Welcome Guest | Sign In
ECTNews.com
Salesforce Industries Summit
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider
Discussions

TechNewsWorld Talkback

 
ECT News Community   »   TechNewsWorld Talkback   »   Re: Security Misconceptions



Re: Security Misconceptions
Posted by: Rob Enderle 2005-02-14 06:03:54
See Full Story

This week is the RSA Conference 2005, and today I'm doing one of the opening talks at a Trusted Computing Group lunch. I'm trying to find a nice way to say that I think the most common approach to security problems these days is completely whacked, but I have struggled with the "nice" part. Here are some of the things that are bothering me. Much of the grief we are currently experiencing comes from e-mail that that appears legitimate but isn't.


Re: Security Misconceptions
Posted by: bex 2005-03-02 17:12:05 In reply to: Rob Enderle
Actually, using the default repositories for your linux distribution of choice can ensure that you do not get any malicious versions of the program/patch/update you are installing. Package management systems on linux also allow you to double check exactly what addresses you are updating yourself from (so that you know you havn't been hijacked) and checksums are easy to verify. Unless the actual repositories are compromised (which would also be a problem with microsofts update site) you're pretty much safe.
I think the whole firefox misinformation has been dealt with in the above comments...

Re: Security Misconceptions
Posted by: freecode 2005-02-14 13:52:31 In reply to: Rob Enderle
Rob,
if you are truly concerned about email abuse - then you should be working to jail and fine the top SPAM 200. CAN-SPAM is a big failure, because $ drove the legislation and because $ is the only consideration - not security. Then you need to look at Spyware, another big hole being created by major Wall Street backers. Then you need to look at MSFT without the Rose-colored glasses and start opening your eyes to the fact that the world is a dangerous place, and that MSFT isn't the greatest thing since sliced bread. It is a corporation, whose track record leaves a lot to be desired.
I am not saying MSFT cannot fix their problems, but only a fundamental redesign of the OS could do that, and I seriously doubt that will happen anytime soon. Shorthorn might help, but then Windows 95/98/NT/XP/2003 going to fix everything before it. This is just the hype cycle all over again. You need to come off your high horse about Linux and start being honest about it. Your singular lack of examination of facts simply ruins your credibility, and your focus on the negative makes your articles a real bore.
Have a nice day.
freecode

Re: Security Misconceptions
Posted by: polkw 2005-02-14 12:59:11 In reply to: Rob Enderle
I was only able to find ten vulnerabilities for Firefox 1.0 on Security Focus. I would guess the other 29 are from earlier versions of the program? You seem to be playing a numbers game. You should at least state the correct facts if you're going to bring it up.

Re: Security Misconceptions
Posted by: TBarta 2005-02-14 08:14:23 In reply to: Rob Enderle
To conclude IE is more secure (than Firefox) because it is backed by a larger staff is ludicrous. This is Microsoft we are talking about here-- a company with no credibility with regards to either security or general progamming expertise. Look at Windows-- the only legacy, non-UNIX OS left in any significant numbers in the market place. A dinosaur.
No, I'll bet on Firefox security, any time. And aside from that concern, Firefox renders more accurately and has better features (tabs, etc) for the user. Security isn't everything.
Jump to:
When considering a new smartwatch, which feature set is most important to you?
Alerts and Notifications
Calls and Messaging
Clock and Time Tracking
Contactless Payments and Banking
Design and Personalization
GPS and Maps
Health and Fitness
Music and Video