× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2002

Re: When is a Windows network not a Windows network

On Tue, 14 May 2002, Leif Svalgaard wrote:

> From: James Rich <james@eaerich.com>
> > On Tue, 14 May 2002, Leif Svalgaard wrote:
> > > The frequency of 'getting virused' is a function of how popular a product
> is,
> > > not of how 'good' it is. The product used the most is the most popular
> > > target for viruses. Products nobody uses are much less targeted.
> > > This is also the main reason OS/400 doesn't have many viruses.
> >
> > This is not completely true.  Apache is the most popular web server on the
> > planet, yet has far fewer security problems than IIS.
>
> Show me a study that lists all the security problems over the lifetime
> of each product and we can compare facts rather than folklore.

I don't have the actual study but I'm sure Gartner Group's recommendation
to avoid IIS was not based on folklore.  Come on, Leif, everybody knows
that IIS is a steaming pile of crap when it comes to security.  It is a
target not because it is the most popular, but because it is so easy to
break.  Remember Code Red?

Now to try to bring this thread back to where we got started:  supporting
browsers other than IE.  Do we really want the same people who
continuously create such awful software (as regarding security and
reliability) as IIS, IE, and Outlook to be the company that decides how
the internet should work?  Should we allow *any* one company or individual
to decide that?  Absolutely not.  That is the reason to code to open,
published standards and avoid proprietary extensions and formats.  What
should have been learned from early Netscape browsers is that using
proprietary extensions is bad.  But if we use IE extensions then we ignore
the lessons of the past.

> I really meant my statement in the negative: a product that "nobody"
> uses is rarely a target.

This may be true.  Targets are chosen for several reasons.  Often (like
Code Red, Nimba, and most other Microsoft targeting virii) any target will
do that is vulnerable.  Sometimes targets are chosen because of who they
are.  Government sites receive many attacks every day.  You can bet that
credit card companies also receive many attacks simply because of who they
are, not what they are running.  Sometimes a particular type of machine or
service is a target, like backbone routers.  And very often targets are
chosen because they are easy.

James Rich
james@eaerich.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.