Products that aren't designed for Windows XP or Windows 2000

Anti-Windows Catalog

We practice what we preach at Pan-Am Internet Services

Search Products By:

Debunking Kelly Martin

Written by Gordon Fecyk, 9/18/2005

Kelly Martin must run on Energizer batteries, because his anti-Microsoft diatribes keep going, and going, and going...

Quoting Kelly Martin:
[Listen to MP3 Audio] IT'S HOLES IN MICROSOFT'S operating system that built the entire spyware industry to begin with.

These words launched the Anti-Windows Catalog. You'll find attitudes like this throughout the computer security industry, but none seem to stand out more than this man's:

Kelly Martin has been working with networks and security since 1986, and he's [the] editor for SecurityFocus, Symantec's online magazine.

Martin also describes himself as a "techno-utopian," an unabashed fan of Apple's Macintosh, a multi-platform computer security professional, a cyber-terrorism expert (Aren't we all?), a victim of bank fraud (so he MUST know what he's talking about, right?), a virus statistic analyst, and let's not forget, a critic of Microsoft.

That's just from the last two years, according to SecurityFocus archives. At least I can say I was consistent since 2003, and my company has a track record to prove it.

To be a fair critic of Martin, I'll stick with what I found since 2003.


THIS 'WITTY' COMMENTARY is the cornerstone -- the foundation for Martin's otherwise fine credentials. Pay close attention to it, because I'm going to revisit this throughout my criticism:

Much of the focus on malicious code so far has looked at some of the most popular software products on the Internet and how these might be compromised en-masse [...] -- but Witty clearly shows that even products without very large install bases can be [affected], a mere day after an exploit is announced.

This is important because it shows he and I agree on this fact: That it doesn't matter how unique your applications are, or how unique your operating system is, or how unique your web browser is. You negate that uniqueness the moment you connect to the ultra-common Internet.

Done? Good. Let's start with the list services that Martin himself moderates. This quote is from InfoSec News circa 2003:

Getting lots of spam? Perhaps Majordomo is partly to blame.
Numerous high-profile sites running the free Majordomo mailing list server are vulnerable to an "information leakage" attack first reported nearly a decade ago.

Martin was proud to tell his visitors: Fortunately we don't use majordomo here at SecurityFocus. Too bad his own list software had its own problems. Twice. Didn't his e-mail admins learn from the flood of e-mail during Melissa's onslaught in 1999? We'll come back to Melissa in a little while -- that's the crowning glory of it all! Yet this beginning already proves his 'witty' point from 2004: That it doesn't matter what you use!

"I've read comments from people who've never encountered a single case of spyware. What planet are they living on?!"

Memo to Martin: it's not in your best interest to insult the people who can help you.


ON TO THE MICROSOFT BASHING.

Not only can spyware be installed on a fully patched Windows machine running the latest anti-virus software, spyware companies have been known to find, use and exploit undiscovered [Internet Explorer] vulnerabilities to their advantage and for financial gain. [Emphasis mine.] In the Internet community that I grew up with, one that existed long before the Web, that kind of activity would never have been allowed to sustain.

Of course! In other words, Martin blames capitalism for the destruction of his Internet community!

Spyware is largely (though not exclusively) an Internet Explorer problem. And like it or not, Internet Explorer, the swiss-cheese of the Internet, commands about 80% of the world's browsing. But individuals can freely switch to Firefox or Opera and effectively bypass the spyware problem, at least for now.

Actually, it's already too late! There's no bypassing spyware! None! None, I tell you! Hahahahahahahahahahahahahahah.... At least Martin was 'witty' enough to admit it a second time here!

The "techno-utopian's" vision of "techno-utopia" clearly excludes Windows users:

I've read comments from people who've said they've been using Microsoft Internet Explorer for many years and have never encountered a single case of spyware. Oh really? My response to that is very simple: what planet are you living on?!

Memo to Mr MartianMartin: If you want to see the end of Windows spyware, it's not in your best interest to insult the people who can help you. To quote yourself: About 95% of the world runs Windows on their desktop. That won't change any time soon. Deal with it.


