Once again, M$'s current line is: our current shit is broken, but just wait until our next version.
I agree that SP2 will improve the situation, but not as much as you think. We have been testing SP2, and have found that it leaves alot to be desired. We have identified about 9 ways that WinBlows machines get infected. Out of 9, SP2 only blocked 6. The other 3 ways still infected the machines, even with SP2 applied. The reality is that there are over 50 critical security bugs in IE, that M$ and the world have known about for over a year. Yet M$ has done nothing to fix them. These bugs are being exploited, and SP2 will not do anything to stop them. Only when M$ gets off the pot, and seriously addresses these security issues, will IE security improve.
First of all, NETBIOS is once again M$'s crappy software. NETBIOS is a kludge that M$ developed in order to identify its machines on the network. It's so bad that even M$ decided to scrap it and develop Active Directory, which is based on DNS. Bad nonstandard networking schemes should not be propagated. Firefox should not implement this. If you are still running M$ server software, you can properly access your internal servers using a DNS name. If you can't, then your network is not properly set up. Once again, M$'s trolls are trying to force Firefox to play its games. Firefox is much better than IE, because it doesn't. It doesn't implement ActiveX, it doesn't implement IE's nonstandard JSCRIPT and DOM, and it doesn't implement NETBIOS.
This is actually a known hole. Even SP2 doesn't fix this. Basically the file is downloaded as a.gif file (xxx.gif). Javascript commands to ActiveX then rename the file to xxx.gif.exe. Then execute it. This exploit will actually work even if you have ActiveX disasbled.
OK, I'm not a nuclear scientist. The point that I was trying to make (poorly) was that since M$ sofware is insecure in the general population, using it to control harware devices is a recipe for disaster. When dealing with health & safety issues you always, always take the most conservative approach. A nuclear power plant is in the extreme, but it highlights the uneasiness everyone feels when M$ software is used in such devices.
The issue is not whether or not the internal network has been properly firewalled. The issue is that these complex projects use internal networks, on which employees connect laptops. These laptops are potentially exposed to the Internet which then get infected due to the use of M$'s crappy software. When they reconnect to the internal network, they spread the viruses, potentially creating lethal situations.
Actually, BMW traced the problem. Several memory leaks in WinCE were the cause of the majority of the problems. This has been a recurring problem with those who have used WinCE in their devices. It seems that WinCE is riddled with memory problems which crash the system. Its instability is one of the reasons why you don't see that many hardware manufacturers using WinCE and instead opting to use Linux.
Here's what happens when manufactures use Micro$hit's software in their products. BMW decided to use M$ Windows CE in their new 745i car. These cars are total lemons. Software for real-life devices needs to have much more reliability than what M$ can provide.
Nuclear power plants have already been affected by Micro$hit's crappy software. Take a look at this link for more details. Basically, the monitoring system was taken offline due to Blaster. Luckily, a meltdown didn't occur, but we may not be so fortunate in the future. Do we really want Micro$hit software running these plants? Ask yourself, would you live next to one of these plants?
I am not saying that other operating systems don't have security issues. They do. But, the makers of these operating systems make security their number one priority. All of the holes you refer to were patched within a week of discovery. Can you really say that about M$? I don't think so. There are a number of security holes that have been known to M$ for over a year, that spyware is taking advantage of. There is no way to prevent a fully patched WinXP from being owned, even with SP2 applied.
A significant amount of Internet traffic comes from zombie machines searching to infect other machines. How do I know? Just look at your web server logs. In one day's logs, over 90% of the inappropriate attempts were identifiable Windoze zombie machines. Many of these machines are infected with viruses that have been known for quite a while. The users of these machines bear some responsibility, but it is obvious that there is a fundamental design flaw in the M$ approach.
I guess M$ is preaching the status quo until it can release its own antivirus product. Great stategy: create a problem, then create a product to solve that problem. That's how you create another revenue source in a saturated market.
True. But the virus would not have priveledges to install and modify the system configuration. The machine would revert back to its clean state when it was rebooted. Users would not have to constantly reinstall the OS. You would have a significant reduction in zombie machines. By avoiding M$ Office, Outlook, IE and any other M$ proprietary data formats, you can further reduce the possibility of getting infected from your data files.
