Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Apologist Apologizes for Microsoft

michael posted more than 10 years ago | from the calling-it-like-it-is dept.

Microsoft 446

hillbilly1980 writes "Internet Week has published a counter article in response to the number of anti-monoculture security papers recently published. Unfortunately the author starts out by writing off the other papers as simply anti-Microsoft, unfortunate because his paper never gets past being more then just pro-Microsoft. One of his suggestions to secure your enterprise... turn off port 80." Probably the best thing to do to prevent disinformation from entering your company is to block articles by Rob Enderle. Update: 10/11 00:54 GMT by M : Note for the record that the original version of the article referred to blocking port 80; the article has now been edited to refer to port 135.

cancel ×

446 comments

Sorry! There are no comments related to the filter you selected.

Bill Gates... (0)

Anonymous Coward | more than 10 years ago | (#7186941)

...should have his lower horn removed.

Re:Bill Gates... (0)

Anonymous Coward | more than 10 years ago | (#7187044)

Gary Patterson is my hero!

PYRAMID TROLL SCHEME!!!!! (-1, Troll)

Anonymous Coward | more than 10 years ago | (#7187128)

Do you want good luck to follow you and your offspring for geneations to come? This troll has the solution for you...

All you have to do is copy this troll onto two to four of the discussion threads of your choice! That's right! Just copy this into a new message and click "post anonymously." That's all there is to it! Taco is an ass.

Tired of that idiot talking about geek culture! Stick one of these babies on it! And it's good for the economy!

Marge Gentry of Cambridge, Minnesota participated, and the next day she received a large fruit basket outside of her door from a secret admirer. Unfortunately, Marge was hit by a truck the next day, so she didn't get to the Granny Smith apples.

Commander Taco of Hole-in-the-ground West Virginia didn't participate, and he was violated by a group of raging homosexuals. Since the gang was headed by Jon Katz, Taco had no recourse to the law because the entire town knew about their previous relationship. The unfortunate outcome is enshrined forever at goatse.cx.

So if you want to get the fruit basket and not get poked in the bread basket, just copy this troll onto two of the discussions threads of your choice. We could have this place blanketed by sundown!

OT: What the hell is wrong with Slashdot? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7186943)

Half the time I get "500 Internal Errors" or pages simply won't load. The other half the time, they do load, but it's super slow. I'll be shocked if this comment even gets posted.

Re:OT: What the hell is wrong with Slashdot? (1, Offtopic)

Second Vampyre (700228) | more than 10 years ago | (#7186951)

Slashdot is notorious for this.

Numerous times I have suggested that they upgrade to IIS 6, but they refuse- and continue running the notoriously slow II5.0.

They have only themselves to blame.

Re:OT: What the hell is wrong with Slashdot? (1)

ceejayoz (567949) | more than 10 years ago | (#7187006)

Well maybe that explains what's been making Slashdot unusable today...

Re:OT: What the hell is wrong with Slashdot? (0, Offtopic)

Chatmag (646500) | more than 10 years ago | (#7186955)

I"m getting the same thing here, I just thought it was me.

Its either /. or a JCvD movie. Not a very big choice.

Its called "open sores software" (0)

Anonymous Coward | more than 10 years ago | (#7186978)

you get to release software without bothering to test!! Of course all these programmers love it (and dont have jobs)

Re:OT: What the hell is wrong with Slashdot? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7187041)

I second this. WTF is the problem??? Every other page view.

Jesus Freaking Christ.

Bah! (4, Funny)

Plix (204304) | more than 10 years ago | (#7186944)

One of his suggestions to secure your enterprise... turn off port 80

That's nothing. To be *really* secure I just don't even turn my computer on!

Re:Bah! (3, Funny)

CyberVenom (697959) | more than 10 years ago | (#7186984)

Unfortunately your computer wakes up as soon as I send a packet because you forgot to turn off the Wake-on-LAN feature of your integrated NIC.

Re:Bah! (0)

Anonymous Coward | more than 10 years ago | (#7187059)

That's nothing. To be *really* secure I just don't even turn my computer on!

Don't do that! It will turn off your firewall!

Re:Bah! (0)

Anonymous Coward | more than 10 years ago | (#7187063)

One of his suggestions to secure your enterprise... turn off port 80
To be *really* secure I just don't even turn my computer on!

And I would recommend every Microsoft customer to do the same, until the corresponding patch was released for IIS.

Re:Bah! (1)

Llywelyn (531070) | more than 10 years ago | (#7187093)

You forgot: Lock it in a room by itself and epoxy the drives shut, then weld the case together. ;)

A sphincter says what? (-1, Troll)

Anonymous Coward | more than 10 years ago | (#7186946)

what is the point of this article? Just a daily reminder that we hate microsoft (because they are successful)?

