Reply to thread

Message

Re: FIX for ZoneAlarm & KB951748 issue released

Paul (Bornival) wrote:
> This thread has seen a very "active" discusssion about the mutual
> responsibilities of MS and ZA for the "loss of Internet access"
> disaster linked to the issue of KB951748.
>
> For sure, the DNS issue was known by the main software
> manufacturerers much before July 8th, and ZA could have been more
> proactive.
>
> However, the argument that MS can change its software "ex abrubto"
> and put the culprit on 3d party software in case of problems
> (because, for ZA, the 3d party has modified a core component of its
> system) needs to be re-examined. Indeed,
>
> - the main reason why people adopted ZA firewall (or other 3d party
> firewalls) is because neither Win95/98/ME or WinXP (before SP2) had
> any protection in this context (more about that on
> http://en.wikipedia.org/wiki/Windows_Firewall). The firewall
> introduced with WinXP SP2 was only directed against attacks from
> outside but did not block anything from inside (this was
> considered as unecessary, and claimed as such on this forum, ...
> untill, eventually, Vista introduced it, which demonstrates its
> usefulness...)

Just because Vista has something does not 'demonstrate its usefulness' - it
merely demonstrates good marketing... If the people want it - throw it in
there... Even if most of those people do not understand what it really
does/doesn't do. (AERO is far from 'useful' - and it is in Vista.)

> - as a result, mots of us had to use 3d party firewalls to prortect
> our computers (I did so after seeing my unprotected WinXP computers
> so easily attacked ...)

Some people do/did not (even without any SP, SP1, SP1a) run a third party
firewall. Many of those ran/run fine.

SP2 was released in 2004. It is 2008 and SP3 has since bveen released.
Four years is a long time not to reflect on your security options if someone
was concerned at one time enough to get a free firewall solution in the
past - in my opinion. (Some people still run some pretty old versions of
whatever free software they may have chosen - some may even run software
from manufacturers that do not exist any longer...)

> I submit that MS should recognize that, because it introduced a
> decent firewall only recently, it has to respect those users who
> installed a 3d party firewal ... and have remained faithful to it.

Respect it - okay - agreed.

Research every one of them to see if they will cause problems - even those
that have since disappeared into the ether and are still ran by people
because they never bothered to get anything else, etc?

Zone Alarm is popular - but it is not (by far) the only option around (or
that was around in many cases) and not everyone is running it as their
third-party solution - which means there will be MANY different ones they
would have to 'test' - and which versions (of each one) do you test? What
are the limitation on how far back you test? After all - people are
reporting in this very conversation that some older versions of Zone Alarm
itself do not exhibit the issues of the version right before the patch to
remedy this problem - which tells me that Zone Alarm didn't have this issue,
did have this issue, doesn't have this issue again (if you just pretend the
patch could have been released some time ago.)

> Although, stricto sensu, MS is not obliged to take into
> consideration all 3d party sofware when thay make chnages that may
> affect the users of such software, they could have been more
> prudent in this case.

How? In what way? See my above query...

What limitations do you put on testing other people's software to make sure
when you patch yours it doesn't cause some particular version of some
particular software to break something overall?

> In a broader context, MS built its success (vs. Apple) by making an
> OS on which 3d parties could buid their own applications. Ignoring
> this now (and stating that they have "nothing to do with 3d party
> software") may well cause important problems, and the demise of MS
> in the future. In ancient Rome, people said "Jupiter blinds those
> who he will kill" and "The Tarpeian rock is close to the Capitol".
> In this particular case, I'm afraid that MS was blind... even if
> it was technically and legally right, and has forgotten that
> falling from the Capitol hill is easier than climbing it.

Interesting. I did enjoy reading that. Maybe Microsoft will cause its own
downfall - and maybe that is not a bad thing.

However - I am still unsure what you are expecting someone in a position
such as this one to have done differently.

There are obviously still people running much older versions of the software
that is mentioned in the subject of this posting and those people are not
having issues (according to their responses in this very conversation and
elsewhere.) There are people running other third party software that does
similar/the same thing as the software mentioned in the subject of this
posting and they are not having trouble. I have seen sporadic postings
lately (one to three) of people running brand-new similar software from
another (large) manufacturer supposedly having similar issues.

What would have been the 'thing to do' with all these variables in place, in
your opinion?