After all this, any possible infection will only result in data destruction. Sucks for you if you havent' backed up your data. But, your irresponsible act will not affect others on the Internet. Right now, its almost impossible to cleanly install a new Windows machine and have it connect to the Internet to download all of the updates. It gets owned within 5 minutes of connecting to the Internet. That's because there are hundreds of thousands of machines that have become zombies. By the way, this lack of security also allows spyware to get onto a user's machine. If M$ implemented better security procedures, much of the spyware would have died out.
Take a look at Apple. When a user logs in, he only gets user priveledges. If he needs to install a program, he is prompted for the root password. Many users at one point were using IE for the Mac. How come they weren't getting infected with spyware and viruses? They weren't because Apple implemented security properly.
I guess you haven't kept up with the news. Recently, there were exploits to the Linux kernel. It was fixed within 1 day. Yet, in IE there are over 50 known exploits that M$ has known for over a year and has yet to fix. So much for your engineers. I will take the OSS community over some M$ flunky engineer any day to fix any security problem that may come up. The OSS will do it better and faster. How many times has M$ released a security patch that creates yet another hole? That's why many in the IT field will first test any patch in a test environment before rolling it out to the production environment.
The difference is that on Linux, users rarely run as root. On Windows, the default user account has admin priveleges. Yes, idiots will click without understanding, but the damage is minimized because the user is not an admin in Linux. This practice has been an industry standard for many years, yet M$ continues to ignore this. It is extremely difficult, time consuming and beyond a novice's expertice to properly get Windoze apps to run in user space not admin.
This is yet one more broken authentication scheme from M$. If you use NTLM authentication, your network is swiss cheese. There are many articles on the Internet that explain this. You are continuing Microsoft's bad security practices. If you want to authenticate without relogin in, use standard X.509 certificates. Both Windows 2000 and 2003 server support this for login. This will both improve your network security, and allow you to move to FireFox which is much more secure than IE. Firefox is even more secure than IE with WinXP SP2.
Take a look at Primavera project planner. This product is awesome and puts M$ Project to shame. They even have a "lite" version called SureTrak if you don't need all the bells and whistles. If you are doing some serious project management, then this is the premier tool to use.
Confusing and distorting stardands so that only M$ products work. I refuse to purchase applications that will only work with IE. I will tell any ISV who does this that they are automatically cut from the selection process because they aren't following open standards. There are web standards - follow them. Don't like them - change them officially so we can all use them.
All the security holes that M$ has known for over a year and have yet to fix
All the spyware that I get due to ActiveX
All the viruses
The licensing extortion.
The phone-home spyware installed by M$
Requirement to be an administrator to do anything useful. On a Linux box, I rarely run as root. Keeps my machine totally stable. With Windows, I need to reinstall every 2-3 months because something has corrupted my machine. I have better things to do than constantly having to reinstall the OS.
Making money. M$ has pretty much taken the oxygen out of the Windows market. They leave no money on the table for their ISVs. If an ISV does have a big hit on their hands, they buy them or they release their own crappy version that competes with the ISV. Within a short period of time, that ISV is dead. Being a M$ partner is deadly to your health.
In my mind SP2 RC1 is not an option at this point. I would not install any beta software on a production system. Especially one where my reputution and livelyhood depend on. I guess this is the typical M$ refrain. Our current product sucks, but just wait until the next version..
Anyway, I tried SP2 RC1 on a test machine. I have identified 6 different approaches that spyware gets onto a machine (I'm sure there are others, but these will suffice for now). After applying SP2, I reran each hack. SP2 was only able to block 2 out 6. What a miserable failure. Okay, I'll give you that SP2 will improve marginally the situation,but not by much. I guess this is why M$ has once again postponed the release of SP2.
M$ is not willing to do what it really takes to harden their machines. They have been warned that if they don't do something about their security problems, then regulation will be enacted to impose liability to fix the problem. M$ doesn't want this legislation to be passed, and as such has taken only token measures to show that they are doing something about it.
