Re: which PC

Floyd L. Davidson wrote:
Ron Hunter <rphunter@xxxxxxxxxxx> wrote:
Floyd L. Davidson wrote:
Corporate systems are not usually patched until an
exploit becomes a problem. Pretty stupid, but there it
is.
I doubt the validity of that statement.

And do you have over 30 years in corporate IT to back your claim? I do.

I have no doubt that in *your* experience that sort of
sloppy administration was the norm.

I'm retired from the telecommunications industry, which
you may recall was at one time *the* prime target of
virtually all hackers. Of course today there are *many*
industries who are prime targets.

Which is to say that in my experience not everyone is as
sloppy as your experience. It simply depends on whether
you've worked where security was actually important or
not.

Hence a list of patches is not an indication that any
exploits ever actually exist.
In the unix world, that is. The same does not apply to
Microsoft, simply because nobody outside of Microsoft is
able to examine their code.
MS does fix potential problems before exploits are
actually used. Now just how many of them are installed
is another thing, entirely.
Sure the do.

They try, but don't always succeed. There are flaws
that have remained unfixed for over 30 years in the IBM
Mainframe operating system because fixing them would
break too many programs. Ugly, but there it is.

The problem is that Microsoft is not able to detect most
security vulnerabilities until someone actually attempts
to make use of it. They simply cannot hire hundreds or
thousands of eyes to go poking through their source code
the way Open Source Software companies can do.

Another serious flaw in the mechanics of OS development
at Microsoft is just as serious. Rather than make
incremental upgrades, and in particular the avoidance of
discarding flawed development tracks, Microsoft
basically maintains a single OS for a period of years
and then produces an almost new (but compatible,
sometimes even down to replicating serious flaws to
selectively allow some but not all legacy software to
run on the new) OS. What is compatible or not seems to
be totally a marketing decision based on competing with
whatever is currently a threat, rather than making sound
technical decisions intended to develop the best
possible OS. (I noticed a defrag tool on a friends
machine the other day, though I can't remember now if it
was in XP or Vista when saw it. Do Microsoft
filesystems actually still need to be defragged????)

Yes, as do ALL file systems. The OS you use MAY do it transparently, but it MUST be done.
I have software that does this automatically on my computers, so it may seem that I never do it, but the software DOES do the job, just without my attention. Anyone who thinks this job need not be done just doesn't understand the realities of disk storage.
.

Relevant Pages

  • Re: which PC
    ... Microsoft, simply because nobody outside of Microsoft is ... There are flaws ... the way Open Source Software companies can do. ... discarding flawed development tracks, Microsoft ...
    (rec.photo.digital)
  • Re: 30 Linux "security advisories" in just one week?
    ... from Microsoft for finding "bugs" or "security flaws" in Linux. ... Microsoft absolutely insists that any commercial publisher ...
    (alt.os.linux)
  • latest Microsoft Windows Security Flaws
    ... Microsoft Warns on Windows Security Flaws ... Viejo, Calif., which discovered the new Windows flaws. ...
    (microsoft.public.exchange.admin)
  • latest Microsoft Windows Security Flaws
    ... Microsoft Warns on Windows Security Flaws ... Viejo, Calif., which discovered the new Windows flaws. ...
    (microsoft.public.security.virus)
  • Re: [Full-disclosure] Office 0day
    ... Microsoft is a 280+ billion dollar corporation. ... standard ransom fee for security flaws? ... 0day IE explorer flaws that give administrative shells: ...
    (Full-Disclosure)