Microsoft declares security is NOT its top priority

  • Thread starter Thread starter perfb
  • Start date Start date
P

perfb

As M$ is refusing to allow all installations of its defective
OS to be patched, it is apparent that internet security
is NOT the top priority at M$. Any M$ argument to the contrary
is thoroughly refuted by this simple fact.

to wit:

-----------------------------------------------

Tuesday, 01 June 2004

Microsoft's actions speak louder than words
by Bruce Schneier, Network World
Comment: is security Microsoft's top priority?

The security of your computer and network depends on two things: what
you do to secure your computer and network, and what everyone else
does to secure their computers and networks. It's not enough for you
to maintain a secure network. If other people don't maintain their
security, we're all more vulnerable to attack.
When many unsecure computers are connected to the Internet, worms
spread faster and more extensively, distributed denial-of-service
attacks are easier to launch, and spammers have more platforms from
which to send e-mail. The more unsecure the average computer on the
Internet is, the more unsecure your computer is.

It's like malaria: everyone is safer when we all work together to
drain the swamps and increase the level of hygiene in our community.

This is the backdrop against which to view Microsoft's Windows XP
security upgrade: Service Pack 2 (SP2). SP2 is a major security
upgrade. It includes features such as Windows Firewall, an enhanced
personal firewall that is turned on by default, better automatic
patching and other security improvements.

Initial news stories reported that Microsoft would make this upgrade
available to all XP users, both licensed and unlicensed. To me, this
was a smart move on Microsoft's part. Think about all the ways the
company would benefit. Licensed users would be more secure and
happier. Worms that attack Microsoft products would be less virulent,
so Microsoft wouldn't look as bad in the press. Microsoft would win,
its customers would win and the Internet would win. It's the kind of
marketing move about which best-selling books are written.

Then Microsoft said the initial comments were wrong; SP2 would not run
on pirated copies of XP. Only legal copies of the software could be
secured. This is the wrong decision, for all the same reasons that the
initial decision was the correct one.

Of course, Microsoft is within its rights to deny service to pirates.
It makes sense for the company to make sure performance or feature
upgrades do not run on pirated software. Microsoft wants to deny the
benefits of its products to people who haven't paid for them, and
entice these people to become licensed users. But security upgrades
are different. Microsoft is harming its licensed users by denying
security to unlicensed users.

This decision, more than anything else Microsoft has said or done in
the past few years, proves to me that security is not the company's
first priority. Here was a chance for Microsoft to do the right thing:
to put security ahead of profits. Here was a chance to look good in
the press and improve security for all its users worldwide. Microsoft
says that improving security is the most important thing, but its
actions prove otherwise.

SP2 is an important security upgrade to Windows XP, and I hope it is
widely installed among licensed XP users. I also hope it is quickly
pirated, so unlicensed XP users also can install it. For me to remain
secure on the Internet, I need everyone to become more secure. And the
more people who install SP2, the more we all benefit.

Schneier is CTO of Counterpane Internet Security and author of Beyond
Fear: Thinking Sensibly About Security in an Uncertain World. He can
be reached at www.schneier.com.
 
Well, what if MS allowed updates to pirated copies of XP,
but put up a large watermark on the display that was always
visible, saying "Your copy illegal, contact "URL" for
instructions" and this watermark would cover a 640x480 area
centered in the display.?



--
The people think the Constitution protects their rights;
But government sees it as an obstacle to be overcome.


