Re: Is Zotob A MS Plot . . . .

Vagabond Software wrote:
> "kurttrail" <dontemailme@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
> message news:ehYtAX1oFHA.1872@xxxxxxxxxxxxxxxxxxxxxxx
>> Vagabond Software wrote:
>>> "kurttrail" <dontemailme@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
>>> message news:uhmb2s0oFHA.2080@xxxxxxxxxxxxxxxxxxxxxxx
>>>> Vagabond Software wrote:
>>>>
>>>>> They did provide a patch for free... a week before there were any
>>>>> known instances of the exploits in the user community. <snip>
>>>>
>>>> "They (the customer) just paid the $150,000 for the patch on SP3."
>>>>
>>>> --
>>>
>>> Well, I shouldn't have said "the customer"... The end-users' IT
>>> service provider paid $150,000 to patch their operating system. Why?
>>> Because they insist on running an unsupported operating
>>> system, which is Windows 2000 SP3. Why? Because they moved their
>>> Technicians to an hourly rate to save money during slow periods.
>>>
>>> Even though the IT firm would pay nothing to Microsoft to upgrade to
>>> Windows 2000 SP4, a supported operating system, they would have to
>>> pay those hourly technicians to "touch" a helluva lot of machines.
>>> So, this IT firm has made the calculated decision that it is cheaper
>>> to pay Microsoft for patches to an unsupported operating system than
>>> it is to pay the Technicians an hourly rate.
>>>
>>> I know this doesn't fit well in your world view, but the progressive
>>> IT firms that actually train their technicians and pay them to
>>> manage their clients' networks never seem to get hit with these
>>> problems. Meanwhile, the reactionary IT firms almost ALWAYS get hit
>>> by each and every one of these problems because they only dispatch
>>> technicians to FIX problems AFTER they are reported.
>>>
>>> Carl
>>
>> MS should provide any necessary patch for free. It is their coding
>> negligence that
>> is being exploited.
>>
>> If the OS is still functional, then MS has a responsibility to patch
>> the security holes in it. It is a matter of Global Network
>> Security. If MS doesn't want take responsibility for its holes,
>> then they should get out of businesss.
>>
>> --
>
> I don't know how many times I have to repeat myself. Microsoft
> provided a FREE fix via Windows 2000 SP4.

No. A corporation has to spend money and time to implement a SP over
its network.

So MS is basically making them pay to upgrade to a service pack or pay
for a patch.

I don't know how many times I have to repeat myself. Microsoft should
provide a free patch to any working vulnerable OS, that is only
vulnerable due to MS coding negligence! If they work take
responsibility for the hole they created then they should get the hell
out of the OS business!

> Your assertion that as long as the "OS is still functional, then MS
> has a responsibility to patch security holes" is, of course,
> rediculous. Apple has to support OS 8? OS 9? Sun has to support
> SunOS 4.1.3? IBM has to support OS/2 Warp? Like I said, rediculous.

If hole is actively being exploited, then yes, software manufacturers
should be held responsible for their negligent mistakes.

> Global Network Security? How dramatic... Ignorance is a matter of
> GNS. I think every IT company that has clients who are infected with
> these exploits should have to publicize their company names and their
> excuse for allowing their clients to be hit by such an ineffectual
> worm.

LOL! That patch had only been out for a week, and with the number of
patches that MS released in its last bunch, it is quite understandable
that testing all those patches would take a while. It's not like MS has
never released a patched that didn't create other problems.

The larger the organization, the longer it will take to test the
MicroPatches, especially when you have multiple patches released all at
once. And MS is the one that decided to release patches all at once on
a monthly schedule.

So stop your apologizing for Microsoft. They created the hole through
there negligence, and they should be held accountable to fix it for
free, or be run out of town like any snake oil salesmen that gets caught
selling an inferior product.

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"



.

Relevant Pages

  • Re: Learning process
    ... a million users on Windows would be ... Most of the patches are fixes for problems in security and a lot of ... pile of games or the SQL blaster which required 2 patchs - patch 1, ... holes *aren't* patched almost immediately. ...
    (alt.comp.lang.learn.c-cpp)
  • Re: My jeans are torn: damage control...
    ... new holes; ... you need a patch. ... it's possible to sew a knee patch on by machine, ... i make my patches twice as long as i need & fold in half (so ...
    (alt.sewing)
  • RE: is this a worm ?
    ... > (list of microsoft programs) ... > Go to this site to download the patch for your operating system: ... > I went to that website and saw a list of patches for the different operating ... > course i didnt downloaded the patch. ...
    (microsoft.public.windowsxp.general)
  • RE: [fw-wiz] terminal services
    ... > people didn't patch their machines. ... Yes, but if you look at all the patches and DLL versions, it's a twisty ... > No doubt, but the holes are secondary to what I believe the root problem is, ... > which is laziness on the part of users, admins and vendors to apply patches ...
    (Firewall-Wizards)
  • Re: So how secure is Windows XP with all current updates?
    ... The Blaster worm was discovered on August 11, ... A machine that was fully patched prior to the release of the MS03-026 patch ... I think the original poster is confusing patches with holes. ...
    (microsoft.public.security)