Computer security experts strongly feel news of security flaws must get out
quickly so system administrators know what needs to be done to secure the
systems under their care. Nearly all computer break-ins exploit a known
security flaw that was not fixed.
To make this information as available as possible, notices and fixes have always been posted to security clearing centers like SecurityFocus which maintains the well know BugTraq list. System administrators can find notices easily at these centers, and automated e-mail lists send the most important ones to subscribers to make sure they won't be missed.
Microsoft has now moved against this free flow of information. They have sent threatening letters to security clearing centers claiming Microsoft security notices are copyrighted and anyone who posts one will feel the full impact of Microsoft's legal department.
AnalysisAs we have mentioned in several articles, Microsoft will not fix the root cause of their security problems because doing so would go against a couple of major marketing points: "easy to use" and "tight integration".
Since the flow of problems will continue to increase, it is not surprising Microsoft wants information about them supressed. The sheer number and seriousness of flaws is making security issues a major public relations problem for them.
So fearful has Microsoft become of the outside world, they have even restricted major parts of their Web site www.microsoft.com to only people using the Microsoft Internet Explorer Web browser. If you try to view it using some other browser, you are intercepted and refused access. Just have to keep those OS/2 and Linux users out, and "impure" Windows users too, you know.
- Automation Access
Velocity Networks: Network Consulting Service - Internet Service Provider - Web Page Design and Hosting
All trademarks and trade names are recognized as property of their owners