Ira Winkler

There may be nothing worse than fudders after all.

Get It Try It

IRA WINKLER: remember that name. Through the years Mister Bill and his orcs have pulled many the trick but odds are none of them can match the latest.

In what can only be described as a 'hit piece' Computerworld journalist without portfolio Ira Winkler jumps on the current Apple Java brouhaha and tries to squeeze blood out of it.

Macworld must have a terrible contract with Computerworld that forces them to print tosh like that.

It's time for the FTC to investigate Mac security

Ira Winker gets up on his wobbly orange crate from Redmond Washington. Fasten your seat belts.

'When I read the headline about a security researcher who had published proof-of-concept code for a vulnerability, I was upset.''

Actually he insisted he didn't publish the code, Ira. Which of course was incorrect. But he didn't realise it. And he's hardly a 'security researcher'. Then again neither are you.

'To disseminate proof of concept code is to basically say *here is a way to attack computers for those of you who can't figure out how to do it yourselves*.'

No it's not, you tosser. Proof of concept code is released all the time. It's not necessarily an exploit recipe. It's often used to prove there is a vulnerability. It takes a separate effort to turn evidence of a vulnerability into an exploit. Back to school, Ira.

'The analogy that comes to mind is to throw a gun on a playground and let kids figure out how to load it.'

Actually it's more like putting Windows on the Internet.

'The purpose of stunts such as this one is to embarrass a vendor into fixing problems and writing better software.'

Oh bollocks, Ira. Landon might not always know what he's doing but he wasn't trying to embarrass anyone. He was trying to show people how/that the exploit actually worked. He didn't really understand his source code was accessible. Your calling it a stunt is uncalled for. And if POCs force a vendor to write better code then why is Windows still so crappy?

'The problem with that scheme is that even when it works exactly as planned, it is users who get hurt, not the vendor.'

You obviously have to get more involved in the security community and spend less time writing all those tinfoil hat books of yours.

'A significant number of users just do not implement fixes when they are available.'

You mean for example like the millions who got hit by Conficker on Windows? It's time to call the FTC on Microsoft for that one. And on anyone who's provided proof of concept Conficker code. Unconscionable.

'These people are the ones who suffer (along with all those innocent third parties who pay the price when the PCs belonging to inattentive users are compromised and added to a botnet).'

Yeah, it's all those compromised Apple/Unix machines in the Windows botnets that are really pissing people off. Did you do a 'copy and paste' job from Dr Dobbs, Ira?

'What influenced my change of heart in this case was the fact that the vendor in question was Apple, which has been feckless on the topic of security for a long time.'

Dictionary.com: 'feckless -adjective. 1. Ineffective, incompetent. 2. Having no sense of responsibility.'

Feckless, Ira, is putting a standalone Windows system on the Internet. It's not feckless to choose a secure operating system such as Unix as one's base. It's might not be great to wait six months for a Java fix but Sun customers waited several months and no one's going to call them feckless. But if 'feckless' means 'incompetent' then perhaps you should look in the mirror - you won't find any fecks, that's for sure.

'Apple gives people the false impression that they don't have to worry about security if they use a Mac.'

That's not a false impression, shit-for-brains. Maybe you should try one sometime. What Microsoft do is give people - time and again - the 'false impression' (more like a deliberate lie) that Windows is someday going to be secure when every security professional knows that can never happen.

'Apple has exuberantly criticised Microsoft for the security vulnerabilities of its products.'

So? Everyone does, Ira. And it's not 'criticism' - its ridicule. And Microsoft deserve every last bit of it. As do you.

'The fact is, though, that that criticism is grossly misplaced.'

That's the Ultimate Mouthful™. How is any criticism or ridicule of Microsoft 'misplaced' when Microsoft have 200,000 viruses in the wild, when the FBI and the US Marshals had to shut down because they were using Windows, when Conficker wreaked havoc the past half year, and when Bill Gates himself apologised to the world for the 'misery and suffering' his software causes?

