Marc Canter snickers that Microsoft can't write secure code.

Marc don't gloat too much. Other operating systems, even open source ones, have had their own troubles this week with attacks -- read the article, it's not funny on the anti-Microsoft side of the fence either.

Y'know, there's a fundamental difference between a site getting hacked and someone looting what's and a worm that explots a major flaw in the OS and spreads with the speed of MSBlaster.

(Deletia)

Lots of people write me and gloat "heh, I won't get hit with a virus cause I use a Mac" or "open source has fewer viruses." If you look at Cert's critical incidents, you'll see that neither statement is true (although, because those two OS's have far less market share than we do, it makes it look like they are completely secure in comparison -- the article above shows that to be false on its face). Computing systems that have millions of lines of code have vulnerabilities. All of them. Anyone who says they are 100% sure that their system has no security flaws is lying. Flat out lying.

Sure, of course, I don't know of anyone with a shred of honesty who would say that. (Unless the machine is locked in a closet, turned off, and has no network connections :))

The problem is, that Microsoft, historically has been on the trailing edge, when it comes to reporting security issues on it's own OS.

There was a white paper a while back that basically stated that the problem was that third parties were almost always the ones reporting the flaws in MS's operating systems. That's a serious concern.

There aren't as many virii for Macs because not as many people have bothered to try and write virii for the Mac. John created a pretty deadly Mac virus using AppleScript for Mac OS 9 a while back, just to prove the point that mac folks should be aware that it could be done.

(Is deleting the entire OS ugly enough for you? ;)

The problem was delivery, you basically couldn't get it so the mac wouldn't warn you that you were opening an app, instead of a picture of Britney, or whatever. The Mac OS just didn't trust whatever you were doing, so it asked you for a choice.

To Microsoft, "trustworthy" seems to mean that the OS "trusts" anything else made by Microsoft, and allows it to do whatever the hell it wants. Until you change that, "Microsoft virii" are the wave of the future, past, and present.

(deletia)

So, snicker away Marc. But, does that help us learn? Is that how you manage your own employees? Should I snicker when you make a mistake? Why not? [The Scobleizer Weblog]

Hmm, well, I seem to recall someone posting a "well they got hacked too" somewhere. As well as something about "Crash Different". :)

But seriously, the historical problem with Microsoft is that it hasn't listened when people warned them about these flaws, they've berated these people about "exposing" the flaws, they already knew about it, leave them alone, Microsoft knows better than you.

That's not a company I choose to do business with, if I have any choice. (Unfortunately, sometimes you don't have a choice)

If you guys (MS) are changing that, well, good for you, come back to me when it's changed.

7:47:02 AM     Discuss: []