VNU Net: Mr Moody goes to MicrosoftAug 22, 2000, 20:54 (8 Talkback[s])
(Other stories by Mole)
By Mole, VNU Net
A technology columnist with the ABC News website found himself in the midst of a storm earlier this month when he dared to suggest that Linux, far from being the Fort Knox of operating systems, is in fact far inferior to Windows NT when it comes to security. This will surprise many IT managers who have long known that NT was about as secure as an American tourist at a pickpockets' convention. Indeed, it was also a surprise for the people at Bugtraq, the software monitoring service whose reports were cited by Fred Moody, the journalist in question, in support of his conclusions.
Ben Greenbaum, director of securityfocus.com, which runs Bugtraq, said Mr Moody's analysis was "completely inaccurate", an opinion expressed in some detail in an official response to the article sent to the ABC News website.
Mr Moody remains unrepentant. In a self-justifying follow-up article, he abandons the slippery technical evidence and falls back instead on the traditional last resort of fools, cowards and hacks: vulgar abuse. "I now find myself in the tremendously unenviable and essentially hopeless position of explaining, in writing, what I have written - to an audience, it bears noting, that does not seem to read, understand, or otherwise know how to employ the English language. This audience is known to itself as the 'Linux community'. I think of them in far less complimentary terms," he writes.
Halfway through, he prints a "typical" example of the messages of protest he was sent, the point of which is to demonstrate that a) the author of the message can't write, whereas b) Mr Moody can, which amounts to c) proof that because Mr Moody is cleverer than the Linux supporters he set out to attack, he is almost certainly right.
Interestingly, he fails to take the Linux acolytes to task for their most offensive trait - sucking lentil soup through their big, bushy beards. A glance at the hairy face pictured at the top of his column reveals why.
To spare the Linux community the mental anguish of formulating a response, Mole has taken the liberty of doing a little digging into Mr Moody's background. This is a man who once spent a year at Microsoft following the progress of a multimedia project to develop a product named Explorapedia. He turned this experience into a book with the title 'I sing the body electronic'. In it, Moody gives a blow by blow account of the progress of the product from drawing board to market, and paints a generally favourable picture of Microsoft interspersed with the odd, paranoid observation about the unspecified forces trying to undermine the company.
The question that remains is whether someone, even someone as clever as Mr Moody, can spend a year rubbing shoulders with Bill Gates and still remain impartial. Why else would a man with a beard stick up for Microsoft and stick two fingers up to the Linux camp? It just doesn't add up.
Anyone wishing to judge for themselves can purchase Mr Moody's book from Amazon.com, where another clue to the author's character is to be found in the "readers' reviews" section. In the first review listed, a reader from Belmar, New Jersey, describes how he was given the book by a relative who met Mr Moody at an airport. The relative had asked Mr Moody to suggest something suitable for an engineer (the amateur reviewer), and Mr Moody modestly suggested his own book. The verdict? "Horrible... A book about a year with the Pennsylvania Dutch farmers would be more captivating."
In any case, if Mr Moody thinks he is doing anyone at Microsoft a favour by rubbishing Linux, he should think again. With support for Linux building to tidal proportions (see recent announcements by IBM, Dell and Hewlett Packard for starters), Microsoft is seriously considering its own position and the appearance of an MS Linux at some point in the future is a real possibility, even if only as a loss-leader for an NT premium brand. Soon there will be no one left for Mr Moody to suck up to and no one left to attack.
Meanwhile, a security hole in Microsoft's SQL Server has been blamed for the recent spate of attacks on government websites by a rabid anti-smoker calling himself Herbless. Microsoft's response - that system administrators could have avoided the problem by reading the manual - is fair enough, but as no one ever reads software manuals, it is also a rather weak defence.
The backdoor is left open when the administrator fails to change the default password assigned when the software is configured. It's a careless mistake, but Microsoft could help IT staff avoid it simply by including a prompt during the setup procedure. Something along the following lines would probably do the trick. "Would you like to change the default password now, or would you prefer to have your chances of promotion scuppered by a fanatical teenage hacker with a personality disorder?"
There is good news for Netscape customers concerned by reports about a bug that allows a Netscape 4.7 browser to be tweaked to pose as a server, in which guise it can be used to compromise the security of websites. According to a technical report in a recent edition of US magazine eWeek, the hole is "easily plugged". Readers interested in learning how should refer to the original article. Be careful how you spread the news to friends and colleagues, however. The bug has been given the name "brown orifice" and bragging that you have plugged it could lead to misunderstanding or worse: in some US states, where such things remain illegal, it could even mean a spell in jail.
Mole has a sneaking sympathy with Oracle, which has just been ordered to pay a former employee $2.7 million compensation after she took the company to court for wrongful dismissal. The employee, a vice president named Sandy Baratta, claimed she was fired shortly after alerting senior management to a plot by Oracle to steal software from SAP. In its defence, Oracle said Baratta had been a thrusting career woman who had made life "unbearable" for colleagues in her constant quest for self-advancement.
Whether or not this is true, Baratta clearly deserved to be sacked if for no other reason than for showing a complete lack of judgement. It's a cardinal rule of whistle blowing that you don't snitch on those with the power to determine your career trajectory. Here at Molesoft, the HR department is at pains to point this out to new staff. In fact, in the revised contract of employment that took effect recently, it states quite clearly that "bringing to the attention of the authorities any offence committed by the management and staff of Molesoft renders the employee liable to instant dismissal, irrespective of whether the allegations turn out to be true".
In the spirit of co-operation, Mole has sent the wording of his contract to the Oracle HR people with a note reading: "Feel free to copy this document. Just think of it as a piece of German software."