Re:A sphincter says what? (0)

Anonymous Coward | more than 10 years ago | (#7186971)

Actually, most of hate Microsoft because we envy Bill Gates for being smarter and better at both programming and business than we are.

Ignorance be your bliss you ignorant twit... (0)

Khyeron (670581) | more than 10 years ago | (#7187043)

No, but if you read "turn off port 80 to secure your network" as a security advisory... any IDIOT can tell you that if you need to get out or serve html to the world... well, you CANT... sheesh... and its not like the emails and worms annihilating windows servers use Port 80 exclusively... I recall RPC was 5100 and such... not 80. I could be mistaken... but god knows I do business, I run servers, I code... nobody foocks with my servers or code, or nothing... and I run both winblows and linux. (and a bsd box for those that give a sh1t).

Anyways, go read up on your idiocy remarks before you comment on "anti microsoft".

The guy simply said that posting such blatant idiocy in his newsletter, the man deserves to be blocked before he further misinforms the already IGNORANT windows folks out there.

-Khye

Re:Ignorance be your bliss you ignorant twit... (0)

Anonymous Coward | more than 10 years ago | (#7187104)

At least I can tell the difference between port 135 and port 80

Slashdot (2, Insightful)

Karamchand (607798) | more than 10 years ago | (#7186947)

Slashdot is too subjective.
Ok, it is completely understandable and ok that slashdot is not a pro-microsoft-newsletter. But still I would have expected a bit more. Not just "oh, and if Rob Enderle is from Microsoft everythingh he says is bad".

Re:Slashdot (1)

spektr (466069) | more than 10 years ago | (#7187004)

oh, and if Rob Enderle is from Microsoft everythingh he says is bad

I can show you countless slashdot-sponsored studies which support this with hard statistical data. :)

Re:Slashdot (0)

Anonymous Coward | more than 10 years ago | (#7187032)

mod the parent up its funny!!!!

Re:Slashdot (1)

Jerry (6400) | more than 10 years ago | (#7187091)

Why both Slashdot?

Just use Google and select all his articles and postings. After viewing a few randomly chosen ones you understand why Enderle has earned the title "Microsoft Sock Puppet".

He only adds to his reputation by making 'suggestions' for improving WinXX security.

Re:Slashdot (0)

Anonymous Coward | more than 10 years ago | (#7187134)

How far can a kernel run?

Re:Slashdot (1)

jackb_guppy (204733) | more than 10 years ago | (#7187051)

No, what he said was bad. He shows no knowledge in area. It would have gone a long way to his credibility, if just said step by step how to. Basicly he can't without making it a non-monoculture.

Re:Slashdot (0)

Anonymous Coward | more than 10 years ago | (#7187084)

Man, slashdot's search function really sucks ;-(

One of his suggestions to secure your enterprise.. (0)

Anonymous Coward | more than 10 years ago | (#7186949)

turn off all of your computers running MS

Re:One of his suggestions to secure your enterpris (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7186960)

hahahaha 10+ funny. foad. you are not funny.

Regarding Rob Enderle (0)

Anonymous Coward | more than 10 years ago | (#7186952)

Rob Enderle might be a bit of weirdo, but NOT all of what he says is completely untrue. Some of this claims, do have a basis. Just not all of them.

Slashdot Troll Trolls Slashdot (1, Insightful)

Anonymous Coward | more than 10 years ago | (#7186953)

And on the front page, no less.

FIRST! (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#7186954)

FIRST POST!

Anti-Microsoft, Pro-Microsoft (0)

Anonymous Coward | more than 10 years ago | (#7186959)

I'm neither really, I'm a practicalist. Give me something I don't have to spend 20 hours each week patching, testing, cleaning up, and god knowns what else I'll have to do in the future and I'll say it's better than Microsoft products. Wait, I think that's everything on the market.

Now, let's see, first thing to do is block port 80. Well, I'll be, I guess I can't use your servers to host websites then can I? Then what the bleeding hell is IIS for? Oh wait, it's for spreading viruses, I'm sorry I forgot. After all gotta be in bed with the AV software manufacturers.....damn, got me again, they are an AV manufacturer now.

Turning off port 80. (3, Funny)

FatCobra (714836) | more than 10 years ago | (#7186966)

Yeah lets all turn off port 80; its like having e-business without the "e"!

Hamlet without the prince (1)

bstadil (7110) | more than 10 years ago | (#7187033)

FYI, There is an official phrase for this

"Hamlet without the prince"

Used allusively to refer to a performance or event taking place without the central figure, actor, etc. E19. Excerpted from Oxford Talking Dictionary Copyright (C) 1998

port 135, not port 80 (3, Informative)

diaphanous (1806) | more than 10 years ago | (#7186967)

The article advocates restricting port 135, not port 80.