The measures that M$ needs to take to improve security have been standard practice in the industy and are regularly followed in the Linux environment. In Linux, you would rarely need administrative priveledges to run applications. Yet in the Windows environment, it is extremely difficult and time consuming to create a working environment where you're working with only regular user priveledges. Many Windows applications don't function properly until you have administrative priveledges. How about changing the Windows certification process for applications, to require that the application be able to run with just user priveleges? How about revising Visual Studio to warn the developer of this?
Or how about the change that M$ made with XP? In XP you need to give users administrative priveledges to be able to add a new printer. In Win 2000 this was not a requirement. Now the IT group can't even lock down the machine, even after it it has figured how to operate the machine in regular user mode with their set of applications. Take for example a company where the majority of users are mobile with laptops. Now you can't give them just regular user mode because they encounter all sorts of different environments and the user needs to be able to add his own printer. So what do you do? You give him the password to the local administrator account and you make him a regular user. Guess what, within a week, he has elevated his user account to administrative priveledges because he can't be bothered logging in and out of the administrative account. And within another week of that, his machine is owned by 10 spyware programs. I have tried a variety of different approaches and non have worked. This problem is a combination of a failure of technology and a social engineering problem. The end result is quite clear. M$ has taken away from the IT group the ability to lock down the machines and now these machines get owned in a very short period of time.
Lets face it, the M$ model is broken. I agree that Windows is a bit more polished than Linux. But the price for this is that your machine and your company are constantly running on the security treadmill and can't get off.
But, I have hardened the machines by changing what the.xpi (xpi_auto_file) does. In the registry, you can remove or reroute this extension to do nothing. So, even if the users click on one of the.xpi files off the Internet, Firefox will not be used to open the file. When there is something that I want to install via.xpi, I run an admin script that re-enables it. When the install is all done, then another script is run, killing the.xpi entension. I can't do this with IE. This is because IE uses the.cab file extension, and disabling it creates even more problems on the machine. In addition, a Bugzilla report on this has been issued for FF, and the developers are coming up with a better solution on how to address this issue. I suspect that by the time V1.0 comes out, this will be a non-issue.
I have developed a whole variety of these little tricks that give me great confidence in offering my clients discounts if they avoid M$ software. Each time a new virus or security problem comes out and my clients don't get affected, their confidence in my services increases. In the beginning it was difficult to convince them not to use M$ products, now they don't question it.
Right now I'm preparing my customers for the day when they won't be running any security challeged M$ software.
Actually, most of the spyware vendors have found ways around this. In one of my latest forensics review, I found that as long as any part of ActiveX and scripting is enabled in any way in IE, you can get infected and a dialog box will not come up. These spyware creeps write a Javascript script that downloads the binary representation of the file to your machine. Then an ActiveX call is made to rename it and run it. Bingo, your infected. This is on a fully patched machine. The only way around this is to not use IE as your default browser.
Microsoft is having problems because their software is full of security holes. IE and ActiveX are the main reasons why people are having security problems, not updating. If M$ did their job right, and released secure software, then all these people wouldn't need to update before the hackers released exploits for the latest security hole. How about M$ properly securing IE, by totally disabling ActiveX? How about M$ patching the 50+ security holes in IE that have been known for over a year? Ever try disabling ActiveX totally? IE is totally useless, because its constantly nagging you over the fact that you were responsible and turned ActiveX off. Don't tell me to get an add-in that will do this. Firefox does all this right out of the box. I have gotten sick and tired, cleaning machines of spyware and viruses. In my consulting business, I roll-out Firefox. Even as a beta product, it is light-years ahead of IE.
I offer my clients who have agreed to Firefox, Thunderbird, disabled IE and no Outlook/Outlook Express, free cleanup of infected machines. Those that don't, I charge them for clean up services. I have been offering this discount since Firefox v.6. I have yet to clean up for free, a client who is using Firefox. They are happy they can devote their IT dollars to other projects, and I'm happy that I'm not spending my time in useless endeavours such as cleaning up spyware and viruses. I have even created a solution for small businesses, that only uses OSS (Linux, Firefox,Thunderbird, Openoffice, etc). When pitching to prospective customers, I give them the choice of either a M$ or OSS solution, with the OSS solution being cheaper, both from a initial installation and from a maintenance perspective. 70% of all perspective customers chose the OSS solution, once the costs of running a M$ shop are put into perspective.
