
whole network.

Also, security is not about achieving maximum security, it's about saving
money and effort. You choose to implement a certain safeguard not because
it makes you more secure, but because the cost of implementing the safeguard
compares favorably with the cost of other safeguards and the cost of not
implementing the safeguard and becoming compromised. Given that, my
arguments about a heterogeneous environment increasing support complexity is
a direct response to your question.

> But you won't, and that's why you cut it out in the first place, because
you
> know it's a totally indefensible position!

It is defensible. I just defended it.

> And that's why you were trying
> to put other words in my mouth and paint me as pro-*nix, to try to bury my
> actual point in a blizzard of your Bull Sh*t! Didn't think I'd notice,
huh?
> Well, don't you ever think you can play games with my opinions, and get
away
> with it. Better people than you have tried, and failed just as miserably
> you have.

Whoa! Calm down there killer! :D

Fair enough. You mistook me for a pro-Microsoft person too. In my defense,
your anti-Microsoft signature below plus your statements mentioning *nix are
what made me think you're pro-*nix. If you're anti-Microsoft and you don't
appear to be a Mac or BeOS or Amiga or Novell enthusiast...

> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com
> "Trustworthy Computing" is only another example of an Oxymoron!

"Karl Levinson [x y] mvp" wrote:

> If you check my site at
> http://securityadmin.info/faq.asp#firewall,

Hi

Karl, note that your site is not available anymore (it has been like that at
least 24 hours now):

"The page cannot be found"


--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter

kurttrail wrote:
> Robert Moir wrote:
>
>> kurttrail wrote:
>>
>>> You have every right to your opinion, unfortunately not everybody is
>>> as computer literate as you, and just wouldn't expect that the
>>> address bar would display anything other than the site of the web
>>> page that they navigated to.
>>
>> I think the point is that too many people don't look at URLs anyway.
>
> Says you.

Yes. Says me. Based on my observations. I thought we were being adult in
this thread and respecting others rights to hold an opinion?

>And if it really is true, is that a good enough reason for
> accepting MS's slacking?

Not at all, if "slacking" is what it is.

>>> It's MS's flaw that's being used to help validate a scam, or
>>> potentially much worse considering the source of the scam.
>>
>> IIRC there was some talk at the time that mozilla also had a (much
>> less severe) problem with these kinds of URLs.
>
> Pray tell, like what?

http://www.mozillazine.org/talkback.html?article=4078
http://bugzilla.mozilla.org/show_bug.cgi?id=228176

Yes. I'm well aware its fixed in mozilla, before you ask.

> I overheard these two people talking once, and
> you know what, they were saying that GW Bush is really Gay!

You know, what, if I was actually an American, I might understand what that
reference to Mr Bush meant.

>>> This needs to addressed immediately, and not wait to be part of some
>>> IE rollup patch. MS needs to stop dragging it's heels.
>>
>> If I thought they were waiting to include it in a roll-up fix then I
>> would/will agree with you. I've not seen anything pointing to that
>> myself, I'm assuming that fixing this is more trouble than it
>> appeared at first and they've had to go back to it a couple of times.
>
> http://www.iss.net/support/product_utilities/
>
> Didn't seem so hard for these guys! MS could license it from them.
> What's more important MS's customers security, or MS releasing their
> own in-house developed patch?

Obviously, not being a Microsoft employee, I can't comment on their internal
decision making process. None of us have any way of knowing, for example, if
MS looked at the ISS fix and rejected using it for some reason do we?

ISS may have something released and that _is_ great, but that doesn't mean
that MS haven't had problems.

>>> And there
>>> should be an official investigation in MS glacial pace of supplying
>>> a fix,
>>
>> Official on the part of whom? Who has jurisdiction here?
>
> US Gov't. MS is still an American company. The Justice Dept. or even
> Homeland Security, since it's MS's OS that has been the one that has
> been exploited, time & again, at the expense of the security of the
> general public.
>
> Melissa, Code Red, Slammer, Blaster, Sobig, Swen, Bagle. It's MS's
> fat-assed monopoly target that's putting the general public at risk.

Hmmm or people not keeping their systems patched and up to date; as that
would have prevented most of the problems you note above. That list right
there only needs, oooh, every other virus on the planet adding to it, and it
would be a list of viruses I've _never_ caught.

Actually, lets look at Melissa - that is a complete human problem, that does
not rely on any "exploitable" code at all. The others except bagle, I know
the exploits used were all patched prior to the virus hitting. Some of the
exploits, e.g. the RPC one blaster uses, are very disappointing, thats for
sure; IMO Microsoft have some questions to answer on that one at least.

Bagle, I know nothing about and can't be bothered to go and look up right
now, so I'll let you have that one.

> And now MS is dragging of their feet on this address bar exploit!
> How many times does a target have to get hit before ya'll wake up and
> smell the coffee?!

[snip]

> Are you telling me no one has ever pulled the wool over your eyes?

No. Where did I claim that? I can however say I've never been fooled by an
email borne virus or worm. Anyone who still clicks on attatchments named
"Naughty pictures of Anna Kornikova hot
stuff.jpg.exe.com.not.a.virus.this.time.no.really. honest.exe.jpg.bmp.vbs"
deserves everything they get.

> Everybody is a potential sucker, even the members of MENSA, but so
> many people wouldn't be suckered with any one computer nasty, if MS
> wasn't the only real OS choice for the Desktop.
>
>> There are plenty of scams and worms out there which do _not_ rely on
>> an OS exploit to spread and they are among the most "popular".
>
> That's total BS, almost all of them rely on running on one company's
> OS.

You call BS on something so easily provable? Here is a free example: Go take
a look at the origins of the "419" scam. I'll be here waiting for your
apology when you've researched a little and found out exactly how OS
dependant it is.

And actually Kurt, this may shock you, but I was talking in a wider frame
than just computing. Guess what, there were scams and exploits around before
we even had computers in people's homes. You'll find that out while you do
some research on the origins of the 419 scam. If you want to know more about
it all, visit www.snopes.com sometime and see for yourself.

Karl Levinson [x y] mvp wrote:

> "kurttrail" > wrote in
> message ...
>
>>>>> Blaster came on the scene.
>>>>
>>>> They are total non-issues for Linux or UNIX users.
>>>
>>> Riiiight, Linux, Unix and OpenBSD have zero vulnerabilities.
>>
>> Did I say that?
>
> If you weren't implying that users switching to *nix would make them
> more secure, then I don't see the point in making that statement at
> all.

The point is having one monopoly Desktop OS is a National Security risk
that is as obviously untenable as putting all your eggs in one basket.
It's quite obvious that the Anti-Trust settlement did little to protect
the general public as a whole for the predatory abuses of Microsoft, and
now that monopoly is a major National Security threat.

I'm not advocating any other option than the breakup of Microsoft in
order to protect the general pubic.

> Of course Blaster isn't an issue for *nix users. So what?
> [unless the implication was that switching to *nix is better.]

It was my reply to what Jupiter had said, that's what.

>
> Switching half the desktop computers to *nix would not have made
> Blaster, Welchia, SQL Slammer any better. Five computers can
> potentially DoS a network, and one infected computer can allow an
> attacker to bypass the firewall to compromise the data on the entire
> network.

Again, with this MS vs. *nix phobia. Oy Vey! Can't you get it through
your thick skull, I AM NOT ADVOCATING *NIX. PERIOD! MS needs to be
broken up for the general public good, not to promote the *nis desktop,
but for the safety of our society of individual human beings as a whole
in the digital world.

>
>>> Riiiiiight. Maybe if www.debian.org was running some Windows
>>> servers, they wouldn't have been hacked a few months ago.
>>
>> It affected one server, not potentially 95% of the Desktop computers
>> on the planet or anybody else system other than Debian's.
>
> Yeah, but that was one he11uva server. It was several servers at
> several *nix distribution and development sites that potentially
> could have compromised files that are downloaded by *nix users
> worldwide. AFAIK Microsoft's FTP and Windows Update servers have
> never been compromised, and if they had been, it would be major news,
> not just "oh, it's just one server."

It's been overwhelmed plenty of times. And who needs to hack it? MS
does a good enough job screwing it up all on their own.

>
>> Yep, and because there are multiple choices in server networking
>> platforms, an attack on one platform doesn't take out the others.
>> This is just my point, but your too much of a "MS uber alles"
>> advocate to see it.
>
> Wha? I don't care if you choose Microsoft or *nix. If you check my
> site at http://securityadmin.info/faq.asp#firewall, you'll see that I
> point people to non-Microsoft open source solutions like Knoppix and
> OpenBSD, even though my role here and there is not vendor advocacy
> but in trying to help people that are already beyond the point of
> choosing what to purchase.

You're the one arguing this as MS vs. *nix, I am not. Maybe you need to
step back, and reread this thread to gain some perspective on how you
words belie your protestations of not being an MS advocate.

>
> With the exception of firewalls, I generally don't see people
> recommending buying half Cisco and half Nortel switches and
> routers... because as with choice of OS, the added cost and
> complexity of supporting more than one solution trumps any benefit of
> changing from homogeneous environment to a "50% vulnerable to this,
> 50% vulnerable to that" environment.

In the corporate world where the bean counter overrule common sense,
that probably is the case. But the individual consumer in the privacy
of his home is locked into not having any choice. You want to run the
last PC hardware, with the latest popular titled software, you have to
run an MS Desktop OS. I want for the average individual to have the
same ability to be able to choose between OS's, not only to have
competition bring down the prices of software down to reasonable levels,
but as matter of their computer security.

> Even with all the vulnerabilities in IE, for example, it can make a
> lot of sense to standardize just on Windows and IE and no other
> browser or OS, because if you use OWA to check your email with
> Windows integrated authentication, everyone you switch to *nix or
> Netscape won't be able to do that. Frequently, functionality trumps
> security, and sometimes Microsoft builds solutions that other vendors
> choose not to support.

Or can't use, because MS use of proprietary standards, and others are
unwilling to pay and play by MS's monopoly-protected extortion of
licensing terms.

>
>
>>> Or would it actually
>>> increase support costs, double or triple the amount of work and
>>> patches required, and increase the likelihood that a company would
>>> make critical security mistakes that lead to a compromise?
>>
>> Nope, you answer my question, which you conveniently cut out, first,
>> and that was, "Please try to explain to everyone how having only one
>> big target of an OS is safer for society as a whole, if you disagree
>> with . . . . Multiple targets are just plain safer than one big
>> target."
>
> I don't control society. I only control my organization. I have no
> way of encouraging other organizations to switch to another OS. The
> European community is switching to desktop *nix, and we'll see if the
> world is any more secure after that. Somehow I doubt it. And I
> disagree that switching half my organization to another OS would help
> my security, in fact I believe it would hurt it. Any company or
> support staff that can't keep a homogeneous Windows network patched
> and secure is going to fail even more miserably at keeping a mixed
> environment secure, and having Blaster infect 20 machines or half the
> machines is just as bad as having Blaster infect the whole network.
>
> Also, security is not about achieving maximum security, it's about
> saving money and effort. You choose to implement a certain safeguard
> not because it makes you more secure, but because the cost of
> implementing the safeguard compares favorably with the cost of other
> safeguards and the cost of not implementing the safeguard and
> becoming compromised. Given that, my arguments about a heterogeneous
> environment increasing support complexity is a direct response to
> your question.

No, it's total subterfuge. You talking on the micro level of one
companies network where as I'm concerned with the macro level of the
general public that is made up of private individual human beings, our
human society. If every corporation had no real choice of platforms,
that would put the entire corporate community's computers at greater
risk, just as MS Desktop monopoly puts their locked-in individual
consumers at a higher risk today.

Your homogenous argument may be the practical bean-counter thing to do
on a micro-level of one corporation, but extend it out to every
corporation, and the risk of the entire corporate computing world being
taken out with one shot increases a hundred-fold or more.

>
>> But you won't, and that's why you cut it out in the first place,
>> because you know it's a totally indefensible position!
>
> It is defensible. I just defended it.

No, you did a corporate tap dance that had little to do with protecting
the general public in the privacy of their own homes from the National
Security risk of having on big fat OS target. Corporations can afford
the best and brightest minds to help protect their companies, despite
the inadequacies of any one given platform. The general public is
forced to depend on MS, and has no viable choice in the matter.