~Phillip

Re:port 135, not port 80 (3, Insightful)

freeweed (309734) | more than 10 years ago | (#7186990)

The article advocates restricting port 135, not port 80.

Why the hell is this port even open in the first place? And unclosable at that?

I'm about as geeky as they get, and I've never used any RPC-based apps outside of an academic environment. I'm pretty sure the 3 home users in the planet who actually use it can figure out a way around it.

Ah, good old Microsoft. "It's not our fault people write exploits for needlessly internet-facing services."

Re:port 135, not port 80 (1)

diaphanous (1806) | more than 10 years ago | (#7187034)

I'm not disa

Re:port 135, not port 80 (1)

diaphanous (1806) | more than 10 years ago | (#7187054)

Why is Slashdot so fucked right now?

~Phillip

Re:port 135, not port 80 (0)

Anonymous Coward | more than 10 years ago | (#7187075)

> Why the hell is this port even open in the first place? And unclosable at that?

They need a way to remotely destroy your computer in the future if they discover that you're running pirated MS software.

Re:port 135, not port 80 (1)

sphealey (2855) | more than 10 years ago | (#7187076)

hy the hell is this port even open in the first place? And unclosable at that?

I'm about as geeky as they get, and I've never used any RPC-based apps outside of an academic environment. I'm pretty sure the 3 home users in the planet who actually use it can figure out a way around it.

Microsoft Exchange Server uses port 135 for various purposes, so it cannot be blocked internally at Exchange sites. Which makes the advice a bit ironic.

sPh

Re:port 135, not port 80 (1)

helix400 (558178) | more than 10 years ago | (#7187007)

I saw the same thing.

It kind of takes some of the shock value out of the Slashdot story. It's a good idea to block outisde communication over port 135. Inside your network is another story...

Re:port 135, not port 80 (1)

wfrp01 (82831) | more than 10 years ago | (#7187015)

What's the difference? It's a stupid suggestion either way. And even if it were a valid suggestion, it's hardly insightful to point out in hindsight how a problem may have been averted.

Re:port 135, not port 80 (3, Insightful)

Jeremiah Cornelius (137) | more than 10 years ago | (#7187099)

This guy has S*hit for brains, and demonstrates this in every one of his hit piece M$ troll "articles".

Restrict 135 - Yeah Baby!

Except the major worm infestations haven't used the Internet as the primary exploit vector when demolishing the infrastructure at medium and large enterprises. Blaster and Slammer were "carted in" via laptops, poorly configured VPNs, permissive network sharing with business partners and improperly segmented test/development networks. Slammer just took a major grocery-chain's national WAN down for more than a day. This, 8.5 MONTHS after protecting the edge, and main production boxes for the exploit and blocking SQL discovery.

There are tag vulnerabilities in the wild, outside the scope of the latest MS patch, 7 days ago. These are capable of planting trojans -- bypassing AV message filters in HTML-formatted mails with Outlook clients, and can be set in invisible-frames, etc.

Enderle thinks that because he ran through pro-forma auditing that he has the expertise to second guess Schnierer and Geer? Gimme a break! I take Marc Ranum's criticism of these guy's work - not some paid-for-troll who scoffs at the bulk of the working code deployed over the past 40 years as "Open Source-ery".

Re:port 135, not port 80 (0)

Anonymous Coward | more than 10 years ago | (#7187138)

It does now... I guess the author or editors decided to change it after initial publication.

Enderle should get his facts right first (4, Informative)

mst76 (629405) | more than 10 years ago | (#7186969)

From the article:
This is the big problem with the diversity recommendations I've seen. If they had been implemented as recommended they would have had little impact on the MSBlast virus, which spread via common e-mail, and would likely increase the exposure for other types of threat.

Re:Enderle should get his facts right first (1)

avery (401) | more than 10 years ago | (#7187000)

MSBlast spreads via email? I'm quite sure that it does not. This article does need fact checking.

Re:Enderle should get his facts right first (0)

Anonymous Coward | more than 10 years ago | (#7187014)

> MSBlast spreads via email? I'm quite sure that it does not. This article does need fact checking.

He was probably thinking of SoBig.

Re:Enderle should get his facts right first (1)

miruku (642921) | more than 10 years ago | (#7187132)

with so many ms viruses, its hard to keep track of them all..

Re:Enderle should get his facts right first (1)

owlstead (636356) | more than 10 years ago | (#7187121)

If you call yourself a security expert, which in a way he does, missing this point is fatal. You beat me in posting it early, but I stopped reading the article at that point.

