Full Disclosure mailing list archives
RE: Re: Microsoft Coding / National Security Risk
From: madsaxon <madsaxon () direcway com>
Date: Fri, 26 Mar 2004 13:34:28 -0600
At 01:23 PM 3/26/2004 -0500, joe wrote:
I would hope the US government isn't using Windows in the way normal home users are. And in fact having personally spoken with several folks from the US Government and the US Military (US Army specifically which was interesting...) in charge of this stuff this week at a conference I can actually in fact say that they don't use Windows like normal home users.
A sample size of "several" is hardly adequate for drawing a conclusion of this magnitude. The fact is that there are no universal standards for Windows installations in the US government. There are mountains of best practices, mandates, regulations, and policies, but none of these ensure rigid compliance. The degree to which Windows workstations are "locked down" runs the full spectrum, right up to 'virtually wide open.' The US military is considerably more rigorous than the civilian government in this regard, but even then there are systems which have slipped through the cracks. Evidence for this is the fact that Web defacement mirrors still occasionally contain both .gov and .mil entries. m5x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Microsoft Coding / National Security Risk, (continued)
- RE: Microsoft Coding / National Security Risk joe (Mar 24)
- RE: Microsoft Coding / National Security Risk Frank Knobbe (Mar 24)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Microsoft Coding / National Security Risk Frank Knobbe (Mar 24)
- Re: Microsoft Coding / National Security Risk John Sage (Mar 24)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- Re: Microsoft Coding / National Security Risk Valdis . Kletnieks (Mar 26)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- Re: Microsoft Coding / National Security Risk Valdis . Kletnieks (Mar 24)
- Re: Microsoft Coding / National Security Risk martin f krafft (Mar 24)
- Re: Microsoft Coding / National Security Risk borg (Mar 24)
- RE: Re: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Re: Microsoft Coding / National Security Risk madsaxon (Mar 26)
- Re: Re: Microsoft Coding / National Security Risk Szilveszter Adam (Mar 29)
- RE: Re: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Microsoft Coding / National Security Risk joe (Mar 24)
- RE: Re: Microsoft Coding / National Security Risk Random Letters (Mar 24)
- RE: Re: Microsoft Coding / National Security Risk Steven Alexander (Mar 26)