hey, I have an idea
|
| Author | Content |
|---|---|
| tuxchick Mar 22, 2007 7:33 AM EDT |
How about designing software that isn't vulnerable to remote code execution in the first place? Ms. Snyder comes from Microsoft-land, where the job of "security" staff is layering yet more patches over a rotting hull. It's hopeless- how about paying a bit more attention to the non-Windows versions of Firefox, which are somewhat but not very much better than poo? |
| Aladdin_Sane Mar 22, 2007 7:49 AM EDT |
Same slime, same day? Does everybody else read this text in the article?: "That's simply not the case, said Window Snyder, chief security something-or-other at Mozilla." Sounds like a sleazy shot at Mozilla. As suggested above, looks like a mole in the woodwork something-or-other to me. Is Sharon Gaudin's article related to Paul McDougall's [url=http://www.informationweek.com/news/showArticle.jhtml?articleID=198100504&subSection=All Stories]http://www.informationweek.com/news/showArticle.jhtml?articl...[/url] ? As we like to say in Houston, "Slime in the Ice Machine!" Is this a co-ordinated attack on FOSS, or co-incidence? How much of IW's ad revenue is from MS? |
| DarrenR114 Mar 22, 2007 8:54 AM EDT |
The gist I got out of the article is that by making security a bit complicated, vendors have created a situation where users blindly cripple themselves because they don't understand what their doing, and Mozilla is taking steps to clarify security for the "non-techie" enduser. That's my take on the article anyways. |
| tuxchick Mar 22, 2007 9:17 AM EDT |
Darren, you're right. Still, it seems to me the focus is still wrong- Snyder talks about giving users information to make meaningful security decisions. My question is, how about making software that doesn't require users to be security gurus? Which is a pointless question for Windows users, because it's impossible. |
| Aladdin_Sane Mar 22, 2007 9:27 AM EDT |
>Which is a pointless question for Windows users, because it's impossible. Agreed. And one of Snyder's downfalls when making news: She seems to only know Windows. But her point has made 1 zillion times before, some of which were by her. So is there a point to this article? 1) Snyder points out that the security method for Windows is wrong. 2) Snyder points out 2 contradictory and cosmetic remedies for this mostly-Windows ailment. 3) Gaudin and IW give her all of 7 paragraphs to make her point. |
| phsolide Mar 22, 2007 11:05 AM EDT |
I too feel deeply suspicious of any "ex"-Microsoftie, and especially of any ex-security Microsoftie. I bet MSFT is like the CIA: you never really leave. I'm also deeply suspcious of current security Microsofties, as I used to argue with a guy who became a security Microsoftie, back in the mid-90s, on usenet. alt.fan.bill-gates... all the security Microsofties quit posting to bugtraq and full-disclosure when Scott Charney (?) had a snit about "information anarchy" and revealed The True Colors. But Window Snyder spent a while at Matasano (highly amusing blog at http://www.matasano.com/log/, and Window Snyder is listed as "Emeritus", even), and those guys (a) aren't fools and (b) don't suffer fools lightly. I just don't know what to think about Window Snyder. I mean, other people (for example, Adam Shostack of "Emergent Chaos" http://www.emergentchaos.com/) seem to tone down their criticism of MSFT , seem to Drink the Kool-aid, when they go to work there. I suppose this is subtext becoming text, whre all of MSFT's shilling and astroturfing and bribing and manipulating comes back to bite them, and everyone that works for them. |
| SFN Mar 22, 2007 12:00 PM EDT |
Quoting:Users also are being asked to make too many decisions when all they really want to do is get their work done or send their e-mails or play a game. Hmm. You know what would be neat? If users did what they were paid to do. I'm pretty sure that making decisions would fall under that category. Playing a game, however, would not. |
| DarrenR114 Mar 22, 2007 12:13 PM EDT |
@SFN
I believe the point that Ms. Snyder was making is that the security prompts thrown at the user are so confusing that they don't know what would be a good decision. It's reminiscent for me of the movement years ago among lawyers to use less "legalese" and more plain English. There was a reason that so many jokes were made along the lines: "The party of the first part agrees to give the party of the second part a part of the party of the third part's part that the party of the fourth part assigns back to the party of the second part." |
| tracyanne Mar 22, 2007 1:30 PM EDT |
quote:: I believe the point that Ms. Snyder was making is that the security prompts thrown at the user are so confusing that they don't know what would be a good decision. It's reminiscent for me of the movement years ago among lawyers to use less "legalese" and more plain English. ::quote That's pretty much my take on the article. I see nothing nefarious in the article, which seems to be partially about the UI improvements that Mozilla want to have in FF3. |
| phsolide Mar 22, 2007 2:38 PM EDT |
The only "nefarious" thing in the article is Ms Snyder's last employer but 1: Microsoft. Given the shilling and astroturfing (http://www.inlumineconsulting.com:8080/website/msft.shilling...) that MSFT and it's Wagg-Ed henchmen do, anyone with a current or past employment relationship with MSFT comes under suspicion. Really, anyone rational needs to have a lot of suspicion of *any* pro-MSFT "opinion" because of this shilling and astroturfing. |
| DarrenR114 Mar 23, 2007 5:38 AM EDT |
@phsolide It sounds like you're saying that people don't become so fed up with their employer that they leave for philosophical reasons. But that's exactly what happened with the founder of Gentoo when he left Microsoft. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!