Gartner slams Pocket PC security - Do I need to a "Duh"?

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by David Mohri » Tue, 10 Sep 2002 15:34:30



Gartner slams Pocket PC security
By Peter Williams [09-09-2002]
http://www.vnunet.com/News/1134871

+Microsoft rejects analyst report as 'mischaracterisation'
+
+Analyst Gartner has slammed Microsoft's Pocket PC 2002 handheld
+operating system (OS) as unsuitable for enterprise computing,
+warning that it lacks even basic security features.
+
+In a new report, the analyst disputes Microsoft's contention that
+Pocket PC is designed as a platform for enterprise solutions.
+
+It said that enterprises face a significant risk of exposure due
+to these security shortcomings, and advises them to install
+third-party security software.
+
+In its report What does trustworthy computing mean for Pocket PC?,
+the analyst said: "Some of the most basic security features
+required by an enterprise are noticeably lacking in the Pocket PC."
+
+Among the basic security weaknesses listed by the report are:
+
+  * A default setting of no password, and password handling
+    which is inconsistent with other Windows products, meaning
+    that, once access is gained, every application is run without
+    restriction
+
+  * The Pocket PC configuration is modifiable at any time so
+    that enterprises cannot be sure of settings, even after an
+    administrator has configured them
+
+  * Unauthorised or unknown Pocket PC devices are installable on
+    a machine without requiring a password or new connection,
+    after which they can access Microsoft Outlook data and other
+    files.
+...
+The report also warned of a knock-on security effect on other
+enterprise operating systems - especially Windows 2000 and XP -
+caused by the Pocket PC opening up access to data that would
+otherwise be protected.
+
+But Pocket PC's competitors do not fare well for security either.
+Symbian and Symantec are working on a more secure version of
+Symbian OS used widely in mobile phones, while Palm OS 5 supports
+128-bit file encryption.

In point of fact, there is only one class of PDA OS on the market
with the current potental for any real level of enterprise level
security...
http://www.linuxdevices.com/articles/AT8728350077.html

In fact the lack of security in the whole Microsoft line of
products makes it look increasingly unsutiable for use in an
enterprise enviroment...

"Duh - Microsoft: "Our products aren't engineered for security""

"Despite Security, Microsoft pitches 'no separate app server' approach"

[ Actually, I'm surprised Erik F. did not comment on that thread ]

"Unpatched IE security holes"
http://www.pivx.com/larholm/unpatched/
+ 4 September 2002: There are currently 18 unpatched vulnerabilities.

David Mohring - Hmmmm, interesting google trawling ...
http://www.google.com/search?q=Microsoft+Desktop+enterprise -> about 763,000
http://www.google.com/search?q=Linux+Desktop+enterprise  -> about 437,000

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by Matthew Gardine » Thu, 12 Sep 2002 03:30:46



> Gartner slams Pocket PC security
> By Peter Williams [09-09-2002]
> http://www.vnunet.com/News/1134871

<snip re-post>

Question is, what can Pocket Windows do that PalmOS can't?

Matthew Gardiner

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by Robt. Mille » Thu, 12 Sep 2002 04:53:20




>> Gartner slams Pocket PC security
>> By Peter Williams [09-09-2002]
>> http://www.vnunet.com/News/1134871
><snip re-post>

> Question is, what can Pocket Windows do that PalmOS can't?

 BSOD

--

(o<    
//\   Powered by SuSE Linux  
V_/_  Virusproof. Crashproof.
 10:52pm  up 15 days,  4:41, 24 users,  load average: 1.18, 1.23, 1.26
processes 1442084

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by Super Spinne » Thu, 12 Sep 2002 10:12:43






> >> Gartner slams Pocket PC security
> >> By Peter Williams [09-09-2002]
> >> http://www.vnunet.com/News/1134871
> ><snip re-post>

> > Question is, what can Pocket Windows do that PalmOS can't?

>  BSOD

The BSOD line is tired, and these days is FUD.
You Linvocates need to start talking about something other than stability.
Linux has nothing on the latest Windows offerings as far as stability goes
(well, at least for normal people; I know how hard it is for you
"tech-savvy" Linux users to get Windows to even simple things like
printing.)

You should talk about some advantages that Linux might actually still have,
such as price, security, or the ability to run on 286es.  The stability
argument is dead and your continued use of it puts you and Linux in a bad
light.