>
>> And that's why you were trying
>> to put other words in my mouth and paint me as pro-*nix, to try to
>> bury my actual point in a blizzard of your Bull Sh*t! Didn't think
>> I'd notice, huh? Well, don't you ever think you can play games with
>> my opinions, and get away with it. Better people than you have
>> tried, and failed just as miserably you have.
>
> Whoa! Calm down there killer! :D
>
> Fair enough. You mistook me for a pro-Microsoft person too. In my
> defense, your anti-Microsoft signature below plus your statements
> mentioning *nix are what made me think you're pro-*nix. If you're
> anti-Microsoft and you don't appear to be a Mac or BeOS or Amiga or
> Novell enthusiast...

....then logically you stereotype me as pro-*nix. My assumptions about
your MS advocacy was based on you making this into MS vs. *nix, when I
only mention Linux & Unix in passing in answer to Jupiter, not part of
my main argument. You're going off on that wild tangent, off of one
passing reference shows where your heart is really at. Even your other
wild foray off-topic about using diverse platforms with in a particular
company, was bogus, because at least that company has a choice when it
come to their networking platforms. If every corporation on the planet
were forced to use nothing but MS, like individual consumers having no
real choice but MS, then would you say that was a more secure situation,
than having choices as they do today in the corporate world?

And I'm not really anti-MS, I'm pro-consumer-choice, and MS just happens
to be the biggest obstacle in the way of Consumer Choice. And even
Linux's creator says that the Linux desktop is still 5 to 10 years away.
So maybe corporations & gov'ts can afford to use a Linux Desktop for
pure office purposes because they can afford to support themselves, but
as a consumer multimedia OS, it is still years away at best. For the
average PC consumer, not your corporate big wigs, MS's monopoly hurts
the individual consumer, and by extension the entire general public, not
only with monopoly-protected non-competitive pricing, but also by
risking their computer security of everybody by having everybodies'
*Personal* *Computer* in one big fat monopolistic target of a basket.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:
> Robert Moir wrote:
>
>> kurttrail wrote:
>>
>>> You have every right to your opinion, unfortunately not everybody is
>>> as computer literate as you, and just wouldn't expect that the
>>> address bar would display anything other than the site of the web
>>> page that they navigated to.
>>
>> I think the point is that too many people don't look at URLs anyway.
>
> Says you.

Yes. Says me. Based on my observations. I thought we were being adult in
this thread and respecting others rights to hold an opinion?

>And if it really is true, is that a good enough reason for
> accepting MS's slacking?

Not at all, if "slacking" is what it is.

>>> It's MS's flaw that's being used to help validate a scam, or
>>> potentially much worse considering the source of the scam.
>>
>> IIRC there was some talk at the time that mozilla also had a (much
>> less severe) problem with these kinds of URLs.
>
> Pray tell, like what?

http://www.mozillazine.org/talkback.html?article=4078
http://bugzilla.mozilla.org/show_bug.cgi?id=228176

Yes. I'm well aware its fixed in mozilla, before you ask.

> I overheard these two people talking once, and
> you know what, they were saying that GW Bush is really Gay!

You know, what, if I was actually an American, I might understand what that
reference to Mr Bush meant.

>>> This needs to addressed immediately, and not wait to be part of some
>>> IE rollup patch. MS needs to stop dragging it's heels.
>>
>> If I thought they were waiting to include it in a roll-up fix then I
>> would/will agree with you. I've not seen anything pointing to that
>> myself, I'm assuming that fixing this is more trouble than it
>> appeared at first and they've had to go back to it a couple of times.
>
> http://www.iss.net/support/product_utilities/
>
> Didn't seem so hard for these guys! MS could license it from them.
> What's more important MS's customers security, or MS releasing their
> own in-house developed patch?

Obviously, not being a Microsoft employee, I can't comment on their internal
decision making process. None of us have any way of knowing, for example, if
MS looked at the ISS fix and rejected using it for some reason do we?

ISS may have something released and that _is_ great, but that doesn't mean
that MS haven't had problems.

>>> And there
>>> should be an official investigation in MS glacial pace of supplying
>>> a fix,
>>
>> Official on the part of whom? Who has jurisdiction here?
>
> US Gov't. MS is still an American company. The Justice Dept. or even
> Homeland Security, since it's MS's OS that has been the one that has
> been exploited, time & again, at the expense of the security of the
> general public.
>
> Melissa, Code Red, Slammer, Blaster, Sobig, Swen, Bagle. It's MS's
> fat-assed monopoly target that's putting the general public at risk.

Hmmm or people not keeping their systems patched and up to date; as that
would have prevented most of the problems you note above. That list right
there only needs, oooh, every other virus on the planet adding to it, and it
would be a list of viruses I've _never_ caught.

Actually, lets look at Melissa - that is a complete human problem, that does
not rely on any "exploitable" code at all. The others except bagle, I know
the exploits used were all patched prior to the virus hitting. Some of the
exploits, e.g. the RPC one blaster uses, are very disappointing, thats for
sure; IMO Microsoft have some questions to answer on that one at least.

Bagle, I know nothing about and can't be bothered to go and look up right
now, so I'll let you have that one.

> And now MS is dragging of their feet on this address bar exploit!
> How many times does a target have to get hit before ya'll wake up and
> smell the coffee?!

[snip]

> Are you telling me no one has ever pulled the wool over your eyes?

No. Where did I claim that? I can however say I've never been fooled by an
email borne virus or worm. Anyone who still clicks on attatchments named
"Naughty pictures of Anna Kornikova hot
stuff.jpg.exe.com.not.a.virus.this.time.no.really. honest.exe.jpg.bmp.vbs"
deserves everything they get.

> Everybody is a potential sucker, even the members of MENSA, but so
> many people wouldn't be suckered with any one computer nasty, if MS
> wasn't the only real OS choice for the Desktop.
>
>> There are plenty of scams and worms out there which do _not_ rely on
>> an OS exploit to spread and they are among the most "popular".
>
> That's total BS, almost all of them rely on running on one company's
> OS.

You call BS on something so easily provable? Here is a free example: Go take
a look at the origins of the "419" scam. I'll be here waiting for your
apology when you've researched a little and found out exactly how OS
dependant it is.

And actually Kurt, this may shock you, but I was talking in a wider frame
than just computing. Guess what, there were scams and exploits around before
we even had computers in people's homes. You'll find that out while you do
some research on the origins of the 419 scam. If you want to know more about
it all, visit www.snopes.com sometime and see for yourself.

Robert Moir wrote:

> kurttrail wrote:
>
>> And I'm not really anti-MS, I'm pro-consumer-choice, and MS just
>> happens to be the biggest obstacle in the way of Consumer Choice.
>
> You know. You can go buy an Apple computer tomorrow running OS X.
> I've got an iBook right here on the desk besides the computer I'm
> using now and its very nice.

Will the Apple OS run of my PC? Does the Apple OS run all the programs
I've purchased over the years? Will I have to give up my computer
education up to this point to start from scratch with another OS? Can I
afford to give up the computer system I've built up over the years?

>
> One thing though. It has these problems with buggy code that require
> you to download periodic updates. There is this especially nasty one
> with an exploit in how it handles DHCP.

And your point is?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Robert Moir wrote:

> kurttrail wrote:
>> Robert Moir wrote:
>>
>>> kurttrail wrote:
>>>
>>>> You have every right to your opinion, unfortunately not everybody
>>>> is
>>>> as computer literate as you, and just wouldn't expect that the
>>>> address bar would display anything other than the site of the web
>>>> page that they navigated to.
>>>
>>> I think the point is that too many people don't look at URLs anyway.
>>
>> Says you.
>
> Yes. Says me. Based on my observations.

Your anecdotal evidence?

> I thought we were being adult
> in this thread and respecting others rights to hold an opinion?

What about "Says you," isn't respectful?

>
>> And if it really is true, is that a good enough reason for
>> accepting MS's slacking?
>
> Not at all, if "slacking" is what it is.
>
>>>> It's MS's flaw that's being used to help validate a scam, or
>>>> potentially much worse considering the source of the scam.
>>>
>>> IIRC there was some talk at the time that mozilla also had a (much
>>> less severe) problem with these kinds of URLs.
>>
>> Pray tell, like what?
>
> http://www.mozillazine.org/talkback.html?article=4078
> http://bugzilla.mozilla.org/show_bug.cgi?id=228176
>
> Yes. I'm well aware its fixed in mozilla, before you ask.
>
>> I overheard these two people talking once, and
>> you know what, they were saying that GW Bush is really Gay!
>
> You know, what, if I was actually an American, I might understand
> what that reference to Mr Bush meant.

It means you can overhear many things, doesn't make them true.

>
>>>> This needs to addressed immediately, and not wait to be part of
>>>> some
>>>> IE rollup patch. MS needs to stop dragging it's heels.
>>>
>>> If I thought they were waiting to include it in a roll-up fix then I
>>> would/will agree with you. I've not seen anything pointing to that
>>> myself, I'm assuming that fixing this is more trouble than it
>>> appeared at first and they've had to go back to it a couple of
>>> times.
>>
>> http://www.iss.net/support/product_utilities/
>>
>> Didn't seem so hard for these guys! MS could license it from them.
>> What's more important MS's customers security, or MS releasing their
>> own in-house developed patch?
>
> Obviously, not being a Microsoft employee, I can't comment on their
> internal decision making process. None of us have any way of knowing,
> for example, if MS looked at the ISS fix and rejected using it for
> some reason do we?

It's seems to do good enough, until such time MS finishes their own. It
would be the first time MS would have to reissue a patch.

>
> ISS may have something released and that _is_ great, but that doesn't
> mean that MS haven't had problems.

Again, if MS is actually having problems [total supposition] the patch
is good enough for the short term.

>
>>>> And there
>>>> should be an official investigation in MS glacial pace of supplying
>>>> a fix,
>>>
>>> Official on the part of whom? Who has jurisdiction here?
>>
>> US Gov't. MS is still an American company. The Justice Dept. or
>> even Homeland Security, since it's MS's OS that has been the one
>> that has
>> been exploited, time & again, at the expense of the security of the
>> general public.
>>
>> Melissa, Code Red, Slammer, Blaster, Sobig, Swen, Bagle. It's MS's
>> fat-assed monopoly target that's putting the general public at risk.
>
> Hmmm or people not keeping their systems patched and up to date; as
> that would have prevented most of the problems you note above. That
> list right there only needs, oooh, every other virus on the planet
> adding to it, and it would be a list of viruses I've _never_ caught.
>
> Actually, lets look at Melissa - that is a complete human problem,
> that does not rely on any "exploitable" code at all. The others
> except bagle, I know the exploits used were all patched prior to the
> virus hitting. Some of the exploits, e.g. the RPC one blaster uses,
> are very disappointing, thats for sure; IMO Microsoft have some
> questions to answer on that one at least.
>
> Bagle, I know nothing about and can't be bothered to go and look up
> right now, so I'll let you have that one.
>
>> And now MS is dragging of their feet on this address bar exploit!
>> How many times does a target have to get hit before ya'll wake up and
>> smell the coffee?!
>
> [snip]
>
>> Are you telling me no one has ever pulled the wool over your eyes?
>
> No. Where did I claim that?

I asked a question. You asked about investigating the general public
for being their own menace. Just want to make sure you aren't being
Holier-than-thou about it.

> I can however say I've never been fooled
> by an email borne virus or worm. Anyone who still clicks on
> attatchments named "Naughty pictures of Anna Kornikova hot
>
stuff.jpg.exe.com.not.a.virus.this.time.no.really. honest.exe.jpg.bmp.vbs
"
> deserves everything they get.

Goody for you, but is that because you smarter than the people that did
fall for it?

>
>> Everybody is a potential sucker, even the members of MENSA, but so
>> many people wouldn't be suckered with any one computer nasty, if MS
>> wasn't the only real OS choice for the Desktop.
>>
>>> There are plenty of scams and worms out there which do _not_ rely on
>>> an OS exploit to spread and they are among the most "popular".
>>
>> That's total BS, almost all of them rely on running on one company's
>> OS.
>
> You call BS on something so easily provable? Here is a free example:
> Go take a look at the origins of the "419" scam. I'll be here waiting
> for your apology when you've researched a little and found out
> exactly how OS dependant it is.

For what, I did qualify my statement, and one example, doesn't
invalidate my statement. Yes a scam can be perpetrated on anyone on any
OS, but as for worms viruses & exploits those are generally platform
specific.