KELLY MARTIANMARTIN runs on Energizer batteries, I guess, because his anti-Microsoft diatribes just keep going, and going, and going... still, the "multi-platform" security professional does run into multi-platform security disasters.

One of our mail admins made a big mistake today and we lost all the mail on one of the outgoing SecurityFocus mail servers... all of our 31 mailing lists were affected including this one. [...] Playing around with production machines as 'root' is a very bad way to learn from your mistakes.

Yes, indeed. It is a very bad way to learn. Something I've tried to teach Windows 2000 and Windows XP users for years, now.

Last year I was the victim of identity theft, a sobering reality in today's world. An unscrupulous criminal managed to social engineer his way past the formidable security checks and balances provided by my credit card company, my bank, and one of my investment accounts.

The plural of 'anecdote' is not 'data.'

-- Frank Kotsonis, Mike Quear

Yet the fraud victim still found a way to blame Microsoft for it: There were 4,496 new Microsoft Windows viruses discovered in six months, or an average of 24 new viruses every day. Even though he couldn't cite this anecdotedata because his sponsor's anti-virus software deletes it, and even though his bank probably ran IBM OS/2 at the time.

There is almost no consumer-level technology left where viruses and malicious code has failed to appear. [...] Mobile phones are becoming a vector of attack. They have modern CPUs, built-in Bluetooth wireless technology, and data transfer across multiple networks. Many even ship with Java.

Phones with Java technology? My goodness! That means... write once, infect anywhere! And hey! if every other mobile device runs Java except for those running Microsoft's PocketPC OS, guess who's safe from Java viruses?

Okay, okay, okay. I'll admit there are no Java viruses. However, modern wireless telephones with data capabilities come with their own version of Openwave's Mobile Browser. It's not Java, it's not ActiveX, but it ships in over one billion handsets worldwide! Talk about an incentive for virus and spyware writers! Yet you wouldn't hear it from the 'witty' Mr MartianMartin.

Martin forgot Melissa's ultimate lesson:

His benefactor's anti-virus software failed to do its job.


TO TOP IT ALL OFF Martin has the gall to blame those 95% of users with Microsoft products on their PCs for all of the ills that threaten his precious "techno-utopia." This is where it stops being funny, and where the Melissa virus and the Witty worm fits into all of this:

Just because one can afford a fast computer and a broadband connection, it doesn't mean he has any idea what he's doing - like the guy who can afford a Ferrari and then slams into the back of a bus.
If the Internet is now ubiquitous and owned by nobody, then it's the ISPs who should play a major role in securing their chunk of the network.
For vendors to share the blame [...] they must take ownership of the monsters that they have created, particularly on the desktop. But it will never happen, and they'll never share the blame.

Nor should they have to. Nor should the Internet providers who provide the connections, nor should the users who have to put up with the dishonest antics of their peers.

Kelly Martin is a computer security professional since 1986, a "techno-utopian," and the editor of a security vendor's mouthpiece magazine. Yet he missed Melissa's ultimate security lesson in 1999, and forgot his lessons from Witty in 2004:

Popular anti-virus software failed to do its job.

He blamed the user for not watching out for their own safety. He blamed the vendor for selling the tools. He blamed the phone companies and cable companies for providing the network. Yet he didn't blame his benefactors for the lax security products they sell. After admitting, however fast [anti-virus] updates were released, it was far too late, he quietly forgot it.

Now you tell me: Why is Symantec's mouthpiece mag editor really blaming Microsoft? You think about it.

Related Links:

Editor Log On:
Sign up to get an editor account.

Username:

Password:

[Catalog Home]

Resources:

Links

Downloads

Product Roundups

What is the Anti-Windows Catalog?

Help for New Editors

Frequently Asked Questions

Recently Edited Categories:

Computers, Notebook

Media, Video

Game, Role Play

Scanner, ID Cards

Hospitality

Browse All Categories

Recent Commentaries:

The More Things Change, The More They Stay Secure

The devil you know, versus the Adobe you don't

Paying for things we get for free?

Jump! Jump! Jump! Jump! Or, Windows 8: Get Over It

Don't Fear the Start Screen

Browse All Commentaries

Pan-Am Home Page Valid HTML 4.01! All trademarks are property of their respective owners.