They can have those with people working on Linux derivatives. But if you're telling me that they can't implement a proprietary flavor of Linux across their enterprise without serious problems, then you're telling me that they cannot possibly manage a Microsoft enterprise architecture, because Microsoft keeps admins extremely busy.
That's quite a reach. How about addressing your previous statement that the supposed NSA code would be more secure if it was restricted, which I inquired?
I didn't say that the NSA B1 Linux would be more secure; it would be extremely secure either way. The point is that if the NSA keeps the source closed, then that system can't be used outside of the US government, and that means that OTHER organizations will not be able to acquire it.
I'm aware of your point, but it is incorrect.
Actually, it isn't.
"Classification" of government information is a science of procedures whereby information is kept secret to reduce exposure and eventual duplication.
And Microsoft source code is FAR less accessible than most US government classified information.
But it still has massive security holes that get exploited on a nauseatingly regular basis.
Things like the security system of the US Capital would not be more secure if it was posted on the internet, likewise withholding immediate access to source code is a deterent to it's theft or exploitation.
One more time: Microsoft's source code is not available to the people who write things like Blaster.
But the stuff works. "Security through obscurity" is a very bad joke.
That's interesting, surprised you don't know more about M$/Government interaction.
I probably know a great deal more than you actually do.
There are places in the government (not where I work) where "windows update" is the official policy. Those places get every patch before a hack has been posted, and rarely if ever get exploited whatsoever.
Actually, what happens is that when the first symptoms of attack appear, they close every port into and out of the network, and pretty much cripple their operations until they're sure they've patched the vulnerability.
Yes they expose themselves to possibly poorly designed patches, or adverse effects to applications, but where security is a high priority it this setup can work well.
Assuming that Microsoft does a competent job. Big assumption.
And a poorly-designed patch can break other software, as you note. You do NOT want your network admin to clobber the CIWS or the RAM launcher with a routine update, especially when you're toe-to-toe with the bad guys.
You think maintaining a completely separate branch of Linux including grow your own security patches and feature upgrades is easier than deploying M$ and maintaining it through Windows Update etc? Ridiculous.
The point is that if the NSA keeps the source closed, then that system can't be used outside of the US government, and that means that OTHER organizations will not be able to acquire it.
Sure that's another reason for closed source, but doesn't undercut wanting to keep it secret so that it can't be exploited.
And Microsoft source code is FAR less accessible than most US government classified information.
LMAO. Ever heard of a dissasembler?
I probably know a great deal more than you actually do.
Not from the looks of your last post. I haven't seen anything correct yet.
they close every port into and out of the network, and pretty much cripple their operations until they're sure they've patched the vulnerability.
No they don't. They don't have to plug anything, if they have the very lastest patches installed. User curiosity with attachments that no A/V signatures exist for is one of the few successful methods against 100% patching of the O/S.
Assuming that Microsoft does a competent job. Big assumption.
It's not an assumption. These people (again not our organization) grew into relying on Windows Update. If it ever fails them, they will quit using it. So far, rock solid. But our security is more robust. You can't even ping our boxes without us getting a log.
Back to the thread at hand - Do you or do you not support HP helping the Chicoms build their software?
You cant do that, you can try but it will bite you in the rear, you see many windows updates require a reboot, fine for the desktop but murder in a complex server environment. We are moving off of windows for out storage server because we have had to reboot it three times this month! that means all the process servers that dump files there have to come down or they break!