On Mon, Sep 29, 2003 at 11:51:03PM -0500, Paul Schmehl wrote: > >As some may recall, my original statement was an answer to someone that > >was points that Unix is more secure then Windows (I agree up to this > >point), and gave and example telling that there are still several codered > >vulnerable machine around. This is the point I was commenting about. And > >you do have to agree that is a machine, today, is still vulnerable to > >Codered, it is mostly due to a fault of the administrator. > > > I'm going to pick one small nit with you. There is another possible guilty > party. In some cases, at least in edu and medical centers (that's what I'm > familiar with) the *vendor* is at fault. Some vendors will not certify > their scientific instruments with the latest Service Packs and patches, > leaving the admins no other choice but to find some other way to protect > the machine. (Hell, we sometimes have trouble getting vendors of > *security* devices to support their products with the latest SPs and > patches. (Which is another reason that I dislike putting security-related > software on Windows boxes, but sometimes you simply have no choice.) I stand corrected. I kind of remember something about a friend of mine (Win admin) installing NT SP2 and it breaking MS-SQL server. And yes, you are correct about vendors too. So, simply put, we are doomed :) - When the software gets a bugfix released, you can't install it because of the vendor - When you can install it regardless of the vendor, the net admin forgets to install it - When the net admin remembers to install it, the users mess up - When the user don't mess up, the cleaning lady pulls the plug Talk about trustworthy computing :) []s -- Rodrigo Barbosa <rodrigob@xxxxxxxxxxxxxxx> "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
Attachment:
pgp00079.pgp
Description: PGP signature