| As M$ is refusing to allow all installations of its
defective
| OS to be patched, it is apparent that internet security
| is NOT the top priority at M$. Any M$ argument to the
contrary
| is thoroughly refuted by this simple fact.
|
| to wit:
|
| -----------------------------------------------
|
| Tuesday, 01 June 2004
|
| Microsoft's actions speak louder than words
| by Bruce Schneier, Network World
| Comment: is security Microsoft's top priority?
|
| The security of your computer and network depends on two
things: what
| you do to secure your computer and network, and what
everyone else
| does to secure their computers and networks. It's not
enough for you
| to maintain a secure network. If other people don't
maintain their
| security, we're all more vulnerable to attack.
| When many unsecure computers are connected to the
Internet, worms
| spread faster and more extensively, distributed
denial-of-service
| attacks are easier to launch, and spammers have more
platforms from
| which to send e-mail. The more unsecure the average
computer on the
| Internet is, the more unsecure your computer is.
|
| It's like malaria: everyone is safer when we all work
together to
| drain the swamps and increase the level of hygiene in our
community.
|
| This is the backdrop against which to view Microsoft's
Windows XP
| security upgrade: Service Pack 2 (SP2). SP2 is a major
security
| upgrade. It includes features such as Windows Firewall, an
enhanced
| personal firewall that is turned on by default, better
automatic
| patching and other security improvements.
|
| Initial news stories reported that Microsoft would make
this upgrade
| available to all XP users, both licensed and unlicensed.
To me, this
| was a smart move on Microsoft's part. Think about all the
ways the
| company would benefit. Licensed users would be more secure
and
| happier. Worms that attack Microsoft products would be
less virulent,
| so Microsoft wouldn't look as bad in the press. Microsoft
would win,
| its customers would win and the Internet would win. It's
the kind of
| marketing move about which best-selling books are written.
|
| Then Microsoft said the initial comments were wrong; SP2
would not run
| on pirated copies of XP. Only legal copies of the software
could be
| secured. This is the wrong decision, for all the same
reasons that the
| initial decision was the correct one.
|
| Of course, Microsoft is within its rights to deny service
to pirates.
| It makes sense for the company to make sure performance or
feature
| upgrades do not run on pirated software. Microsoft wants
to deny the
| benefits of its products to people who haven't paid for
them, and
| entice these people to become licensed users. But security
upgrades
| are different. Microsoft is harming its licensed users by
denying
| security to unlicensed users.
|
| This decision, more than anything else Microsoft has said
or done in
| the past few years, proves to me that security is not the
company's
| first priority. Here was a chance for Microsoft to do the
right thing:
| to put security ahead of profits. Here was a chance to
look good in
| the press and improve security for all its users
worldwide. Microsoft
| says that improving security is the most important thing,
but its
| actions prove otherwise.
|
| SP2 is an important security upgrade to Windows XP, and I
hope it is
| widely installed among licensed XP users. I also hope it
is quickly
| pirated, so unlicensed XP users also can install it. For
me to remain
| secure on the Internet, I need everyone to become more
secure. And the
| more people who install SP2, the more we all benefit.
|
| Schneier is CTO of Counterpane Internet Security and
author of Beyond
| Fear: Thinking Sensibly About Security in an Uncertain
World. He can
| be reached at www.schneier.com.
 
| As M$ is refusing to allow all installations of its defective
| OS to be patched, it is apparent that internet security
| is NOT the top priority at M$. Any M$ argument to the contrary
| is thoroughly refuted by this simple fact.
|
| to wit:
|
| -----------------------------------------------
|
| Tuesday, 01 June 2004
|
| Microsoft's actions speak louder than words
| by Bruce Schneier, Network World
| Comment: is security Microsoft's top priority?
|
| The security of your computer and network depends on two things: what
| you do to secure your computer and network, and what everyone else
| does to secure their computers and networks. It's not enough for you
| to maintain a secure network. If other people don't maintain their
| security, we're all more vulnerable to attack.
| When many unsecure computers are connected to the Internet, worms
| spread faster and more extensively, distributed denial-of-service
| attacks are easier to launch, and spammers have more platforms from
| which to send e-mail. The more unsecure the average computer on the
| Internet is, the more unsecure your computer is.
|


| Then Microsoft said the initial comments were wrong; SP2 would not run
| on pirated copies of XP. Only legal copies of the software could be
| secured. This is the wrong decision, for all the same reasons that the
| initial decision was the correct one.

If I were Microsoft I wouldn't foot the bill to maintain stolen copies of my
software either.

