Symantec CEO Speaks Out on Microsoft
In case you missed it, here's what Symantec CEO John Thompson had
to say about Microsoft Forefront
in the September
"When the hype settles down, people have to settle into the pragmatic
reality, which is that [Microsoft's] product sucks."
Well, then! If you'd like to read the rest of what Thompson had to say, check
out Redmond magazine's Q&A
As for security, reader Kevin writes to say that he's all for Microsoft taking
care of its own software:
"I have always thought that the security of Windows should squarely
sit on Microsoft's shoulders. All the third-party vendors providing 'security'
for Windows by selling software and updates to install on the host machine
are more like piranhas than heroes. Here is my thought process on this:
"One, Microsoft owns the design of the operating system. For good or
bad, they OWN it. Two, third-party 'security' vendors do not go after the
perpetrators directly and they offer no monies in earnest to apprehend them,
but instead just sell software to thwart an 'attack.' Three, stupid users
being lulled into thinking it is safe to download and run any software found
on the Internet.
"For point 1, Microsoft should be held financially accountable for providing
the fertile ground for such attacks to the operating system. They should be
held accountable for each attack as should the hardware vendors. Yes, I am
including the hardware vendors since there is no native protection from buffer
overflows that the general population has available to them. If the hardware
were to separate the buffer space from the executable space, it would go a
long way to keeping such attacks from happening.
"OK, point 2 is totally self-serving on the 'security' vendors' part;
if they actually cared about their customers and were successful in shutting
down the criminals, their whole reason for being is wiped out. So, they talk
up the issues and provide a fence but no strike force to stop it from happening
in the first place.
"Point 3, yes, there are a lot of stupid users and mostly in the consumer
space. The always-on, bare Internet connections are the most vulnerable to
attack. Too many times, I have seen a machine happily infecting others even
when the 'security' software was installed. Again, Microsoft has cultivated
a population that knows nothing about a computer and what it can do but seems
to be able to 'use' it. It would be like telling a teenager a story of how
to drive and then giving them a key to an automatic car. Now, if the car were
manual transmission, they would more likely know more about how to drive it
than an automatic. That same teenager would then go out in the wild and more
than likely cause accidents. Basically, the computer is too easy to use for
the available built-in controls and security measures. So, users go out and
purchase the security software and think they are safe. They never even bother
to learn what the security software does or what to do when it detects something.
"Well, I could go on and on but you get the point."
We do, Kevin...and it's an interesting perspective, one that makes us think
but that we also can't say we've heard that many times. Thanks for sharing it.
Posted by Lee Pender on 09/21/2007 at 1:21 PM