I mean, if the guy doesn't t know THAT, then he should get a job in securing property instead. He could use his muscles instead of his brain :)

redundant article (-1, Troll)

Anonymous Coward | more than 10 years ago | (#7186975)

why was this article even posted. I read it and it's total fluf. The article is really flame bait. Duh! that's why /. posted it.

Diversity is money! (1)

MrLint (519792) | more than 10 years ago | (#7186976)

"One of the biggest problems caused by diversity is that it become very difficult for the IT staff to maintain equal competence on all platforms."

What a great suggestion.. let get rid of all of those different flavors of windows and all those pesky multivendor PCs. A corporate wide upgrade to all new high end laptops for everyone including your servers will save *huge* amounts of money!

Re:Diversity is money! (0)

Anonymous Coward | more than 10 years ago | (#7187123)

Didn't Gartner explicitly say, not to diversify unless you could; a tight monoculture is better than a sloppy multiculture?

He seems to be suggesting (2, Funny)

kfg (145172) | more than 10 years ago | (#7186977)

that if I'd kept 30% of my infrastructure running Microsoft software for compatability reasons I should just go ahead and ditch it all?

Or am I just reading that wrong?

KFG

Michael is a hippie. (0, Flamebait)

wfrp01 (82831) | more than 10 years ago | (#7186980)

Probably the best thing to do to prevent disinformation from entering your company is to block articles by Rob Enderle.

It's not just Rob Enderle, you damn left wing-nut communist pro-choice feminazi Michael! It the Enderle Group !!! The whole damn bunch of them!! Are you trying to say that they're all nuts!? That's just nuts.

Re:Michael is a hippie. (0)

Anonymous Coward | more than 10 years ago | (#7187080)

I'd block the moron, look at his previous articles. No, this is not a troll, I really don't care too much if I use proprietary or not as long as it works. Windows has yet to prove its worth, while BeOS and Linux already has for me, even with its limited software libraries.

Re:Michael is a hippie. (4, Funny)

An Onerous Coward (222037) | more than 10 years ago | (#7187082)

The last time one of Rob Enderle's stories hit Slashdot, I went and did some googling around. An hour later, I had absolutely no evidence that the set of analysts comprising the Enderle group was any larger than the set composing Rob Enderle himself.

He probably has a stuffed penguin as a technical advisor, and I'd also bet that his technical advisor frequently gets pins stuck in him.

Yeah, Of Course He's Right (5, Insightful)

CrankyFool (680025) | more than 10 years ago | (#7186988)

That's because he's got the wrong focus.

The monoculture risk is real when you're looking at the 64,000 view -- the entire population. They're not really all that much of a risk when you're dealing with, say, an enterprise's systems, and there's not that much benefit to them in that kind of environment (disregarding things like security devices for the moment).

We've used the agriculture analogy before to describe the issues around monocultures, so to continue to use it, we can say that his point is that monoculture isn't really an issue because when you're tilling a single field, it's a pain in the ass to put multiple crops on it. True, but that's not the point -- it's when you've got one crop on *ALL* the fields (all the enterprises) or at least a substantial portion of them that you get into a problem.

Re:Yeah, Of Course He's Right (1)

Karadryel (644871) | more than 10 years ago | (#7187127)

The monoculture risk is real when you're looking at the 64,000 view -- the entire population. They're not really all that much of a risk when you're dealing with, say, an enterprise's systems, and there's not that much benefit to them in that kind of environment (disregarding things like security devices for the moment).

Two issues: First off, the security papers to which he's responding did in fact advocate diversity within a single enterprise. They were claiming that diversity was the right way to secure an enterprise, he's responding to that assertion.

Second, to some extent his arguments apply even when you extend it to inter-organizational security. Many businesses find it necessary to trust other systems from other businesses, and this will only become more true as web services start to make real the early promises of the internet changing the face of commerce (IBM, MS, SUN, whichever flavor of web services you like, they're all predicting something like this). When these systems become interdependent even across organizations, this guy's argument becomes relevant even there.

So don't just dismiss it, find a way to refute it.

RTFA? (1, Interesting)

Anonymous Coward | more than 10 years ago | (#7186991)

The submittor apparently not, in good /. fashion... I however did read it, and for starters no mention about port 80 (only about port 135). For the rest a lot of bla bla, totally disregarding many of the arguments in the original "monoculture is dangerous" article. For example he assumes that Linux OOo would have exactly the same exploits as Windows OOo. Maybe - but only if you stay within OOo's scripting. Making a cross-platform Blaster or the like is imho next to impossible (are there any cross-platform Windows/Linux binary executables in the first place?)
Lots and lots of nonsensical bla bla from this guy, who really needs to start learning a bit about what he is talking about. Monoculture is dangerous. And no-one promoted multi-culture within one company, only over the whole of the internet population. Multiple platforms within one company will indeed have its own problems.

