North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

MS can't live with it can't live... with it

  • From: J. Oquendo
  • Date: Sat Feb 21 18:24:29 2004

> In the future you may be able to obtain patches through other
> distribution channels, e.g. your ISP or consumer electronics chain or
> original equipment manufacturer.

Perhaps MS should pay a fee to companies such as ISP's (would never
happen) to distribute their fixes. Judging from my experience now working
at an ISP, I can tell you it is a nightmare dealing with their flaws.

> Regardless of the distribution method, geniune Microsoft patches are
> always cryptographically signed by Microsoft.  Whether consumers can
> figure out how to check the signature is a different question.

Not to kick a horse when its down, but to think that users who have (and
most continually) become infected - because they decided to read Hello!
and Hi! messages from someone they don't even know, over and over, and
constantly wonder why their attachments look funny - will understand or
even care what a signature is, is boggling. Maybe MS should take some time
and make a "RTFM for Dummies" interactive video so their users can learn a
thing or two. Understanding what an MS cert if and why you need it. Why
are MS Updates (all 6! per week) are important to install, etc.

> Perhaps more significant is Mail Fraud is a well tested law, which has
> trained, sworn law enforcement active the United States Postal
> Inspection Service.  Unlike ISP abuse departments, the USPIS has
> badges, carries guns and the legal authority to arrest people.

I wouldn't want to get into a shoot out over this, but if someone were
going to do something on this scale, depending on the setup, the US
government wouldn't be able to do much if it were set up properly.
Regardless of how many guns whoever is carrying. Not to give out
suggestions nor get myself in any trouble answering a question, but it
could be done to such an extent the USPS, would be null. FBI, on the other
hands, depends.

J. Oquendo
GPG Key ID 0x51F9D78D
Fingerprint 2A48 BA18 1851 4C99 CA22 0619 DB63 F2F7 51F9 D78D

sil @ politrix . org
sil @ infiltrated . net

"Men have been taught that it is a virtue to agree with others.
But the creator is the man who disagrees. Men have been taught
that it is a virtue to swim with the current. But the creator
is the man who goes against the current. Men have been taught
that it is a virtue to stand together. But the creator is the
man who stands alone." -- Ayn Rand