BTW, I recently encountered a kernel panic.  Should I now start claiming
that kernel panics are commonplace in Linux the way that Linvocates claim
that BSODs are commonplace in the latest versions of Windows?

-----------== Posted via Newsfeed.Com - Uncensored Usenet News ==----------
   http://www.newsfeed.com       The #1 Newsgroup Service in the World!
-----= Over 100,000 Newsgroups - Unlimited Fast Downloads - 19 Servers =-----

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by Peter K?hlman » Thu, 12 Sep 2002 10:52:30








>> >> Gartner slams Pocket PC security
>> >> By Peter Williams [09-09-2002]
>> >> http://www.vnunet.com/News/1134871
>> ><snip re-post>

>> > Question is, what can Pocket Windows do that PalmOS can't?

>>  BSOD

> The BSOD line is tired, and these days is FUD.

Unfortunately, it is not. Or would you suggest that the automatic reboot
of XP is not a BSOD and should therefor not be counted?

Quote:> You Linvocates need to start talking about something other than
> stability. Linux has nothing on the latest Windows offerings as far as
> stability goes (well, at least for normal people; I know how hard it is
> for you "tech-savvy" Linux users to get Windows to even simple things
> like printing.)

No. Getting Xp to show decent throughput on the network is much more
difficult. Finding suitable drivers for your printer is easy in
comparison. Most of the time.

Quote:> You should talk about some advantages that Linux might actually still
> have,
> such as price, security, or the ability to run on 286es.  The stability
> argument is dead and your continued use of it puts you and Linux in a
> bad light.

No, it is not. I have to reboot my XP box regularly.
You want to air the impression that windows now can keep up stability
wise.
It can not. Not yet. in 10 years, perhaps. If it still exists then
Then it will be there where linux is now.

Quote:> BTW, I recently encountered a kernel panic.  Should I now start claiming
> that kernel panics are commonplace in Linux the way that Linvocates
> claim that BSODs are commonplace in the latest versions of Windows?

No, you certainly should not. It would be a lie. And mommy told you that
is a bad thing to do, didn't she?

Peter
--
Get the new Windows XP. Now with eXtra Problems included

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by Sinister Midge » Thu, 12 Sep 2002 11:04:56


On Tue, 10 Sep 2002 20:12:43 -0500, Super Spinner spawned:






>> >> Gartner slams Pocket PC security
>> >> By Peter Williams [09-09-2002]
>> >> http://www.vnunet.com/News/1134871
>> ><snip re-post>

>> > Question is, what can Pocket Windows do that PalmOS can't?

>>  BSOD

> The BSOD line is tired, and these days is FUD. You Linvocates need to
> start talking about something other than stability. Linux has nothing on
> the latest Windows offerings as far as stability goes (well, at least for
> normal people; I know how hard it is for you "tech-savvy" Linux users to
> get Windows to even simple things like printing.)

You got it. BSODs are dead (though selectable). They've been replaced with
spontaneous reboots.

Doesn't it make you feel so much more comfortable to lose your work to a
reboot than a simple lockup?

For the record, I've never had problems getting winders to print. Keep
running without lockups, handle various other hardware, see drivers and
some other things, yes. But printers always worked for me just fine.

Quote:> You should talk about some advantages that Linux might actually still
> have, such as price, security, or the ability to run on 286es.  The
> stability argument is dead and your continued use of it puts you and Linux
> in a bad light.

Get the windiots out and let us be. We'll talk about the better points. As
it is, too many of us end up sparring with windolts, even when the initial
topic is one of advocacy.

Quote:> BTW, I recently encountered a kernel panic.  Should I now start claiming
> that kernel panics are commonplace in Linux the way that Linvocates claim
> that BSODs are commonplace in the latest versions of Windows?

If you have several a day, maybe. Of course, make sure your hardware isn't
at fault.

I've had lockups in winders, verified hardware was OK and still had more
lockups. I've only had that in linux when I did something goofy with
software.

I've had lockups in windos that was only solved by reinstalling. I only
had that situation in linux when I was new and didn't have the slightest
idea how to fix it (another of those "doing something goofy" deals).

--
Support organized crime: buy Microsoft products.

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by jaso » Thu, 12 Sep 2002 10:38:16


In order to obtain enlightenment,
Super Spinner's koan is Re: Gartner slams Pocket PC security - Do I need to a "Duh"?

Quote:

> The BSOD line is tired, and these days is FUD.

I'm going to disagree here.

