Full Disclosure mailing list archives
RE: Security Watch Essay (was: (no subject))
From: "roberta bragg" <freouwebbe () msn com>
Date: Thu, 12 Feb 2004 01:05:30 -0600
Well, lets see. What gets published in any publication is usually an editorial decision. As in senior editor, or managing editor. Then again, they have to have something to choose from. If no one writes anything, then the editors have to scramble. No telling what they'll do. No telling what they'll publish. I don't write to "score points" against anyone or anything. I'll defend my point of view, and I'll argue a point if I believe in it. Mostly, however I prefer to just tell a story, provide a tip, discuss an issue, answer a question. Those who read me on a regular basis know that. Long before I became a writer I spent a couple of decades paying dues: I was a keypunch operator, FORTRAN, Cobol, C, C++, LISP, Delphi, dbase, VB, Prolog, etc. programmer, project leader, systems analyst, computer salesperson, teacher, consultant, network admin, systems admin, graduate student in computer science, whatever. Was doing computer security before it was kool. You? Don't claim any fame. Just like providing information, sounding off. Maybe like you? Apparently the authors of the monoculture piece feel that way too. They never responded to me. I didn't expect them to. Did get a lot of letters from "anonymous" that damned me for having the opposite opinion from theirs. I did expect that. I typically don't respond to letters from "anonymous" that simply call me names. Keith is not my boss. Boss implies employer/employee relationship. No such relationship exists. He did ask that I post, since he does not subscribe to the list. I'm not his keeper , nor he mine -- we're both free to subscribe to whatever lists we choose. And not to subscribe if we chose not to. "employee" is a legal term that implies a contract === a job for wages from which there is withholding for taxes , social security etc. It may even imply benefits such as health care, vacation, sick pay etc. And while there is no guarantee,,, you generally can count on remaining employed for longer than it takes to write an article. I have no such relationship with 101 or MAP. I get to write regularly --- but its always been one article, one column at a time...there is no contract. the last column I write ,,, could be the one already written... There is no obligation to me to continue to accept for publication what I write,,,, and I have no obligation to them to write again. As you point out, its pretty unlikely that subscribers to the magazine (who, by the way, get it for free if they are an MAP. ) have no interest in the success of MS. Their employers purchased MS products.. They, the subscribers, were hired to keep it working --- of course they have an interest it MS helping them do so. No, my comment about 101 doing JAVA and other magazines was not meant to mean that MAP wasn't about Microsoft Products,,, but merely to point out that 101 does other things.. Just as this list also talks about non-MS vulnerabilities. I never said that the column is not about MS products just that it is not owned by MS. It is not a MS publication. Is Full-Disclosure anti-MS? I'd say many of its contributors are. But I'd also say a lot of them just want to get information out in the open so that anyone with an interest can do their best job at securing systems. Today it's a MS flaw, tomorrow its somebody else's.. There's a lot of noise, and a lot of nuggets. Typical of a open forum. No, my comment "if you believe ... Is a pro MS publication" was not meant to claim that it was an anti ms publication,, or even a neutral one..but to ask that anyone who saw it as a publication that would only publish pro-MS content --- take the opportunity to write something anti-MS and see it published. Next question? -Roberta -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of http-equiv () excite com Sent: Wednesday, February 11, 2004 11:32 PM To: full-disclosure () lists netsys com Cc: freouwebbe () msn com; keith.ward () mcpmag com; roberta.bragg () mcpmag com Subject: [Full-disclosure] Security Watch Essay (was: (no subject)) How many of these little essays are you going to publish? Who will decide which one[s] gets published. Will it be the only one that you can reply to that you feel you can score points against. Who are you and what is your claim to fame? You certainly showed your audience with your response 'directly to the authors' of "Cyberinsecurity: The Cost of Monopoly. How the Dominance of Microsoft Products Poses a Risk to Security." http://www.mcpmag.com/newsletter/article.asp?EditorialsID=170 I take it that in the healthy debate than ensued the authors of that little piece clarified their position to your satisfaction. Why has your boss sent you? What ails him that he is incapable of posting this little "challenge" of his himself? It appears that the "security watch" newsletter is published only to / by Microsoft Certified Professional Magazine Online why have you tried to suggest that the "JAVA publication, a couple for the Feds, some for education market" will be the audience of this as well. What do you mean you are not an employee? "Security Watch" is your column. Perhaps you do it for free in order to generate goodwill amongst the subscribers of your magazine, who all no doubt have a vested interested in everything Microsoft. Then with a bit of luck they'll end up buying your book[s]? Roberta Bragg, MCSE: Security, CISSP, Security+ and contributing editor for MCP Magazine, runs Have Computer Will Travel Inc., an independent firm specializing in security, operating systems and databases. She's a frequent speaker and trainer for TechMentor. Her newest book is MCSA/MCSE Implementing and Administering Security in a Windows 2000 Network Exam Cram 2 (Exam Cram 70- 214) by Que Publishing. You can contact Roberta about "Psychologically Acceptable Security" at . "If you believe that Security Watch is a pro-Microsoft publication " -- nice try. It's precisely this rank amateur gibberish that Microsoft employees along with its little elves that defines it's inability to do anything right. Microsoft Certified Professional Magazine Online: <meta name="description" content="Microsoft Certified Professional Magazine brings you the latest independent information on Microsoft products and MCP certification programs and is relied upon by Windows, SQL Server and .NET experts worldwide."><meta name="keywords" content="Microsoft, MCSE, MCP, MCSD, MCP, MCSA, MCDBA, MCT, 2003, Windows, NT, XP, RSS, XML, Certification, IT, Salary, Engineer, Windows, Internet, Certify, Exam, Test, Network, Office, Magazine, Computer, .NET, Online"> The "Security Watch" column inside the "Microsoft Certified Professional Magazine" catering [and relied upon mindyou]to Windows, SQL Server and .NET experts worldwide is not 'pro' [whatver that is supposed to mean] Microsoft. Get your boss out of his Microsoft logo'd Lazy Boy recliner and post and run his debate here. On this mailing list. Where it can be debated. Not addressed in reply one time like you did before. And he can donate his not inconsiderable sum of a grand total of "$50.00" to the SPCA. Ridiculous. -- http://www.malware.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Security Watch Essay (was: (no subject)) Chris Cozad (Feb 11)
- <Possible follow-ups>
- Security Watch Essay (was: (no subject)) http-equiv () excite com (Feb 11)
- RE: Security Watch Essay (was: (no subject)) roberta bragg (Feb 11)
- RE: Security Watch Essay (was: (no subject)) Trevor Benson (Feb 12)
- RE: Security Watch Essay (was: (no subject)) Paul Schmehl (Feb 12)
- RE: Security Watch Essay Rob, grandpa of Ryan, Trevor, Devon & Hannah (Feb 13)
- RE: Security Watch Essay (was: (no subject)) roberta bragg (Feb 11)
- RE: Security Watch Essay (was: (no subject)) Schmehl, Paul L (Feb 12)
- RE: Security Watch Essay (was: (no subject)) Keith Ward (Feb 12)
- Re: RE: Security Watch Essay (was: (no subject)) James Bliss (Feb 12)