 |
 |
|
June 01, 2004Bruce Schneier Says Microsoft Is Proving Security is NOT Their #1 PriorityWhen Bruce speaks, most people listen. Yesterday he got on his pulpet and discussed his views on Microsoft's stance on security. The gist of it? Microsoft is showing that security is NOT their #1 priority in the wake of the release of XPSP2. Why? Because more than anything else Microsoft has said or done in the past few years, NOT releasing XPSP2 to pirated versions of Windows XP proves to him that security is not the company's first priority. Here was a chance for Microsoft to do the right thing: to put security ahead of profits. Here was a chance to look good in the press and improve security for all its users worldwide. Microsoft says that improving security is the most important thing, but its actions prove otherwise. I can't say that I disagree with him. In this era of computing not only do you have to ensure your networks are secure, you have to rely on other people to secure theirs. If you don't patch pirated versions of Windows XP, these machines will continue to be carriers of malicious code as vulnerabilities will stay open, as will bad security processes such as running without a firewall, anti-virus etc etc. Of course, if the digital underground's response is anything like XPSP1, pirates will have a work around within days.... but thats not the point. Its hard to weight this off when Microsoft has every right to protect its profits. Or does it? Some say Microsoft has a higher responsibility in ensuring our desktops are safer because of the very dominance they enjoy. Quite frankly, most pirates aren't going to buy XP if they haven't already. And these people are typically the same people ripping warez off of P2P which is infected with hostile code just waiting to spread. I think Bruce could sum up this post way better than I could... "SP2 is an important security upgrade to Windows XP, and I hope it is widely installed among licensed XP users. I also hope it is quickly pirated, so unlicensed XP users also can install it. For me to remain secure on the Internet, I need everyone to become more secure. And the more people who install SP2, the more we all benefit". Posted by SilverStr at June 1, 2004 07:26 AM | TrackBack |
 
My 5 Favorite Books
Writing Secure Code
Secure Programming Cookbook Security Engineering Secure Coding Principles & Practice Inside the Security Mind
My 5 Favorite Papers
Smashing the Stack
Penetration Studies Covert Channel Analysis of Trusted Systems DoD Trusted Computer System Evaluation Criteria NSA Security Recommendation Guides
Archives
November 2008
October 2008 September 2008 August 2008 July 2008 June 2008 April 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004 February 2004 January 2004 December 2003 November 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 April 2003 March 2003 February 2003 January 2003 December 2002 November 2002 October 2002 September 2002 August 2002 July 2002 |
|