Quote:> You Linvocates need to start talking about something other than stability.
> Linux has nothing on the latest Windows offerings as far as stability goes
> (well, at least for normal people; I know how hard it is for you
> "tech-savvy" Linux users to get Windows to even simple things like
> printing.)

Heh. I have to agree, "normal people" need a very limited scope of
functionality. The printer prints, and all is good. The explorer
explores, and all is good.

When a top of the line computer has to resize a .5 gig swapfile  /w 256
meg ram because the working printer has to print a photo-quality
picture, there's a problem.

Quote:> You should talk about some advantages that Linux might actually still have,
> such as price, security, or the ability to run on 286es.  The stability
> argument is dead and your continued use of it puts you and Linux in a bad
> light.

Well, no. The stability argument isn't quite dead yet. Linux has a
stable environment, that will be an argument until development either
halts or has some unfortunate accident with a multi-tined fork.

Quote:> BTW, I recently encountered a kernel panic.  Should I now start claiming
> that kernel panics are commonplace in Linux the way that Linvocates claim
> that BSODs are commonplace in the latest versions of Windows?

Do what you feel most. If you look like an idiot doing it, there are
plenty of folks here that will let you know it.

Quote:> -----------== Posted via Newsfeed.Com - Uncensored Usenet News ==----------
>    http://www.newsfeed.com       The #1 Newsgroup Service in the World!
> -----= Over 100,000 Newsgroups - Unlimited Fast Downloads - 19 Servers =-----

--
Fri Sep  6 01:08:43 ~># fortune
The only really decent thing to do behind a person's back is pat it.
 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by Bob Hauc » Thu, 12 Sep 2002 11:27:13




>> Gartner slams Pocket PC security
> Question is, what can Pocket Windows do that PalmOS can't?

Nothing, but then Palm OS has no security either.

--
 -| Bob Hauck
 -| To Whom You Are Speaking
 -| http://www.haucks.org/

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by flatfish.. » Thu, 12 Sep 2002 17:43:46


On Wed, 11 Sep 2002 01:12:43 -0700, "Super Spinner"







>> >> Gartner slams Pocket PC security
>> >> By Peter Williams [09-09-2002]
>> >> http://www.vnunet.com/News/1134871
>> ><snip re-post>

>> > Question is, what can Pocket Windows do that PalmOS can't?

>>  BSOD

>The BSOD line is tired, and these days is FUD.
>You Linvocates need to start talking about something other than stability.
>Linux has nothing on the latest Windows offerings as far as stability goes
>(well, at least for normal people; I know how hard it is for you
>"tech-savvy" Linux users to get Windows to even simple things like
>printing.)

>You should talk about some advantages that Linux might actually still have,
>such as price, security, or the ability to run on 286es.  The stability
>argument is dead and your continued use of it puts you and Linux in a bad
>light.

>BTW, I recently encountered a kernel panic.  Should I now start claiming
>that kernel panics are commonplace in Linux the way that Linvocates claim
>that BSODs are commonplace in the latest versions of Windows?

Linux=the nostalgic operating system that takes the user back to DOS
1.0.
 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by David Mohri » Thu, 12 Sep 2002 20:21:37


On Wed, 11 Sep 2002 09:27:13 GMT,

Quote:>On Wed, 11 Sep 2002 11:30:46 +1000,



>>> Gartner slams Pocket PC security

>> Question is, what can Pocket Windows do that PalmOS can't?

>Nothing, but then Palm OS has no security either.

In point of fact, there is only one class of PDA OS on the market
with the current potental for any real level of enterprise level
security...
http://www.linuxdevices.com/articles/AT8728350077.html

David Mohring - Zaurus, for when you really need Apache on the move.

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by GeneralP » Thu, 12 Sep 2002 20:25:45


On Wed, 11 Sep 2002 09:27:13 GMT, Bob Hauck assert()ed:



>>> Gartner slams Pocket PC security

>> Question is, what can Pocket Windows do that PalmOS can't?

> Nothing, but then Palm OS has no security either.

Whaddya mean?  You can categorize your records into Business or Personal.
If you set your security one way, people w/o the password can't see either.
If you set it another way, people w/o the password can only see Personal.
If you don't set it, there's no password.

