Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Invites Security Questions

Posted by Zonk on from the what's-a-bug? dept.

daria42 writes "Microsoft is inviting ZDNet readers to submit security-related questions online to a team of Microsoft security gurus. Microsoft's Ben English and his team will take questions online until the 30th of May. A selection of questions and answers will be published by ZDNet starting from the 6th of June. Submit your questions starting now!"

7 of 259 comments (clear)

  1. What I asked by Dante · · Score: 5, Insightful

    Why does microsoft not eat it's own dogfood? As a network administrator
    I'm contstatly struggling with rights on workstations. I know that MS
    gives admin right to all of it's own users. (I live in seattle I've seen
    it.) But I can think of no security hole larger then giving out rights
    to users who *SHOULD* not need them.

    There is a laundry list of applications written *by* Microsoft that do
    not work properly without additional rights.

    This has been true sense NT 3.51. How did this happen? Upgrading to
    longhorn it not a soulution. If I worked for Microsoft this would be
    my first priority. Take away rights, fix existing applications.

    --
    "think of it as evolution in action"
  2. Unbiased? by nizo · · Score: 5, Interesting

    If the Microsoft team gets to pick which questions are answered, I doubt this will be akin to Achilles waving his naked foot right under Paris' nose, since questions like, "Why is Microsoft's security better than Linux security?" are more likely to get answered than questions like, "When did Microsoft hire a team of security gurus?"

    --
    I Am My Own Worst Enemy
  3. In other news... by cainpitt · · Score: 5, Funny

    Slashdot asks what kind of story will really bring the M$ bashing to an all time high?

  4. Question: by lunchlady55 · · Score: 5, Funny

    How do you keep your jobs?
    I'm assuming you've got some excellent blackmail material on someone in HR but I'd like to know for sure.

  5. We all know what will happen. by Psionicist · · Score: 5, Insightful

    They will ignore everything and give generic answers to worthless questions such as "how do I secure my home computer". The answer will probably be something like "use the microsoft firewall and the microsoft anti-spyware program, and a microsoft antivirus program on your geniuine microsoft windowxs xp operating system".

    Nothing to see here, move along.

  6. What's considered a security bug? by Anonymous Coward · · Score: 5, Interesting

    This is pretty much the most basic question possible, but what do you consider to be the range of behaviors that qualify as security bugs?

    For example: do you consider features that require the user to do something insecure (like run as a local administrator) in order for that feature to work a bug? Do you consider system defaults that can cause the user to perform an action they didn't intend to do (such as launching a hostile executable) a security bug?

    If you answered "Yes" to these questions, do you consider ActiveX web browser plugin support and hiding file extensions to be security bugs? How soon will a patch be available to fix these bugs? How does the timeframe from "discovery of bug" to "fix for bug" compare to your competitors average time-to-fix for security bugs?

    Simple enough, really.

  7. They have it backwards by starling · · Score: 5, Funny

    Based on past performance, the MS security gurus should be asking questions of the general public.