Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Security

Journal Journal: Sigh. Yet *another* critical Windows vulnerability...

WTFFF? Another critical vulnerability in Windows? I'm shocked! Here's the article.

Is it possible to secure a Windows box? I have done my best in my professional career to ensure that each Windows box I have had any control over is secure, but I can't feel 100% confident that one of the boxes I've configured won't be 0wn3d at some point in the future. Especially if they're not patched every other day to prevent the latest 'sploit. If I were still a consultant, I could not in good conscience recommend a Windows setup anymore if security were critical to the application.

I used to think that it was possible to secure Windows. I even took a course on Windows security that was taught by a former NSA spook who claimed he had set up a secure NT4 based network that was never compromised. Hmmmmm - that he *knew* of anyway... ;^) Since then I have given up on ever thinking that Windows will be totally secure. Trustworthy Computing? Sha, right! I don't even attempt to any open ports on my home router to forward to my Win2K server since who knows when the next 'sploit will be found?

I feel that the main reason for the continuing Windows security problems is that Windows was never designed to be a secure operating system. That and what Tackhead said about Trustworthy Computing. All the security code that has been added is nothing but window dressing (pun intended :^)). If M$FT truly wanted a secure OS, it should start over - flat out rebuild Windows.

Now to be fair, Linux can be made insecure and people do find security flaws (usually not with the core OS, tho.) Can Linux be misconfigured by an admin? Sure, same as Windows. But Linux is designed with security in mind - that's a huge difference! My eyes are opening - I feel like I've finally been unplugged from The Matrix...

User Journal

Journal Journal: About me...

I'm a Microsoft developer who has finally "seen the light". For me, the light bulb turned on last year after really trying to comprehend Microsoft's licensing and the direction they seem to be headed (always seemed to be headed?) That and after receiving the umteenth report of a "critical Windows flaw" from their security bulletin...

So, after years of hearing about Linux I finally downloaded Mandrake Linux for an old Pentium box I had and tried it out. I was amazed at how easily it installed on my old hardware, and just *worked*! It's running rock solid now, and my college UNIX knowlege is finally paying off for me. I would consider myself an advanced newbie (know enough to be dangerous) but I'm learning fast. I'll probably dedicate a more up-to-date workstation for the latest Mandrake release soon and try to use it for my desktop, supplanting WinXP Pro.

I'm also starting to get the Open Source bug. Who'd have thought there's so much *good*, *free* software available? The quality I've seen of open source software in most cases seems to equal or surpass that of most commercial software (especially from *ahem* that company in Redmond...) I plan to contribute some tools I'm working on at some point to open source. When that happens I'll post to my journal so check back.

One thing I think that M$FT has done right is they've always spoiled their developers. I've found that it's very easy to get up to speed on their technology and finding documentation is not difficult. Their .NET technology is pretty good IMO (the actual framework & languages, not their marketing BS and world domination bent). I like their idea of coding for the framework and not the OS. That's one reason why I'm rooting for Mono to succeed. I guess time will tell how far M$FT lets Mono progress, but right now it looks promising.

Cheers,
Alan

Slashdot Top Deals

To err is human, to moo bovine.

Working...