--
General Protection Fault

  1:30pm  up 18:50,  2 users,  load average: 0.07, 0.05, 0.01
Linux nitrogen.ertw.com 2.4.9-34 #1 Sat Jun 1 06:32:14 EDT 2002 i586 unknown

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by David Mohri » Thu, 12 Sep 2002 21:23:56


On Wed, 11 Sep 2002 18:25:45 GMT,

Quote:>On Wed, 11 Sep 2002 09:27:13 GMT, Bob Hauck assert()ed:
>> On Wed, 11 Sep 2002 11:30:46 +1000,



>>>> Gartner slams Pocket PC security

>>> Question is, what can Pocket Windows do that PalmOS can't?

>> Nothing, but then Palm OS has no security either.

>Whaddya mean?  You can categorize your records into Business or Personal.
>If you set your security one way, people w/o the password can't see either.
>If you set it another way, people w/o the password can only see Personal.
>If you don't set it, there's no password.

PalmOS Password Retrieval and Decoding (A092600-1)
http://www.atstake.com/research/advisories/2000/a092600-1.txt

Palm OS Password Lockout Bypass
http://www.atstake.com/research/advisories/2001/a030101-1.txt

Apparently things have improved with the release of PalmOS v5, but
at the OS level, it is still way behind what Linux PDA is capable
of providing. See
http://www.atstake.com/research/reports/acrobat/security_analysis_pal...

David Mohring - Sincere Security

 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by GeneralP » Thu, 12 Sep 2002 21:28:14


On Wed, 11 Sep 2002 19:23:56 +0000 (UTC), David Mohring assert()ed:

> On Wed, 11 Sep 2002 18:25:45 GMT,

>>On Wed, 11 Sep 2002 09:27:13 GMT, Bob Hauck assert()ed:
>>> On Wed, 11 Sep 2002 11:30:46 +1000,


>>>>> Gartner slams Pocket PC security

>>>> Question is, what can Pocket Windows do that PalmOS can't?

>>> Nothing, but then Palm OS has no security either.

>>Whaddya mean?  You can categorize your records into Business or Personal.
>>If you set your security one way, people w/o the password can't see either.
>>If you set it another way, people w/o the password can only see Personal.
>>If you don't set it, there's no password.

> PalmOS Password Retrieval and Decoding (A092600-1)
> http://www.atstake.com/research/advisories/2000/a092600-1.txt

> Palm OS Password Lockout Bypass
> http://www.atstake.com/research/advisories/2001/a030101-1.txt

> Apparently things have improved with the release of PalmOS v5, but
> at the OS level, it is still way behind what Linux PDA is capable
> of providing. See
> http://www.atstake.com/research/reports/acrobat/security_analysis_pal...

Hmmm, glad I don't store anything personal on my Palm IIIxe (Palm OS 3.5.2).

Quote:> David Mohring - Sincere Security

--
General Protection Fault

  2:35pm  up 19:55,  2 users,  load average: 0.00, 0.02, 0.00
Linux nitrogen.ertw.com 2.4.9-34 #1 Sat Jun 1 06:32:14 EDT 2002 i586 unknown
 
 
 

Gartner slams Pocket PC security - Do I need to a "Duh"?

Post by The Ghost In The Machin » Thu, 12 Sep 2002 22:00:26




 wrote
on Wed, 11 Sep 2002 11:43:46 -0400

> On Wed, 11 Sep 2002 01:12:43 -0700, "Super Spinner"






>>> >> Gartner slams Pocket PC security
>>> >> By Peter Williams [09-09-2002]
>>> >> http://www.vnunet.com/News/1134871
>>> ><snip re-post>

>>> > Question is, what can Pocket Windows do that PalmOS can't?

>>>  BSOD

>>The BSOD line is tired, and these days is FUD.
>>You Linvocates need to start talking about something other than stability.
>>Linux has nothing on the latest Windows offerings as far as stability goes
>>(well, at least for normal people; I know how hard it is for you
>>"tech-savvy" Linux users to get Windows to even simple things like
>>printing.)

>>You should talk about some advantages that Linux might actually still have,
>>such as price, security, or the ability to run on 286es.  The stability
>>argument is dead and your continued use of it puts you and Linux in a bad
>>light.

>>BTW, I recently encountered a kernel panic.  Should I now start claiming
>>that kernel panics are commonplace in Linux the way that Linvocates claim
>>that BSODs are commonplace in the latest versions of Windows?

> Linux=the nostalgic operating system that takes the user back to DOS
> 1.0.

Gnome and KDE are very strange looking CLI's. :-)

--

It's still legal to go .sigless.