Microsoft fears this and they role the old adage - Why doesn't Firefox use X? I don't want Firefox to be a copy of IE, with all the same problems. A couple of years ago, the same marketing droids said - Why doesn't Netscape use ActiveX? I was happy that the Netscape group didn't fall into that trap. A plugin was eventually created, that has the same security problems that IE has. Therefore it wasn't deployed very much. Firefox is great just the way it is. Today, clients are using FF on Windows. Tommorow, they will be using FF on Linux. FF doesn't need any M$ technology. This would make the transition from Windows to Linux much more difficult. If M$ really wanted Firefox to use the technology, they would offer it to the W3C standards with no patent encomberances. M$ would never do this. They fear Firefox and want to kill it off. The way we kill M$ is to limit the use of their patented technology for anything. FF should only use technology that is open standards with no patent issues - plain and simple.
Let's face it folks. We are in a war. The suicide bombing, baby killing Muslims are out to get us. This guy wanted to flout this in the face of authority. So now he is complaining that he is being investigated. He got what he deserved. The liberal communist left has yet to understand that we are headed into a world war with these Muslims and that we better prepare and get our act together. He's got to understand that he is responsible for his actions. He deserves to spend a little time in jail. Just like a person who files a false accident report for insurance. He had no reason to have this information. He is not bidding on laying new cable, or maintaining it. He just wanted to piss the authorities off. Well he did that and now he's complaining? Serves him right.
I've switched all existing RH servers and desktops to SUSE. Any new systems deployed at this point, will also have SUSE. Currently evaluating Debian to see whether or not its better than SUSE for my purposes.
Slashdot Mirror
Once again, M$'s current line is: our current shit is broken, but just wait until our next version.
I agree that SP2 will improve the situation, but not as much as you think. We have been testing SP2, and have found that it leaves alot to be desired. We have identified about 9 ways that WinBlows machines get infected. Out of 9, SP2 only blocked 6. The other 3 ways still infected the machines, even with SP2 applied. The reality is that there are over 50 critical security bugs in IE, that M$ and the world have known about for over a year. Yet M$ has done nothing to fix them. These bugs are being exploited, and SP2 will not do anything to stop them. Only when M$ gets off the pot, and seriously addresses these security issues, will IE security improve.
Take a look at this. This can help you run Firefox in that environment.
First of all, NETBIOS is once again M$'s crappy software. NETBIOS is a kludge that M$ developed in order to identify its machines on the network. It's so bad that even M$ decided to scrap it and develop Active Directory, which is based on DNS. Bad nonstandard networking schemes should not be propagated. Firefox should not implement this. If you are still running M$ server software, you can properly access your internal servers using a DNS name. If you can't, then your network is not properly set up. Once again, M$'s trolls are trying to force Firefox to play its games. Firefox is much better than IE, because it doesn't. It doesn't implement ActiveX, it doesn't implement IE's nonstandard JSCRIPT and DOM, and it doesn't implement NETBIOS.
This is actually a known hole. Even SP2 doesn't fix this. Basically the file is downloaded as a .gif file (xxx.gif). Javascript commands to ActiveX then rename the file to xxx.gif.exe. Then execute it. This exploit will actually work even if you have ActiveX disasbled.
No need. Your can run Firefox from removable media. Just get yourself a USB memory stick or USB micro drive, and follow the installation instructions.
Do this for a few power users, and within a very short time, the IE-only requirement goes away pretty fast.
OK, I'm not a nuclear scientist. The point that I was trying to make (poorly) was that since M$ sofware is insecure in the general population, using it to control harware devices is a recipe for disaster. When dealing with health & safety issues you always, always take the most conservative approach. A nuclear power plant is in the extreme, but it highlights the uneasiness everyone feels when M$ software is used in such devices.
The issue is not whether or not the internal network has been properly firewalled. The issue is that these complex projects use internal networks, on which employees connect laptops. These laptops are potentially exposed to the Internet which then get infected due to the use of M$'s crappy software. When they reconnect to the internal network, they spread the viruses, potentially creating lethal situations.
