May 25, 2012 - 05:30 PM EDT — AAPL: 562.29 (-3.03, -0.54%) | NASDAQ: 2837.53 (-1.85, -0.07%)

Technology Exec’s answer to Windows security mess: moves off Microsoft servers, now owns Mac at home

Friday, September 12, 2003 · 9:37 am · 31 Comments

“A wave of new viruses that target Microsoft’s products has businesses throwing up their hands at the software giant’s seemingly endless security problems. ‘We moved all our mission-critical data off Microsoft servers. For trades, anything that directly affects our revenue, they’re on Unix boxes,’ said a technology officer at a worldwide investment bank. We had to hire people overnight just to load virus software. You can make a whole career out of fixing Microsoft products.’ The frustrated executive added, ‘I even got rid of my PC at home. Now I own a Mac,’” reports Stephen Lynch for The New York Post.

“Microsoft announced Wednesday that yet another critical security hole had been discovered in its Windows operating system. Officials said that if the problem wasn’t patched, attackers could delete data and install programs on victim’s computers. ‘Microsoft has taken a black eye on security,’ said Joe Wilcox, a senior analyst at Jupiter Research. ‘It’s reached the point of saturation. Some people are so frustrated that they don’t even have the energy to get mad,’” Lynch reports. “Wilcox added that Microsoft has done its best to try to repair the problems – it warned of the flaw Blaster used in July – but that virus-fighting has become a Sisyphean ordeal. ‘The Windows platform was developed pre-Internet, but the architecture hasn’t changed,’ Wilcox said. ‘It’s designed so programs can work together. That’s fine if you’re in a sandbox, but when you connect to the Internet, there are problems,’ he added. ‘Basically, Microsoft has been patching ever since.’”

“‘Don’t blame Microsoft for selling people the product they want,” said Ron Gulah, chief technology officer for Tenable Network Security, which found one of the recent Windows flaws. ‘People want easy e-mail. As soon as you add security measures, it doesn’t do what they want it to do,’” Lynch reports. “Gulah said that the companies complaining the loudest are the ones ‘who slashed the information technology department budgets.’ If system administrators keep up with security patches, it stops the viruses, he added.”

Full article here.

Categories: MacDailyNews, News

Thank You for supporting MacDailyNews!

♥ Adobe Photoshop CS6 Extended for Mac - Student and Teacher Edition DVD (65171323) only $249!
♥ Blowout: Apple 15.4" MacBook Pro i7/4Core/2.0GHz/4GB/500GB (MC721LL/A) only $1,549.99 + Free Shipping from MacMall
♥ Mac Madness Save 25% on Parallels Desktop 7!
♥ 15% Off Compatible Ink. 10% Off All Others (excludes OEMs). Free Shipping over $55. Coupon: 123BLOSSOM, Expires 6.18.12
♥ Save up to 60% at the Hammacher Schlemmer Special Values Sale-While supplies last.
♥ Dragon Dictate for Mac 2.5 - New! Simply Smarter Speech Recognition
♥ Up to 30% OFF Accessories from Verizon Wireless
♥ Limited Time Offer: Get free ZAGGsmartbuds when you buy a ZAGGsparq!

Comment Feed

31 Comments

1 2 Next »

El MacDaddy-o

Friday, September 12, 2003 - 10:57 am · Reply

“…If system administrators keep up with security patches, it stops the viruses, he added.”

Yeah, uh-huh. Easier said than done in a real world environment, Mr. Gulah.

Why should I run “mission critical” systems on Windows that I need to patch every few weeks with critical security bugs (and how embarassing/maddening that they were recently in the same area and couldn’t patch it then, causing more outages for companies) when I can run UNIX based systems that don’t need to be patched as often. Think of the money savings there.

Oh yeah, Mr. Gulah, I don’t need to patch my Mac as often, either.
Atomic Bomb

Friday, September 12, 2003 - 11:01 am · Reply

The “just patch it” school is so ignorant to reality. Unfortunately, sometimes M$ patches don’t work…

http://news.zdnet.co.uk/software/0,39020381,39116180,00.htm

…and sometimes the patches don’t work for your specific Service Pack. For example, the patch that M$ released for the Blaster worm only worked for SP3 and SP4 on Windows 2000 – yet most users of Windows 2000 were still on SP2 because the APPLICATIONS they use don’t support SP3 or SP4.

And that leads to the biggest problem that MicroPatch has with its band-aid security technique: THE APPLICATIONS! Seems like a no brainer that really the only reason to have an operating system is to run applications, but M$ seems to have forgotten this since their patches tend to cause problems with quite a good number of large enterprise-type applications – including some of their own.

And, if you upgrade to SP4, you have to re-install some of the patches since SP4 uninstalls them.
chrisv

Friday, September 12, 2003 - 11:45 am · Reply

Our macs no longer attach to our Win2000 server thanks to the latest round(s) of “security” updates. My ThinkPad has been updated more lately than I care to remember and this morning there is yet ANOTHER “helpful” alert from MS letting me know that I get to download, install and reboot once again.