While I agree that doing so would be to the advantage of the "greater good"
Microsoft is not a philanthropic organization it's a for profit corporation
and the bandwidth etc... used to maintain pirated copies is an expense.

If I steal your car will you keep up the insurance for me in the event I
injure a third party in order to protect them? It would be better for others
if you did.

--
D

I'm not an MVP a VIP nor do I have ESP.
I was just trying to help.
Please use your own best judgment before implementing any suggestions or
advice herein.
No warranty is expressed or implied.
Your mileage may vary.
See store for details. :)

Remove shoes to E-mail.
 
What a ridiculous assumption.
perfb said:
As M$ is refusing to allow all installations of its defective
OS to be patched, it is apparent that internet security
is NOT the top priority at M$. Any M$ argument to the contrary
is thoroughly refuted by this simple fact.

to wit:

-----------------------------------------------

Tuesday, 01 June 2004

Microsoft's actions speak louder than words
by Bruce Schneier, Network World
Comment: is security Microsoft's top priority?

The security of your computer and network depends on two things: what
you do to secure your computer and network, and what everyone else
does to secure their computers and networks. It's not enough for you
to maintain a secure network. If other people don't maintain their
security, we're all more vulnerable to attack.
When many unsecure computers are connected to the Internet, worms
spread faster and more extensively, distributed denial-of-service
attacks are easier to launch, and spammers have more platforms from
which to send e-mail. The more unsecure the average computer on the
Internet is, the more unsecure your computer is.

It's like malaria: everyone is safer when we all work together to
drain the swamps and increase the level of hygiene in our community.

This is the backdrop against which to view Microsoft's Windows XP
security upgrade: Service Pack 2 (SP2). SP2 is a major security
upgrade. It includes features such as Windows Firewall, an enhanced
personal firewall that is turned on by default, better automatic
patching and other security improvements.

Initial news stories reported that Microsoft would make this upgrade
available to all XP users, both licensed and unlicensed. To me, this
was a smart move on Microsoft's part. Think about all the ways the
company would benefit. Licensed users would be more secure and
happier. Worms that attack Microsoft products would be less virulent,
so Microsoft wouldn't look as bad in the press. Microsoft would win,
its customers would win and the Internet would win. It's the kind of
marketing move about which best-selling books are written.

Then Microsoft said the initial comments were wrong; SP2 would not run
on pirated copies of XP. Only legal copies of the software could be
secured. This is the wrong decision, for all the same reasons that the
initial decision was the correct one.

Of course, Microsoft is within its rights to deny service to pirates.
It makes sense for the company to make sure performance or feature
upgrades do not run on pirated software. Microsoft wants to deny the
benefits of its products to people who haven't paid for them, and
entice these people to become licensed users. But security upgrades
are different. Microsoft is harming its licensed users by denying
security to unlicensed users.

This decision, more than anything else Microsoft has said or done in
the past few years, proves to me that security is not the company's
first priority. Here was a chance for Microsoft to do the right thing:
to put security ahead of profits. Here was a chance to look good in
the press and improve security for all its users worldwide. Microsoft
says that improving security is the most important thing, but its
actions prove otherwise.

SP2 is an important security upgrade to Windows XP, and I hope it is
widely installed among licensed XP users. I also hope it is quickly
pirated, so unlicensed XP users also can install it. For me to remain
secure on the Internet, I need everyone to become more secure. And the
more people who install SP2, the more we all benefit.

Schneier is CTO of Counterpane Internet Security and author of Beyond
Fear: Thinking Sensibly About Security in an Uncertain World. He can
be reached at www.schneier.com.
Click to expand...
 
perfb said in news:[email protected]:
As M$ is refusing to allow all installations of its defective
OS to be patched, it is apparent that internet security
is NOT the top priority at M$. Any M$ argument to the contrary
is thoroughly refuted by this simple fact.

to wit:

-----------------------------------------------

Tuesday, 01 June 2004

Microsoft's actions speak louder than words
by Bruce Schneier, Network World
Comment: is security Microsoft's top priority?

