[64857] in North American Network Operators' Group
Re: ISPs' willingness to take action
daemon@ATHENA.MIT.EDU (Scott Francis)
Mon Nov 3 18:49:44 2003
Date: Mon, 3 Nov 2003 15:37:51 -0800
From: Scott Francis <darkuncle@darkuncle.net>
To: kenw@kmsi.net, nanog@nanog.org
Mail-Followup-To: kenw@kmsi.net, nanog@nanog.org
In-Reply-To: <20031103230503.GI7310@darkuncle.net>
Errors-To: owner-nanog-outgoing@merit.edu
--KIzF6Cje4W/osXrF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Top posting self-reply: looks like a lot of what I've suggested may have
finally been acknowledged by MS, according to a recent Register.co.uk
article.
http://www.theregister.co.uk/content/56/33599.html
We can only hope ...
--=20
Scott Francis || darkuncle (at) darkuncle (dot) net
illum oportet crescere me autem minui
On Mon, Nov 03, 2003 at 03:05:03PM -0800, darkuncle@darkuncle.net said:
[snip]
> The 3 things that would do the most to help eliminate this problem (milli=
ons
> of easily 0wned end-user hosts) right now are all things that lie in
> Microsoft's domain:
>=20
> 1) enable Internet Connection Firewall by default;
> 2) enable automatic Windows Update patch installation by defuault; [*]
> 3) modify the HTML engine in Outlook/OE such that it can ONLY render HTML,
> and any active content is ignored - in other words, replace MSIE as a bac=
kend
> HTML rendering engine with, say, lynx. [**]
>=20
> (and even if the above were all incorporated into all subsequent releases=
of
> Windows, it might take years before the old insecure hosts were finally
> replaced ...)
>=20
> Nothing new to this crowd, I'm sure, but I sure wish there was a way to m=
ake
> this a priority to the folks at MS, who are really the only people with t=
he
> ability to make this happen. Without their compliance, the problem will n=
ever
> improve (not as long as they're as dominant as they currently are).
> --=20
> Scott Francis || darkuncle (at) darkuncle (dot) net
> illum oportet crescere me autem minui
>=20
> [*] I'm well aware of the potential disaster were the WindowsUpdate site =
to
> be trojaned. However, corporate IT should be updating from a single serve=
r by
> the schedule of their windows admins, and for everybody else ... it could=
n't
> be much worse than the current state of affairs.
>=20
> [**] I've given up on hoping that email will return to the plain old text=
it
> was intended to be. I'm in the minority on that opinion, and I'm willing =
to
> settle for HTML in email if it can be rendered in a non-harmful manner (i=
.e.
> plain vanilla HTML only).
--KIzF6Cje4W/osXrF
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (OpenBSD)
iD8DBQE/pubPWaB7jFU39ScRAt7nAJ9ogurP4dnuojXD+oFc5G3honSPPACfXTHV
uj4SVQKcHGFyzQd/0CjJnjw=
=OVt9
-----END PGP SIGNATURE-----
--KIzF6Cje4W/osXrF--