>
> And actually Kurt, this may shock you, but I was talking in a wider
> frame than just computing. Guess what, there were scams and exploits
> around before we even had computers in people's homes. You'll find
> that out while you do some research on the origins of the 419 scam.
> If you want to know more about it all, visit www.snopes.com sometime
> and see for yourself.

None of those scams are being validated by a flaw in MS monopoly OS.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:
> Robert Moir wrote:
>
>> kurttrail wrote:
>>
>>> And I'm not really anti-MS, I'm pro-consumer-choice, and MS just
>>> happens to be the biggest obstacle in the way of Consumer Choice.
>>
>> You know. You can go buy an Apple computer tomorrow running OS X.
>> I've got an iBook right here on the desk besides the computer I'm
>> using now and its very nice.
>
> Will the Apple OS run of my PC? Does the Apple OS run all the
> programs I've purchased over the years? Will I have to give up my
> computer education up to this point to start from scratch with
> another OS? Can I afford to give up the computer system I've built
> up over the years?

Obviously not. There is a price to be paid for "switching". There is a price
to pay to run XP in a more secure mode, and many people are unwilling to pay
that much.

>> One thing though. It has these problems with buggy code that require
>> you to download periodic updates. There is this especially nasty one
>> with an exploit in how it handles DHCP.
>
> And your point is?

That there isn't a panacea out there.

Robert Moir wrote:

> kurttrail wrote:
>
>> And I'm not really anti-MS, I'm pro-consumer-choice, and MS just
>> happens to be the biggest obstacle in the way of Consumer Choice.
>
> You know. You can go buy an Apple computer tomorrow running OS X.
> I've got an iBook right here on the desk besides the computer I'm
> using now and its very nice.
>
> One thing though. It has these problems with buggy code that require
> you to download periodic updates. There is this especially nasty one
> with an exploit in how it handles DHCP.

Thank you for proving my point! What percentage of computer users were
under threat of this AppleOS DHCP exploit? 2 to 4%! Not 95%! Now say
there were 5 PCOS companies out there, and for the sake of argument let's
say that they share the PCOS market equally, what percentage of users are
potentially at risk by an exploit of any one given companies OS? That's
right! 20%. Not 95%. So which PCOS market would be a safer for the
general public, a market with one big fat-assed OS, or one with multiple OS
where the risks are spread out over multiple targets?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:
> Robert Moir wrote:
>
>> kurttrail wrote:
>>> Robert Moir wrote:
>>>
>>>> kurttrail wrote:
>>>>
>>>>> You have every right to your opinion, unfortunately not everybody
>>>>> is
>>>>> as computer literate as you, and just wouldn't expect that the
>>>>> address bar would display anything other than the site of the web
>>>>> page that they navigated to.
>>>>
>>>> I think the point is that too many people don't look at URLs
>>>> anyway.
>>>
>>> Says you.
>>
>> Yes. Says me. Based on my observations.
>
> Your anecdotal evidence?

My opinion. Based on observation.

>> I thought we were being adult
>> in this thread and respecting others rights to hold an opinion?
>
> What about "Says you," isn't respectful?

Its tone for a start.

[...]

>>> Pray tell, like what?
>>
>> http://www.mozillazine.org/talkback.html?article=4078
>> http://bugzilla.mozilla.org/show_bug.cgi?id=228176
>>
>> Yes. I'm well aware its fixed in mozilla, before you ask.
>>
>>> I overheard these two people talking once, and
>>> you know what, they were saying that GW Bush is really Gay!
>>
>> You know, what, if I was actually an American, I might understand
>> what that reference to Mr Bush meant.
>
> It means you can overhear many things, doesn't make them true.

Did you look at the links I provided. I think the mozilla dev crew producing
a fix for the issue makes it a little more than "Overheard", Kurt. Or do you
think they are admitting to a bug they don't have to make things look better
for a browser they are competing with?

[...]

>> Obviously, not being a Microsoft employee, I can't comment on their
>> internal decision making process. None of us have any way of knowing,
>> for example, if MS looked at the ISS fix and rejected using it for
>> some reason do we?
>
> It's seems to do good enough, until such time MS finishes their own.
> It would be the first time MS would have to reissue a patch.
>
>>
>> ISS may have something released and that _is_ great, but that doesn't
>> mean that MS haven't had problems.
>
> Again, if MS is actually having problems [total supposition] the patch
> is good enough for the short term.

<kurt>
Says You.
</kurt>

[...]
>>> Are you telling me no one has ever pulled the wool over your eyes?
>>
>> No. Where did I claim that?
>
> I asked a question. You asked about investigating the general public
> for being their own menace. Just want to make sure you aren't being
> Holier-than-thou about it.

Oh boy. I might be computer smart but I've made my mistakes. I have to look
at myself in the mirror every day to shave and I'm not going to tell that
face that I'm perfect, let alone anyone else.

>> I can however say I've never been fooled
>> by an email borne virus or worm. Anyone who still clicks on
>> attatchments named "Naughty pictures of Anna Kornikova hot
>>
> stuff.jpg.exe.com.not.a.virus.this.time.no.really. honest.exe.jpg.bmp.vbs
> "
>> deserves everything they get.
>
> Goody for you, but is that because you smarter than the people that
> did fall for it?

Better trained perhaps at the start. I do know of some people who have had
ample exposure to the problem but have not learnt from it. I wouldn't know
about me being more or less "smarter than" them, but I think its reasonable
to expect people to learn from a mistake after a while instead of repeatedly
making it.

>>> Everybody is a potential sucker, even the members of MENSA, but so
>>> many people wouldn't be suckered with any one computer nasty, if MS
>>> wasn't the only real OS choice for the Desktop.
>>>
>>>> There are plenty of scams and worms out there which do _not_ rely
>>>> on an OS exploit to spread and they are among the most "popular".
>>>
>>> That's total BS, almost all of them rely on running on one company's
>>> OS.
>>
>> You call BS on something so easily provable? Here is a free example:
>> Go take a look at the origins of the "419" scam. I'll be here waiting
>> for your apology when you've researched a little and found out
>> exactly how OS dependant it is.
>
> For what, I did qualify my statement, and one example, doesn't
> invalidate my statement. Yes a scam can be perpetrated on anyone on
> any OS, but as for worms viruses & exploits those are generally
> platform specific.

Quite. I was trying to point out that the most exploited OS is "Brainware",
the one in all our heads. That of course doesn't make the times MS fell down
on the job ok.

Robert Moir wrote:

> kurttrail wrote:
>> Robert Moir wrote:
>>
>>> kurttrail wrote:
>>>> Robert Moir wrote:
>>>>
>>>>> kurttrail wrote:
>>>>>
>>>>>> You have every right to your opinion, unfortunately not everybody
>>>>>> is
>>>>>> as computer literate as you, and just wouldn't expect that the
>>>>>> address bar would display anything other than the site of the web
>>>>>> page that they navigated to.
>>>>>
>>>>> I think the point is that too many people don't look at URLs
>>>>> anyway.
>>>>
>>>> Says you.
>>>
>>> Yes. Says me. Based on my observations.
>>
>> Your anecdotal evidence?
>
> My opinion. Based on observation.

That would be anecdotal from my point of view.

>
>>> I thought we were being adult
>>> in this thread and respecting others rights to hold an opinion?
>>
>> What about "Says you," isn't respectful?
>
> Its tone for a start.

"Tone" would be in you head, not mine.

>
> [...]
>
>>>> Pray tell, like what?
>>>
>>> http://www.mozillazine.org/talkback.html?article=4078
>>> http://bugzilla.mozilla.org/show_bug.cgi?id=228176
>>>
>>> Yes. I'm well aware its fixed in mozilla, before you ask.
>>>
>>>> I overheard these two people talking once, and
>>>> you know what, they were saying that GW Bush is really Gay!
>>>
>>> You know, what, if I was actually an American, I might understand
>>> what that reference to Mr Bush meant.
>>
>> It means you can overhear many things, doesn't make them true.
>
> Did you look at the links I provided. I think the mozilla dev crew
> producing a fix for the issue makes it a little more than
> "Overheard", Kurt.

Can't you read a thread?

RM - "IIRC there was some talk at the time that mozilla also had a (much
less
severe) problem with these kinds of URLs."

KK - "Pray tell, like what? I overheard these two people talking once, and
you
know what, they were saying that GW Bush is really Gay!"

RM - "You know, what, if I was actually an American, I might understand what
that
reference to Mr Bush meant." Yes you gave the links in this post.

KK - "It means you can overhear many things, doesn't make them true." Which
I said to explain to you what I meant, by "Pray tell, like what? I
overheard these two people talking once, and you
know what, they were saying that GW Bush is really Gay!" before you gave any
links.


Nice troll tactic, Robert.

> Or do you think they are admitting to a bug they
> don't have to make things look better for a browser they are
> competing with?

Obviously now I understand what you were originally made vague reference to,
but that doesn't change what I meant at the time BEFORE you explained
yourself.


>>> Obviously, not being a Microsoft employee, I can't comment on their
>>> internal decision making process. None of us have any way of
>>> knowing, for example, if MS looked at the ISS fix and rejected
>>> using it for some reason do we?
>>
>> It's seems to do good enough, until such time MS finishes their own.
>> It would be the first time MS would have to reissue a patch.
>>
>>>
>>> ISS may have something released and that _is_ great, but that
>>> doesn't mean that MS haven't had problems.
>>
>> Again, if MS is actually having problems [total supposition] the
>> patch is good enough for the short term.
>
> <kurt>
> Says You.
> </kurt>

Yes. Have you tried it yourself? If you have, what about it isn't good
enough for you? Or are you content to just say "Says You." At least I went
on to say, " Says you. And if it really is true, is that a good enough
reason for accepting MS's slacking?" I didn't just say "Says You," I also
acknowledge the possibility that it just might be true.

<snip>

>
> Quite. I was trying to point out that the most exploited OS is
> "Brainware", the one in all our heads. That of course doesn't make
> the times MS fell down on the job ok.

Had this been one isolated time that MS has "fell down on the job," I'd
agree. But it's not, and this camels back has been broken. MS is incapable
of taking responsibility for their monopoly Swiss Cheese, and our gov'ts
need to step to protect the general public from MS's negligence.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Robert Moir wrote:

> kurttrail wrote:
>> Robert Moir wrote:
>>
>>> kurttrail wrote:
>>>
>>>> And I'm not really anti-MS, I'm pro-consumer-choice, and MS just
>>>> happens to be the biggest obstacle in the way of Consumer Choice.
>>>
>>> You know. You can go buy an Apple computer tomorrow running OS X.
>>> I've got an iBook right here on the desk besides the computer I'm
>>> using now and its very nice.
>>
>> Will the Apple OS run of my PC? Does the Apple OS run all the
>> programs I've purchased over the years? Will I have to give up my
>> computer education up to this point to start from scratch with
>> another OS? Can I afford to give up the computer system I've built
>> up over the years?
>
> Obviously not. There is a price to be paid for "switching". There is
> a price to pay to run XP in a more secure mode, and many people are
> unwilling to pay that much.

More like unknowing than unwilling.

>
>>> One thing though. It has these problems with buggy code that require
>>> you to download periodic updates. There is this especially nasty one
>>> with an exploit in how it handles DHCP.
>>
>> And your point is?
>
> That there isn't a panacea out there.

Ah, there may not be, but there are ways to lesson the effects on the
general public as a whole. See my other answer to this post.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:

> Robert Moir wrote:
>
>> kurttrail wrote:
>>
>>> And I'm not really anti-MS, I'm pro-consumer-choice, and MS just
>>> happens to be the biggest obstacle in the way of Consumer Choice.
>>
>> You know. You can go buy an Apple computer tomorrow running OS X.
>> I've got an iBook right here on the desk besides the computer I'm
>> using now and its very nice.
>>
>> One thing though. It has these problems with buggy code that require
>> you to download periodic updates. There is this especially nasty one
>> with an exploit in how it handles DHCP.
>
> Thank you for proving my point! What percentage of computer users
> were under threat of this AppleOS DHCP exploit? 2 to 4%! Not 95%!
> Now say there were 5 PCOS companies out there, and for the sake of
> argument let's say that they share the PCOS market equally, what
> percentage of users are potentially at risk by an exploit of any one
> given companies OS? That's right! 20%. Not 95%. So which PCOS
> market would be a safer for the general public, a market with one big
> fat-assed OS, or one with multiple OS where the risks are spread out
> over multiple targets?

http://msn-cnet.com.com/2100-7349_3-5147605.html?part=msn-cnet&subj=ns_2510&tag=mymsn

95% or 20%? Wouldn't it better to distribute the risk of computer nasties
among multiple OS platforms, than just grudgingly accept the 95% final
solution as our lot?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Although this discussion is a bit interesting, I have to bring up the point
that not many people are disagreeing on the actual points given, but their
interpretation of the points. A minor flaw, but certainly one seen in this
thread.