'The current Mac commercials specifically imply that Windows PCs are vulnerable to viruses and Macs are not.'

They shouldn't imply it. They should come right out and state it as truth.

'I can't disagree that PCs are frequent victims of viruses and other attacks...'

Oh ho ho you are so funny, Ira!

'... but so are Macs.'

They are?

'In fact, the first viruses targeted Macs.'

You really are shilling for Bill, aren't you? That's something like THIRTY YEARS AGO! Hey maybe Big Blue big iron was hit too? Because it was? Hey maybe you should mention that too? Do you do any research for your articles or do you just swallow the codswallop Bill tosses in your direction?

'A ZDNet summary of 2007 vulnerabilities showed that there were five times more vulnerabilities for Mac OS than for all types of Windows PC operating systems.'

OMG WTF LOL! Give it up, Ira! ZD are as dumb a bunch as anyone. Excepting yourself of course.

'How can Apple get away with this blatant disregard for security?'

Conficker. Conficker. Conficker.

'Its advertising claims seem comparable to an automobile manufacturer implying that its cars are completely safe and its competitors' cars are death traps, when we all know that all cars are inherently unsafe.'

That's a really dumb thing to say to people from the country that gave the world Volvo, you moron. Get a clue, Ira: not all computers are inherently safe. But Windows computers are indeed inherently unsafe. Look up 'computer security' in the Yellow Pages. Pick a phone number at random and give one of them a call.

'Well, guess what: all commercial software has security vulnerabilities.'

The preceding advertisement was paid for by Mister Bill. Let's forgive him for ruining the Internet. Let's try to hide the truth from unwitting punters. Let's get them to resign themselves to the fact that crappy Windows is a fact of life and unavoidable. Solitary confinement is too good for you, Ira. Anybody who spews evil like that doesn't deserve such special treatment.

'Ira Winkler is president of Internet Security Advisors Group and author of the book Spies Among Us. He can be contacted through his Web site.'

OK let's look through this slowly and methodically. Internet Security Advisors Group: they're here.

Registrant:
Information Security Advisors Group

PO Box 27740
Las Vegas, Nevada 89126
United States

Administrative Contact:
Winkler, Ira ira@isag.com
Argo Productions
35 Sunset Drive
Severna Park, Maryland 21146
United States

So Ira's president of his own website. Groovy. Spies Among Us: you can read about it here. Actually the title's a bit longer than Ira wants people at Macworld to know about. The full title is - get ready!

Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day

But despite the ambitious title Ira seems too busy to write a full book.

'Large sections of this book seem to be copied and pasted from Corporate Espionage (literally) with the exception of the case studies. Except instead of the eight case studies covering 130 pages that were in Corporate Espionage this book has only six case studies covering less than 75 pages. This is inexplicable considering that Mr Winkler repeats several times throughout the book how highly regarded the case studies were in his previous work. So this time instead of giving us more he gives us less. I guess he needed those pages to talk about how he steals billions of dollars from companies every day.'

Or to finish his own website.

Or to update his ISAG website. (The last news item is nine years old. Most were published before ILOVEYOU hit Windows. Several are from the previous millennium. Whoa.)



One thing's for sure: Ira Winkler might know how to steal billions from companies every day but he's no computer scientist. And he's not a security expert either. If he was then he'd already be using Unix and Apple boxen and wouldn't be complaining about it. Not like this at any rate.

If he was a computer security expert then he'd be on a furious nonstop rampage to steal companies away from Windows. If he was worth 1/10 what real security experts are paid then he'd know to concentrate efforts where the big weaknesses are found: Redmond Washington.

Call the FTC on Apple? Sure. Fine. Why not? But first call them on Ira Winkler who poses as an expert the same way as Rob Enderle (and who writes hit pieces for Mister Bill too). And above all before you call the FTC: close down Microsoft and put Bill Gates in jail.

Then with the world loving a Life Without Windows™ you can complain about Apple all you want.