[ choice guotes, my comments in square brackets ]
------- quote -------
Microsoft Security Czar Issues Call To Arms, Launches New Security
Barbara Darrow June 03 2003
"Every patch should have an installer and an uninstaller--a way to back
out of the fix gracefully if needed."
-- Scott Charney
"We have a Linux server that has three times the critical updates as
our Windows server,"
-- Gafar Lawal, director of architecture at Merrill *.
[ remind me never to buy shares from those 'guys ]
"All the guys hacking Windows are Linux guys."
-- Nathan Hanks, managing director at Continental Airlines, said,
[ shurly an oxymoran. A 'Linux guy' wouldn't be caught dead near Windows.
In my opinion most of thesr attacks are of the script kiddy kind and
viruses made out of some DIY kit that can be got on line. Exploiting
weakness in how the API communicates amoungst apps. A word doc + vb
macro virus is emailed through exchange. Is opened in word and emails
itself to whoever is in the address book and so on. Nothing highly
technical here. In my opinion the worst is yet to come with dotNET. ]
"CIOs need people in place to figure out why port 1434 is open on
publicly exposed firewalls."
-- Hanks again
[ maybe it was because the designers of SQLserver made a quick hack
instead of building in to the app the funcionality to allow multiple
instances to run co-operativly. Maybe they also need to get rid of these
incompent CIOs. ]
He [ Lawal ] also said he was impressed with Microsoft's response to
the problems. Gordon Mangione, vice president of SQL Server, hosted a
conference call with all the affected CTOs, and within a day Microsoft
was mobilizing resources, he said. "We don't get that from Microsoft
competitors," Lawal said. "Having said that, we said some bad words."
[ you don't get such shitty software from Microsofts competitors either ]
Having one vendor throat to *is helpful in crisis situations,
Hanks said. An IT pro can't go to the CEO and say that a server is down,
"and hopefully some guy in Amsterdam" will get to a fix when he gets
back from the "dope house," he said.
[ I leave this one for you the readers to respond to. Feal free to pass
this quote on to others ]
[ Microsoft pays some minor execitives to sit in a room and rubbish OSS.
And that is all ]