I think a more appropriate name is the “Futile Computing Initiative.” Wanna actually USE your Win system? Forget it… it’s futile.
tthomcarl

Friday, September 12, 2003 - 11:52 am · Reply

This article and the quotes are what you would expect out of a bunch of stuffed shirts that have based their careers on a house of cards software, namely M$. Screw the arrogant bastards. Unix is the logical answer, but it will cost $, the business world is so tight that they squeak when they walk. Sink or swim, its that simple, however most of the whiners aren’t that smart.
NoPC Zone

Friday, September 12, 2003 - 11:52 am · Reply

I hope that exec remembers this the next time his IT guys bring him a PO (Purchase Order) for a bunch of Wintel desktops. Maybe the worm is beginning to turn.
Terry

Friday, September 12, 2003 - 11:59 am · Reply

“‘Don’t blame Microsoft for selling people the product they want,” said Ron Gulah, chief technology officer for Tenable Network Security, which found one of the recent Windows flaws. ‘People want easy e-mail. As soon as you add security measures, it doesn’t do what they want it to do,’”

That’s an idiotic statement. Apple Mail is easy, many e-mail apps on Windows are “easy” and are not full of security holes. This guy loves Windows being so full fo secuirty holes. It problaby gives him most of his business.
Tuner Equalizer

Friday, September 12, 2003 - 12:07 pm · Reply

Sooooooo true, Terry. ” That’s an idiotic statement. Apple Mail is easy, many e-mail apps on Windows are “easy” and are not full of security holes. This guy loves Windows being so full of secuirty holes. It probably gives him most of his business.”

I imagine one day: the CEO is going to bash his way into the IT support offices and start pointing fingers. “You, you’re fired. You, you’re fired. You three, you’re fired.”
Seahawk

Friday, September 12, 2003 - 12:09 pm · Reply

Let me understand what Gulah is saying… In order to have “easy e-mail” all that Micors**t have been capable to create is a crappy smash&grab; kind of OS?

What’s the implication here? that in Linux or OS X or Be OS or all other e-mail is WOW *difficult*

ROFLMAO

I cannot believe Windows users are SO STUPID to gobble this shit and screaming CHOCOLATE CAKE!
Are Windohs zealot so frigging stupid to believe in such moronic statement? Micros**t lacks security so that their users can do e-mail *easily*? OH MY OH MY OH MY!!!!

Is 95% of computer using population truly SO frigging STUPID?

Heya Windohs accolites: I have wonderful ocean-front lots in Arizona(!) to sell. Truly beautiful. Send money to reserve yours: selling like hot cakes!
Aryugaetu

Friday, September 12, 2003 - 12:33 pm · Reply

“It’s designed so programs can work together. That’s fine if you’re in a sandbox, but when you connect to the Internet, there are problems.”

I control and update my friend’s Mac remotely quite frequently. I have also networked my computer to my parents’ via the internet. No snags or security problems that I have seen!

…and iLife seems just fine, too.

Perhaps, he meant to say, “It’s designed so programs can work together. That’s fine if you’re in a sandbox, but when you connect to the Internet using Microsoft Windows, there are problems.”

“Problems”?!
Lists not scrolling smoothly would be a problem.
Not being able to run some older aps would be a problem.
Bookmarks not transferring properly would be a problem.

But an entire operating system, whose core has been around for a decade, and STILL has major security flaws being discovered and breached weekly, is not a “problem”… it’s a serious corporate and national disaster when over 90% of the systems are using it!!

Apparently these “patches” are ineffective. This has had so many patches that the entire code could have been rewritten from scratch.

The definition of “insanity” is doing the same thing and expecting different results. Keep buying Microsoft software, keep applying patches, keep getting problems, keep wasting your time and money… but you expect something to change?

At what point does it become a critical disaster and an emergency?
The US government made Honda recall my car for a service update because of “potential faulty wiring in the wiper motor” in a 1996 Civic. If something so trivial has made the government take attention, why doesn’t this?!!

Computers are no longer luxury items or a hobbyist’s toy. They are devices playing a vital role in all aspects of our society, and these gaping holes in security, as well as a major corporation’s refusal to make EFFECTIVE changes should have been the target of a congressional hearing YEARS AGO!!
Hywel

Friday, September 12, 2003 - 12:46 pm · Reply

In my organisation, I used to have someone with the same name, differentiated by a middle initial (he had one, I don’t).

This meant I got a lot of his mail. He got some of my mail, but not much (thankfully!)

Because we use Microsoft Outlook, I was able to write a macro so that I could, on reading a mail that was meant for him, click a button to forward it to him, send a message to the sender to notify them of their mistake and delete it from my mailbox.

I certainly can’t do that in Mail as far as I know. (Though I guess it might be possible using Applescript, I don’t know any applescript, so I can’t say).

So do I live M$ and think want their babies ?

No.

Why?

