From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_00B7_01C2C878.92FD74F0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   If you are arguing that a process involving humans is less than =
perfect, I would have no disagreement.  I think the human factor is all =
the difference.  I had no problem because I make the effort to keep my =
systems safe.  George claimed that he doesn't get hit by exploits = because
he does the same.  Joe Barr is an example of someone that while = he talks
a lot about how Windows is horrible and Linux is great did get = his Linux
system rooted while George and I running Windows have not.  I = believe
that what this shows is that George and I are more competent = then Joe
Barr.

   I'll go further and say that you can't force people to do things they =
should and to not do things they shouldn't.  It's not like the effort in =
this recent example was large.  Some people simply didn't do it for =
different reasons probably ranging from, I didn't know to it's not =
important to it's not my job.

   What I find both sad and humorous when these things happen is that =
lots of people go off in search of someone to blame because it has to be =
someone else at fault.  The blame here goes first to the folks that =
released the worm.  They took a malicious action.  From there it really =
depends on perspective.  An admin responsible for keeping a system = secure
is by definition the one responsible when he has failed to do so. =
 These admins are innocent bystanders when it comes to being attacked =
but that doesn't absolve them of the responsibility they have.  =
Similarly, Microsoft was responsible for the bug being exploited and = like
the admin for his own systems is responsible for releasing an = update
which Microsoft did last July.

   On a related note, I think the guy that originally reported the =
problem is feeling a bit guilty.  One article I read suggested that he =
has or will consider changing his reporting of problems so as not to =
provide potential attackers with ammunition.

Rich

  "John Cuccia"  wrote in message =
news:2c2j3vsj46vqnv69pq07qhpnp3rus8m294{at}4ax.com...
  On Wed, 29 Jan 2003 18:53:06 -0800, "Rich"  wrote:

  >   It's all a red herring anyway.  Despite John's delusions, I had no =
problem with my computers even with MSDE installed.  Why, because I'm =
more competent than John must believe himself to be.  Lot's of people =
are.  If John is not one of them he shouldn't go blaming anyone else.

  Talk about your red herrings! I have no beliefs concerning your
  computers at all, Rich, nor do I believe you to be incompetent.  =20

  The discussion in question is about a larger issue than your
  computers, or mine.  It is about a flawed process, no matter how hard
  you try to make it be about something else


------=_NextPart_000_00B7_01C2C878.92FD74F0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   If you
are arguing that a =
process=20
involving humans is less than perfect, I would have no = disagreement.  I=20
think the human factor is all the difference.  I had no problem =
because I=20
make the effort to keep my systems safe.  George claimed that he =
doesn't=20
get hit by exploits because he does the same.  Joe Barr is an =
example of=20
someone that while he talks a lot about how Windows is horrible and = Linux is=20
great did get his Linux system rooted while George and I running Windows = have=20
not.  I believe that what this shows is that George and I are
more=20 competent then Joe Barr.
 
   I'll go
further and say =
that you can't=20
force people to do things they should and to not do things they =
shouldn't. =20
It's not like the effort in this recent example was large.  Some = people=20
simply didn't do it for different reasons probably ranging from, I = didn't know=20
to it's not important to it's not my job.
 
   What I
find both sad and =
humorous when=20
these things happen is that lots of people go off in search of someone = to blame=20
because it has to be someone else at fault.  The blame here goes =
first to=20
the folks that released the worm.  They took a malicious =
action.  From=20
there it really depends on perspective.  An admin responsible for
= keeping a=20
system secure is by definition the one responsible when he has failed to = do=20
so.  These admins are innocent bystanders when it comes to being =
attacked=20
but that doesn't absolve them of the responsibility they have.  =
Similarly,=20
Microsoft was responsible for the bug being exploited and like the admin = for his=20
own systems is responsible for releasing an update which Microsoft did = last=20
July.
 
   On a
related note, I think =
the guy=20
that originally reported the problem is feeling a bit guilty.  One
= article=20
I read suggested that he has or will consider changing his reporting of = problems=20
so as not to provide potential attackers with ammunition.
 
Rich
 

  "John Cuccia" <jcuccia{at}bigfoot.com>">mailto:jcuccia{at}bigfoot.com">jcuccia{at}bigfoot.com>
wrote =
in message=20
  news:2c2j3vsj46v=
qnv69pq07qhpnp3rus8m294{at}4ax.com...On=20
  Wed, 29 Jan 2003 18:53:06 -0800, "Rich" <{at}>=20
  wrote:>   It's all a red
herring anyway.  =
Despite=20
  John's delusions, I had no problem with my computers even with MSDE=20
  installed.  Why, because I'm more competent than John must =
believe=20
  himself to be.  Lot's of people are.  If John is not one of =
them he=20
  shouldn't go blaming anyone else.Talk about your red
herrings! =
I have=20
  no beliefs concerning yourcomputers at all, Rich, nor do I believe =
you to=20
  be incompetent.   The discussion in
question is =
about a=20
  larger issue than yourcomputers, or mine.  It is about a =
flawed=20
  process, no matter how hardyou try to make it be about something=20
  else

------=_NextPart_000_00B7_01C2C878.92FD74F0--

--- BBBS/NT v4.01 Flag-4