The security of your computer and network depends on two things: what
you do to secure your computer and network, and what everyone else
does to secure their computers and networks. It's not enough for you
to maintain a secure network. If other people don't maintain their
security, we're all more vulnerable to attack.
When many unsecure computers are connected to the Internet, worms
spread faster and more extensively, distributed denial-of-service
attacks are easier to launch, and spammers have more platforms from
which to send e-mail. The more unsecure the average computer on the
Internet is, the more unsecure your computer is.

It's like malaria: everyone is safer when we all work together to
drain the swamps and increase the level of hygiene in our community.

This is the backdrop against which to view Microsoft's Windows XP
security upgrade: Service Pack 2 (SP2). SP2 is a major security
upgrade. It includes features such as Windows Firewall, an enhanced
personal firewall that is turned on by default, better automatic
patching and other security improvements.

Initial news stories reported that Microsoft would make this upgrade
available to all XP users, both licensed and unlicensed. To me, this
was a smart move on Microsoft's part. Think about all the ways the
company would benefit. Licensed users would be more secure and
happier. Worms that attack Microsoft products would be less virulent,
so Microsoft wouldn't look as bad in the press. Microsoft would win,
its customers would win and the Internet would win. It's the kind of
marketing move about which best-selling books are written.

Then Microsoft said the initial comments were wrong; SP2 would not run
on pirated copies of XP. Only legal copies of the software could be
secured. This is the wrong decision, for all the same reasons that the
initial decision was the correct one.

Of course, Microsoft is within its rights to deny service to pirates.
It makes sense for the company to make sure performance or feature
upgrades do not run on pirated software. Microsoft wants to deny the
benefits of its products to people who haven't paid for them, and
entice these people to become licensed users. But security upgrades
are different. Microsoft is harming its licensed users by denying
security to unlicensed users.

This decision, more than anything else Microsoft has said or done in
the past few years, proves to me that security is not the company's
first priority. Here was a chance for Microsoft to do the right thing:
to put security ahead of profits. Here was a chance to look good in
the press and improve security for all its users worldwide. Microsoft
says that improving security is the most important thing, but its
actions prove otherwise.

SP2 is an important security upgrade to Windows XP, and I hope it is
widely installed among licensed XP users. I also hope it is quickly
pirated, so unlicensed XP users also can install it. For me to remain
secure on the Internet, I need everyone to become more secure. And the
more people who install SP2, the more we all benefit.

Schneier is CTO of Counterpane Internet Security and author of Beyond
Fear: Thinking Sensibly About Security in an Uncertain World. He can
be reached at www.schneier.com.
Click to expand...

For pirated copies of Windows, Microsoft should self-terminate those
installs. The pirated user gets a big fat warning window on every boot
saying that they have N loads left (starting at, say, 50). That's how
many times they can reboot the OS. Don't bother with a timed expiration
which might be circumvented. Just keep an encoded count of the bootup
of the OS and then refuse to boot after the max boots has been reached.
Kill off the pirated copies rather than continuing to support them.
Sure, patch it, patch it good, patch it to incorporate the updates and
also patch it to die! Takes care of getting ALL Windows hosts updated
and also takes care of wiping out the pirated copies. If they want to
keep using their pirated version, they'll never be able to update. Wipe
them out through attrition and, better yet, through expiration.

So what additional taxes do you want to pay to fund Microsoft's support
for pirated copies? I'm sure Microsoft will accept any and all monies
you send them for this purpose. Or maybe they could trace your IP
address on the SP2 download, send a summons to your ISP demanding the
customer be divulged, and then send you a bill for downloading SP2 to
subsidize their additional costs for supporting thieves. When it is YOU
footing the bill for theft, boy, will you sing a different tune.
Obviously those supporting such stupidity have never been programmers
that need to engender sales to provide for their salary. It's always
really easy to say that someone ELSE should pay for YOUR convenience and
safety.

