ABM Considered Harmful (was: piercing corporate)

Dan Jenkins dan at rastech.com
Sun Feb 8 11:40:28 EST 2004 

bscott at ntisys.com wrote:

>  I don't use Linux because it's not Microsoft. I use Linux because it's 
Linux.

Precisely my attitude. I try to use the right tool for each job. Linux 
is a great tool. I use it because it is a great tool. Sometimes I use 
other tools (like Microsoft or Apple). I'd be a poor carpenter if I only 
had a hammer in my  tool box.

Practically every network over the last twenty years we've supported has 
been heterogenous. Most of them have a mix of Macs, Windows and Linux 
nowadays. When I have a new task to implement, I usually look at Linux 
first. The flexibility of Liinux makes it a great tool for me. (The cost 
is a secondary factor at best.) If it seems awkward to do with Linux, 
then I'll look at other platforms to solve it. Since Linux plays so well 
with others, I can mix and match to get the best solution.

bscott at ntisys.com wrote:

>  (ABM = Anything But Microsoft)
>
>  On Fri, 6 Feb 2004, at 12:35pm, michael.odonnell at comcast.net wrote:
> > I [have] a fairly secure home network (protected by [A] a
> > firewall and [B] the total absence of Microsoft products ...
 >
>  I find your attitude toward Microsoft products to be rather naive.
>  Yes, their products have serious security issues and design flaws.
>  But you have repeatedly and recently state your opinion that all
>  Microsoft products are inherently and automatically insecure, and
>  also implied that FOSS is bestowed with magical security goodness.
>
>  That's bunk, pure and simple.

On the security side, I agree that not using Microsoft products does not 
automatically equate to security. I've been called in to postmortem 
Linux installations which were cracked due to open services which were 
not needed or lack of security updates which were needed. I've found IBM 
AIX minicomputers with no root password, because it made it 
"inconvenient" for the office (several of those actually). (Among many 
examples.) None of those non-Microsoft environments was secure.

Having said that, among my clients, those who use Microsoft Outlook or 
Outlook Express, are much more likely to acquire new viruses. Those who 
use Internet Explorer are much more likely to pick up rafts of 
adware/spyware. My Windows Mozilla clients just don't have those 
problems. I think it is partly in the tools, but partly in the attitude 
of the users (or at least the management). The Mozilla crowd have chosen 
not to use Microsoft email & Internet tools - inevitably because of bad 
security experiences. Once burnt, twice shy.

I can configure FOSS products to be as insecure as the worst Microsoft 
issues. I can configure Microsoft products to be almost as secure as the 
best FOSS products. (I still think FOSS has the edge there, due to their 
flexibility and accessibility.)

-- 
Dan Jenkins (dan at rastech.com)
Rastech Inc., Bedford, NH, USA --- 1-603-624-7272
*** Technical Support for over a Quarter Century

More information about the gnhlug-discuss mailing list