Microsoft Apologist Apologizes for Microsoft

hillbilly1980 writes "Internet Week has published a counter article in response to the number of anti-monoculture security papers recently published. Unfortunately the author starts out by writing off the other papers as simply anti-Microsoft, unfortunate because his paper never gets past being more then just pro-Microsoft. One of his suggestions to secure your enterprise... turn off port 80." Probably the best thing to do to prevent disinformation from entering your company is to block articles by Rob Enderle. Update: 10/11 00:54 GMT by M : Note for the record that the original version of the article referred to blocking port 80; the article has now been edited to refer to port 135.

port 135, not port 80

[diaphanous]

The article advocates restricting port 135, not port 80.

~Phillip

Enderle should get his facts right first

[mst76]

From the article:

This is the big problem with the diversity recommendations I've seen. If they had been implemented as recommended they would have had little impact on the MSBlast virus, which spread via common e-mail, and would likely increase the exposure for other types of threat.

What exactly does "anti-Microsoft" mean?

[ChangeOnInstall]

What exactly does "anti-Microsoft" mean?

Back in 97, I was working at a startup where we were using the usual array of Microsoft tools to create web-based applications: IIS, ASP, Visual Basic (COM controls), and SQL server. The more I learned, the more I grew not to like it. The straw to break the camel's back was finding a significant bug in MDAC (which was acknowledged by a high-level tech once the ticket was escalated), and then having to wait 6 months for a fix. We thus moved away from the MS platform to Java/Linux, a combination that we found to be superior for our needs. I haven't looked back since.

I think I thus fall into the anti-Microsoft camp. I'd prefer to think of myself as being in the "pro-well-written-software" camp though. If Microsoft started writing good, secure, and interoperable software, I'd welcome them with open arms. My problem with MS is that in my "learned-the-hard-way" opinion, they don't.

The author does not define the term "anti-Microsoft". So my question is, what connotation do people try and draw up with the term "anti-Microsoft"? In my opinion, fabricated terms that begin with "anti-" tend to be used to describe an irrational hatred of something, and that's what I'm seeing here.

Re:Slashdot

[Lshmael]

You can just even use the other articles he has written for Internet Week:

PREVIOUSLY BY ROB ENDERLE:
- Microsoft: Hated Because It's Misunderstood [internetweek.com]
- Reasons To Shun Open Source-ry [internetweek.com]
- Linux Is Not Ready For the Enterprise [internetweek.com]

Those are all "Opinion" columns, btw.

Re:Slashdot

[zurab]

But still I would have expected a bit more. Not just "oh, and if Rob Enderle is from Microsoft everythingh he says is bad".

Here's a little bit more (at the end of the current article):

PREVIOUSLY BY ROB ENDERLE:
- Microsoft: Hated Because It's Misunderstood [internetweek.com]
- Reasons To Shun Open Source-ry [internetweek.com]
- Linux Is Not Ready For the Enterprise [internetweek.com]

Further, in the article, after presenting a general statement (that he tries to critique) that diversity is good for security, he claims:

These arguments were put forward by Gartner and, separately, a panel hosted by the anti-Microsoft Computer & Communications Industry Association.

But there is no evidence that either party has actually analyzed the cost of diversity or quantified the risks of diversity.

As opposed to who? Himself? He presents no cost or risk analysis of anything either, including diversity, or any of the arguments that he is trying to put forward. But based on his previous articles and general sentiment, it is obvious that he doesn't need to. It's clear what his conclusion is going to be anyway.

Re:Slashdot

[Read Icculus]

Have you read any of this guy's stuff? Or did you just decide to post some now-popular "quit being such a bunch of slashbots" stuff in hopes of getting modded up? Check out this preface to his article on "Linux is Not Ready For the Enterprise" -

Linux and other open source projects require too much customization, and doubts about the legitimacy of open source code could get users tangled up in lawsuits. Besides, many Linux supporters are a bunch of potty-mouthed malcontents. Enterprises are better off staying away from Linux and open source -- or at least thinking through the possible liabilities

I agree that any business should think through the liabilities of any piece of software that the are going to deploy, (like maybe think for a second about distributing copies of Windows throughout your buisness, an OS that includes a piece of software that was found to be illegally infringing on a legal patent, unlike the SCO case which is merely in progress, much like all the lawsuits against MS), but what the hell does "Besides, many Linux supporters are a bunch of potty-mouthed malcontents", have to do with a consultant's article on the weaknesses of Linux? Should I write an article about "Why Windows sucks on the Desktop", and then state "Besides, many Windows users are nothing more than software pirates and they download the vast majority of illegal mp3s".

Here's a good one from the article "Reasons to Shun Open-Source-ry" -

I now honestly believe that Linux and open source are big, bald-faced lies perpetrated on the industry by itself. ... How many credible people told each other with a straight face that profit didn't matter? This seems much too similar to "free software" to me.

If you actually read this guy's articles you start to get a pretty good idea of the amount of FUD that he is spreading. Check out his consulting group, do some googling, and check out his bio - GigaWeb [gigaweb.com]. This guy is a marketroid consultant who seemingly only works with and promotes MS products, (according to his own information!). His arguments are also generally full of holes and he often uses ad hominem attacks while bashing anti-MSers for doing the same thing. The only platforms that seem to draw his ire are non-MS, check out all he has to say on OSX and Linux, (If you can stand it). He even asks if OSS supporters have "ever heard of capitalism?", and says that he does not want to go back to the days of cheap software. I've read about a dozen of his articles now, (know thy enemy), and I suggest that anyone who has some questions on this guy do the same.

Funny...

[JRHelgeson]

Its funny how this comes on the heels of what is now the THIRD version of the MS03-026 vulnerability. As you know, MS03-026 is the RPC/DCOM vulnerability that brought us MSBlaster.

Just after Blaster started clearing up, Microsoft released MS03-039 which is essentially the SAME vulnerability as was -026. They blew it. They didn't fix the problem with the -026 patch, so admin's now had to re-patch all their machines.

Well, here we go again - only this time the exploit code precedes the MS anouncement and corresponding patch. Yes kids, the hacking underworld has perfected the exploit code for MS03-039 and in doing so uncovered yet another hole in the RPC/DCOM service for which there is NO PATCH AVAILABLE!!! (As of 11 Oct, 2003 0100)

And for those of you who think that this is just FUD... here's the exploit soucre code [security.nnov.ru]. Simply compile under Linux, then change your shorts.

Network admins: May I suggest you take your sleeping bag and pillow and put it in your car - theres going to be a lot of late nights at the office coming up.

Security design

[cdemon6]

You can minimize your risk when staying up-to-date with patches and can block incoming traffic on dangerous ports, for example, but you'll never be totally secure this way. This is why it helps so much running *ix or *bsd , because you can chroot, jail, run apache as wwwrun and so on. Windows gives you full access once exploited, as you all know.

Imagine: Somebody attacks you with a working exploit before you've got the patch installed even if you update every day - unlikely, but possible.

Or imagine: You block all incoming traffic on 135/139 with your firewall and consider yourself immune to the blaster type of windows attacks.
Take a person connecting via a vpn (for example) to your network which has an infected machine at home and think of the consequences once he is connected. Effeciency of firewall -> zero (in most cases).