Microsoft, You’re not setting a very good example. I am disappointed.

Microsoft, You’re not setting a very good example. I am disappointed..

I know I am going to get myself in trouble for this… and will probably be banned from the Microsoft campus, but I saw a post by a Microsoft employee and felt compelled to respond.

I am taking Aaron Margosis to task and following his suggestion. In his post he says:

Customers: if you see any MS sales, MCS, Premier, PSS, etc., doing web or email as admin, please tell them, “You’re not setting a very good example. I am disappointed.”

How about PowerPoint? How about Word? How about demos of stuff not needing to be run as admin? How about running a remote desktop? I saw all of these when I was at Microsoft.

When I was walking through the trustworthy computer fest last week at Microsoft I stopped at NINE machines that Microsoft employees were using, and all nine were logged on as administrator. 9 for 9 were NOT running with least privilege. But thats not the frustrating part. This was a SECURITY RELATED computer fest. You would think that this crowd would be much more aware and focused on such things.

Combine that and the recent fact I found out that in the latest RC of XP SP2 you no longer can use “runas” on your Windows Update right out of the box… and I see serious problems on the Microsoft campus. It seems many don't wish to eat their own dog food.

Microsoft, You’re not setting a very good example. And I am disappointed.  [Dana Epp's ramblings at the Sanctuary]

Leave a comment