Actually, BMW traced the problem. Several memory leaks in WinCE were the cause of the majority of the problems. This has been a recurring problem with those who have used WinCE in their devices. It seems that WinCE is riddled with memory problems which crash the system. Its instability is one of the reasons why you don't see that many hardware manufacturers using WinCE and instead opting to use Linux.
Here's what happens when manufactures use Micro$hit's software in their products. BMW decided to use M$ Windows CE in their new 745i car. These cars are total lemons. Software for real-life devices needs to have much more reliability than what M$ can provide.
Nuclear power plants have already been affected by Micro$hit's crappy software. Take a look at this link for more details. Basically, the monitoring system was taken offline due to Blaster. Luckily, a meltdown didn't occur, but we may not be so fortunate in the future. Do we really want Micro$hit software running these plants? Ask yourself, would you live next to one of these plants?
I am not saying that other operating systems don't have security issues. They do. But, the makers of these operating systems make security their number one priority. All of the holes you refer to were patched within a week of discovery. Can you really say that about M$? I don't think so. There are a number of security holes that have been known to M$ for over a year, that spyware is taking advantage of. There is no way to prevent a fully patched WinXP from being owned, even with SP2 applied.
A significant amount of Internet traffic comes from zombie machines searching to infect other machines. How do I know? Just look at your web server logs. In one day's logs, over 90% of the inappropriate attempts were identifiable Windoze zombie machines. Many of these machines are infected with viruses that have been known for quite a while. The users of these machines bear some responsibility, but it is obvious that there is a fundamental design flaw in the M$ approach.
I guess M$ is preaching the status quo until it can release its own antivirus product. Great stategy: create a problem, then create a product to solve that problem. That's how you create another revenue source in a saturated market.
True. But the virus would not have priveledges to install and modify the system configuration. The machine would revert back to its clean state when it was rebooted. Users would not have to constantly reinstall the OS. You would have a significant reduction in zombie machines. By avoiding M$ Office, Outlook, IE and any other M$ proprietary data formats, you can further reduce the possibility of getting infected from your data files.
After all this, any possible infection will only result in data destruction. Sucks for you if you havent' backed up your data. But, your irresponsible act will not affect others on the Internet. Right now, its almost impossible to cleanly install a new Windows machine and have it connect to the Internet to download all of the updates. It gets owned within 5 minutes of connecting to the Internet. That's because there are hundreds of thousands of machines that have become zombies. By the way, this lack of security also allows spyware to get onto a user's machine. If M$ implemented better security procedures, much of the spyware would have died out.
Take a look at Apple. When a user logs in, he only gets user priveledges. If he needs to install a program, he is prompted for the root password. Many users at one point were using IE for the Mac. How come they weren't getting infected with spyware and viruses? They weren't because Apple implemented security properly.
I guess you haven't kept up with the news. Recently, there were exploits to the Linux kernel. It was fixed within 1 day. Yet, in IE there are over 50 known exploits that M$ has known for over a year and has yet to fix. So much for your engineers. I will take the OSS community over some M$ flunky engineer any day to fix any security problem that may come up. The OSS will do it better and faster. How many times has M$ released a security patch that creates yet another hole? That's why many in the IT field will first test any patch in a test environment before rolling it out to the production environment.
The difference is that on Linux, users rarely run as root. On Windows, the default user account has admin priveleges. Yes, idiots will click without understanding, but the damage is minimized because the user is not an admin in Linux. This practice has been an industry standard for many years, yet M$ continues to ignore this. It is extremely difficult, time consuming and beyond a novice's expertice to properly get Windoze apps to run in user space not admin.
Yes it's rich because its using ActiveX. That's why it only works in IE 5.5+.
This is yet one more broken authentication scheme from M$. If you use NTLM authentication, your network is swiss cheese. There are many articles on the Internet that explain this. You are continuing Microsoft's bad security practices. If you want to authenticate without relogin in, use standard X.509 certificates. Both Windows 2000 and 2003 server support this for login. This will both improve your network security, and allow you to move to FireFox which is much more secure than IE. Firefox is even more secure than IE with WinXP SP2.
