Memo to Microsoft: Stay Secretive, Please

Memo to Microsoft: Stay Secretive, Please
Jon Lasser, 2002-05-15

Unix and Linux security owes much to openness and public disclosure, but Microsoft is too far gone for sunshine to do any good.

Expand all | Post comment

...Until Microsoft redesigns from the ground up 2002-05-16
Matthew Kauffman (2 replies)

...Until Microsoft redesigns from the ground up 2002-05-16
Anonymous (2 replies)

...Until Microsoft redesigns from the ground up 2002-05-18
Anonymous

...Until Microsoft redesigns from the ground up 2002-05-20
manually adding html tags to be safe (1 replies)

Good argument.. except blackhats aren't targeting thier own boxen. Blackhats at least used to target servers much more than home machines. The prize is much bigger. You get a lot more when you crack a server. Look at the latest Netcraft survey:

Developer March 2002 Percent April 2002 Percent Change
Apache 9522954 64.37 10509138 64.38 0.01
Microsoft 3966743 26.81 4431875 27.15 0.34
iPlanet 265826 1.80 278775 1.71 -0.09
Zeus 170023 1.15 182918 1.12 -0.03

So, Apache has almost 2.5 times the installed base of IIS, and yet which is considered vastly more secure?
It's not just the number of targets. In fact it's easier for a blackhat to get and install Apache on his/her home system than to pirate IIS. So there are more Apache targets and it's easier to test out attacks against Apache. I'm sorry, I really am, but the truth of the matter is that MS has a very poor track record of secure

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/82/12664#12664

...Until Microsoft redesigns from the ground up 2002-05-21
Anonymous

...Until Microsoft redesigns from the ground up 2002-05-16
Anonymous (1 replies)

...Until Microsoft redesigns from the ground up 2002-05-20
Anonymous

Memo to Microsoft: Stay Secretive, Please 2002-05-16
Not Really Anonymous (1 replies)

Memo to Microsoft: Stay Secretive, Please 2002-05-17
blane (1 replies)

RE: Memo to Microsoft: Stay Secretive, Please 2002-05-17
Not Really Anonymous (1 replies)

RE: Memo to Microsoft: Stay Secretive, Please 2002-05-27
Anonymous

Another Linux/Unix Apologist Overlooks the Obvious 2002-05-16
Anonymous (7 replies)

Another Victim Overlooks the Obvious 2002-05-16
Anon (1 replies)

The EULA says you can't sue anyway. 2002-05-20
Anonymous

Another Linux/Unix Apologist Overlooks the Obvious 2002-05-16
Anonymous

Another Linux/Unix Apologist Overlooks the Obvious 2002-05-17
Anonymous (1 replies)

Another Linux/Unix Apologist Overlooks the Obvious 2002-05-17
Anonymous Unix Gal (1 replies)

Another Linux/Unix Apologist Overlooks the Obvious 2002-05-20
Anonymous (1 replies)

Re: Another Linux/Unix Apologist Overlooks the Obvious 2002-05-24
Not Really Anonymous

Another Corp Slave overlooks reality 2002-05-17
Anonymous

Another Linux/Unix Apologist Overlooks the Obvious - Rebuttal 2002-05-17
Anonymous (5 replies)

Another Linux/Unix Apologist Overlooks the Obvious - Rebuttal 2002-05-17
Anonymous

Come back to earth SpaceMonkey - I rebutt your rebutt 2002-05-17
Anonymous (1 replies)

Come back to earth SpaceMonkey - I rebutt your rebutt 2002-05-21
Anonymous (2 replies)

Come back to earth SpaceMonkey - I rebutt your rebutt 2002-05-23
Anonymous

Come back to earth SpaceMonkey - I rebutt your rebutt 2002-05-24
Anonymous

Another Linux/Unix Apologist Overlooks the Obvious - Rebuttal 2002-05-20
Anonymous

Not "a teenager in Croatia". 2002-05-20
Anonymous

Another Linux/Unix Apologist Overlooks the Obvious - Rebuttal 2002-05-20
Anonymous

Memo to Microsoft: Stay Secretive, Please 2002-05-21
Anonymous

Let's Be Real 2002-05-21
Anonymous

Memo to Microsoft: Stay Secretive, Please 2002-05-21
Anonymous

Memo to Microsoft: Stay Secretive, Please 2002-05-21
blacklight (1 replies)

Memo to Microsoft: Stay Secretive, Please 2002-05-23
Anonymous

Another attempt at trying to get fired 2002-05-24
Someone fire this guy :\