> -----Original Message----- > From: James Butler [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 24 October 2006 5:42 AM > To: users@spamassassin.apache.org > Subject: Re: I'm thinking about suing Microsoft > > > Holding the position of "most widely-attacked" is no reason > for it to also be "least > secure-due-to-widely-known-and-poorly-corrected-issues". Even > if Apple/Posix products were as "widely attacked" as Windows > products, the results would be far less damaging to the > global infrastructure, despite Posix near stranglehold on > server systems worldwide. > > I'm in favor of investigating a lawsuit such as the one > described, because Microsoft is in the same arena as other > major manufacturers (automobiles, telephone systems, medical > equipment, etc.) that are regularly held accountable for > problems with their products that impact safety and economic > issues on a broad scale. > > James
Windows is a commercial OS, and at the end of the day their intent is to make their paying customers happy. The second part of the issue is that they feel that security is the user's responsibility (I, personally, don't think that there is a right or wrong in that particular argument), so they provide the tools but don't restrict much by default (except in the case of the Windows firewall, which is on by default). I think that it would be an interesting exercise for MS to include an option during install either have it start in a default deny or default allow profile, and see how many users pick the option that is less secure but more convenient. I am inclined to suggest that perhaps it's not just Microsoft's fault but it is also a statement about the quality of their customers and what they want. If you sit an average Windows user down in front of a system running Linux or something else Posix, they will bitch about having to log in, they will bitch about having to type in a password to install software and they will be frustrated when their torrent client doesn't just use UPnP to open up the required ports. And, as for default security setups, OS X doesn't require a password by default, you have to switch in on before it challenges for a password (but it does ask for passwords before you can make any system changes, but you have plenty of elevation opportunities before that becomes an issue). Yes, Microsoft should write tighter code. Is it grounds for a lawsuit? Well, I would suggest that any tech savvy judge (not that one exists) would throw the case out, citing that it is common knowledge that there are intrinsic security complications in Windows. They would also say that if you buy Windows in full knowledge of these pre-existing issues and then fail to take the appropriate action then it's your own silly fault, in the same way people burn themselves on a hot apple pie (despite the presence of hot in title, as opposed to warm or tepid). I can assure you right now that the only reason their are safety precautions in cars is because the manufacturers are legislated as having to be there. Private companies are not their to protect us from ourselves, that's the government's job. So, if you want all operating systems to have to be secure by default, whinge to your local representative rather than get all litigious. Laws can solve problems, lawsuits usually only create them.