Wouter.

Re:RTFA? (1)

ischorr (657205) | more than 10 years ago | (#7187048)

It appears that the "port 80" comment was removed after the initial post of the article. I'm not sure if it was due to the initial slashdotting or not, it may have just been a good (and quick!) choice on the publisher's part.

a brilliant post, but... (0)

Anonymous Coward | more than 10 years ago | (#7186996)

How many morons are going to keep using then for than when their usage of English is otherwise so good? I can understand it in someone who misspells every multi-syllabic word, but just that one? And people wonder why all the good tech jobs are going to India. At least they can use English.

Re:a brilliant post, but... (0)

Anonymous Coward | more than 10 years ago | (#7187026)

>And people wonder why all the good tech jobs are
>going to India. At least they can use English.

This point is well worth remembering.

Message to the Submitters/Editors (3, Insightful)

Kaboom13 (235759) | more than 10 years ago | (#7187010)

You make several accusations about the article's bias. But instead of giving us the articl and letting the readers make that judgement, or even making a logical argument for why he is wrong, you instead attack the author, and tell us how we should feel about the article. Anyone that reads slashdot can probably pick out the (alleged) MS bias by themselves. Keep your opinions to your damn self if you arent willing to back them up.

mod parent up! (0)

Anonymous Coward | more than 10 years ago | (#7187040)

mod parent up!

Re:mod parent up! (0)

Anonymous Coward | more than 10 years ago | (#7187113)

mod child down!

Re:Message to the Submitters/Editors (1)

molnarcs (675885) | more than 10 years ago | (#7187055)

Hey, Enderle is an old friend. He wrote such masterpieces as "Opinion: Reasons To Shun Open Source-ry" and "Linux Is Not Ready For the Enterprise (Opinion)" - check the links below the article. Mr Enderle's past articles are good bases to formulate an opinion of him. He should be banned from the Internet.;)

Or may be not. His articles have some entertainment values, they are funny. I never seen such clueless dude as he is.

Re:Message to the Submitters/Editors (0)

Anonymous Coward | more than 10 years ago | (#7187081)

Imagine that. A Slashdot author accusing another author of OS-bias. I almost lost my Coke through my nose when I read that headline.

Re:Message to the Submitters/Editors (1)

Pave Low (566880) | more than 10 years ago | (#7187133)

You forget it was michael that posted the article, one of the most dispicable, dishonest, manipulative characters on this site.

I love how slashdot has this nonsensical, convoluted moderation system that can censor and muzzle users if they "troll" or "flame", but editors like michael can troll users with reckless abandon (see the windows switching story today).

Where is the outrage?

Of course (1)

slobber (685169) | more than 10 years ago | (#7187012)

and, BTW, hackers are committing suicide at Microsoft's firewalls...

Why run Windows at all? (0)

Lost Penguin (636359) | more than 10 years ago | (#7187013)

Here is a quote from the article:

Few companies can continue to function if even 30% of their systems fail catastrophically.

So, 30% was running on windows?

He's right (0)

Anonymous Coward | more than 10 years ago | (#7187016)

He's right... mixed computing environments are bad. All the more reason to go 100% Linux.

ok port 80 and some others (1)

Ricin (236107) | more than 10 years ago | (#7187017)

and never wonder bout *why* you're paying that bill...

What nonsense

His suggestions.. (4, Insightful)

taradfong (311185) | more than 10 years ago | (#7187020)

Let's look at some of these...

- Accelerated adoption of patches.

Ok, yes you do have to stay patched. But this is like blaming people with flawed cars for not going to the car dealer each week to check for recalls. Microsoft's abundance of patches indicates poor design and methodology, period.

- Locking down desktops so users cannot make changes and viruses and worms can't install themselves and run.

Ok, so rather than design the apps safely out of the box, we need to handcuff the users and do the dirty work ourselves. I guess all those Outlook viruses were our fault.

- Restricting ports, such as port 135, which effectively stopped the latest virus attack.

Wow! What a concept! I never thought of this! Now I know where all my problems are coming from! It's not from the software, it's my fault for actually allowing connectivity!

- maintaining "hot sites," or duplicates of key elements of the IT infrastructure, so if the main infrastructure is compromised, users can quickly switch to backup systems.

Sounds like a way to sell licenses. Ok, since we can't make our product stable, buy 2 copies and hope one works.

- Developing the capability to rapidly restore compromised software and data from backups.

Right. Key word is, develop. Why does an end user, paying hundreds of dollars per seat need to 'develop' something as common as this.

