Vagabond said:
Well, unlike the case I mentioned with the NFS Server and Apache,
Microsoft's decision to wait six months was apparently justified
since there was not a single reported instance of a malicious exploit
of the vulnerability.
Can't say the same with the IE Address bar spoof, MS waited to release
that patch in a IE rollup patch, even as more & more people were taken
in by phishers using it.
By the way, what exactly are we looking for here? Are we looking for
an Operating System that has no vulnerabilities?
A competive market.
What percentage of desktop computer users are under threat by any non-MS
OS vulnerablity? 5%! Not the potential 95% with MS OSs! Now say
there were 5 PCOS companies out there, and for the sake of argument
let's
say that they share the PCOS market equally, what percentage of users
are
potentially at risk by an exploit of any one given companies OS? That's
right! 20%. Not 95%. So which PCOS market would be a safer for the
general public, a market with one big fat-assed OS, or one with multiple
OS
where the risks are spread out over multiple targets?
It's just plain and simple common sense. Windows ubiquity on the PCOS
desktop, make the whole computer world in more danger the longer it is
allow to monopolize the PCOS market.
I guess I could
recommend CP/M. Although it's been years since I've used it, I think
it is a strong OS, very stable, very secure, but not very
feature-rich compared to Windows, Linux/UNIX, or OS X.
Of course, that's the whole point isn't it? Most vulnerabilities
result from the introduction of new features.
And one day, probably sometime soon, MS will be holding up a patch to
roll up in a bigger patch, and somebody will hit that vulnerability
before the patch is released. When that day comes, watch out! It is
not a matter of if, but when. So do we sit idly by, and pray that the
5% solution will protect us, or do we start to do something about the
fact the it is MS's desktop monoculture is a big part, maybe even the
biggest part of the problem of trying to protect the our virtual world?
Do we sit back and take our time, like the Bush administration did prior
to 911, or should we be more proactive about securing ourselves from the
computer terrorist, and try to lessen the effect of any one given
computer nasty by breaking up the giant target of the MS OS?
Using Common Sense, the answer is easy. MS's monopoly is not more
important to society as a whole, as protecting the general public from
the one big target that MS monoculture puts us all in.
--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"