Also, you cannot legally enforce anyone to deploy an update or patch to
their system. In a testing lab, the exact configuration must be known
so you really know what is the platform on which you test. You don't
let it update so you don't know what files, libraries, or functions are
available or have changed. Some critically required programs may not
function after an update. It is more important to get your work done
than worry about a patch that might not help at all and will impair the
use of YOUR platform. Just because you keep your car washed and waxed
doesn't mean you have the legal right to enforce someone else driving
the same model to get their rust spots fixed. That's what THEY want to
use. If someone pirates a copy of software then THAT is what they chose
to use ... and they should never get anything more! Do you really
expect the burglar that stole your television while you were on vacation
to wait until you come back to ask for the remote, too?
 
Greetings --

That might do, but they should also email the pertinent legal
authorities the IP addresses of all pirated copies.

Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH
 
Software pirates, like the shoplifters at the market raise
the cost to everyone else.

Perhaps should be less expensive, but with hundreds of
millions of lines of code, it is pretty cheap now. Stealing
is stealing, whether it is 10 cents or a million dollars.


--
The people think the Constitution protects their rights;
But government sees it as an obstacle to be overcome.


message | Greetings --
|
| That might do, but they should also email the
pertinent legal
| authorities the IP addresses of all pirated copies.
|
| Bruce Chambers
| --
| Help us help you:
|
|
|
| You can have peace. Or you can have freedom. Don't ever
count on
| having both at once. - RAH
|
|
in message
| | > Well, what if MS allowed updates to pirated copies of
XP,
| > but put up a large watermark on the display that was
always
| > visible, saying "Your copy illegal, contact "URL" for
| > instructions" and this watermark would cover a 640x480
area
| > centered in the display.?
| >
| >
| >
| > --
| > The people think the Constitution protects their rights;
| > But government sees it as an obstacle to be overcome.
| >
| >
|
|
 
perfb said:
As M$ is refusing to allow all installations of its defective
OS to be patched, it is apparent that internet security
is NOT the top priority at M$. Any M$ argument to the contrary
is thoroughly refuted by this simple fact.

to wit:

-----------------------------------------------

Tuesday, 01 June 2004

Microsoft's actions speak louder than words
by Bruce Schneier, Network World
Comment: is security Microsoft's top priority?

The security of your computer and network depends on two things: what
you do to secure your computer and network, and what everyone else
does to secure their computers and networks. It's not enough for you
to maintain a secure network. If other people don't maintain their
security, we're all more vulnerable to attack.
When many unsecure computers are connected to the Internet, worms
spread faster and more extensively, distributed denial-of-service
attacks are easier to launch, and spammers have more platforms from
which to send e-mail. The more unsecure the average computer on the
Internet is, the more unsecure your computer is.

It's like malaria: everyone is safer when we all work together to
drain the swamps and increase the level of hygiene in our community.

This is the backdrop against which to view Microsoft's Windows XP
security upgrade: Service Pack 2 (SP2). SP2 is a major security
upgrade. It includes features such as Windows Firewall, an enhanced
personal firewall that is turned on by default, better automatic
patching and other security improvements.

Initial news stories reported that Microsoft would make this upgrade
available to all XP users, both licensed and unlicensed. To me, this
was a smart move on Microsoft's part. Think about all the ways the
company would benefit. Licensed users would be more secure and
happier. Worms that attack Microsoft products would be less virulent,
so Microsoft wouldn't look as bad in the press. Microsoft would win,
its customers would win and the Internet would win. It's the kind of
marketing move about which best-selling books are written.

Then Microsoft said the initial comments were wrong; SP2 would not run
on pirated copies of XP. Only legal copies of the software could be
secured. This is the wrong decision, for all the same reasons that the
initial decision was the correct one.

Of course, Microsoft is within its rights to deny service to pirates.
It makes sense for the company to make sure performance or feature
upgrades do not run on pirated software. Microsoft wants to deny the
benefits of its products to people who haven't paid for them, and
entice these people to become licensed users. But security upgrades
are different. Microsoft is harming its licensed users by denying
security to unlicensed users.

