Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Blasted For Lax Security

Posted by timothy on from the they're-also-the-biggest-target-though dept.

fducky writes "Once again Microsoft is blasted for lax security. This CNN article cites experts denouncing the recent Microsoft security efforts as rating an 'F'. The recent MS-SQL worm got this most recent round of MS bashing going. Google News has more stories on the subject."

4 of 395 comments (clear)

  1. People are waking up... by CoolVibe · · Score: 0, Troll

    Hey, maybe this open source thing ain't so bad after all...

    1. Re:People are waking up... by Melantha_Bacchae · · Score: 0, Troll

      rasafras wrote:

      > So they forgot to update. The error here, believe it or not,
      > isn't all upon Microsoft.

      Microsoft forgot to patch too. Who do they get to blame for that?

      > First off, they didn't patch. Microsoft had the patch
      > available since June.

      There's the patch, there's service pack 2, and there's service pack 3. There's a somewhat confusing knowledge base article, and some questions about which version of the patch causes what problem. If Microsoft's people can't figure out all this stuff and apply their patches, how are their customers, who can't run down to the Microsoft's SQL department to ask questions, supposed to do it?

      > It's not like you never have to patch open-souce either...

      Yeah, but patching OS X is easy and fun. ;)

      > Second, Microsoft explicitly warns users of SQL
      > databases to not put them openly on the internet, for
      > obvious reasons. And yet, they did it anyway.

      Microsoft does not listen to its own warnings. Why should anybody else?

      > You can blame Microsoft for this if you want, but it isn't
      > car companies' fault that people get killed because they
      > can't drive.

      It's the car company's fault if they leave a bug in the firmware that lets evil people take remote control of the car and smash it into the overpass supports for a major interstate highway. Even if they have a patch for it, they can't just hide it away on some obscure website and expect people to know about it, be able to download it, and flash their cars.

      The order of blame, in case you care about that more than fixing the problem, is: worm creator, Microsoft, then those who didn't patch due to negligence (as opposed to confusion or difficulties created by Microsoft).

      > Open source has its merits, as does Microsoft.

      Open source has its merits, as does proprietary software. Microsoft is convicted of breaking the law, and until it is rehabilitated, has no merits, only a "get out of jail free" card it does not deserve. The only way it got the card was by spending three times as much as Enron in the 2000 US elections.

      "At this moment, it has control of systems all over the world.
      And...we can't do a damn thing to stop it."
      Miyasaka, "Godzilla 2000 Millennium" (Japanese version)

  2. Perhaps going after those whom cause the issue... by jhoegl · · Score: 0, Troll

    The viruses themselves are tough to track down (South Korea Inet cafee?). So why not go after the people whom have their computers open, not downloading the latest patches for security? These people are as responsible as the people whom create the viruses that take advantage of such flaws... So why not go after those with open computers, causing the issue... then if the issue is an unpatchable one, go after whos at fault... I mean someone has to take the blame. If they do find the person who created the virus, they can prosicute them as well, but I think this is a 2 front war...

  3. Re:Yeah by hdparm · · Score: 1, Troll
    OSS doesn't fix arrogance, stupidity, ignorance, or laziness.

    Correct.

    Recent history, however, tells us that it's pretty hard to find arrogant, stupid, ignorant or lazy sysadmins amongst those who administer Linux/BSD/OSS systems. It appears that great majority of lazy/stupid ones take (or don't) care of Windows computers.