Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: Re: Microsoft Security, baby steps ?
From: "Random Letters" <randomisedletters () hotmail com>
Date: Fri, 19 Mar 2004 10:15:06 +0000


The only way to 100% secure a Windows client machine is to take it away from the user and lock it in a cupboard.

Surely I'm not alone in thinking this?

In reality we calculate the risk/productivity ratio and then hand over the machine (we do as we're told). Most people can't be persuaded that there is any risk (see below) so don't even take the precautions available.

Linux, etc. is still for geeks and not for your average punter. Windows is better at hiding its complexity. Plus, Windows comes preinstalled on probably 99% of client machines.

Users are getting better educated on the risks but as we have seen this week, they can still be tempted to open that juicy attachment. Solutions don't come as fast as the problems.

If Windows was 100% secure, why bother at all with patches and virus updates?

BTW I'm sure these arguments can be applied to all OSs including those running on PDAs and phones.


I must be unfit for my job :-) Oh well - I'm sure someone will notice eventually.

If you're happy and you know it clap your hands
  Does HoTMaiL come with a spell checker?

Microsoft, Linux, Solaris, xBSD - they're all capable of being secured
by anyone who can follow simple instructions.  Anyone who says otherwise
merely shows that they are totally unfit for their job.

Express yourself with cool new emoticons http://www.msn.co.uk/specials/myemo

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]