Also - I would like to point out that while the suggestion of
diversification could be considered valid in a security point of view, do
those suggesting it have any plan of action to help push this suggestion
into reality or are they "out of ideas" when it comes to teaching the masses
how to "think differently"? (*grin*)

The reason I bring that up is that the majority of users I know have trouble
doing the simplest of tasks on a computer - no matter their OS - learning
something "new" to them is a daunting task. Interest - to say the least -
is not there.

--
<- Shenan ->
--

Shenan Stanley wrote:

> Although this discussion is a bit interesting, I have to bring up the
> point that not many people are disagreeing on the actual points
> given, but their interpretation of the points. A minor flaw, but
> certainly one seen in this thread.
>
> Also - I would like to point out that while the suggestion of
> diversification could be considered valid in a security point of
> view, do those suggesting it have any plan of action to help push
> this suggestion into reality or are they "out of ideas" when it comes
> to teaching the masses how to "think differently"? (*grin*)
>
> The reason I bring that up is that the majority of users I know have
> trouble doing the simplest of tasks on a computer - no matter their
> OS - learning something "new" to them is a daunting task. Interest -
> to say the least - is not there.
>
> --
> <- Shenan ->


What? You want a detailed plan on how'd I think MS should be broken up?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

> Shenan Stanley wrote:
> Although this discussion is a bit interesting, I have to bring up the
> point that not many people are disagreeing on the actual points
> given, but their interpretation of the points. A minor flaw, but
> certainly one seen in this thread.
>
> Also - I would like to point out that while the suggestion of
> diversification could be considered valid in a security point of
> view, do those suggesting it have any plan of action to help push
> this suggestion into reality or are they "out of ideas" when it comes
> to teaching the masses how to "think differently"? (*grin*)
>
> The reason I bring that up is that the majority of users I know have
> trouble doing the simplest of tasks on a computer - no matter their
> OS - learning something "new" to them is a daunting task. Interest -
> to say the least - is not there.

kurttrail wrote:
> What? You want a detailed plan on how'd I think MS should be broken
> up?

That's up to you..

You seem to throw forth (a lot) that breaking Microsoft up (in some unknown
form) would make the world a more secure place and somehow end their
"monopoly" on the OS market.. Just how would Microsoft have to be split up
that would somehow create more competition and/or less of a monopoly of some
division of the broken up company?

--
<- Shenan ->
--

Shenan Stanley wrote:

>> Shenan Stanley wrote:
>> Although this discussion is a bit interesting, I have to bring up the
>> point that not many people are disagreeing on the actual points
>> given, but their interpretation of the points. A minor flaw, but
>> certainly one seen in this thread.
>>
>> Also - I would like to point out that while the suggestion of
>> diversification could be considered valid in a security point of
>> view, do those suggesting it have any plan of action to help push
>> this suggestion into reality or are they "out of ideas" when it comes
>> to teaching the masses how to "think differently"? (*grin*)
>>
>> The reason I bring that up is that the majority of users I know have
>> trouble doing the simplest of tasks on a computer - no matter their
>> OS - learning something "new" to them is a daunting task. Interest -
>> to say the least - is not there.
>
> kurttrail wrote:
>> What? You want a detailed plan on how'd I think MS should be broken
>> up?
>
> That's up to you..
>
> You seem to throw forth (a lot) that breaking Microsoft up (in some
> unknown form) would make the world a more secure place and somehow
> end their "monopoly" on the OS market.. Just how would Microsoft
> have to be split up that would somehow create more competition and/or
> less of a monopoly of some division of the broken up company?
>
> --
> <- Shenan ->

By making their OS Open Source, of course.

There would be no over-night way we can changed the One PC OS vulnerability,
but after fines and break up, the resulting broken up companies wouldn't
have the clout to dominate the market. It was done to MA Bell, it can be
done to MS. But of course it would take years to build a competive market.
I can go into much greater detail, but what is most important at the moment
is that people start to recognize that this One PC OS market is the biggest
whole in the general public's computer security, and blaming the MicroRape
victim won't solve a thing.

But what you should notice is that none of the guys argueing against me has
even bother to answer you, as they were really only to try to get me off my
topic, to protect their beloved MS. Are you suggesting that we should just
grudgingly accept the 95% final solution as our lot, and do nothing? What
would be your constructive idea to get us out of the One PC OS
target-basket? If the target stays the same, the schmucks that keep trying
to hit it, will only become better at hitting it, and hit it better and
bigger weapons. We can hide our heads in the sand, or we can start
pressuring our gov'ts to act in the bests interests of the public's welfare.
Microsoft has proven time and again they can't or won't act in our public
interest, it's time for our gov'ts to do something about it!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Shenan;
You may be better off to drop it.
I did when he showed his true self with his name calling.

Kurt's goal is apparently to keep his name on the Microsoft page with
the longest thread.
Note #6 on this link:
http://www.microsoft.com/windowsxp/expertzone/default.mspx
His excessive cross posting helps him further his goal.

He is also very free to suggest others make their own property "Open
Source".
Doubtful he set the proper example by giving all his services/property
away for free.
..
--
Jupiter Jones [MVP]
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
http://www3.telus.net/dandemar/


"Shenan Stanley" > wrote in message
...
> You seem to throw forth (a lot) that breaking Microsoft up (in some
unknown
> form) would make the world a more secure place and somehow end their
> "monopoly" on the OS market.. Just how would Microsoft have to be
split up
> that would somehow create more competition and/or less of a monopoly
of some
> division of the broken up company?
>
> --
> <- Shenan ->

Jupiter Jones [MVP] wrote:

> Shenan;
> You may be better off to drop it.
> I did when he showed his true self with his name calling.
>
> Kurt's goal is apparently to keep his name on the Microsoft page with
> the longest thread.
> Note #6 on this link:
> http://www.microsoft.com/windowsxp/expertzone/default.mspx
> His excessive cross posting helps him further his goal.
>
> He is also very free to suggest others make their own property "Open
> Source".
> Doubtful he set the proper example by giving all his services/property
> away for free.
> .
>
> "Shenan Stanley" > wrote in message
> ...
>> You seem to throw forth (a lot) that breaking Microsoft up (in some
>> unknown form) would make the world a more secure place and somehow
>> end their "monopoly" on the OS market.. Just how would Microsoft
>> have to be split up that would somehow create more competition
>> and/or less of a monopoly of some division of the broken up company?
>>
>> --
>> <- Shenan ->

No you ran away. And exactly what name did I call you?

"Stay on topic, answer the question, and stop playing your WinTroll games,
Juppy."

I used WinTroll to describe your games, not you, so you must have the
problem with "Juppy."

Time for "Juppy" to run away again!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:

> But what you should notice is that none of the guys argueing against
> me has even bother to answer you, as they were really only to try to
> get me off my topic, to protect their beloved MS.

Actually, I was in bed asleep and then at work all day. The world is a very
big place Kurt and not all of us live in the same timezone as you.

And I don't see the point of continuing a "discussion" with someone who has
such a narrow view of the world. Good day to you sir.

Jupiter Jones [MVP] wrote:

> Shenan;
> You may be better off to drop it.
> I did when he showed his true self with his name calling.

I already covered this.

> Kurt's goal is apparently to keep his name on the Microsoft page with
> the longest thread.
> Note #6 on this link:
> http://www.microsoft.com/windowsxp/expertzone/default.mspx

When did MS add this feature? This is actually the first I've heard of it.
I must say I find it hysterical! I should have cross-posted this with
alt.os.windows-xp too. I would have been number one on the list!

> His excessive cross posting helps him further his goal.

6 group isn't all that excessive, and I have valid reasons why I posted this
thread in each.

>
> He is also very free to suggest others make their own property "Open
> Source".

No, I was suggesting that our gov'ts do it for MS, in order to protect the
general public from the MicroTarget.

> Doubtful he set the proper example by giving all his services/property
> away for free.

First off, MS's software is neither a service or property, it is copyrighted
material.

And I do freely give of my copyrighted material. http://kurttrail.com &
http://microscum.com

More MicroTroll games, Juppy? I'm not afraid to sink down to you level, if
you're up for it.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Robert Moir wrote:

> kurttrail wrote:
>
>> But what you should notice is that none of the guys argueing against
>> me has even bother to answer you, as they were really only to try to
>> get me off my topic, to protect their beloved MS.
>
> Actually, I was in bed asleep and then at work all day. The world is
> a very big place Kurt and not all of us live in the same timezone as
> you.
>
> And I don't see the point of continuing a "discussion" with someone
> who has such a narrow view of the world. Good day to you sir.

Robert - "It [the MacOS] has these problems with buggy code that require you
to
download periodic updates. There is this especially nasty one with an
exploit in how it handles DHCP."

Kurt - "Thank you for proving my point! What percentage of computer users
were
under threat of this AppleOS DHCP exploit? 2 to 4%! Not 95%! Now say
there were 5 PCOS companies out there, and for the sake of argument let's
say that they share the PCOS market equally, what percentage of users are
potentially at risk by an exploit of any one given companies OS? That's
right! 20%. Not 95%. So which PCOS market would be a safer for the
general public, a market with one big fat-assed OS, or one with multiple
OS[s]
where the risks are spread out over multiple targets?"

Couldn't find a way to answer that without admitting I'm right, huh?

I do believe you're the one with the narrow view. Good day to you too, sir!
<vbg>

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

In article >, in the
microsoft.public.security news group, kurttrail
> says...

> "[T]he link is formatted
>

Please don't feed the trolls, if you do, they tend to hang around.


--
Paul Adare
Moral indignation is jealousy with a halo.
H. G. Wells, The Wife of Sir Isaac Harman

Paul Adare wrote:

> In article >, in the
> microsoft.public.security news group, kurttrail
> > says...
>
>> "[T]he link is formatted
>>
>
> Please don't feed the trolls, if you do, they tend to hang around.
>
>
> --
> Paul Adare
> Moral indignation is jealousy with a halo.
> H. G. Wells, The Wife of Sir Isaac Harman

You do realize that this thread had just about run it's course, don't you?


And if I were really a troll, I'd get off on morons like you telling others
not to feed me. Parroting the "Don't feed the troll" line, is just more
troll food, and is just a unnecessary display of your moral indignation.
It's a pity that you aren't bright enough to figure that you're not only a
witless TrollFeeder, but you're also showing your jealousy with a halo.

Have A Nice Day! <vbeg>

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Shenan Stanley wrote:

> Shenan Stanley wrote:
>> Although this discussion is a bit interesting, I have to bring up the
>> point that not many people are disagreeing on the actual points
>> given, but their interpretation of the points. A minor flaw, but
>> certainly one seen in this thread.
>>
>> Also - I would like to point out that while the suggestion of
>> diversification could be considered valid in a security point of
>> view, do those suggesting it have any plan of action to help push
>> this suggestion into reality or are they "out of ideas" when it comes
>> to teaching the masses how to "think differently"? (*grin*)
>>
>> The reason I bring that up is that the majority of users I know have
>> trouble doing the simplest of tasks on a computer - no matter their
>> OS - learning something "new" to them is a daunting task. Interest -
>> to say the least - is not there.
>
> kurttrail wrote:
>> What? You want a detailed plan on how'd I think MS should be broken
>> up?
>
> Shenan Stanley wrote:
>> That's up to you..
>>
>> You seem to throw forth (a lot) that breaking Microsoft up (in some
>> unknown form) would make the world a more secure place and somehow
>> end their "monopoly" on the OS market.. Just how would Microsoft
>> have to be split up that would somehow create more competition and/or
>> less of a monopoly of some division of the broken up company?
>
> D'oh! I just noticed that this thread spreads across WAY too many
> groups.. When did it become necessary to cross post to discuss
> something?!

When the subject affects more that one group. Why are all newsreaders set
up to allow cross-posting? Because there is nothing intinsically wrong with
cross-posting, that's why.

So instead of bitchin' about something that is perfectly acceptable, why
don't you try and answer the questions I asked you.

