Jeff Jones, Microsoft’s Director of Security Strategy, is at the Black Hat Conference and wrote this fantastic article about an encounter he had with a Mac fanatic:
So, this afternoon, I’m in the Microsoft booth at Black Hat when this guy comes up (badge hidden of course) and starts talking to some of my colleagues. Right away, it was pretty obvious that he was antagonistic. I will refer to him as "h8er" from here on out. Though I am paraphrasing a bit, this is based upon a true story. It gave me a chuckle, so I thought I’d share.
h8er: So, how does it feel to work for a company that has made so many bad security decisions.
MSFT guy: Well, I feel lucky to be in a position to try and influence good security decisions going forward – are there any specifics you want to give me feedback on?
h8er: All those prompts irritating people, for example.
MSFT guy: Oh, so you don’t like that aspect of UAC. We’ve gotten a lot of feedback on that, but the UAC security changes in Windows Vista encompass a pretty wide range of options designed to make it easier for most users to run as non-admin. Plus, we’ve incorporated some of the feedback into SP1 and I think it is a lot better. Have you tried SP1?
h8er: <crickets chirping in the silence>
MSFT guy: (still trying) Let me ask it a different way. A lot of folks have said that after the first few weeks, the UAC prompts tapered off, have you not found that to be the case?
h8er: <crickets chirping in the silence>
MSFT guy: What about some of the other changes in Windows Vista – I think the addition of ASLR, for example, was a good decision and raises the bars for attackers developing exploits.
non-MSFT guys standing nearby: He has probably never even tried Vista – I bet you run Linux and just heard the prompt stuff second hand.
h8er: I don’t run Linux … I run a Mac!
…and so on and so forth…
Read more of this lovely story at:
http://blogs.technet.com/security/archive/2008/08/07/black-hat-got2-luv-the-h8ers.aspx
kurtsh
Kurt Shintaku's Blog 