Thu, 1 Jun 2000 18:00:12 -0400
[said Richard Riehle]
> On Thu, 1 Jun 2000, Brashear, Phil wrote:
> > Unfortunately, it no longer seems to be the case that customers (DoD or
> > otherwise) insist on validation of their Ada compilers either, so maybe they
> > are applying "the same standard" to C++.
> That is really sad. I wonder if the DoD has any idea of the risks
> it is taking with its software decisions. Is everyone so overwhelmed
> by economic considerations that the concerns of national defense
> have been preempted by shortcuts? Are we seeing a phenomenon that
> corresponds to fast-food and younger whiskey in defense policy? Have
> our decision-makers had their minds so polluted by TV sitcoms that
> they cannot see beyond the next thirty minute commercial?
> Richard Riehle
I think they are just as bedazzled as the rest of the industry is by
supposedly "cool" technology and Bill Gates-style "innovation".
There is, to me, an obvious relationship between those decisions and
the Love Bug virus.
It boggles the mind that DoD e-mail systems were just as vulnerable
to that virus as everyone else was. What sort of IT manager would
install an e-mail agent (Outlook, in this case) that allowed
executable program to be buried in an e-mail attachment, and to be
silently executed when the attachment was opened? I'll bet 99.999%
of the end users of Outlook had no idea such a thing was possible,
and wouldn't know (or care) what to do with it. They just innocently
clicked on that attachment. But where are the supposedly trained
sysadmins, and their managers, in all this?
I'm not an Outlook user (thank Heavens) - doesn't that program have
an install option (or at least a preferences setting) that blocks
silent, automatic VBS executions?
If so, why don't the sysadmins install it with that option set by
If not, how on _earth_ can a sensible manager - ESPECIALLY in DoD -
allow such a dangerous piece of software to be installed?
This is the COTS doctrine gone berserk. Heaven help us if we really
have to go to war.