Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Information Security News: Re: Re: Microsoft MCSE training faulted

Re: Re: Microsoft MCSE training faulted

From: InfoSec News <isn_at_c4i.org>
Date: Sun, 26 Aug 2001 04:51:59 -0500 (CDT)

Forwarded by: Richard Forno <rforno_at_infowarrior.org>

Part of the problem is that vendors see 'certification' as another big
revenue source...remember the days when computers and software shipped
with buccoo documentation, and the Z89 had pull-out schematics???

Now you might get a 10-page PDF file, half of which is the disclaimer
of liability, with directions to visit the vendors' website for
further help.

Win31, DOS, shipped with 2" thick users guides that folks could learn
from and use as a resource. Now you get next to nothing.

Thus, folks use software they probably don't know as much about as
they should......some might argue a product that's been shipped
incomplete, without the documentation.

So you pay some MCS-whatever to come in and fix what you should have
known in the first place.

FWIS, "security" training should not focus on how to lock NT, Unix,
whatever - rather, it's principles that apply ACROSS computer
platforms that draws on the security functions of the various products
and doesn't operate in a vacuum. Security is 90% great system
administraton and 10% specialized knowledge. This article has got it
backwards! More specifically, good security starts with effective
software development and testing, of which MS has zero, contrary to
their marketing minions. (IMO, what they sell on the shelves as
'retail' is actually a final wide-scale beta test).

It's all about business, and developing revenue streams.

rick
infowarrior.org / incidentresponse.com

> From: InfoSec News <isn_at_c4i.org>
> Reply-To: InfoSec News <isn_at_c4i.org>
> Date: Fri, 24 Aug 2001 03:46:11 -0500 (CDT)
> To: isn_at_attrition.org
> Subject: [ISN] Re: Microsoft MCSE training faulted
>
> Forwarded from: Felix von Leitner <leitner_at_vim.org>
>
> Thus spake InfoSec News (isn_at_c4i.org):
>> http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-91_STO63028,00.ht
>> ml
>
>> Lack of focus on security in professional training seen as factor in
>> spread of viruses
>
> Excuse me?
>
> Is it _Outlook_ and _IIS_ and _IIE_ and _VBE_ that get infected all
> the time or is it MCSEs or the code they wrote?
>
> The only one who needs security training here is Microsoft.
>
> Felix

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo_at_attrition.org with 'unsubscribe isn' in the BODY
of the mail.
Received on Aug 26 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos