Looking Back At Windows Security In 2003

thebatlab writes "Help Net Security has an interesting look at security in Windows during 2003, with various blurbs from related parties at Microsoft as well as security 'bigwigs' such as Russ Cooper. It's interesting to read the comments from external parties, as they tend to be very reasoned comments and don't simply attack away over recent 'indiscretions' and 'security lapses' Microsoft has had over the year."

Packaged product

[Tim+Ward]

I buy a packaged consumer product and install it on my computer.

Why should I be expected to know there is such a thing as a firewall and that I should install it?

To put it simply, that's unrealistic. Sure, geeks should know better, but the general public shouldn't have to.

I buy a packaged consumer product and install it on my computer.

Whenever I try to do anything it spouts gibberish at me, like "access denied", "consult your systems adminstrator", "you don't have permission to do that", "consider enabling UDP port 1234 outbound on interface zzzz", "you need to urgle the flombat", "system error 5".

Why should I be epxected to understand all this gibberish? It's my computer, I bought it, I paid for it, it's mine, it has no business telling me I'm not allowed to do things. I want to install it and just have it work without my having to learn whether any of this technobabble actually means anything.

To put it simply, that's unrealistic. Sure, geeks can cope with all this stuff, but the general public shouldn't have to.