| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Experts Say Microsoft Security Effort Failing | |
|
||
| Time: 00:12 EST/05:12 GMT | News Source: Reuters | Posted By: Todd Richardson | ||
|
Computer security experts said on Thursday the recent "SQL Slammer" worm, the worst in more than a year, is evidence that Microsoft Corp.'s year-old security push is not working. "Trustworthy Computing is failing," Russ Cooper of TruSecure Corp. said of the Microsoft initiative. "I gave it a 'D-minus' at the beginning of the year, and now I'd give it an 'F."' | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 312 Last | Next |
The time now is
6:39:20 PM
ET.
Any comment problems? E-mail us |
| #1 By 94 (66.127.184.202) at 1/31/2003 12:26:32 AM |
| Because of a 7 month old security flaw, the entire initiative has failed? I would love to meet the idiots that actually say things like this. The real test will be Windows 2003 Server, and its entire server product line. |
| #2 By 135 (208.50.206.187) at 1/31/2003 2:07:06 AM |
|
I suspect part of the deal is that while the other product lines have improved... the SQL Server team really didn't. I mean they are still releasing patches they way they did 4 years ago.
But yeah, I don't get the grade thing. |
| #3 By 13030 (198.22.121.120) at 1/31/2003 9:59:23 AM |
|
Amazing. Every zealot has an excuse for Microsoft's failures in security. Place accountability and responsibility where it belongs--repeated security failures are not the fault of the customer. MS still is not in the mindset of producing secure code. And with many MS products having dependencies to other products and even the web browser(!), it's a mess to sort out and maintain.
Any automatic update or application of SQL Server patches is idiotic and could only be advocated by novices. Anyone with real world experience knows that every vendor patch should be tested in non-production environments before applying to production machines. What I find most shameful is the fact that we have a perpetual stream of security patches basically every week and there is no end in sight. I expect more from a company with the talent and leadership that MS has. That is why I find the security failures unacceptable and unforgivable. -Chris This post was edited by ch on Friday, January 31, 2003 at 10:00. |
| #4 By 13030 (198.22.121.120) at 1/31/2003 12:44:47 PM |
|
In response to #8 By kevinu:
Interesting comments. I never claimed to be perfect. I never claimed that software development should result in perfect products. Do I make a constant and continuous effort to deliver bug free products? Of course I do and so do most vendors. Obviously, software is going to have bugs (and, yes, I have "gotten over it" a long time ago.) My concern is specific to security-related bugs. These can be insidious and do cost the world billions of dollars in downtime, inaccessible networking, filled bandwidth, trouble-shooting, and lost productivity. I never claimed that the Automatic Update feature runs and updates entirely on its own. I know how it works, but thanks for the refresher. My concern is that many (inexperienced) users have advocated some degree of an automated approach as the fix to the problem without realizing the risk. The problem is not the patching process. The problem is the number of security holes to begin with. MS has an incredible talent base and a huge wad of cash (something like $43 billion, IIRC). For a company with this level of resources to have this many security problems, especially after implementing a security initiative, is not acceptable. MS has positioned itself at the top of the pyramid. Now that they are there they need to continue to deliver better and better products that can pass high levels of scrutiny. -Chris |
| #5 By 13030 (198.22.121.120) at 1/31/2003 4:46:53 PM |
|
#13 By dkg_ctc:
Nice phony pseudo-quote. I don't know how you drew the conclusion you did about what I said and then posed it as my (excited) rant. (Actually, it's kind of funny how nerds really do tend to talk like that when they get excited... dkg_ctc's imitation of me is most revealing...) Regardless, you know exactly what I said. You merely choose cut MS more slack than I do. Like I said in my first post: excuses. Obviously, some of the folks here don't believe in the same level of accountability as I do, at least when it involves MS. Realistically, MS has the capability to produce secure products for the masses (MSDE for most everyone whether you realize it or not--it was MS's choice to do that, not mine). They have decided to put less time and money into security. Are they changing that finally? Yes, to a degree. Do they have a long way to go? Definitely. Should we make excuses for them? No, because they are capable of delivering quality software. -Chris |
|
Write Comment
Return to News |
Displaying 1 through 25 of 312 Last | Next |
The time now is
6:39:20 PM
ET.
Any comment problems? E-mail us |
