[rescue] (Offtopic) X-Message-Flag fun for Outlook users
William Kirkland
bill.kirkland at gmail.com
Wed Aug 2 15:55:19 CDT 2006
On Aug 1, 2006, at 12:13, rescue-request at sunhelp.org wrote:
> Message: 7
> Date: Tue, 1 Aug 2006 14:31:23 -0400
> From: Charles Shannon Hendrix <shannon at widomaker.com>
> Subject: Re: [rescue] (Offtopic) X-Message-Flag fun for Outlook users
> To: The Rescue List <rescue at sunhelp.org>
> Message-ID: <20060801183122.GC12931 at widomaker.com>
> Content-Type: text/plain; charset=us-ascii
>
> Sat, 29 Jul 2006 @ 14:18 -0700, Devin L. Ganger said:
>
>> I haven't seen any other company doing nearly as much as Microsoft
>> has
>> in the last three years to offer training, solutions, and guidance to
>> its customers on how security impacts every level of computing, from
>> design to deployment to operations.
>
> That's an odd thing to say, given that Microsoft has done the
> *least* of
> almost any other entity in the last 20 years about security.
If we are to comment on that particular paragraph ...
One would have to ignore the damage Microsoft has accomplished, prior
to giving credit to their solutions. The primary security hole for
email viruses' has not changed since Microsoft has introduced it. MS
word, excell, powerpoint, etc ...; all allow macros. These become
security holes when those types of documents are automatically opened
(even by a preview feature). This is then code, executed prior to
confirming the source. No amount of scanning will alter that design
flaw. If the applications could only modify the display, some of the
capabilities could be retained.
>
> Also, for all their recent talk about security--and you are right
> about
> them at least appearing to get serious about it--they continue to do
> almost nothing *REAL* about the problem.
>
> Take a good look at Windows XP: full of holes on release, and most of
> them are still there, and that's before getting into things like, oh,
> NTFS having 15 year old bugs in it.
>
> If Microsoft were truly trying, don't you think they'd be shipping
> better product by now, especially when a lot of the needed fixes are
> fairly simple?
More information about the rescue
mailing list