Take a look at Primavera project planner. This product is awesome and puts M$ Project to shame. They even have a "lite" version called SureTrak if you don't need all the bells and whistles. If you are doing some serious project management, then this is the premier tool to use.
Confusing and distorting stardands so that only M$ products work. I refuse to purchase applications that will only work with IE. I will tell any ISV who does this that they are automatically cut from the selection process because they aren't following open standards. There are web standards - follow them. Don't like them - change them officially so we can all use them.
All the security holes that M$ has known for over a year and have yet to fix
All the spyware that I get due to ActiveX
All the viruses
The licensing extortion.
The phone-home spyware installed by M$
Requirement to be an administrator to do anything useful. On a Linux box, I rarely run as root. Keeps my machine totally stable. With Windows, I need to reinstall every 2-3 months because something has corrupted my machine. I have better things to do than constantly having to reinstall the OS.
Making money. M$ has pretty much taken the oxygen out of the Windows market. They leave no money on the table for their ISVs. If an ISV does have a big hit on their hands, they buy them or they release their own crappy version that competes with the ISV. Within a short period of time, that ISV is dead. Being a M$ partner is deadly to your health.
In my mind SP2 RC1 is not an option at this point. I would not install any beta software on a production system. Especially one where my reputution and livelyhood depend on. I guess this is the typical M$ refrain. Our current product sucks, but just wait until the next version..
,but not by much. I guess this is why M$ has once again postponed the release of SP2.
Anyway, I tried SP2 RC1 on a test machine. I have identified 6 different approaches that spyware gets onto a machine (I'm sure there are others, but these will suffice for now). After applying SP2, I reran each hack. SP2 was only able to block 2 out 6. What a miserable failure. Okay, I'll give you that SP2 will improve marginally the situation
M$ is not willing to do what it really takes to harden their machines. They have been warned that if they don't do something about their security problems, then regulation will be enacted to impose liability to fix the problem. M$ doesn't want this legislation to be passed, and as such has taken only token measures to show that they are doing something about it.
The measures that M$ needs to take to improve security have been standard practice in the industy and are regularly followed in the Linux environment. In Linux, you would rarely need administrative priveledges to run applications. Yet in the Windows environment, it is extremely difficult and time consuming to create a working environment where you're working with only regular user priveledges. Many Windows applications don't function properly until you have administrative priveledges. How about changing the Windows certification process for applications, to require that the application be able to run with just user priveleges? How about revising Visual Studio to warn the developer of this?
Or how about the change that M$ made with XP? In XP you need to give users administrative priveledges to be able to add a new printer.
In Win 2000 this was not a requirement. Now the IT group can't even lock down the machine, even after it it has figured how to operate the machine in regular user mode with their set of applications. Take for example a company where the majority of users are mobile with laptops. Now you can't give them just regular user mode because they encounter all sorts of different environments and the user needs to be able to add his own printer. So what do you do? You give him the password to the local administrator account and you make him a regular user. Guess what, within a week, he has elevated his user account to administrative priveledges because he can't be bothered logging in and out of the administrative account. And within another week of that, his machine is owned by 10 spyware programs. I have tried a variety of different approaches and non have worked. This problem is a combination of a failure of technology and a social engineering problem. The end result is quite clear. M$ has taken away from the IT group the ability to lock down the machines and now these machines get owned in a very short period of time.
Lets face it, the M$ model is broken. I agree that Windows is a bit more polished than Linux. But the price for this is that your machine and your company are constantly running on the security treadmill and can't get off.
True...
.xpi (xpi_auto_file) does. In the registry, you can remove or reroute this extension to do nothing. So, even if the users click on one of the .xpi files off the Internet, Firefox will not be used to open the file. When there is something that I want to install via .xpi, I run an admin script that re-enables it. When the install is all done, then another script is run, killing the .xpi entension. I can't do this with IE. This is because IE uses the .cab file extension, and disabling it creates even more problems on the machine. In addition, a Bugzilla report on this has been issued for FF, and the developers are coming up with a better solution on how to address this issue. I suspect that by the time V1.0 comes out, this will be a non-issue.
