ChasingBlueSky 0 #1 September 25, 2003 Didn't see this already posted... http://story.news.yahoo.com/news?tmpl=story&u=/nm/20030924/ts_nm/tech_security_microsoft_dc_1 Reliance on Microsoft Called Risk to U.S. Security Wed Sep 24, 4:32 PM ET Add Top Stories - Reuters to My Yahoo! By Reed Stevenson SEATTLE (Reuters) - Computer security experts issued a joint report on Wednesday saying that the ubiquitous reach of Microsoft Corp.'s software on desktops worldwide has made computer networks a national security risk susceptible to "massive, cascading failures." The report, unveiled at the Computer & Communications Industry Association's meeting of industry leaders and government officials in Washington, D.C., saying that Microsoft is now the number one target for malicious computer virus writers. The report's authors told CCIA -- which is funded by Microsoft rivals -- that the software's complexity has made it particularly vulnerable to attacks. So far this year, two major viruses emerged that took advantage of flaws in Microsoft software. Slammer, which targeted computers running Microsoft's server-based software for databases, slowed down Internet traffic across the globe and shut down flight reservation systems and cash machines in the United States. The Blaster worm burrowed through hundreds of thousands of computers, destroying data and launching attacks on other computers. "The nature of the platform that dominates every desktop everywhere is such that its dominance, coupled with its insecurity, cannot be ignored and is a matter of corporate and national policy," said Dan Geer, a security consultant and chief technology officer of @Stake, a computer security company. Geer, along with other well-known computer security experts Rebecca Bace, Peter Gutmann, Perry Metzger, Charles Pfleeger, John Quarterman, and Bruce Schneier, said they issued their report to raise awareness of the risk to national security by using a single, wide-spread software system. The report's authors said the report was a reflection of their own views and not necessarily those of the CCIA, an industry trade group of Microsoft's competitors that has a long history of suing the world's largest software maker. But in response to the report, Americans for Technology Leadership, an industry trade group backed by Microsoft and other companies and organizations, called the report an attempt by the CCIA to exploit the "serious issue of cyber-security." "Cyber-security is an industry-wide problem that will not be solved by malicious finger pointing and political attacks," Jim Prendergast, executive director of Americans for Technology Leadership, said in a statement. IS MONOPOLY THE PROBLEM? Microsoft, which launched its Trustworthy Computing initiative in early 2002 to make its software more secure and reliable, said it is continuing to work with its customers and the government to make its software "as secure, private and reliable as possible." "Microsoft considers security for all of our customers -- from government networks to individual PC users -- to be our top priority," said Microsoft spokeswoman Ginny Terzano. "The widespread use of Microsoft products around the world means we are constantly working to be responsive when vulnerabilities occur." But the security experts said the issue of computer security had more to do with the ubiquity of Microsoft's software than any flaws in the software. The best solution, the report's authors argued, is to adopt a mix of different computer systems that will reduce the risk of a single security incident crippling a company or a government agency. "Having more than one operating system running inside your enterprise (news - web sites) would be a substantial improvement," said Geer. Bruce Schneier, a co-author of the report and chief technology officer of network monitoring firm Counterpane Security, noted a recent initiative by Japan, Korea and China to develop an alternative operating system to Microsoft's Windows to enhance security. "I wouldn't put all of the blame on Microsoft," Schneier said, "the problem is the monoculture."_________________________________________ you can burn the land and boil the sea, but you can't take the sky from me.... I WILL fly again..... Quote Share this post Link to post Share on other sites
Clownburner 0 #2 September 25, 2003 Well, although it's kind of funny, this does sort of fall into the "bleedin' obvious" category if you're a computer security geek.... Unless, of course, you are a government worker made nearsighted by the flood of donations from Microsoft to your political party.7CP#1 | BTR#2 | Payaso en fuego Rodriguez "I want hot chicks in my boobies!"- McBeth Quote Share this post Link to post Share on other sites
CrazyIvan 0 #3 September 25, 2003 QuoteJapan, Korea and China to develop an alternative operating system to Microsoft's Windows to enhance security. I wonder if these nations ever heard of LINUX __________________________________________ Blue Skies and May the Force be with you. Quote Share this post Link to post Share on other sites
ChasingBlueSky 0 #4 September 25, 2003 QuoteQuoteJapan, Korea and China to develop an alternative operating system to Microsoft's Windows to enhance security. I wonder if these nations ever heard of LINUX I prefer AIX and SUN to Linux any day - but I fully support and endorse the GNU! But, they are not fullproof - go back and look up the MAJOR security flaw they found in sendmail earlier this year - it was so major that they were not allowed to release the flaw until they had the fix ready. Yea, this report was laughable for most in the IT world, esp if you have watched your entire company get shut down by a MS bug (or is that a feature?) or Virus. The are both Pros and Cons to having a common thread among computers and the software they use. I can remember not being able to open many documents in the late 80's and 90's because of the differeances between Word and WordPerfect (ah, the good ol' days of WP5). I can't wait to see what the bigwigs in Redmond say about this one!_________________________________________ you can burn the land and boil the sea, but you can't take the sky from me.... I WILL fly again..... Quote Share this post Link to post Share on other sites
freakydiver 0 #5 September 25, 2003 All OSes have their ways in -- (N.DG) "If all else fails – at least try and look under control." -- Quote Share this post Link to post Share on other sites
mcrocker 0 #6 September 25, 2003 QuoteQuoteQuoteJapan, Korea and China to develop an alternative operating system to Microsoft's Windows to enhance security. I wonder if these nations ever heard of LINUX I prefer AIX and SUN to Linux any day - but I fully support and endorse the GNU! But, they are not fullproof - go back and look up the MAJOR security flaw they found in sendmail earlier this year - it was so major that they were not allowed to release the flaw until they had the fix ready. Last I looked sendmail was not GNU. Who runs sendmail anyway it is a heaping, steaming pile-o-shit. Run qmail or many of the other, safer alternatives. I handle 2 Million message/day on my qmail servers, and that is after I drop more than 1M SPAM/day. All running happily on Linux :p Quote Share this post Link to post Share on other sites