- Adding security staff or outsourced services.

Right. Keep sending us your licensing fees, and then spend more money to make up for the gaps in our software. Don't trust any of that 'free software' crap you read on the internet - those Linux guys are a bunch of hacks. Hire an MSCE. Preferably from another country.

uh... article not so bright? (1)

wo1verin3 (473094) | more than 10 years ago | (#7187031)

>> - maintaining "hot sites," or duplicates of
>> key elements of the IT infrastructure, so if
>> the main infrastructure is compromised, users
>> can quickly switch to backup systems.

If you don't know what infected your infastructure in the first place, why would you put up another one to get infiltrated?

Valve may have screwed up big, but at least they are unplgged while they clean up.

Out of control... (0)

Anonymous Coward | more than 10 years ago | (#7187036)

Ok this is crazy.... Did any of you guys bother to read the Greer paper? It was a piece of politically motivated rhetorical garbage. It was in no way a technical document it was just basically a long Dennis Miller style nit picking rant without all the literary references and high brow attempts at humor. It was about as professional and well thought out as those Bill Joy articles and speeches about how if we are not careful we are going to build cyborgs that will kill us.

diversity doesn't mean hosing your own network (1)

bratgrrl (197603) | more than 10 years ago | (#7187039)

This is a pretty awful article. It's a seriously sucky world, when world-class trolls and flamebaiters post for free on Slashdot, and this Enderle guy gets paid for half-assed trolling.

I don't know where he got the idea that 'diversity is good' means every PC on your network is running a different operating system, and different applications. Wotta weenie.

micheal is an asshole (0)

Anonymous Coward | more than 10 years ago | (#7187042)

pretty much sums it up.

Sounds Familiar (0)

Anonymous Coward | more than 10 years ago | (#7187045)

Funny, another article by Rob was blasted a week ago on another site for being blatantly pro MS.
Must be some truth to it after all...

OT... My best friend's a whore! (-1, Troll)

Anonymous Coward | more than 10 years ago | (#7187056)

This has nothing to do with anything remotely Slashdot related, but I need to do something before my head explodes...

As I type this, my roomate and my best friend/recent lover are fucking in the next room over. WHAT THE FUCK. After 10 years of friendship and built-up sexual tension, we finally hooked up and now less than a week later she's banging my roomate. I am so fucking incensed right now I can't think straight. I wouldn't mind if they went to a hotel or otherwise didn't make it known, but she just FUCKING WALKED PAST MY ROOM TOPLESS AND SHUT THE DOOR IN MY FUCKING FACE. How fucking insensitive can you be?!

This sucks. It's 3AM and I'm telling strangers (GEEK strangers, no less) about my personal problems. I am a big pussy and will most likely not say anything to either one of them so I expect this to go on for a while. Fuck.

Feeling low? There's someone else out there that's having a worse day than you. Trust me.

Re:OT... My best friend's a whore! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7187089)

There's only one way to solve this problem, and that's to walk in there with a shotgun.

Re:OT... My best friend's a whore! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7187116)

Michael, you forgot to log in again.

The author is right! But... (1)

ljavelin (41345) | more than 10 years ago | (#7187062)

The author has concluded that many security papers do not address the cost of security - and he's right.

But anyone who is going to make a business decision regarding security can and will recognize that cost is a factor. Just because not all papers focus on cost doesn't mean that their conclusions are flawed.

The author fails to present any facts that support his implied position that the costs of securing the Microsoft model is a lower cost.

The author has written an article about his opinions. He provides few facts that support his opinion. This article is not informative to me - someone who needs to make decisions.

I don't care about his opinions. Give me facts that help me decide what to do in my organizations.

Re:The author is right! But... (0)

Anonymous Coward | more than 10 years ago | (#7187095)

he doesn't even talk about cost in anything other than vague terms

Wooooo...... (0)

Anonymous Coward | more than 10 years ago | (#7187065)

This is a slow day for Slashdot.

hmm (0)

Anonymous Coward | more than 10 years ago | (#7187068)

So the problem with diversity is that it increases costs, right? And, the cost savings of monoculture can maintain security by. . .

* maintaining "hot sites," or duplicates of key elements of the IT infrastructure
* Adding security staff or outsourced services
* Implementing additional security products

. . . spending lots of money.

What exactly does "anti-Microsoft" mean? (4, Informative)

ChangeOnInstall (589099) | more than 10 years ago | (#7187070)

What exactly does "anti-Microsoft" mean?

