, SecurityFocus 2002-01-24
A guide to judging Microsoft's security progress.
Expand all |
Post comment
Well, to conclude: Use Java, M$
2002-01-25
Anonymous (1 replies)
Anonymous (1 replies)
|
Results, Not Resolutions
, SecurityFocus 2002-01-24 A guide to judging Microsoft's security progress.
Expand all |
Post comment
Well, to conclude: Use Java, M$
2002-01-25 Anonymous (1 replies) |
|
|
Privacy Statement |
> Would you rather people used notepad to edit text files?
Yes...and why not? It works for Unix...I know I would rather edit some simple, keep-the-changes-I-made text files than have the "mystery settings" that keep coming back even after I change some settings! In addition, you can have finer-grained access control using the filesystem's permissions, rather than some black-box (for me anyway...perhaps you have some extra goodies) single-point-of-failure database of settings.
Regarding the ship enabled/disabled argument, it seems simple enough to at least give you the choice (and perhaps a little explanation of the ramifications of the decision) to install and/or enable a package when you install/upgrade software (lets not forget the issue of silently "re-enabling" software during patches and upgrades!)
I can only imagine what must have driven this fundamental change...falling profits due to Open Source competition and bad publicity? Fear of a massive faulty-product class-action lawsuit? (even tho' the E.U.A. basically signs away your consumer rights, this may change with the help of some states Attorney Generals)
As far as these changes being impossible, they most certainly are not. Open Source organizations are able to do much of this with volunteer time, so a multi-billion dollar company can do this. Are they improbable given the culture and past behaviour? Absolutely, and that's probably why this article was called Results, not Resolutions!
Dave P
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/315/10100#10100