Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Invites Security Questions

Posted by Zonk on from the what's-a-bug? dept.

daria42 writes "Microsoft is inviting ZDNet readers to submit security-related questions online to a team of Microsoft security gurus. Microsoft's Ben English and his team will take questions online until the 30th of May. A selection of questions and answers will be published by ZDNet starting from the 6th of June. Submit your questions starting now!"

19 of 259 comments (clear)

  1. What I asked by Dante · · Score: 5, Insightful

    Why does microsoft not eat it's own dogfood? As a network administrator
    I'm contstatly struggling with rights on workstations. I know that MS
    gives admin right to all of it's own users. (I live in seattle I've seen
    it.) But I can think of no security hole larger then giving out rights
    to users who *SHOULD* not need them.

    There is a laundry list of applications written *by* Microsoft that do
    not work properly without additional rights.

    This has been true sense NT 3.51. How did this happen? Upgrading to
    longhorn it not a soulution. If I worked for Microsoft this would be
    my first priority. Take away rights, fix existing applications.

    --
    "think of it as evolution in action"
  2. I Just Asked them the Big Question by mfh · · Score: 3, Insightful

    My Question
    Why don't you open up your source? I have an analogy to Open and Closed source:

    With closed source, you are in a room full of razor blades everywhere and you are blindfolded. With Open Source, you are in a room full of razor blades everywhere and you are NOT blindfolded, so you can see where the exit is and perhaps avoid getting too cut up.

    Which is really safer, closed or open source? Would you rather be blindfolded?

    --
    The dangers of knowledge trigger emotional distress in human beings.
    1. Re:I Just Asked them the Big Question by Anonymous Coward · · Score: 2, Insightful

      Microsoft's Answer:

      With Open Source, you are in a room full of razor blades and you can see, but it's really too much of a strain on you to get yourself to the exit safely. You can't possibly do it, and you might actually try to take a razor and cut someone else.

      With closed source (or really, just MS) you are blindfolded because you are far too stupid to avoid getting hurt, and we really can't trust you not to use those razors to attack someone else. So we are going to hold your hand and gently lead you to the door.

      What they won't tell you is the door only leads to more razors, and the guy holding your hand probably put them there in the first place (but that won't stop him from charging you to hold your hand).

    2. Re:I Just Asked them the Big Question by dwlovell · · Score: 1, Insightful

      Here is my version of the analogy:

      With closed source, you never enter the room, something breaks and is visible from the outside and you say "Microsoft, thou shalt fix this or I will take my maintenance contract elsewhere!", and then Microsoft sends its devs into the room of razor blades with their own lights to fix the problem. (Now you might debate their effectiveness, but thats another issue.)

      With open source, stuff breaks, no one is there to help you and you have to visit hundreds of howto sites in order to get the exact path to traverse the razor blades in the dark without killing yourself, just so you can fix the problem yourself.

      -David

  3. Is Microsoft Windows *OS* more secure than Linux? by r_jensen11 · · Score: 1, Insightful

    Guarenteed question. Answer: According to many studies that we've funded; yes.

  4. Could the key word be... by sznupi · · Score: 2, Insightful

    "selection"? ;P

    --
    One that hath name thou can not otter
  5. Isn't the WWW full of them...? by guyfromindia · · Score: 2, Insightful

    Almost EVERY website that deals with security have commented on M$FT and their security. That would be a good place for Mr.Ben English to start. Not to troll, but I think this is just another PR stunt by M$FT!

  6. what doesn't get answered by sumdumass · · Score: 4, Insightful

    It would be nice to see the questions that don't get answered. It would be interesting to see if some questions get glossed over or ignored because of some inherant design flaw.

    Maybe someoen would make a lost of all the questions and group all the simular ones together in order to create somethign like this. I guess microsoft is feeling the heat from other vendors stating that microsoft isn't as secure as thier products.

  7. We all know what will happen. by Psionicist · · Score: 5, Insightful

    They will ignore everything and give generic answers to worthless questions such as "how do I secure my home computer". The answer will probably be something like "use the microsoft firewall and the microsoft anti-spyware program, and a microsoft antivirus program on your geniuine microsoft windowxs xp operating system".

