RE: [Full-Disclosure] Re: Microsoft Security, baby steps ?

["Random Letters" <randomisedletters@xxxxxxxxxxx>]

<opinion>

The only way to 100% secure a Windows client machine is to take it away from 
the user and lock it in a cupboard.

Surely I'm not alone in thinking this?

In reality we calculate the risk/productivity ratio and then hand over the 
machine (we do as we're told). Most people can't be persuaded that there is 
any risk (see below) so don't even take the precautions available.

Linux, etc. is still for geeks and not for your average punter. Windows is 
better at hiding its complexity. Plus, Windows comes preinstalled on 
probably 99% of client machines.

Users are getting better educated on the risks but as we have seen this 
week, they can still be tempted to open that juicy attachment. Solutions 
don't come as fast as the problems.

If Windows was 100% secure, why bother at all with patches and virus 
updates?

BTW I'm sure these arguments can be applied to all OSs including those 
running on PDAs and phones.

</opinion>

I must be unfit for my job :-) Oh well - I'm sure someone will notice 
eventually.

-----------------------------------------------
If you're happy and you know it clap your hands
-----------------------------------------------
  Does HoTMaiL come with a spell checker?

> Microsoft, Linux, Solaris, xBSD - they're all capable of being secured
> by anyone who can follow simple instructions.  Anyone who says otherwise
> merely shows that they are totally unfit for their job.

_________________________________________________________________
Express yourself with cool new emoticons http://www.msn.co.uk/specials/myemo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html