Re: An article on Windows (in)security

["L. McCarthy" <lmccarth@ducie.cs.umass.edu>]

> >  Windows NT must evolve quickly to garner a spot in the secure operating
> >system arsenal or somehow steal market share from the likes of Novell. It
> >just is not there yet. But Microsoft's Phaup left me with one closing
> >thought. ``Have you talked to the Cairo [Windows 95.5] guys yet?''
> >
> >  2Schwartau is an independent consultant, writer and lecturer on network
> >security topics. He can be reached at Interpact, Inc. at (813) 393-6600, or
> >via electronic mail at P00506@psilink.com.

FYI, there's been some controversy lately on the Firewalls list about Winn
Schwartau. For one thing, he apparently works as a marketer for the company
that makes the Sidewinder firewall, so this "independent consultant" bit has
been judged rather misleading by some people. Last I saw, someone was 
requesting an apology/explanation from Internet World or some such magazine
for the last paragraph above, or a reasonable facsimile.
This arose because he apparently wrote a highly favorable review of Sidewinder
for the aforementioned `zine, in which he also criticized Bellovin & Cheswick's
firewalls bible for not discussing "type enforcement" (used/implemented by 
Sidewinder).  The latter criticism has been vigorously defended by some third
parties, and I don't know enough about the subject to make any clear judgement
about it. Anyway, since he's knocking the security of something else in the
article here, I thought it appropriate to point all this out.

[Lest anyone ask me, you can join the firewalls list by sending mail to
 majordomo@greatcircle.com with "subscribe firewalls" in the body, not in the
 subject. There's a digest format (use "subscribe firewalls-digest") which I
 recommend over the standard list distribution.]

 -L. Futplex McCarthy