By jimmo on Jul 27, 2004
It's been a while since I updated this blog...yeah, well I've been busy.
Our email network has got loads of Window's viruses (virii?) flying about; mostly from infected laptops I believe. Of course, Sun/Solaris machines are immune but it's irritating to get a mailbox full of this stuff.
Microsoft are a cunning bunch of marketeers. They make a big song and dance about having a large team of engineers focused on security. Naturally, the message is spun to make it sound reassuring about how serious they take security. Well, maybe so. Of course, the main reason why they have such a huge security team (and we have such a small one) is because they're code is so atrociously insecure!
It's more than just security holes in the code; the architecture of their operating environment is vulnerable to virus infection. Mail readers like "outhouse express" that execute attachments for you (well, they know better than you what you want to do - right?) are a good example. Promoting an environment that makes ease-of-use for the user a priority is fine but there needs to be a secure architecture behind it. More and more of the security enhancements from Trusted Solaris are making their way into our "vanilla" Solaris operating system. Plus we have zones (a facility similar in concept to "BSD jails") in Solaris 10...it rocks!