[LINK] Let's Sue Microsoft [Was: Code Red puts Microsoft in hot seat]
Mon, 6 Aug 2001 23:01:51 +1000
|> -----Original Message-----
|> From: firstname.lastname@example.org [mailto:email@example.com]On
|> Behalf Of Robin Whittle
|> Sent: Monday, August 06, 2001 9:29 PM
|> To: Link mailing list
|> Cc: Roger Clarke
|> Subject: Re: [LINK] Let's Sue Microsoft [Was: Code Red puts Microsoft in
|> hot seat]
|> What I think *could* be regarded as unconscionable conduct is the
|> default setting of Windows to hide the extension of filenames for types
|> it recognises, and to do this when Outlook Express presents an emailed
|> attachment to the user. This *actively* works against the ability of
|> the user to understand the security implications of clicking the
|> attachment. SirCam and other worms/viruses replicate a *lot* faster
|> because of this dumb (I believe culpably wrong) default behaviour of the
|> operating system, because they name an attachment "PrettyGirl.JPG.exe"
|> and the Microsoft software - by default and without any security
|> cautions - presents this to the user as: "PrettyGirl.JPG".
How is this any different to expecting users of more powerful software to
be aware of and keep their systems updated with the latest security
patches. Couldn't it be expected that users of an operating system would
be aware of the security implications of the default settings? There is
plenty of documentation covering this aspect. Where does one draw the
line, are not all users to be treated the same?
Isn't it more a case of people not reading the documentation they are
supplied with. No doubt the majority are guilty of that, even system
administrators :). Personally, I feel we are too quick to try and shift
responsibility from ourselves.
Darryl (Dassa) Lynch.