Back in 97, I was working at a startup where we were using the usual array of Microsoft tools to create web-based applications: IIS, ASP, Visual Basic (COM controls), and SQL server. The more I learned, the more I grew not to like it. The straw to break the camel's back was finding a significant bug in MDAC (which was acknowledged by a high-level tech once the ticket was escalated), and then having to wait 6 months for a fix. We thus moved away from the MS platform to Java/Linux, a combination that we found to be superior for our needs. I haven't looked back since.

I think I thus fall into the anti-Microsoft camp. I'd prefer to think of myself as being in the "pro-well-written-software" camp though. If Microsoft started writing good, secure, and interoperable software, I'd welcome them with open arms. My problem with MS is that in my "learned-the-hard-way" opinion, they don't.

The author does not define the term "anti-Microsoft". So my question is, what connotation do people try and draw up with the term "anti-Microsoft"? In my opinion, fabricated terms that begin with "anti-" tend to be used to describe an irrational hatred of something, and that's what I'm seeing here.

Like crops (0)

Anonymous Coward | more than 10 years ago | (#7187071)

So should we adopt crop rotation?
e.g Change to Linux may-october, up root and install openBSD then change to a legume for example OSX to allow the nitrates to build up again (then ban spraying pig shit on fields becuase of some doubtful science oh oh going off on a rant there...)

of course if we adopt the practice of writing everything in Java(TM) then the user need never know, and we would solve the monoculture problem!
(HINT Irony, like brassey but made of iron)

nt: ROB MALDA IS GAY! (-1, Troll)

Anonymous Coward | more than 10 years ago | (#7187073)

AS IF

reset (1)

quixotiCfluX (715142) | more than 10 years ago | (#7187074)

Ahh, forget all that, the solution is for everyone to develop and build propreitary systems inhouse, so NOTHING is the same company to company...

If he's so anti-Open Source... why is he using it? (0)

Anonymous Coward | more than 10 years ago | (#7187079)

Registrant:
Enderle Group
389 Photinia Lane
San Jose, CA 95127
US

Domain name: ENDERLEGROUP.COM

Administrative Contact:
Enderle, Robert renderle@enderleresearch.com
^^^^^^^^^^^^^^^^^^

dig mx enderleresearch.com ;; ANSWER SECTION:
enderleresearch.com. 994 IN MX 10 mailhost.enderleresearch.com.

telnet mailhost.enderleresearch.com 25
Trying 216.219.253.216...
Connected to mailhost.enderleresearch.com.
Escape character is '^]'.
220 ams005.ftl.affinity.com ZMailer Server 2.99.38 #1 ESMTP ready at Fri, 10 Oct 2003 21:07:14 -040

Ooops. Good 'ol ZMailer. :)

Oh... wait.

telnet www.enderleresearch.com 80
Trying 207.36.51.223...
Connected to www.enderleresearch.com.
Escape character is '^]'.
HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Sat, 11 Oct 2003 01:08:15 GMT
Server: Apache
Last-Modified: Mon, 08 Sep 2003 23:03:06 GMT
ETag: "b98f4-1a99-3f5d0aaa"
Accept-Ranges: bytes
Content-Length: 6809
Connection: close
Content-Type: text/htm

Apache. Hmmm. Who'da thunk it?

I am a good poet AND leader of the free world!! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#7187092)

Roses are red
Violets are blue
Oh my, lump in the bed
How I've missed you.
Roses are redder
Bluer am I
Seeing you kissed by that charming French guy.
The dogs and the cat, they missed you too
Barney's still mad you dropped him, he ate your shoe
The distance, my dear, has been such a barrier
Next time you want an adventure, just land on a carrier

block articles by Rob? (1)

nacturation (646836) | more than 10 years ago | (#7187097)

Probably the best thing to do to prevent disinformation from entering your company is to block articles by Rob Enderle.

Given the recent FUD from "our own Roblimo", I think it might be good to block articles from anyone named Rob if you're looking fro honest information.

Vote with your dollars (1)

rnd() (118781) | more than 10 years ago | (#7187100)

If you don't like Microsoft, for whatever reason, don't buy their software...

If the benefits outweight the risks for you, then buy their software.

If not, don't.

I don't see why it's considered so interesting whenever some "expert" comments on the security of Microsoft software.

Re:Vote with your dollars (1)

El (94934) | more than 10 years ago | (#7187125)

The problem is that the intersection of the set of people that have a clue about software quality with the set of people that are signing the checks is a null set.

Thought this was interesting... (0)

Anonymous Coward | more than 10 years ago | (#7187103)

After reading I checked a link to another of Enderle's articles (Reasons to Shun Open-Sourcery) and after claiming that the admirable open source users considered alternatives including Microsoft first, then spreading a bunch of FUD he was kind enough to label as such, there's an interesting bit in the "about the author" lines:

He is contemplating building an open source-free saferoom in his solar-powered home.