"Are you suggesting that we should just grudgingly accept the 95% final
solution as our lot, and do nothing? What would be your constructive idea
to get us out of the One PC OS target-basket?"

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Shenan Stanley wrote:

> Everyone always brings up MaBell when this subject rolls around about
> Microsoft. The problem I see is that the comparison, while holding
> some validity, falls short in many ways. Essentially - service vs
> product monopoly. The idea is the same, but there are some subtle
> differences when you think on it that doesn't guarantee changes if
> just a break-up occurs.

Well, I could go back to Standard Oil! I agree that there is no exact
comparison with either, but the general principal remains valid. Breakup of
the monopoly was necessary for the good of society as a whole.

> As for going open-source.. the idea sounds pleasing at first, except
> when you consider that it probably wouldn't go anywhere for decades
> and then the fear would be too much diversity.

I'd guess somewhere under a decade to develop a stable competitive market.

> If I change jobs
> and/or move to another state, will I be using "Kurttrail's Office
> Suite" on "Megalard's Doors" OS where I was used to working on
> "Smiley's Productivity Set" on "Big Tex's" OS? Simpler yet - can
> Kurttrail's Office Suite read my Smiley's Productivity Set
> spreadsheet, modify it and send it back to me in a format I can edit
> again?

OK, I need to clarify this misunderstanding. I only meant that Windows, for
the most part, would go open source. I was being vague with you, because I
thought you were being like the other guys, just more subtle, so I trying to
smoke you out. Sorry, those other guys were just trying to defend MS at any
cost, and that cost was proving my point for me, with their own examples.

OK. So only Windows goes Open Source, what happens with the rest of MS?
Business Apps and services would be the main part of MS that would survive,
but with the condition that their file formats were non-proprietary, and
it's present file formats would be open to all. Office really isn't all
that much of a monopoly on it's own, and without proprietary file formats &
the Windows OS to back it up, so Star Office, Perfect Office, & Open Office
will have the opportunity to play in the office apps market on a fair
playing field, all playing under the same rules. Windows Media Player,
Messenger, MovieMaker, and the rest of the MS-bundle middleware except IE
would be the moved to the new Office Systems Corp, [As a condition of the
breakup Microsoft name would be prohibited from being used ever again. So
let it be written, so let it be done!] along with MS's Business Services
division. While Office Systems would still be the dominate player for
years, their market share would diminish with time.

Now we get to MSN and the rest of the MS's net holdings, and we sell it off
to the highest bidder. [Google ends up buying it, forcing the AOL/Yahoo
merger.] The XBox & MS's gaming software division are made into the XBox
Games Corp. [And buys out Nintendo.] Ok, so the break up of MS creates
other mega-companies, nobodies perfect, and at least there will still be
competition in those markets, and during the decade or so it takes for the
dust to settle other players might join in on those markets.

> I know - that's a bit extreme, but it is not (other than the names)
> completely impossible to imagine. Right now Office on the MAC
> sometimes has trouble with Office on the PC documents.. And Open
> Office doesn't read everything about Word or WordPerfect documents
> flawlessly. If you open the field too much without standards already
> in place (there isn't any now.. And there likely wouldn't be until
> after this became an actual problem) - you may be asking for trouble.
> That's just an opinion and one possibility - so it's not necessarily
> what I *believe* would happen - but a possibility.

As long as you understand that I just talking in hypotheticals too. Believe
me, the consequences of the breakup of MS would definitely not be all that
smooth. You can't make an omelet without breaking a few eggs.

> I think before we go screaming "Open Source" and "Break Up
> Microsoft", we should consider forcing them to follow some standards
> that we come out with.

Three years ago, I'd be with you on that. But the security situation has
heated up to a point that it is totally foolhardy to continue down this same
path, where there is really only one target to hit. The bigger & better
guns are coming, and MS target is just too big to miss.

http://www.ccianet.org/papers/cyberinsecurity.pdf

> One reason they have a large market share is
> because it's easy to use and most people will act like electricity at
> all times.. "Take the shortest path to ground." The right attitude?
> Maybe not - but I could never, in good conscience, say that the way
> everything (software/market share) is today is just Microsoft's fault
> - it's also people in general and their innate laziness or, rather
> than calling the whole human race lazy - how about "lack of
> interest". Your common computer user wants to sit down and use their
> computer to surf the web, get their email, pay some bills - and then
> go back to TV/sports/music/cooking/knitting/whatever their real
> interest is. So - they are not willing or just don't see the point
> in learning enough to use something other than "point and click and
> you have 5 ways to do almost every task."
>
> So, hey, I do not totally disagree with your convictions. I think
> you are on one end of a large spectrum and there will be, naturally,
> another side of the story. I lie somewhere in the middle - as most
> "computer people" do. I can use just about any OS/application you
> throw at me - whether I do or not has a lot to do with my desire in
> that particular app. If Microsoft broke up, if Windows went open
> source, if Lindows started becoming the OS of choice - I would adapt
> and move on. I support my customers/family/friends with the
> knowledge I have and taking their needs into consideration - and with
> all of that in mind - Windows is still on top for the end-user OS in
> my mind. It has the most apps/drivers/hardware configuration
> possibilities of any OS with the least amount of TRUE effort on the
> end-users part. This appeals to the "non-interested, gimme my Final
> Fantasy and the rest of the computer can rot" persona as well as the
> "less casual and intense cannot live without my email, spreadsheet,
> gaming system with the water cooling and remote control" individual.

I agree.

> Preach on - I will listen - and you've at least - if nothing else -
> made me consider things I might not have before.

Well, I have quite finished the MS Break-up story, have I? That's right
what really happens to Windows once it is Open Source. SCO immediately puts
out XPSP2 under the name of SCOdows, and is immediately sued by LindowsOS
for infringing on their trademark. In 2007, SCO releases SCOhorn, without
the SCOFS. In 2008, SCO goes bankrupt as SCOhorn is a total disaster,
because of disgruntled former MS employees sabotage, and IBM buys SCO, just
for spite.

Let's get back to just after the breakup. RedHat & Novell compete to see
who can get Windows APIs ported in their version of Linux first, but is
beaten to the punch by Xandros, in the first quarter of 2004. Symantec puts
out their version, which they call Wintec, based on 2K but with V2i
security, making it the most bomb proof Win-Clone OS, because on any
catastrophic OS failure, on reboot, the last known working OS setup would be
reloaded in minutes, without any user or tech intervention. Symantec stock
soars on the strength of its VL sales, and OEM licensing deal with Dell.
Sun releases JavaXP, and it does well for a time, especially of home users,
until the Linux boys port the WinAPIs into Linux . . . .

Though I quite aware that none of this is really gonna happen this year or
probably anytime soon, I do believe that some breakup of MS is inevitable
based on their past actions, those since the Anti-Trust settlement, and
because MS's OS is gonna get hit so bad one day, and probably sooner than
later, that are gov'ts will be forced to act. And while the breakup of MS
may well narrow competition in its non-OS markets in the short term, the
Open Sourcing of Windows and its APIs could well become a truly competitive
market in 5 years time.

> But - perhaps you
> should cross-post less. *grin*

I can't even remember the last time I cross-posted to multiple groups, and
this thread is relevant to all the groups I choose, so in this case I am not
gonna feel the least bit guilty adding back all the groups you cut from your
reply. ;-)

Thanks for being a mensch!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Shenan Stanley wrote:

> Responses inline..
>
>> kurttrail wrote:
>>> Shenan Stanley wrote:
>
>>> Everyone always brings up MaBell when this subject rolls around
>>> about Microsoft. The problem I see is that the comparison, while
>>> holding
>>> some validity, falls short in many ways. Essentially - service vs
>>> product monopoly. The idea is the same, but there are some subtle
>>> differences when you think on it that doesn't guarantee changes if
>>> just a break-up occurs.
>>
>> Well, I could go back to Standard Oil! I agree that there is no
>> exact comparison with either, but the general principal remains
>> valid.
>> Breakup of the monopoly was necessary for the good of society as a
>> whole.
>
>
> I cannot find any flaw in the generalized logic here. I would have
> to even say I agree. Perhaps this particular monopoly has outgrown
> any of the examples discussed so far - at least in terms of
> impact/spread. The influence of MS does extend beyond any example I
> can think of, including those given so far.
>
>
>>> As for going open-source.. the idea sounds pleasing at first, except
>>> when you consider that it probably wouldn't go anywhere for decades
>>> and then the fear would be too much diversity.
>>
>> I'd guess somewhere under a decade to develop a stable competitive
>> market.
>
>
> Although I can see it happening within a decade, I'm not going to
> change my original answer here. It's likely it would take a decade
> or more, but we are talking true hypotheticals here - Let's just say
> I agree it WOULD stabalize at some point - it would not be quick.

Totally agree.

>
>
>>> If I change jobs
>>> and/or move to another state, will I be using "Kurttrail's Office
>>> Suite" on "Megalard's Doors" OS where I was used to working on
>>> "Smiley's Productivity Set" on "Big Tex's" OS? Simpler yet - can
>>> Kurttrail's Office Suite read my Smiley's Productivity Set
>>> spreadsheet, modify it and send it back to me in a format I can edit