This decision, more than anything else Microsoft has said or done in
the past few years, proves to me that security is not the company's
first priority. Here was a chance for Microsoft to do the right thing:
to put security ahead of profits. Here was a chance to look good in
the press and improve security for all its users worldwide. Microsoft
says that improving security is the most important thing, but its
actions prove otherwise.

SP2 is an important security upgrade to Windows XP, and I hope it is
widely installed among licensed XP users. I also hope it is quickly
pirated, so unlicensed XP users also can install it. For me to remain
secure on the Internet, I need everyone to become more secure. And the
more people who install SP2, the more we all benefit.

Schneier is CTO of Counterpane Internet Security and author of Beyond
Fear: Thinking Sensibly About Security in an Uncertain World. He can
be reached at www.schneier.com.
Click to expand...

http://slashdot.org/article.pl?sid=...hread&tid=109&tid=126&tid=128&tid=172&tid=187

goldragon writes "TechRepublic is reporting that "Microsoft is pulling
out all the stops to improve security. So much so, in fact, that it will
cause many problems because SP2 will de-emphasize backward compatibility
with legacy systems and code for the sake of security." One small step
forward for Microsoft, one giant leap backwards for mankind?"

http://techrepublic.com.com/5100-6264_11-5222856.html?tag=sc

--
hermes
DRM sux! Treacherous Computing kills our virtual civil liberties!
http://www.redrival.com/protectfreedom/
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
http://anti-dmca.org/
http://www.eff.org/IP/DMCA/unintended_consequences.php

Windows XP crashed.
I am the Blue Screen of Death.
No one hears your screams.
 
Bruce said:
Greetings --

That might do, but they should also email the pertinent legal
authorities the IP addresses of all pirated copies.

Bruce Chambers
Click to expand...

I disagree, Bruce. That would be a major invasion of privacy. And no
way is any corporation with questionable practices going to be allowed
to decide if I have pirated copies. This would be because of the
unconcionable EULA they have which violates my fair use rights.

--
hermes
DRM sux! Treacherous Computing kills our virtual civil liberties!
http://www.redrival.com/protectfreedom/
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
http://anti-dmca.org/
http://www.eff.org/IP/DMCA/unintended_consequences.php

Windows XP crashed.
I am the Blue Screen of Death.
No one hears your screams.
 
It scares me that people actually think like you do!

As long as you deadbeats can't have the patch, then you
will be the one's with the problems.
 
It scares me that people actually think like you do!

As long as you deadbeats can't have the patch, then you
will be the one's with the problems.
Click to expand...

Who are you replying to? Or are you talking to yourself again?

--
hermes
DRM sux! Treacherous Computing kills our virtual civil liberties!
http://www.redrival.com/protectfreedom/
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
http://anti-dmca.org/
http://www.eff.org/IP/DMCA/unintended_consequences.php

Windows XP crashed.
I am the Blue Screen of Death.
No one hears your screams.
 
One mans opinion.
Gene
http://slashdot.org/article.pl?sid=...hread&tid=109&tid=126&tid=128&tid=172&tid=187


goldragon writes "TechRepublic is reporting that "Microsoft is pulling
out all the stops to improve security. So much so, in fact, that it will
cause many problems because SP2 will de-emphasize backward compatibility
with legacy systems and code for the sake of security." One small step
forward for Microsoft, one giant leap backwards for mankind?"

http://techrepublic.com.com/5100-6264_11-5222856.html?tag=sc
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Microsoft Security Essentials 1
Microsoft patches critical flaw in Windows Defender 1
File Download - Security Warning 5
Google discloses Microsoft Edge security flaw before a patch is ready 2
News Windows Defender gets top AV awards 5
Microsoft disables 'buggy' Intel patch 0
How to test MDS (Zombieload) patch status on Windows systems 1
Security flaw found in Microsoft Word will be patched today 5

Back
Top