Letters to Redmond

Readers Respond May 2005

Ira Winkler's "Dumb and Dumber" article struck many a funny bone; positive and negative words for Sun's Scott McNealy; and some of you <i>do </i>read Doug Barney's Chief Concerns column.

Slapstick Security
I've just read Mr. Winkler's article, "Dumb and Dumber," in the March 2005 edition of Redmond magazine. It was a very humorous and thought-provoking read. I currently work for a small computer-consulting firm in Louisville, Ky., and we've been concerned about some of our clients' security practices, which were included in this article. I look forward to reading Ira's book!
—Michael Morgan
Louisville, Ky.

Excellent article [Ira Winkler's "Dumb and Dumber"] in this month's issue. I've got a similar background and work on many projects as the information assurance manager of a large company (40,000+).

Earlier, during a time when I had my own business, I did penetration tests and found very similar results.
—Timothy Hoffman, C++, Security+
Colorado Springs, Co.

Dumb and DumberI read with great interest Ira Winkler's article. The day I heard the term "social engineering," my interest in securing the workplace network/ Internet environment significantly increased. I don't have the experience he and his team have, but I do employ some of the techniques he uses. I've done security walkthroughs for a few companies and I'm surprised by the confidence that some network admin/security people have regarding the well-being of their systems. And the ease with which some people give up their passwords is totally amazing.

His article provides good lessons for all of us. Oh yes, I get calls from people stating they've been hired to check out our system, but I know better. I wasn't trained in espionage when I was in the Army, but I've picked up a few tricks from those who have been.
—Thomas M. Hansen
Kansas City, Mo.

Night and Day
Scott McNealy's comments ("Think Sun," March 2005) make him and his company seem more pathetic than ever (a thousand pardons to my Sun peeps out there). Sun has always had trouble listening to its customers and nothing has changed. If it wasn't for the Microsoft handouts, where would he be? Sun's hardware is too expensive. Java may be developer-friendly, but for end users it's still too slow and clunky. Has Scott ever used his own Sun Java admin tools? And heaven help the user who has multiple Java applications that require different versions of Java Run-time Environments.

As for his comment that he doesn't need to run Windows apps because, "there are no applications inside of Sun that need Windows," wake up and smell the real world outside your office, Scott. Most of us (i.e., your customers) do have apps that require Windows. Perhaps it's time for Sun to fade into obscurity and make more room for fresher, faster competition like Linux and Mac OS X.
—Christopher Vera, GCFA, CISSP, SCSA, CCNA, MCSE
San Diego, Calif.

I think Scott McNealy's point comes down to: "If you don't need all of the [Microsoft] Office bells and whistles, why buy them?" And he's right!
—Claude Moore

Factor of Zero
I very much agree with Doug Barney's assessment of how Microsoft's commitment to announcing realistic delivery dates for its products and releases cause much uncertainty [Chief Concerns column, "Blind (Ship) Dates," March 2005].

Not only does this impact the planning process for new systems, upgrades, deployments and budgeting, but it creates confusion and uncertainty about current and future licensing costs.

For many products, the value of purchasing Software Assurance (SA) along with the license has diminished to zero, as the SA agreement expires without a new version or upgrade being delivered. Maybe it's time for Microsoft to review its SA policy, and agree to have the SA coverage date be x number of years, or when the next version is delivered, whichever is longer.

This would add substantial value to the SA investment, and guarantee the purchaser some value for their dollar.
—David Finkelstein
New York, N.Y.


comments powered by Disqus

Subscribe on YouTube