What will it take?

Monday, 27 January 2003, 2:47 PM EST

Microsoft ships software with holes all over it. It later ships patches. But those patches are said sometimes to break more than they fix, leading system administrators to be extremely circumspect about applying them.

The whys and wherefores are beside the point, though, and have been for awhile. The fact is that every notable Internet disruption since Robert Morris's 1988 worm, and certainly every one since the Internet has become a widespread part of our lives and commerce, has had Microsoft products at its center. There are no doubt those who would argue that this is because Microsoft products are so pervasive as to be the obvious target. This is no doubt true to some extent, if only because were there less Microsoft software plugged into the Internet the effects of that software's vulnerabilities would be diminished.

A problem with monopolies is that they are only rarely benign. By definition, a monopoly is the holding of sufficient market share that it is no longer subject to the market forces that govern other products. As a monopoly, Microsoft need not ship particularly good products, secure products, or even more than adequate products. Any of those things that the company provides it provides out of the kindness of its heart, which has evidenced no overflowing in that particular.

[ Read more ]


Lessons learned developing Lynis, an open source security auditing tool

Posted on 15 October 2014.  |  Lynis unearths vulnerabilities, configuration errors, and provides tips for system hardening. It is written in shell script, installation is not required and can be performed with a privileged or non-privileged account.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Oct 20th