Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft 'Trustworthy Computing' Turns 10

Soulskill posted more than 2 years ago | from the eat-your-cake-at-your-desk dept.

Microsoft 185

gManZboy writes "Bill Gates fired off his famous Trustworthy Computing memo to Microsoft employees on Jan. 15, 2002, amid a series of high-profile attacks on Windows computers and browsers in the form of worms and viruses like Code Red and 'Anna Kournikova.' The onslaught forced Gates to declare a security emergency within Microsoft, and halt production while the company's 8,500 software engineers sifted through millions of lines of source code to identify and fix vulnerabilities. The hiatus cost Microsoft $100 million. Today, the stakes are much higher. 'TWC Next' will include a focus on cloud services such as Azure, the company says."

Sorry! There are no comments related to the filter you selected.

Microsoft Succeeded (0, Flamebait)

DavidSell (2552582) | more than 2 years ago | (#38691246)

Windows is far more secure now. Nowadays malware mostly comes either via third party programs like Flash and PDF reader or via social engineering - like those sites which claim you have a virus and need to install this program or you need to install codec. Windows itself is very secure.

Interestingly it was also one of the reasons why people initially hated Vista. The security model of Windows changed so much that many legacy apps stopped working and driver needed to be updated. Windows users also weren't adjusted to having to work under non-admin account. That was the reason most people had issues with Vista, and by the time Windows 7 came out, application and hardware vendors had fixed their issues. Windows 7 is a very good OS, actually so good that Microsoft really needs to step up their game in windows 8 so that W7 won't become the new XP.

In my opinion Microsoft has really fixed their issues with security. Internet Explorer 9 is one of the most secure browsers around. It is currently sharing the first position with Chrome [slashdot.org] . IE9 has sandboxing, JIT hardening and other ways to make vulnerable plug-ins like Flash and PDF reader have less access to the system. Firefox is currently lacking any of these, so if you use Firefox and you are being hit with Flash or PDF vulnerability, your changes of being infected are much larger than when using Chrome or IE9.

Given that Apple is using Microsoft's Azure cloud services for their iCloud platform [slashdot.org] , I have no doubt that they can both secure the platform and develop good software to developers that can help developing secure software. After the security disaster at Microsoft tens years ago, they have added security features to both their internal tools, but also to the likes of Visual Studio. VS nowadays has many features that can help prevent the most usual security problems. Since Visual Studio is integrated with Azure, many developers will be using it and also having the advantage of those features.

Cheers,
David E. Sell

Re:Microsoft Succeeded (-1, Troll)

Anonymous Coward | more than 2 years ago | (#38691282)

Since this is Slashdot, I expect the above well-written post to be marked flamebait within 10 minutes, because it dared to speak well of Microsoft.

Re:Microsoft Succeeded (-1, Troll)

Anonymous Coward | more than 2 years ago | (#38691314)

Not at all. Microsoft shills have taken over /. moderation.

Re:Microsoft Succeeded (0, Offtopic)

xanadu-xtroot.com (450073) | more than 2 years ago | (#38691380)

Since this is Slashdot, I expect the above well-written post to be marked flamebait within 10 minutes, because it dared to speak well of Microsoft.

I wonder if it's David Sell [linkedin.com] that typed that...


M.

Re:Microsoft Succeeded (2)

DavidSell (2552582) | more than 2 years ago | (#38691430)

No, sorry, I'm not the same guy, I don't work at Microsoft. Seems like we just share the same name.

David

Re:Microsoft Succeeded (0)

Anonymous Coward | more than 2 years ago | (#38691592)

The real fun is when a John Smith shows up and has any position. He'll be linked to an endless barrage of mutually contradictory outside sources as each /.er tries to dismiss him with their own favorite guilt by association.

Re:Microsoft Succeeded (3, Interesting)

haruchai (17472) | more than 2 years ago | (#38692246)

John Smith? Around here we prefer to call him Anonymous Coward.