>>> again?
>>
>> OK, I need to clarify this misunderstanding. I only meant that
>> Windows, for the most part, would go open source. I was being vague
>> with you, because I thought you were being like the other guys, just
>> more subtle, so I trying to smoke you out. Sorry, those other guys
>> were just trying to defend MS at any cost, and that cost was proving
>> my point for me, with their own examples.
>>
>> OK. So only Windows goes Open Source, what happens with the rest of
>> MS? Business Apps and services would be the main part of MS that
>> would survive, but with the condition that their file formats were
>> non-proprietary, and it's present file formats would be open to all.
>> Office really isn't all that much of a monopoly on it's own, and
>> without proprietary file formats & the Windows OS to back it up, so
>> Star Office, Perfect Office, & Open Office will have the opportunity
>> to play in the office apps market on a fair playing field, all
>> playing under the same rules. Windows Media Player, Messenger,
>> MovieMaker, and the rest of the MS-bundle middleware except IE would
>> be the moved to the new Office Systems Corp, [As a condition of the
>> breakup Microsoft name would be prohibited from being used ever
>> again. So let it be written, so let it be done!] along with MS's
>> Business Services division. While Office Systems would still be the
>> dominate player for years, their market share would diminish with
>> time.
>>
>> Now we get to MSN and the rest of the MS's net holdings, and we sell
>> it off to the highest bidder. [Google ends up buying it, forcing the
>> AOL/Yahoo merger.] The XBox & MS's gaming software division are made
>> into the XBox Games Corp. [And buys out Nintendo.] Ok, so the break
>> up of MS creates other mega-companies, nobodies perfect, and at least
>> there will still be competition in those markets, and during the
>> decade or so it takes for the dust to settle other players might join
>> in on those markets.
>
>
> Ah - now see this makes things more interesting for me. Not only
> does JUST making Windows open source make more sense (*to me) but it
> actually would make the playing field more even in a quicker fashion.
> It does add some possibility that one of the other guys (*nix/novell)
> adds what little they need to have full use of the current office
> suites and quickly takes the ball and runs for a while (they become
> the "big-boy OS on the block") - but I think that would fade over
> time.
>
>
>>> I know - that's a bit extreme, but it is not (other than the names)
>>> completely impossible to imagine. Right now Office on the MAC
>>> sometimes has trouble with Office on the PC documents.. And Open
>>> Office doesn't read everything about Word or WordPerfect documents
>>> flawlessly. If you open the field too much without standards
>>> already
>>> in place (there isn't any now.. And there likely wouldn't be until
>>> after this became an actual problem) - you may be asking for
>>> trouble. That's just an opinion and one possibility - so it's not
>>> necessarily what I believe would happen - but a possibility.
>>
>> As long as you understand that I just talking in hypotheticals too.
>> Believe me, the consequences of the breakup of MS would definitely
>> not be all that smooth. You can't make an omelet without breaking a
>> few eggs.
>
>
> I can agree on that.
>
>
>>> I think before we go screaming "Open Source" and "Break Up
>>> Microsoft", we should consider forcing them to follow some standards
>>> that we come out with.
>>
>> Three years ago, I'd be with you on that. But the security situation
>> has heated up to a point that it is totally foolhardy to continue
>> down this same path, where there is really only one target to hit.
>> The bigger & better guns are coming, and MS target is just too big to
>> miss.
>>
>> http://www.ccianet.org/papers/cyberinsecurity.pdf
>
>
> Very nice reading.. In fact - in many ways it makes the points you
> have presented very nearly for you. I will only add here that if
> anyone reading this thread does not have Acrobat Reader (which is
> weird - but possible) but can see HTML - may read the PDF converted
> to HTML here:
>
> http://www.macleans.net/MRHS59/cyberinsecurity.html
>
> *Advice to the masses that may read this:*
> Even if you believe that some of the ideas here(in this thread) are a
> bit radical, the document above (I bet there are more like it out
> there) does make good reading and thought provoking material. Some
> may argue that fact with me, but I think you cannot truly make a
> decision until you see all sides of something - radical or not. Some
> of the best results I have ever gotten out of any project started
> with someone saying something completely off-the-wall and a group
> "whittling it down" to the core. If you don't have the same
> feelings/experiences - throw them out into the fray here - I, for
> one, am willing to see more viewpoints.
>
>
>>> One reason they have a large market share is
>>> because it's easy to use and most people will act like electricity
>>> at all times.. "Take the shortest path to ground." The right
>>> attitude? Maybe not - but I could never, in good conscience, say
>>> that the way everything (software/market share) is today is just
>>> Microsoft's fault - it's also people in general and their innate
>>> laziness or, rather
>>> than calling the whole human race lazy - how about "lack of
>>> interest". Your common computer user wants to sit down and use
>>> their computer to surf the web, get their email, pay some bills -
>>> and then
>>> go back to TV/sports/music/cooking/knitting/whatever their real
>>> interest is. So - they are not willing or just don't see the point
>>> in learning enough to use something other than "point and click and
>>> you have 5 ways to do almost every task."
>>>
>>> So, hey, I do not totally disagree with your convictions. I think
>>> you are on one end of a large spectrum and there will be, naturally,
>>> another side of the story. I lie somewhere in the middle - as most
>>> "computer people" do. I can use just about any OS/application you
>>> throw at me - whether I do or not has a lot to do with my desire in
>>> that particular app. If Microsoft broke up, if Windows went open
>>> source, if Lindows started becoming the OS of choice - I would adapt
>>> and move on. I support my customers/family/friends with the
>>> knowledge I have and taking their needs into consideration - and
>>> with all of that in mind - Windows is still on top for the end-user
>>> OS in
>>> my mind. It has the most apps/drivers/hardware configuration
>>> possibilities of any OS with the least amount of TRUE effort on the
>>> end-users part. This appeals to the "non-interested, gimme my Final
>>> Fantasy and the rest of the computer can rot" persona as well as the
>>> "less casual and intense cannot live without my email, spreadsheet,
>>> gaming system with the water cooling and remote control" individual.
>>
>> I agree.
>
>
> There's one point I cannot disagree with. grin
>
>
>>> Preach on - I will listen - and you've at least - if nothing else -
>>> made me consider things I might not have before.
>>
>> Well, I have quite finished the MS Break-up story, have I? That's
>> right what really happens to Windows once it is Open Source. SCO
>> immediately puts out XPSP2 under the name of SCOdows, and is
>> immediately sued by LindowsOS for infringing on their trademark. In
>> 2007, SCO releases SCOhorn, without the SCOFS. In 2008, SCO goes
>> bankrupt as SCOhorn is a total disaster, because of disgruntled
>> former MS employees sabotage, and IBM buys SCO, just for spite.
>>
>> Let's get back to just after the breakup. RedHat & Novell compete to
>> see who can get Windows APIs ported in their version of Linux first,
>> but is beaten to the punch by Xandros, in the first quarter of 2004.
>> Symantec puts out their version, which they call Wintec, based on 2K
>> but with V2i security, making it the most bomb proof Win-Clone OS,
>> because on any catastrophic OS failure, on reboot, the last known
>> working OS setup would be reloaded in minutes, without any user or
>> tech intervention. Symantec stock soars on the strength of its VL
>> sales, and OEM licensing deal with Dell. Sun releases JavaXP, and it
>> does well for a time, especially of home users, until the Linux boys
>> port the WinAPIs into Linux . . . .
>>
>> Though I quite aware that none of this is really gonna happen this
>> year or probably anytime soon, I do believe that some breakup of MS
>> is inevitable based on their past actions, those since the Anti-Trust
>> settlement, and because MS's OS is gonna get hit so bad one day, and
>> probably sooner than later, that are gov'ts will be forced to act.
>> And while the breakup of MS may well narrow competition in its non-OS
>> markets in the short term, the Open Sourcing of Windows and its APIs
>> could well become a truly competitive market in 5 years time.
>
>
> Now that is a well thought out theoretical world. I can see all of
> that as distinct possibilities after a MS breakup - if one were to
> occur. Truly, it proves the point that anything - at least more than
> now - would be possible to occur in the OS market.
>
> The real "time for change" factor would be the people. I go back to
> my earlier story enclosing the idea that "people act like
> electricity". How many times a day do I already deal with "Why did
> we have to change - things were great the way they were?!" - and just
> shake my head? (Let's just say "too much" and leave it at that!)

!

> The same attitude would be taken by the majority of end-users of the
> product. The only big advantage I see (going along the theories laid
> out in this thgread about a breakup) is that there are still a lot of
> people using Windows 98 and BEFORE that have not made the XP switch..
> But as time passes, more and more people switch and as they get over
> their initial "This is different, this sucks, I used to click here
> and this did that, but now it's different" - hate of change - they
> are likely to stick with that until forced to change.

Most of those people still using 9x/ME just haven't bought a new
computer since XP was released. What "forces" most people to upgrade is
buying a new OEM computer.

>
> Here's a new theoretical for you (based on all - including the new
> part directly above).. With the MS OS going "open source", would
> that slow hardware advancement and/or allow those who have changed
> recently and gotten comfortable with the latest OS to be even more
> lethargic because now - with competition - coding gets better and
> better and so it runs on less powerful hardware and because they
> don't see anything "better" out there yet and their stuff still
> functions - it gives them longer to NOT CHANGE - thus extending the
> turmoil further into the future than it would be if people were more
> willing to change. (Sorry - run on sentence - hope it makes sense.)
> Essentially, I see the possibility that it will be the end-user that
> extends the life of the MS name - not any doing of the corporations.

In effect, that situation is kinda happening now, in the corporate
world, where many IT departments haven't adopted Windows XP and/or Sever
2003 & Office XP and/or Office 2003. The expense and hassle of
upgrading out weighs any of the benifits of using the newest software.

No doubt the name of Microsoft would live long after its hypothethical
demise.

>
> Which brought up another thought. What happens to those(end-users)
> that do stay and (albeit an imperfect method, it is a good idea in
> concept) depend on the WindowsUpdate site to help them be more secure
> - who gets that and the responsibility that goes with it to maintain
> the support for the OS that is out there for its conceivable life?

Oh, I didn't mention that I didn't mention that Bill goes back to his
garage. [Joking.] Good point. Hadn't considered it actually, but
there could be an interim period after the break up where the Office
Systems Corp. would develop patches & host WinUpdate, 5 to 7 years.

>
>>> But - perhaps you
>>> should cross-post less. grin
>>
>> I can't even remember the last time I cross-posted to multiple
>> groups, and this thread is relevant to all the groups I choose, so in
>> this case I am not gonna feel the least bit guilty adding back all
>> the groups you cut from your reply.
>
>
> Although I agree with the idea that the thread would be relevant (at
> least a good read) to several of the groups - including some you do
> not include - I stick to my "drilled in" netiquette and post on only
> one of them. What you do, that is entirely up to you.

That would be the Post-AOL version of USENET netiquette. But I would
agree that excessive chronic cross-posting is annoying, but it's not
like I do it every day, or even every month.

>> Thanks for being a mensch!
>
>
> hah - No problem. Thank you for the compliment.
>
> A discussion isn't a true discussion without opposing sides - or at
> least different points-of-view. Thank you for taking the time to
> respond to me in terms (true hypothetical situations) that make the
> points not only clearer to me, but perhaps anyone else reading this
> thread. It's always easy to throw out an argument - backing it up is
> the part most people dread.
>
> I would like to add that the reason I did not respond faster was
> work/life related. I may take a while to respond sometimes, but if
> the topic is decent - I'll get to it.

Well it took me a day to realize that you had cut out all the groups
except this one, as I've been keeping up with it through xp.general, you
sly dog you! This has definitely been a refreshing change for me from
the conversations I'm used to having! Thanks again.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:

http://zdnet.com.com/2100-1104_2-5149066.html

More & more, people are wising up that MS is the problem, not a part of
the solution.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

"Sounds like you are very jealous of Kurt. He is a bright
light amongst a bunch of dimwits."

We know that you wrote this Kurt. Go back to your Dungeons and Dragons.

Robert Moir wrote:

<snipped on both ends>

> If I thought they were waiting to include it in a roll-up fix then I
> would/will agree with you. I've not seen anything pointing to that
> myself, I'm assuming that fixing this is more trouble than it
> appeared at first and they've had to go back to it a couple of times.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-004.asp

Well they waited to fix it to included in a IE cumulative patch! You
guys should really learn to listen to me!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Scrolling issues also confirmed to be fixed by this previous post.

From: "The PocketTV Team" <>
Subject: KB832894 patch fixes IE6 double-scroll bug
Date: Mon, 2 Feb 2004 17:49:04 -0800
Organization: PocketTV - http://www.pockettv.com

FYI:

MS just fixed the double-scroll bug in their latest IE6 patch, released
today (KB832894).

see
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/Bulletin/MS04-004.asp

This bug fix is not documented in the patch information, but this latest
patch
silently fixes the double-scroll bug introduced in the Q824145/K824145
"update".
--

Henri Leboeuf
Web page: http://www.generation.net/~hleboeuf/index.htm


"kurttrail" > wrote in message
...
> Robert Moir wrote:
>
> <snipped on both ends>
>
> > If I thought they were waiting to include it in a roll-up fix then I
> > would/will agree with you. I've not seen anything pointing to that
> > myself, I'm assuming that fixing this is more trouble than it
> > appeared at first and they've had to go back to it a couple of times.
>
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS04-004.asp
>
> Well they waited to fix it to included in a IE cumulative patch! You
> guys should really learn to listen to me!
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"
>
>

H Leboeuf wrote:

> Scrolling issues also confirmed to be fixed by this previous post.
>
> From: "The PocketTV Team" <>
> Subject: KB832894 patch fixes IE6 double-scroll bug
> Date: Mon, 2 Feb 2004 17:49:04 -0800
> Organization: PocketTV - http://www.pockettv.com
>
> FYI:
>
> MS just fixed the double-scroll bug in their latest IE6 patch,
> released today (KB832894).
>
> see
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/Bulletin/MS04-004.asp
>
> This bug fix is not documented in the patch information, but this
> latest patch
> silently fixes the double-scroll bug introduced in the Q824145/K824145
> "update".
>

<shaking head>

And they didn't document it. I guess the extra paragraph would have cut
into their bottom line!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Microsoft doesn't make only one OS.

WinXP has a different oleaut32.dll than Win2k than Win9x than
DOS. Point in case, Microsoft has gone the route of selling 20
operating systems all different in many ways, all similar in many
ways. A global attack on Windows machines won't affect every
Microsoft OS and probably won't even touch DOS.

Being that DOS IS a variation of Unix whats the difference? That
DOS uses a backslash and Unix uses a forward slash?

I'm just being stupid by posting to this message, but I think I have
a somewhat unobtrusive point to present.

--
Jim Carlock
http://www.microcosmotalk.com/
Post replies to the newsgroup.


"kurttrail" > wrote in message
...
Jupiter Jones [MVP] wrote:

> Kurt;
> Stay with your facts.

I did, notice that I was quoting myself.

> I never even suggested "one big target of an OS" is the way to go.

You were disputing my arguement that MS's monopoy OS is what is the biggest
security hole for the general public by blaming the general public.

> Those are your words and ideas.

Which you were trying to dispute by blaming the victims, rather than the
delivery system of being locked into one big fat target of a Desktop OS.

> You seem to need to falsely put statements to others in order to
> support your ideas.

No, I trying to actually get you to confront my ideas, instead of doing the
side-step shuffle to protect your Masters.

> To bad you can not support your point on its own merit.

I already have, it's you that have not support any contrary point the
dimishes my opinion in the slightest bit.

