Full Disclosure mailing list archives
Re: [inbox] Re: CyberInsecurity: The cost of Monopoly
From: Rodrigo Barbosa <rodrigob () suespammers org>
Date: Tue, 30 Sep 2003 04:01:01 -0300
On Mon, Sep 29, 2003 at 11:51:03PM -0500, Paul Schmehl wrote:
As some may recall, my original statement was an answer to someone that was points that Unix is more secure then Windows (I agree up to this point), and gave and example telling that there are still several codered vulnerable machine around. This is the point I was commenting about. And you do have to agree that is a machine, today, is still vulnerable to Codered, it is mostly due to a fault of the administrator.I'm going to pick one small nit with you. There is another possible guilty party. In some cases, at least in edu and medical centers (that's what I'm familiar with) the *vendor* is at fault. Some vendors will not certify their scientific instruments with the latest Service Packs and patches, leaving the admins no other choice but to find some other way to protect the machine. (Hell, we sometimes have trouble getting vendors of *security* devices to support their products with the latest SPs and patches. (Which is another reason that I dislike putting security-related software on Windows boxes, but sometimes you simply have no choice.)
I stand corrected. I kind of remember something about a friend of mine (Win admin) installing NT SP2 and it breaking MS-SQL server. And yes, you are correct about vendors too. So, simply put, we are doomed :) - When the software gets a bugfix released, you can't install it because of the vendor - When you can install it regardless of the vendor, the net admin forgets to install it - When the net admin remembers to install it, the users mess up - When the user don't mess up, the cleaning lady pulls the plug Talk about trustworthy computing :) []s -- Rodrigo Barbosa <rodrigob () suespammers org> "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
Attachment:
_bin
Description:
Current thread:
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Schmehl, Paul L (Sep 29)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Rodrigo Barbosa (Sep 29)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Frank Knobbe (Sep 29)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Rodrigo Barbosa (Sep 29)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Paul Schmehl (Sep 29)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Rodrigo Barbosa (Sep 30)
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Curt Purdy (Sep 30)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Frank Knobbe (Sep 29)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Rodrigo Barbosa (Sep 29)
- RE: [inbox] Re: CyberInsecurity: The cost ofMonopoly Steve Wray (Sep 30)
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Paul Schmehl (Sep 29)
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Ron DuFresne (Sep 30)
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Dan Stromberg (Sep 30)
- <Possible follow-ups>
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Schmehl, Paul L (Sep 30)