I like what I see Mr. Clarke

On February 22, 2005, in Rants, Security, by

“Given their record in the security area, I don’t know why anybody would buy from them,” the former White House cybersecurity and counterterrorism adviser said yesterday, when asked for his thoughts on Microsoft’s forthcoming line of security software.

Seattle PI had that quote from Richard Clarke from the RSA Security Conference.

Interestingly enough I don’t think Mr. Clarke is seeing what I’m seeing.  On the SBS 2003 sp 1 beta [that has Windows 2003 sp1 in it] I did something stupid and Windows 2003 sp1 kept me from being blonde.  You see, before I ran the Connect to internet wizard to fully enable the RRAS [or ISA 2004] firewall, I stupidly assigned the external NIC an IP address [you see I didn’t have to do that as the wizard does this for me] but the point is as I first went to run the wizard on that live enabled NIC the new Windows 2003 sp1 firewall popped up and said “are you sure?” just like XP sp2 ensures that it checks.  You see it was protecting me from my stupidity of putting a live server on the Internet and was protecting me from the get-go by ensuring that inbound protection of a LIVE connection was protected.

Mr. Clarke?  You aren’t seeing what I’m seeing …. yeah sure…. we need to get it so that running in user mode is “normal” around here but that’s our entire industry.  In my own little way I’m trying as best as I can to make people aware that the software that REQUIRES power user or local admin don’t “get security”, but in the meantime, I think you should see what I’m seeing…..

  • A basic firewall that protects that live NIC connection from the get go, from my own stupidity of putting a live server on the web
  • The COM protections that were put in place in XP sp2 now in Windows 2003

Yeah, sir, I’m buying security from Microsoft because I see their CURRENT track record and I like what I see.


One Response to I like what I see Mr. Clarke

  1. jm says:

    You’re happy because you found ONE security hole that Microsoft fixed! Wow.

    So back in 1999 when Win98SE fixed dozens of security holes in Win98, you must have felt dozens of times as secure. 🙂

    It’s design issues like tight-integration between GUIs and operating systems (and even HTML browsers!) that contribute to the secuirty issues. When Longhorn addresses those issues, I might feel more comfortable with it.