Because of the very thing this Gulah tw4t is saying. “As soon as you add security measures, it doesn’t do what they want it to do”. That Macro I spent half a day fidlling with (I was new to VBA) ran for about a week until they (my company) disabled all macros as a security measure. So I have the macro, the software can run it, but the IT guys know it’s just too risky to allow any macros to be run. I can’t even run a macro on my machine anyway, so what’s the point in even having outlook as a scriptable app ?

Bunch of chuffin’ arse, that’s what it is.
Hywel

Friday, September 12, 2003 - 12:53 pm · Reply

‘love’, not ‘live’ – Must have been a Freudian thing preventing me from saying I ‘hate’ M$….Oops, there I go again ;D
Stephen

Friday, September 12, 2003 - 12:59 pm · Reply

Honestly with so many problems with windows lately, when will the world realize it is an inferior product. It seems that when they patch one area it causes a security hole in another. And whoever said within M$ that the code for each version of windows has been recoded is so wrong. I have a few PC friends that are fed up and trying to switch to a Mac and they have informed me that not much of the code has really changed since Win 95. If this is true then wouldn’t XP just be 95 on steroids? I am an avid Mac user and I am also a Mac tech for a university. Lately I have been doing nothing bu running Antivirus and patches for Win, in all the admin computers around campus. This sucks, I haven’t had to do a single thing to any of the macs on campus. When will everyone realize that there are other computer options in the world. I would love to see a huge switch to Macs but there are other good options out there as well.
There is an age old saying….. WinBlows
Seahawk

Friday, September 12, 2003 - 1:28 pm · Reply

Hyvel,

you can do much better with Mail. Have ever dug rules?
Mail can check the address, see whether the sender comes from your address book, warn you with sounds, put it in different folder, reply automatically if certain conditions are met, forward to your colleague if certain conditions are met, etc.

An outlook macro? jeez, that is so last century technology
Seahawk

Friday, September 12, 2003 - 1:32 pm · Reply

Forgot: Mail can also do that and wait for confirmation from you (stop rules execution at condition) so that you – ultimately – can also do the read wrongly sent mail, and the continue with turles which would be – reply to sender warning of mistake and forward original mail to your colleague.

You can also collect them and do that at your leisure.

AND, new incoming Mail update will allow to do even more than what I described.
Seahawk

Friday, September 12, 2003 - 1:35 pm · Reply

lol “turles” !! what should read “rules”

Anyway, allows me to reaffirme: Outlook Macro?!?!?

Yuck, Mail does more and better by itself.
And yes, you can also use Applescript but Mail rules are more effective for what you want to do.
BuriedCaesar

Friday, September 12, 2003 - 2:00 pm · Reply

“If system administrators keep up with security patches, it stops the viruses.”

If you wanna talk about bassackward logic, you’ve found it in loads in that statement right there!

Here’s the core lesson, folks – The endless patches to XP or 2000 or this or that wouldn’t be necessary if the holes in the Micro$oft OS and software weren’t there in the first place.
Easy

Friday, September 12, 2003 - 3:10 pm · Reply

My TV is easy to use… it must be full of security holes.
Easy

Friday, September 12, 2003 - 3:15 pm · Reply

“That’s fine if you’re in a sandbox, but when you connect to the Internet, there are problems”

It’s true… I get lots of virus problems when plugging my phone to the phone line. So, I just use a stand alone phone. I no longer have any problems!!

P.S. I wonder though why I never get a phone call anymore.
Ebola

Friday, September 12, 2003 - 3:40 pm · Reply

“Gulah said that the companies complaining the loudest are the ones ‘who slashed the information technology department budgets.’ If system administrators keep up with security patches, it stops the viruses, he added.”

Point 1. Supposedly, by standardizing on Windoze PC, you can cut IT costs. This is one of the major argument for ditching Macs. So, when you cut costs, you slash the IT budget. So, you don’t hire as many admins. So, it’s hard to keep up with virii and security patches. So, virii/worms/trojans spread. So, it costs company money. So, where is the saving? So, blame the CIO, the IT, the stupid “security experts” like Gulah, Microsoft and whole Wintel industry that believes all these argument.

Point 2. You can keep up with security patches and most virii will still run. What you need is an anti-virus softwares. Security patches only prevents virii/worms/trojans from taking advantage of existing security holes. This guy is an “expert”? Sheesh.
Mr. Gore

Friday, September 12, 2003 - 3:56 pm · Reply

‘The Windows platform was developed pre-Internet, but the architecture hasn’t changed,’ Wilcox said.

This is good. Internet was developed in the 70′s. Windows started to appear in mid-80′s. Stupid ‘expert’!

Or did he meant after Internet took off in early 90′s (but Internet is a passing fad, isn’t it?) ? But then again, Windows virii appeared way before then, so Internet is only one of the vectors virii spread.

UNIX was around the early days of Internet and was around when it took off. It didn’t change much either. But it is MUCH MORE secure than Windoze! How do you explain that, Mr. Expert?