So open source users have to consider Microsoft, but he gets to hide in a bunker to protect himself from the evils of Linux.

Or whoever wrote the about blurb wanted him to look biased and emphasized the fact that the room was open-source free? Who knows.

A reply to him... (1)

Realistic_Dragon (655151) | more than 10 years ago | (#7187105)

(Also sent by e-mail.)

Hi there,

I just read your article at internetweek (Opinion: Reasons To Shun Open Source-ry) and I must that although I don't agree with your opinions I think you have some backbone to say them in public :o)

Of particular amusement was this part:

"He is contemplating building an open source-free saferoom in his solar-powered home."

I only hope that you weren't planning on installing Windows on any of those machines as the Windows TCP stack and Microsoft SFU are (Free|Open)BSD derived code. Longhorn will include elements of ksh (free) and several other new 'innovations' also derived from Open Source (although not GPL) code. You cant even dive for Apple who use Darwin (free, BSD derived) and khtml (free, developed on Linux) as well as other things - or Solaris (ships huge quantites of GNU applications). Almost every operating system on earth is now 'tainted' by code donated because when the marginal cost of something is zero, giving it away helps the whole world benefit.

We might not do it better all the time, but every now and again our community turns out something that everyone can see is better (Apache for example) and quite often they even beat a proprietary vendor at their own game (Samba versus Windows/CIFS). Given another time, every closed source tool will be replaced with something open, and resources will be redeployable into something more worthwhile as the market dictates.

Good luck anyway,

Just another doofus, move along... (2, Interesting)

doodleboy (263186) | more than 10 years ago | (#7187107)

There will always be apologists for the rich and powerful, be they journalists, politicians, or supposedly impartial "analysts" like Enderle. Such people are responsible for the endless flood of Microsoft-sponsored "studies" purporting to show that Windows is more secure, more stable, has a lower total cost of ownership, wipes your ass for you, etc. So when Enderle says
I'm not a big fan of diversity because so much the research I've done over the last decade or so indicates that by eliminating diversity you can dramatically reduce costs. Companies can minimize support costs by rolling out identical hardware and software to every desktop through big bang deployments. Going the other way in a knee jerk reaction to just one class of security threat seems poorly founded.
he seems not to have considered the cheapest possibility - a monoculture of free software, which has lower cost, better security, and higher performance. Now how is that?

Ha ha ha (1)

0spf (574535) | more than 10 years ago | (#7187108)

Oh the ring of keys analogy really works for me. What planet is this guy living on? I am soon implementing a program where we are going to remove the power supplies from all computers in the company and servers achieving 100% airtight, bulletproof security and reducing support costs to nothing.
/sarcasm

snip/
"One of the biggest problems caused by diversity is that it become very difficult for the IT staff to maintain equal competence on all platforms. The IT staff will have to focus more resources on keeping these systems interoperating and have fewer resources available to concentrate on things like securing the site."
/snip

I would love to have my IT staff focusing on something other than the virus or patch of the week. They are getting real good at disinfecting and patching Microsoft machines.

PYRAMID TROLL SCHEME!!!!! (-1, Troll)

Anonymous Coward | more than 10 years ago | (#7187110)

Do you want good luck to follow you and your offspring for geneations to come? This troll has the solution for you...

All you have to do is copy this troll onto two to four of the discussion threads of your choice! That's right! Just copy this into a new message and click "post anonymously." That's all there is to it! *

Tired of that idiot talking about geek culture! Stick one of these babies on it! And it's good for the economy!

Marge Gentry of Cambridge, Minnesota participated, and the next day she received a large fruit basket outside of her door from a secret admirer. Unfortunately, Marge was hit by a truck the next day, so she didn't get to the Granny Smith apples.

Commander Taco of Hole-in-the-ground West Virginia didn't participate, and he was violated by a group of raging homosexuals. Since the gang was headed by Jon Katz, Taco had no recourse to the law because the entire town knew about their previous relationship. The unfortunate outcome is enshrined forever at goatse.cx.

So if you want to get the fruit basket and not get poked in the bread basket, just copy this troll onto two of the discussions threads of your choice. We could have this place blanketed by sundown!

Another crackhead writer (1)

c1ay (703047) | more than 10 years ago | (#7187119)

This guy's really a goofball trying to make the argument against diversity as a tool to gain fault tolerance. NASA [nasa.gov] makes the argument for diversity in life-critical software systems and NIST [nist.gov] studies show it's value in High Assurance Systems. KLabs [klabs.org] has found the use of diverse and redundant systems on spacecraft offers high protection against failures due to design deficiencies and that it can offer lower cost where the backup system is used as a lifeboat for the primary system.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>