> Furthermore you start to name calling.

What else could you be called when you only answer that most inconsequential
part of my post, and leave the meat of it untouched? That's exactly the
tactics of a troll.

> Name calling is strong evidence that you lack the ability to support
> your own point of view.

My point has been proved, and only the MicroDeafDumb&Blind can't see it.
MS's desktop OS monopoly is the biggest security risk for the general public
today, because that one giant-assed target can't help from getting hit.

It's a hell of a lot easier to hit one bird with one stone, than two birds
with one stone. I have common sense on my side, you have only your
unwavering devotion to MS to back you up.

Thank you!

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Can we cut out the crossposts?

BTW, I'd put money down you wouldn't find oleaut32.dll in DOS.... DOS has no
DLLs, for starters. It doesn't support object linking and embedding (OLE,)
and it's not 32 bit...



"Jim Carlock" > wrote in message
...
> Microsoft doesn't make only one OS.
>
> WinXP has a different oleaut32.dll than Win2k than Win9x than
> DOS. Point in case, Microsoft has gone the route of selling 20
> operating systems all different in many ways, all similar in many
> ways. A global attack on Windows machines won't affect every
> Microsoft OS and probably won't even touch DOS.
>
> Being that DOS IS a variation of Unix whats the difference? That
> DOS uses a backslash and Unix uses a forward slash?
>
> I'm just being stupid by posting to this message, but I think I have
> a somewhat unobtrusive point to present.
>
> --
> Jim Carlock
> http://www.microcosmotalk.com/
> Post replies to the newsgroup.
>
>
> "kurttrail" > wrote in message
> ...
> Jupiter Jones [MVP] wrote:
>
> > Kurt;
> > Stay with your facts.
>
> I did, notice that I was quoting myself.
>
> > I never even suggested "one big target of an OS" is the way to go.
>
> You were disputing my arguement that MS's monopoy OS is what is the
biggest
> security hole for the general public by blaming the general public.
>
> > Those are your words and ideas.
>
> Which you were trying to dispute by blaming the victims, rather than the
> delivery system of being locked into one big fat target of a Desktop OS.
>
> > You seem to need to falsely put statements to others in order to
> > support your ideas.
>
> No, I trying to actually get you to confront my ideas, instead of doing
the
> side-step shuffle to protect your Masters.
>
> > To bad you can not support your point on its own merit.
>
> I already have, it's you that have not support any contrary point the
> dimishes my opinion in the slightest bit.
>
> > Furthermore you start to name calling.
>
> What else could you be called when you only answer that most
inconsequential
> part of my post, and leave the meat of it untouched? That's exactly the
> tactics of a troll.
>
> > Name calling is strong evidence that you lack the ability to support
> > your own point of view.
>
> My point has been proved, and only the MicroDeafDumb&Blind can't see it.
> MS's desktop OS monopoly is the biggest security risk for the general
public
> today, because that one giant-assed target can't help from getting hit.
>
> It's a hell of a lot easier to hit one bird with one stone, than two birds
> with one stone. I have common sense on my side, you have only your
> unwavering devotion to MS to back you up.
>
> Thank you!
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"
>
>
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.631 / Virus Database: 404 - Release Date: 3/17/2004

Xref: kermit microsoft.public.windows.inetexplorer.ie6.browser: 286222 microsoft.public.windowsxp.general:1020330 microsoft.public.windowsxp.network_web:194256 microsoft.public.windowsxp.newusers:125151 microsoft.public.windowsxp.security_admin:141127

"Jim Carlock" > wrote:

>Microsoft doesn't make only one OS.

>WinXP has a different oleaut32.dll than Win2k than Win9x than
>DOS. Point in case, Microsoft has gone the route of selling 20
>operating systems all different in many ways, all similar in many
>ways. A global attack on Windows machines won't affect every
>Microsoft OS and probably won't even touch DOS.

MS currently sells XP Home, XP Pro and Server 2003. I'm not sure
whether they are currently selling Win2000 (but I don't think so).
That's far fewer than 20 operating systems. A global attack on any MS
system will affect *many, many* computers. How many has Blaster hit?
No, it won't affect DOS, but how many computers use DOS anymore?


>Being that DOS IS a variation of Unix whats the difference? That
>DOS uses a backslash and Unix uses a forward slash?

DOS is in some ways a pale imitation of Unix. But DOS cannot be said
to be a variation of Unix, there are HUGE differences. Unix was built
to be a multi-user OS to be run on quite large machines. DOS was built
to run on tiny computers that would have all they could do to handle a
single user. They have very little in common.

--
Tim Slattery
MS MVP(DTS)

In article >, Tim Slattery > wrote:
>MS currently sells XP Home, XP Pro and Server 2003. I'm not sure
>whether they are currently selling Win2000 (but I don't think so).
>That's far fewer than 20 operating systems. A global attack on any MS
>system will affect *many, many* computers. How many has Blaster hit?
>No, it won't affect DOS, but how many computers use DOS anymore?

And yet, and yet, and yet... How big of an effect has Blaster had on the
world? Sure it's caused some significant expenditure on cleanup, but for
the most part, trains have continued to run, airplanes are still flying,
life-support monitors are still running, but Jim down the road can't get
Solitaire to work, because his machine's too busy sending worm-seed through
his ADSL line.

A focussed, terrorist attack on Windows would need to be orders of magnitude
more successful in order to merit anything more than "oh, great, another
dateless zit-pocked teenager has found out how to run a root kit".

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place | .
Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.

"Alun Jones [MS MVP]" > wrote in message
m...

> A focussed, terrorist attack on Windows would need to be orders of
> magnitude
> more successful in order to merit anything more than "oh, great, another
> dateless zit-pocked teenager has found out how to run a root kit".

<LOL> I love this; can I quote you? <G>

--
Hyperlinks are used to ensure advice remains current
Do NOT send me an email. I will NOT see it (thank the spammers and viruses)
_______________________________________
Sandi - Microsoft MVP since 1999 (IE/OE)
http://www.mvps.org/inetexplorer

In article >, "Sandi - Microsoft MVP" > wrote:
>"Alun Jones [MS MVP]" > wrote in message
m...
>
>> A focussed, terrorist attack on Windows would need to be orders of
>> magnitude
>> more successful in order to merit anything more than "oh, great, another
>> dateless zit-pocked teenager has found out how to run a root kit".
>
><LOL> I love this; can I quote you? <G>

Please do. Quite frankly, I'm more bored by the tedium of the "wave of
worms" than frightened by the threat. There's nothing interesting,
technically speaking, about any of the new worms. It's just antisocial
tosspots who have nothing better to do than try to spray paint their names
on walls around the world - except their mums won't let them buy spray paint
for fear that they'll sniff it and kill off their one remaining brain cell.
So they do the next best thing - send out a bunch of email versions of a
Turing test, to see whether anyone's having a "stupid moment" that renders
them incapable of "running it to see what it does".

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place | .
Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.

Jim Carlock wrote:

>
>Being that DOS IS a variation of Unix


I think that takes the record for this weeks most astonishingly untrue
statement


--
Alex Nichol MS MVP (Windows Technologies)
Bournemouth, U.K. (remove the D8 bit)

Jim Carlock wrote:

> Microsoft doesn't make only one OS.
>
> WinXP has a different oleaut32.dll than Win2k than Win9x than
> DOS. Point in case, Microsoft has gone the route of selling 20
> operating systems all different in many ways, all similar in many
> ways. A global attack on Windows machines won't affect every
> Microsoft OS and probably won't even touch DOS.

Since more than half the machines out already aren't running w9x, the
one different file won't be mattering much.

>
> Being that DOS IS a variation of Unix whats the difference? That
> DOS uses a backslash and Unix uses a forward slash?
>
> I'm just being stupid by posting to this message, but I think I have
> a somewhat unobtrusive point to present.
>
> --
> Jim Carlock
> http://www.microcosmotalk.com/
> Post replies to the newsgroup.
>
>
> "kurttrail" > wrote in
> message ...
> Jupiter Jones [MVP] wrote:
>
>> Kurt;
>> Stay with your facts.
>
> I did, notice that I was quoting myself.
>
>> I never even suggested "one big target of an OS" is the way to go.
>
> You were disputing my arguement that MS's monopoy OS is what is the
> biggest security hole for the general public by blaming the general
> public.
>
>> Those are your words and ideas.
>
> Which you were trying to dispute by blaming the victims, rather than
> the delivery system of being locked into one big fat target of a
> Desktop OS.
>
>> You seem to need to falsely put statements to others in order to
>> support your ideas.
>
> No, I trying to actually get you to confront my ideas, instead of
> doing the side-step shuffle to protect your Masters.
>
>> To bad you can not support your point on its own merit.
>
> I already have, it's you that have not support any contrary point the
> dimishes my opinion in the slightest bit.
>
>> Furthermore you start to name calling.
>
> What else could you be called when you only answer that most
> inconsequential part of my post, and leave the meat of it untouched?
> That's exactly the tactics of a troll.
>
>> Name calling is strong evidence that you lack the ability to support
>> your own point of view.
>
> My point has been proved, and only the MicroDeafDumb&Blind can't see
> it. MS's desktop OS monopoly is the biggest security risk for the
> general public today, because that one giant-assed target can't help
> from getting hit.
>
> It's a hell of a lot easier to hit one bird with one stone, than two
> birds with one stone. I have common sense on my side, you have only
> your unwavering devotion to MS to back you up.
>
> Thank you!
>
> --
> Peace!
> Kurt
> Self-anointed Moderator
> microscum.pubic.windowsexp.gonorrhea
> http://microscum.com
> "Trustworthy Computing" is only another example of an Oxymoron!
> "Produkt-Aktivierung macht frei!"



--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

E McCann wrote:

> Can we cut out the crossposts?

Yes, but they can be added right back. There is nothing intriscally
wrong with cross-posting.

>
> BTW, I'd put money down you wouldn't find oleaut32.dll in DOS.... DOS
> has no DLLs, for starters. It doesn't support object linking and
> embedding (OLE,) and it's not 32 bit...




> "Jim Carlock" > wrote in message
> ...
>> Microsoft doesn't make only one OS.
>>
>> WinXP has a different oleaut32.dll than Win2k than Win9x than
>> DOS. Point in case, Microsoft has gone the route of selling 20
>> operating systems all different in many ways, all similar in many
>> ways. A global attack on Windows machines won't affect every
>> Microsoft OS and probably won't even touch DOS.
>>
>> Being that DOS IS a variation of Unix whats the difference? That
>> DOS uses a backslash and Unix uses a forward slash?
>>
>> I'm just being stupid by posting to this message, but I think I have
>> a somewhat unobtrusive point to present.
>>
>> --
>> Jim Carlock
>> http://www.microcosmotalk.com/
>> Post replies to the newsgroup.
>>
>>
>> "kurttrail" > wrote in
>> message ...
>> Jupiter Jones [MVP] wrote:
>>
>>> Kurt;
>>> Stay with your facts.
>>
>> I did, notice that I was quoting myself.
>>
>>> I never even suggested "one big target of an OS" is the way to go.
>>
>> You were disputing my arguement that MS's monopoy OS is what is the
>> biggest security hole for the general public by blaming the general
>> public.
>>
>>> Those are your words and ideas.
>>
>> Which you were trying to dispute by blaming the victims, rather than
>> the delivery system of being locked into one big fat target of a
>> Desktop OS.
>>
>>> You seem to need to falsely put statements to others in order to
>>> support your ideas.
>>
>> No, I trying to actually get you to confront my ideas, instead of
>> doing the side-step shuffle to protect your Masters.
>>
>>> To bad you can not support your point on its own merit.
>>
>> I already have, it's you that have not support any contrary point the
>> dimishes my opinion in the slightest bit.
>>
>>> Furthermore you start to name calling.
>>
>> What else could you be called when you only answer that most
>> inconsequential part of my post, and leave the meat of it untouched?
>> That's exactly the tactics of a troll.
>>
>>> Name calling is strong evidence that you lack the ability to support
>>> your own point of view.
>>
>> My point has been proved, and only the MicroDeafDumb&Blind can't see
>> it. MS's desktop OS monopoly is the biggest security risk for the
>> general public today, because that one giant-assed target can't help
>> from getting hit.
>>
>> It's a hell of a lot easier to hit one bird with one stone, than two
>> birds with one stone. I have common sense on my side, you have only
>> your unwavering devotion to MS to back you up.
>>
>> Thank you!
>>
>> --
>> Peace!
>> Kurt
>> Self-anointed Moderator
>> microscum.pubic.windowsexp.gonorrhea
>> http://microscum.com
>> "Trustworthy Computing" is only another example of an Oxymoron!
>> "Produkt-Aktivierung macht frei!"


