I think the upshot is that it's not that the user end of the market place that really relies on security, although this is beginning to change with various types of broadband connections, but the corporate 'targets' that have a lot to lose if attacked by a published exploit. While there are people out there that crack systems as a challenge, there are a hundred more teenagers that try to set their place in the world by defacing websites.

I use *BSD systems and Windows systems for their various strengths; would I train someone to use *BSD on the desktop? No, but then I wouldn't trust the security promises of Microsoft, simply because they've demonstrated (Today even, with ISA) a lack of committment to anything but shipping dates.

I've had a long time love affair with Microsoft products due to their ease of use and consistency in application, although I've become increasingly disillusioned with bloating applications and the constant ramping of version numbers to give my wordprocessor the ability to write (bad) HTML.

The comments regarding the open source movement aren't about commerce; they appear to be sour grapes because the carefully unworded inference is that open source patches aren't as thoroughly tested as closed source ones.

Apologies for rambling, but Microsoft has it's place, but it's not in security.

Draconis

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/191/5328#5328