Microsoft Apologist Apologizes for Microsoft

hillbilly1980 writes "Internet Week has published a counter article in response to the number of anti-monoculture security papers recently published. Unfortunately the author starts out by writing off the other papers as simply anti-Microsoft, unfortunate because his paper never gets past being more then just pro-Microsoft. One of his suggestions to secure your enterprise... turn off port 80." Probably the best thing to do to prevent disinformation from entering your company is to block articles by Rob Enderle. Update: 10/11 00:54 GMT by M : Note for the record that the original version of the article referred to blocking port 80; the article has now been edited to refer to port 135.

Yeah, Of Course He's Right

[CrankyFool]

That's because he's got the wrong focus.

The monoculture risk is real when you're looking at the 64,000 view -- the entire population. They're not really all that much of a risk when you're dealing with, say, an enterprise's systems, and there's not that much benefit to them in that kind of environment (disregarding things like security devices for the moment).

We've used the agriculture analogy before to describe the issues around monocultures, so to continue to use it, we can say that his point is that monoculture isn't really an issue because when you're tilling a single field, it's a pain in the ass to put multiple crops on it. True, but that's not the point -- it's when you've got one crop on *ALL* the fields (all the enterprises) or at least a substantial portion of them that you get into a problem.

His suggestions..

[taradfong]

Let's look at some of these...

- Accelerated adoption of patches.

Ok, yes you do have to stay patched. But this is like blaming people with flawed cars for not going to the car dealer each week to check for recalls. Microsoft's abundance of patches indicates poor design and methodology, period.

- Locking down desktops so users cannot make changes and viruses and worms can't install themselves and run.

Ok, so rather than design the apps safely out of the box, we need to handcuff the users and do the dirty work ourselves. I guess all those Outlook viruses were our fault.

- Restricting ports, such as port 135, which effectively stopped the latest virus attack.

Wow! What a concept! I never thought of this! Now I know where all my problems are coming from! It's not from the software, it's my fault for actually allowing connectivity!

- maintaining "hot sites," or duplicates of key elements of the IT infrastructure, so if the main infrastructure is compromised, users can quickly switch to backup systems.

Sounds like a way to sell licenses. Ok, since we can't make our product stable, buy 2 copies and hope one works.

- Developing the capability to rapidly restore compromised software and data from backups.

Right. Key word is, develop. Why does an end user, paying hundreds of dollars per seat need to 'develop' something as common as this.

- Adding security staff or outsourced services.

Right. Keep sending us your licensing fees, and then spend more money to make up for the gaps in our software. Don't trust any of that 'free software' crap you read on the internet - those Linux guys are a bunch of hacks. Hire an MSCE. Preferably from another country.