But, I have hardened the machines by changing what the
I have developed a whole variety of these little tricks that give me great confidence in offering my clients discounts if they avoid M$ software. Each time a new virus or security problem comes out and my clients don't get affected, their confidence in my services increases. In the beginning it was difficult to convince them not to use M$ products, now they don't question it.
Right now I'm preparing my customers for the day when they won't be running any security challeged M$ software.
Actually, most of the spyware vendors have found ways around this. In one of my latest forensics review, I found that as long as any part of ActiveX and scripting is enabled in any way in IE, you can get infected and a dialog box will not come up. These spyware creeps write a Javascript script that downloads the binary representation of the file to your machine. Then an ActiveX call is made to rename it and run it. Bingo, your infected. This is on a fully patched machine. The only way around this is to not use IE as your default browser.
Microsoft is having problems because their software is full of security holes. IE and ActiveX are the main reasons why people are having security problems, not updating. If M$ did their job right, and released secure software, then all these people wouldn't need to update before the hackers released exploits for the latest security hole. How about M$ properly securing IE, by totally disabling ActiveX? How about M$ patching the 50+ security holes in IE that have been known for over a year? Ever try disabling ActiveX totally? IE is totally useless, because its constantly nagging you over the fact that you were responsible and turned ActiveX off. Don't tell me to get an add-in that will do this. Firefox does all this right out of the box. I have gotten sick and tired, cleaning machines of spyware and viruses. In my consulting business, I roll-out Firefox. Even as a beta product, it is light-years ahead of IE.
.6. I have yet to clean up for free, a client who is using Firefox. They are happy they can devote their IT dollars to other projects, and I'm happy that I'm not spending my time in useless endeavours such as cleaning up spyware and viruses. I have even created a solution for small businesses, that only uses OSS (Linux, Firefox,Thunderbird, Openoffice, etc). When pitching to prospective customers, I give them the choice of either a M$ or OSS solution, with the OSS solution being cheaper, both from a initial installation and from a maintenance perspective. 70% of all perspective customers chose the OSS solution, once the costs of running a M$ shop are put into perspective.
I offer my clients who have agreed to Firefox, Thunderbird, disabled IE and no Outlook/Outlook Express, free cleanup of infected machines. Those that don't, I charge them for clean up services. I have been offering this discount since Firefox v
Microsoft fears this and they role the old adage - Why doesn't Firefox use X? I don't want Firefox to be a copy of IE, with all the same problems. A couple of years ago, the same marketing droids said - Why doesn't Netscape use ActiveX? I was happy that the Netscape group didn't fall into that trap. A plugin was eventually created, that has the same security problems that IE has. Therefore it wasn't deployed very much. Firefox is great just the way it is. Today, clients are using FF on Windows. Tommorow, they will be using FF on Linux. FF doesn't need any M$ technology. This would make the transition from Windows to Linux much more difficult. If M$ really wanted Firefox to use the technology, they would offer it to the W3C standards with no patent encomberances. M$ would never do this. They fear Firefox and want to kill it off. The way we kill M$ is to limit the use of their patented technology for anything. FF should only use technology that is open standards with no patent issues - plain and simple.
Let's face it folks. We are in a war. The suicide bombing, baby killing Muslims are out to get us. This guy wanted to flout this in the face of authority. So now he is complaining that he is being investigated. He got what he deserved. The liberal communist left has yet to understand that we are headed into a world war with these Muslims and that we better prepare and get our act together. He's got to understand that he is responsible for his actions. He deserves to spend a little time in jail. Just like a person who files a false accident report for insurance. He had no reason to have this information. He is not bidding on laying new cable, or maintaining it. He just wanted to piss the authorities off. Well he did that and now he's complaining? Serves him right.
Just my 2 cents. - Burning some karma.
Yeah right...
That's why we lost 3 million jobs in under 4 years. This is just more Indian propaganda so that we won't take action against them.
I've switched all existing RH servers and desktops to SUSE. Any new systems deployed at this point, will also have SUSE. Currently evaluating Debian to see whether or not its better than SUSE for my purposes.