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html

<blockquote data-quote="Shenan Stanley" data-source="post: 465466">Re: FIX for ZoneAlarm &amp; KB951748 issue releasedPaul (Bornival) wrote:&gt; This thread has seen a very &quot;active&quot; discusssion about the mutual&gt; responsibilities of MS and ZA for the &quot;loss of Internet access&quot;&gt; disaster linked to the issue of KB951748.&gt;&gt; For sure, the DNS issue was known by the main software&gt; manufacturerers much before July 8th, and ZA could have been more&gt; proactive.&gt;&gt; However, the argument that MS can change its software &quot;ex abrubto&quot;&gt; and put the culprit on 3d party software in case of problems&gt; (because, for ZA, the 3d party has modified a core component of its&gt; system) needs to be re-examined. Indeed,&gt;&gt; - the main reason why people adopted ZA firewall (or other 3d party&gt; firewalls) is because neither Win95/98/ME or WinXP (before SP2) had&gt; any protection in this context (more about that on&gt; <a href="http://en.wikipedia.org/wiki/Windows_Firewall" target="_blank">http://en.wikipedia.org/wiki/Windows_Firewall</a>).&nbsp; The firewall&gt; introduced with WinXP SP2 was only directed against attacks from&gt; outside&nbsp; but did not block anything from inside (this was&gt; considered as unecessary, and claimed as such on this forum, ...&gt; untill, eventually, Vista introduced it, which demonstrates its&gt; usefulness...)Just because Vista has something does not &#039;demonstrate its usefulness&#039; - it merely demonstrates good marketing...&nbsp; If the people want it - throw it in there...&nbsp; Even if most of those people do not understand what it really does/doesn&#039;t do. (AERO is far from &#039;useful&#039; - and it is in Vista.)&gt; - as a result, mots of us had to use 3d party firewalls to prortect&gt; our computers (I did so after seeing my unprotected WinXP computers&gt; so easily attacked ...)Some people do/did not (even without any SP, SP1, SP1a) run a third party firewall.&nbsp; Many of those ran/run fine.SP2 was released in 2004.&nbsp; It is 2008 and SP3 has since bveen released. Four years is a long time not to reflect on your security options if someone was concerned at one time enough to get a free firewall solution in the past - in my opinion.&nbsp; (Some people still run some pretty old versions of whatever free software they may have chosen - some may even run software from manufacturers that do not exist any longer...)&gt; I submit that MS should recognize that, because it introduced a&gt; decent firewall only recently, it has to respect those users who&gt; installed a 3d party firewal ... and have remained faithful to it.Respect it - okay - agreed.Research every one of them to see if they will cause problems - even those that have since disappeared into the ether and are still ran by people because they never bothered to get anything else, etc?Zone Alarm is popular - but it is not (by far) the only option around (or that was around in many cases) and not everyone is running it as their third-party solution - which means there will be MANY different ones they would have to &#039;test&#039; - and which versions (of each one) do you test?&nbsp; What are the limitation on how far back you test?&nbsp; After all - people are reporting in this very conversation that some older versions of Zone Alarm itself do not exhibit the issues of the version right before the patch to remedy this problem - which tells me that Zone Alarm didn&#039;t have this issue, did have this issue, doesn&#039;t have this issue again (if you just pretend the patch could have been released some time ago.)&gt; Although, stricto sensu, MS is not obliged to take into&gt; consideration all 3d party sofware when thay make chnages that may&gt; affect the users of such software, they could have been more&gt; prudent in this case.How?&nbsp; In what way?&nbsp; See my above query...What limitations do you put on testing other people&#039;s software to make sure when you patch yours it doesn&#039;t cause some particular version of some particular software to break something overall?&gt; In a broader context, MS built its success (vs. Apple) by making an&gt; OS on which 3d parties could buid their own applications.&nbsp; Ignoring&gt; this now (and stating that they have &quot;nothing to do with 3d party&gt; software&quot;) may well cause important problems, and the demise of MS&gt; in the future.&nbsp; In ancient Rome, people said &quot;Jupiter blinds those&gt; who he will kill&quot; and &quot;The Tarpeian rock is close to the Capitol&quot;.&gt; In this particular case, I&#039;m afraid that MS was blind...&nbsp; even if&gt; it was technically and legally right, and has forgotten that&gt; falling from the Capitol hill is easier than climbing it.Interesting.&nbsp; I did enjoy reading that.&nbsp; Maybe Microsoft will cause its own downfall - and maybe that is not a bad thing.However - I am still unsure what you are expecting someone in a position such as this one to have done differently.There are obviously still people running much older versions of the software that is mentioned in the subject of this posting and those people are not having issues (according to their responses in this very conversation and elsewhere.)&nbsp; There are people running other third party software that does similar/the same thing as the software mentioned in the subject of this posting and they are not having trouble.&nbsp; I have seen sporadic postings lately (one to three) of people running brand-new similar software from another (large) manufacturer supposedly having similar issues.What would have been the &#039;thing to do&#039; with all these variables in place, in your opinion?-- Shenan Stanley&nbsp; &nbsp;&nbsp; MS-MVP-- How To Ask Questions The Smart Way<a href="http://www.catb.org/~esr/faqs/smart-questions.html" target="_blank">http://www.catb.org/~esr/faqs/smart-questions.html</a></blockquote>