    Nothing to see here, move along.

  8. a slection eh ? by oh_the_humanity · · Score: 2, Insightful

    a selection ... translation easily answered questions made up or planted by microsoft employs. so they dont have to answer the hard hitting questions.

    --
    "When they invent bitch slaps that can go through a monitor you better f'ing duck" --deft (253558)
  9. Beating around the bush by camelmix · · Score: 2, Insightful

    I'm sure they will just beat around the bush like they always do. Gates's arrogance will trickle off.

  10. I have a question... by WAR-Ink · · Score: 2, Insightful

    1) Why can't you get software out the door that doesn't contain security flaws that you will be spending the next 6 years trying to fix, and still not get it right?

    2) Word association: Microsoft -> buffer overflow.

    3) Do you understand the concept of "Deny All Except" or has it ever been mentioned to you?

    4) Do the 1 million monkeys Douglas Adams referred to work in Redmond?

    5) Why is Bill Gates such an ass?

    6) Who will protect us from Microsoft?

    Ok. So it was more than one question. But one wasn't technically a question.

  11. Don't do it, it's a trick by frovingslosh · · Score: 4, Insightful

    Come on, does anyone really think that Microsoft is going to select any of the tough questions that they really don't want to address? This is a sham. It gives them a way to say that they responded to users concerns, when in reality they will pick and choose things that can make them look good or give them a chance to attack open source. The more people who participate in this sham the more it servers their purposes.

    --
    I'm an American. I love this country and the freedoms that we used to have.
  12. Time 2 Market vs Security & Fiduciary duties by team99parody · · Score: 4, Insightful
    Dear Microsoft - it's long been known by us shareholders that your stock has only flown so high because you understood the proper tradeoffs between security (slow and unprofitable) and time to market (== profit == shareholder value).

    How can you be betraying your feduciary responsibilities to shareholders by delaying products in the name of security, which history has proven that your corporate customers don't give a damn about anyway.

    To avoid shareholder lawsuits of you not acting in what has historically been shown to be the best for your shareholders, why don't you return to your security-be-damned buggy strategy and return your stock to the glorious heights it once held?

  13. What the hell. by killjoe · · Score: 2, Insightful

    Has ZDNET given up even the pretense of being a tech magazine? Have they finally embraced the fact that they are nothing more then a thinly veiled publicity arm of Microsoft?

    Where are the real journalists asking the tough questions to the executives of MS and other tech firms. Instead they invite questions from the public there the "experts" will pick the softballs and spew on an on about how safe, secure and super-duper-keen-nifty windows is compared to that communist linux.

    --
    evil is as evil does
  14. Re:Unbiased? by jerometremblay · · Score: 4, Insightful

    Microsoft is full of brilliants people with good ideas and good intentions.

    However other forces within the company are sometimes (some will argue always) taking over. If the suits decide that they prefer more features over less bugs, or if they set impossible deadlines, good peoples aren't enough.

  15. Where are the tools? by disposable60 · · Score: 3, Insightful

    Microsoft apparently has fine-grained access, rights and permissions built into WindowsXP. Where are the tools to manage those permissions?

    By the way - HOME users need those tools, too. They would (could) go a long way to preventing zombification.

    --
    You're looking for quotes? See my journal.
  16. Re:I asked by RaffiRai · · Score: 2, Insightful

    Not to defend MS, but that's trolling. "Security" wasn't a high priority in the beginning because it didn't exist as a highly important factor until like 1999. XP is based on 2000 which is based on NT 4.0 which is based on NT 3.51. There's no way they could have forseen security being as important to the computer world as it is now. Granted, it took them a bit to realize it, but they can't change the entire NT codebase without releasing a new OS, which they're doing. SP2 is about all they can do without making fundamental changes.

    Why am I defending MS? I don't like them..

  17. Re:In other news... by Doc+Ruby · · Score: 4, Insightful

    That would be "the truth". The truth about Microsoft is unparalleled bashing grounds.

    --

    --
    make install -not war