--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

Alun Jones [MS MVP] wrote:

> In article >, Tim Slattery
> > wrote:
>> MS currently sells XP Home, XP Pro and Server 2003. I'm not sure
>> whether they are currently selling Win2000 (but I don't think so).
>> That's far fewer than 20 operating systems. A global attack on any MS
>> system will affect *many, many* computers. How many has Blaster hit?
>> No, it won't affect DOS, but how many computers use DOS anymore?
>
> And yet, and yet, and yet... How big of an effect has Blaster had on
> the
> world? Sure it's caused some significant expenditure on cleanup, but
> for
> the most part, trains have continued to run, airplanes are still
> flying,
> life-support monitors are still running, but Jim down the road can't
> get
> Solitaire to work, because his machine's too busy sending worm-seed
> through
> his ADSL line.
>
> A focussed, terrorist attack on Windows would need to be orders of
> magnitude
> more successful in order to merit anything more than "oh, great,
> another
> dateless zit-pocked teenager has found out how to run a root kit".
>
> Alun.

I agree, but that doesn't mean that there won't be a zero-day bug
sometime soon. That day will be a horrible mess, the day that patch &
computer nasty is released in the same day.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail wrote:

> Alun Jones [MS MVP] wrote:
>
>> In article >, Tim Slattery
>> > wrote:
>>> MS currently sells XP Home, XP Pro and Server 2003. I'm not sure
>>> whether they are currently selling Win2000 (but I don't think so).
>>> That's far fewer than 20 operating systems. A global attack on any
>>> MS system will affect *many, many* computers. How many has Blaster
>>> hit? No, it won't affect DOS, but how many computers use DOS
>>> anymore?
>>
>> And yet, and yet, and yet... How big of an effect has Blaster had on
>> the
>> world? Sure it's caused some significant expenditure on cleanup, but
>> for
>> the most part, trains have continued to run, airplanes are still
>> flying,
>> life-support monitors are still running, but Jim down the road can't
>> get
>> Solitaire to work, because his machine's too busy sending worm-seed
>> through
>> his ADSL line.
>>
>> A focussed, terrorist attack on Windows would need to be orders of
>> magnitude
>> more successful in order to merit anything more than "oh, great,
>> another
>> dateless zit-pocked teenager has found out how to run a root kit".
>>
>> Alun.
>
> I agree, but that doesn't mean that there won't be a zero-day bug
> sometime soon. That day will be a horrible mess, the day that patch &
> computer nasty is released in the same day.

http://zdnet.com.com/2100-1105_2-5180482.html

2 days between patch release and the nasties release. It was a lucky thing
that it wasn't a MS hole. If you haven't noticed, things are speeding up
and a Zero-day bug is just a few years down the bend, if we're lucky. The
mono-culture of the Microsoft desktop is just too big a target to be missed,
eventually someone is gonna hit the bulls-eye. So we, as a society that
security-conscious at present, can do one of two things, find ways to break
up the mono-culture to distribute the threat amongst may targets, or bunker
up at the MicroAlamo, and wait to be overrun.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

kurttrail > wrote:

> 2 days between patch release and the nasties release. It was a lucky
> thing that it wasn't a MS hole.

http://www.greymagic.com/security/advisories/gm005-mc/

'GreyMagic started work on this issue with Microsoft on 11-Mar-2004. They
have quickly confirmed our findings and were able to produce a fix less than
two days later. As a result, Hotmail is no longer vulnerable to this method
of exploitation.
All attempts to contact Yahoo unfortunately failed. Mail was sent to
security and secure at yahoo.com and at yahoo-inc.com, no replies were
received to date. '

--
Hyperlinks are used to ensure advice remains current
Do NOT send me an email. I will NOT see it (thank the spammers and viruses)
_______________________________________
Sandi - Microsoft MVP since 1999 (IE/OE)
http://www.mvps.org/inetexplorer

Sandi - Microsoft MVP wrote:

> kurttrail > wrote:
>
>> 2 days between patch release and the nasties release. It was a lucky
>> thing that it wasn't a MS hole.
>
> http://www.greymagic.com/security/advisories/gm005-mc/
>
> 'GreyMagic started work on this issue with Microsoft on 11-Mar-2004.
> They have quickly confirmed our findings and were able to produce a
> fix less than two days later. As a result, Hotmail is no longer
> vulnerable to this method of exploitation.
> All attempts to contact Yahoo unfortunately failed. Mail was sent to
> security and secure at yahoo.com and at yahoo-inc.com, no replies were
> received to date. '

And your point is? What does that have similar to a what a Zero-Day bug
would do explointing a flaw in MS OSs, where most people wouldn't be aware a
flaw, a patch, and a bug already existed. MS got Hotmail protected in two
days. Congratulations are in order, but some day soon, a Zero-Day bug is
inevitable, and if the target is MS's OSs, and we haven't attempted to break
up the mono-culture of the MS desktop, the consequences will be global in
its impact. A wise society doesn't put all its eggs in one basket, because
you risk breaking all those eggs with one careless step.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

In article >, "kurttrail"
> wrote:
>2 days between patch release and the nasties release. It was a lucky thing
>that it wasn't a MS hole. If you haven't noticed, things are speeding up
>and a Zero-day bug is just a few years down the bend, if we're lucky. The
>mono-culture of the Microsoft desktop is just too big a target to be missed,
>eventually someone is gonna hit the bulls-eye. So we, as a society that
>security-conscious at present, can do one of two things, find ways to break
>up the mono-culture to distribute the threat amongst may targets, or bunker
>up at the MicroAlamo, and wait to be overrun.

"How shall we f- off, oh master?" - Monty Python's Life of Brian.

You know that if you were to persuade the world to drop the monoculture and
disperse, they would ask you _which_ solution to disperse to, and would ask
you to direct them to one. They'd get peeved if you gave them a choice.

"Yes, we are all individuals." - Crowd, Monty Python's Life of Brian.

Monoculture is a fact, and always will be. Poor Microsoft, they're stuck
with being the monoculture of choice today. It used to be IBM. Who knows -
maybe a few years down the road, it'll be someone else.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place | .
Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.

On Sat, 27 Mar 2004 17:27:33 GMT, (Alun Jones [MS
MVP]) wrote:

>In article >, "kurttrail"
> wrote:
>>2 days between patch release and the nasties release. It was a lucky thing
>>that it wasn't a MS hole. If you haven't noticed, things are speeding up
>>and a Zero-day bug is just a few years down the bend, if we're lucky. The
>>mono-culture of the Microsoft desktop is just too big a target to be missed,
>>eventually someone is gonna hit the bulls-eye. So we, as a society that
>>security-conscious at present, can do one of two things, find ways to break
>>up the mono-culture to distribute the threat amongst may targets, or bunker
>>up at the MicroAlamo, and wait to be overrun.
>
>"How shall we f- off, oh master?" - Monty Python's Life of Brian.
>
>You know that if you were to persuade the world to drop the monoculture and
>disperse, they would ask you _which_ solution to disperse to, and would ask
>you to direct them to one. They'd get peeved if you gave them a choice.
>
>"Yes, we are all individuals." - Crowd, Monty Python's Life of Brian.
>
>Monoculture is a fact, and always will be. Poor Microsoft, they're stuck
>with being the monoculture of choice today. It used to be IBM. Who knows -
>maybe a few years down the road, it'll be someone else.

We can only hope and wish........

Alun Jones [MS MVP] wrote:

> In article >, "kurttrail"
> > wrote:
>> 2 days between patch release and the nasties release. It was a
>> lucky thing that it wasn't a MS hole. If you haven't noticed,
>> things are speeding up and a Zero-day bug is just a few years down
>> the bend, if we're lucky. The mono-culture of the Microsoft desktop
>> is just too big a target to be missed, eventually someone is gonna
>> hit the bulls-eye. So we, as a society that security-conscious at
>> present, can do one of two things, find ways to break up the
>> mono-culture to distribute the threat amongst may targets, or bunker
>> up at the MicroAlamo, and wait to be overrun.
>
> "How shall we f- off, oh master?" - Monty Python's Life of Brian.

"Any way you like, Serf!" - Kurt

>
> You know that if you were to persuade the world to drop the
> monoculture and disperse, they would ask you _which_ solution to
> disperse to, and would ask you to direct them to one. They'd get
> peeved if you gave them a choice.

Tell that to all the woman who want choice over wishes of a vocal fanatical
minority. Tell it to gay people that what to choose to marry. People want
choice in just about everything, that is, except those that long for
conformity. Figures that someone that's been awarded by a convicted
predatory monopoly for volunteer service to that monopology would be
ANTI-CHOICE.

How I Would Protect Society By Breaking Up The MicroMono-culture.

By Making Microsoft’s OSs Open Source.

There could be no over-night way we can change the MicroMono-Culture
vulnerability, but after fines and break up, the resulting broken up
companies wouldn't have the clout to dominate the market. It was done to MA
Bell, it can be done to MS. But of course it would take years to build a
competitive market. If Windows goes Open Source, what happens with the rest
of MS? Business Apps and services would be the main part of MS that would
survive, but with the condition that their file formats were
non-proprietary, and its present file formats would be open to all. Office
really isn't all that much of a monopoly on its own, and without proprietary
file formats & the Windows OS to back it up, so Star Office, Perfect Office,
& Open Office will have the opportunity to play in the office apps market on
a fair playing field, all playing under the same rules. Windows Media
Player, Messenger, MovieMaker, and the rest of the MS-bundle middleware
except IE would be the moved to the new Office Systems Corp, [As a condition
of the breakup Microsoft name would be prohibited from being used ever
again. So let it be written, so let it be done!] along with MS's Business
Services division. While Office Systems would still be the dominate player
for years, their market share would diminish with time.

Now we get to MSN and the rest of the MS's net holdings, and we sell it off
to the highest bidder. [Google ends up buying it, forcing the AOL/Yahoo
merger.] The XBox & MS's gaming software division are made into the Xbox
Games Corp. [And buys out Nintendo.] Ok, so the break up of MS creates
other mega-companies, nobodies perfect, and at least there will still be
competition in those markets, and during the decade or so it takes for the
dust to settle other players might join in on those markets.

What really happens to Windows once it is Open Source. SCO immediately puts
out XPSP2 under the name of SCOdows, and is immediately sued by LindowsOS
for infringing on their trademark. In 2007, SCO releases SCOhorn, without
the SCOFS. In 2008, SCO goes bankrupt as SCOhorn is a total disaster,
because of disgruntled former MS employees sabotage, and IBM buys SCO, just
for spite.

Let's get back to just after the breakup. RedHat & Novell compete to see
who can get Windows APIs ported in their version of Linux first, but is
beaten to the punch by LindowsOS, in the third quarter of 2004. Symantec
puts out their version Windows, which they call Wintec, based on 2K but with
V2i security, making it the most bomb proof Win-Clone OS, because on any
catastrophic OS failure, on reboot, the last known working OS setup would be
reloaded in minutes, without any user or tech intervention. Symantec stock
soars on the strength of its VL sales, and OEM licensing deal with Dell.
Sun releases JavaXP, and it does well for a time, especially of home users,
until the Linux boys port the WinAPIs into Linux . . . .

Though I quite aware that none of this is really gonna happen this year or
probably anytime soon, I do believe that some breakup of MS is inevitable
based on their past actions, those since the Anti-Trust settlement, and
because MS's OS is gonna get hit so bad one day, and probably sooner than
later, that are gov'ts will be forced to act. And while the breakup of MS
may well narrow competition in its non-OS markets in the short term, the
Open Sourcing of Windows and its APIs could well become a truly competitive
market in 5 years time.


>
> "Yes, we are all individuals." - Crowd, Monty Python's Life of Brian.

As long as they conform to the MicroMono-Culture, right?

>
> Monoculture is a fact, and always will be. Poor Microsoft, they're
> stuck with being the monoculture of choice today. It used to be IBM.
> Who knows - maybe a few years down the road, it'll be someone else.

Used to be MaBell before PC communications. What country do you live in? I
live in a capitalist country where a competitive market is best for
consumers. What delusion are you living?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"