[QUOTE="Shenan Stanley, post: 465466"] Re: FIX for ZoneAlarm & KB951748 issue released Paul (Bornival) wrote:[color=blue] > This thread has seen a very "active" discusssion about the mutual > responsibilities of MS and ZA for the "loss of Internet access" > disaster linked to the issue of KB951748. > > For sure, the DNS issue was known by the main software > manufacturerers much before July 8th, and ZA could have been more > proactive. > > However, the argument that MS can change its software "ex abrubto" > and put the culprit on 3d party software in case of problems > (because, for ZA, the 3d party has modified a core component of its > system) needs to be re-examined. Indeed, > > - the main reason why people adopted ZA firewall (or other 3d party > firewalls) is because neither Win95/98/ME or WinXP (before SP2) had > any protection in this context (more about that on > [url]http://en.wikipedia.org/wiki/Windows_Firewall[/url]). The firewall > introduced with WinXP SP2 was only directed against attacks from > outside but did not block anything from inside (this was > considered as unecessary, and claimed as such on this forum, ... > untill, eventually, Vista introduced it, which demonstrates its > usefulness...)[/color] Just because Vista has something does not 'demonstrate its usefulness' - it merely demonstrates good marketing... If the people want it - throw it in there... Even if most of those people do not understand what it really does/doesn't do. (AERO is far from 'useful' - and it is in Vista.) [color=blue] > - as a result, mots of us had to use 3d party firewalls to prortect > our computers (I did so after seeing my unprotected WinXP computers > so easily attacked ...)[/color] Some people do/did not (even without any SP, SP1, SP1a) run a third party firewall. Many of those ran/run fine. SP2 was released in 2004. It is 2008 and SP3 has since bveen released. Four years is a long time not to reflect on your security options if someone was concerned at one time enough to get a free firewall solution in the past - in my opinion. (Some people still run some pretty old versions of whatever free software they may have chosen - some may even run software from manufacturers that do not exist any longer...) [color=blue] > I submit that MS should recognize that, because it introduced a > decent firewall only recently, it has to respect those users who > installed a 3d party firewal ... and have remained faithful to it.[/color] Respect it - okay - agreed. Research every one of them to see if they will cause problems - even those that have since disappeared into the ether and are still ran by people because they never bothered to get anything else, etc? Zone Alarm is popular - but it is not (by far) the only option around (or that was around in many cases) and not everyone is running it as their third-party solution - which means there will be MANY different ones they would have to 'test' - and which versions (of each one) do you test? What are the limitation on how far back you test? After all - people are reporting in this very conversation that some older versions of Zone Alarm itself do not exhibit the issues of the version right before the patch to remedy this problem - which tells me that Zone Alarm didn't have this issue, did have this issue, doesn't have this issue again (if you just pretend the patch could have been released some time ago.) [color=blue] > Although, stricto sensu, MS is not obliged to take into > consideration all 3d party sofware when thay make chnages that may > affect the users of such software, they could have been more > prudent in this case.[/color] How? In what way? See my above query... What limitations do you put on testing other people's software to make sure when you patch yours it doesn't cause some particular version of some particular software to break something overall? [color=blue] > In a broader context, MS built its success (vs. Apple) by making an > OS on which 3d parties could buid their own applications. Ignoring > this now (and stating that they have "nothing to do with 3d party > software") may well cause important problems, and the demise of MS > in the future. In ancient Rome, people said "Jupiter blinds those > who he will kill" and "The Tarpeian rock is close to the Capitol". > In this particular case, I'm afraid that MS was blind... even if > it was technically and legally right, and has forgotten that > falling from the Capitol hill is easier than climbing it.[/color] Interesting. I did enjoy reading that. Maybe Microsoft will cause its own downfall - and maybe that is not a bad thing. However - I am still unsure what you are expecting someone in a position such as this one to have done differently. There are obviously still people running much older versions of the software that is mentioned in the subject of this posting and those people are not having issues (according to their responses in this very conversation and elsewhere.) There are people running other third party software that does similar/the same thing as the software mentioned in the subject of this posting and they are not having trouble. I have seen sporadic postings lately (one to three) of people running brand-new similar software from another (large) manufacturer supposedly having similar issues. What would have been the 'thing to do' with all these variables in place, in your opinion? -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way [url]http://www.catb.org/~esr/faqs/smart-questions.html[/url] [/QUOTE]

Verification

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Back

Top