Microsoft's success was not based on its merit but by it abusive and illegal practices. While the latest skirmish surrounds its attempt to stomp Netscape, how many recall what MS did to WordPerfect? Under MSdos, non-MS applications were dominate, like WordPerfect and Lotus. WordPerfect was admired by it users and respected for providing unmatched user support. They provided free tech support with toll-free phone banks staffed by knowlegable persons and they actually answered the phones. Ms did not want to provide such support so could not derail WordPerfect, legally.

So, as they developed windows, they withheld timely information from WordPerfect and others application competitors and then bundled 'free' applications like Word to kill their applications competitors.

For that type of unfair, illegal behavior they are rightly challenged in court.

However, it is also time for users to go to court and file a class action law suit against MS for its arrogant dereliction of and indifference to users needs and security. Those damaged by this latest ILoveYou and similar exploits deserve compensation for their losses.

While some discussion has centered around the feature of running attached scripts, not much has been said about the systemic implementation that made it so easy to disguise dangerous file types.

What purpose is served by the MS option to [x] hide common file extrentions?

Why does MS set that as the default configuration?

In IRC help channels, the most common exploits currently use the dual-extention trick to make dangerous file to be graphically transformed into types known as safe. Filenames like movie.avi.pif, mypicture.bmp.vbs, !!sexypic.jpg.bat and the now infamous LOVE-LETTER-FOR-YOU.TXT.vbs and JUST-KIDDING.TXT.vbs are evidence of the inherent flaws in the MS software.

Intentionally including an option that allows the type of file to be hidden is gross negligence.

------

Additionally, what more compelling case could be made to break up microsoft than this ILoveYou incident? It was the monolithic nature of the applications MS bundles with its windows OS that contributed to the mayhem.

Look at nature. It is variety, diversity, separate species that protect the continuation of life. If you only have one type of crop and there is a blight that effects it, you lose - 100%. If you cultivate many different crops, you are protected from total loss.

So it is with computer blights. *nix and Macs were not infected with this ILoveYou worm. Those using an alternative email program rather than the freebie Outlook Express MS bundles with Windows did not propogate this exploit.

Breaking MS up, separating the OS operation from the applications division is needed. It is in the national interest. It is in the world's best interset.

If people are free to choose alternative applcations, the resulting diversity of applications will make it much harder to have such a simple exploitaion affect so many.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/32/1876#1876