Re:Microsoft Succeeded (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#38691428)

As a microsoft tech for about 20 years now. I am not sure where the fascination of windows 7 being a good OS comes from. Windows 7 is nothing special and does not provide some safe haven of computing power that is unrelieved. The idea that windows 7 is the best thing since xp is silly because it fails to take in account all the exact same issues you have had since XP and windows NT. Technology wise as a developer I am disgusted developing on Windows 7. If i was a LUSER i would say. Geee look its a great upgrade! Look at the interface!

Re:Microsoft Succeeded (2)

Black Parrot (19622) | more than 2 years ago | (#38691494)

The idea that windows 7 is the best thing since xp is silly because it fails to take in account all the exact same issues you have had since XP and windows NT.

Back in c.o.l.a. days (is that still around?), the Windows fans went through endless rounds of "Yeah, the last version of Windows was crap, but *this* one is the best OS money can buy!" New release, same old song.

Re:Microsoft Succeeded (1, Insightful)

hedwards (940851) | more than 2 years ago | (#38691552)

That's the thing Win 7 is a good, but not great OS, and is solidly mediocre in most respects.

It's far more secure than it used to be but still lacks things like security levels and separate configuration files like has been the case for many, many years with Linux and *BSD. For as long as I've used FreeBSD I've had security levels to work with, and one program doesn't need to be able to write to a configuration file for another. If it's needed then I, myself, have to make it happen.

Windows has gotten a lot better, but it is indeed mediocre.

Re:Microsoft Succeeded (-1)

Anonymous Coward | more than 2 years ago | (#38691964)

I've always wondered this. If the latest and greatest Windows realize is just good and not great, what OS is great? I'm talking about from the perspective of an end-user and not a developer. I've played around with other Operating Systems and I haven't seen things that are that much better or different. From this perspective Linux (Ubuntu - suppose to the most user friendly?) releases are failing for not being as automated or easy to use as Windows. Supporting installation executables like Windows would go miles to making it more mainstream. iOS products just feel like a shiny/smooth Windows and only seems to provide some added automation beyond what Windows has, while having less 3rd party applications.

I will concede that it surely can get better as I'm a firm believer that the tools (software) we use are lagging far behind hardware development. Now I will also concede that I haven't used either of the other Operating Systems in a couple of Years, so maybe they radically changed since.

Re:Microsoft Succeeded (2, Insightful)

hedwards (940851) | more than 2 years ago | (#38692326)

The problem is that most OSes will shine in some area and the only areas in which Windows shines are the direct result of years of monopoly abuse. In short the only reason I use Windows at all is because I paid for a copy and the only reason I paid for a copy is that it's hard to find decent laptops for a reasonable price that haven't at some point paid for a license.

For MS the fact that Win 7 is regarded as good or mediocre is something that they should be celebrating after 15 years of garbage releases.

But, they aren't particularly secure like OpenBSD is, they aren't stable and reliable like a good Linux Distro is. They lack the just general well rounded flexibility and reliability that FreeBSD is known for. In short, apart from benefitting from years of monopoly abuse, I have a hard time thinking of anything particularly compelling about Windows that would lead one to conclude it was anything other than mediocre.

Re:Microsoft Succeeded (3, Insightful)

Kalriath (849904) | more than 2 years ago | (#38692636)

the only areas in which Windows shines are the direct result of years of monopoly abuse

I'm not convinced of this personally. I personally, and from observation of those around me, find that the areas where Windows shines are that it's easy to use (although there is inevitably some confusion each new release which changes things around for no real reason), and that software built for one version rarely breaks on a newer one. By contrast, OS X will tell you to piss off if you want to run old PPC software (I can still run the 25 year old Commander Keen on Windows 7. I cannot say the same for OS X), and Linux - well, let's just call it unpredictable and leave it at that. It may not refuse to run it, but it may not run correctly either.

Re:Microsoft Succeeded (2)

Em Adespoton (792954) | more than 2 years ago | (#38692332)

That's the thing Win 7 is a good, but not great OS, and is solidly mediocre in most respects.

It's far more secure than it used to be but still lacks things like security levels and separate configuration files like has been the case for many, many years with Linux and *BSD. For as long as I've used FreeBSD I've had security levels to work with, and one program doesn't need to be able to write to a configuration file for another. If it's needed then I, myself, have to make it happen.

Windows has gotten a lot better, but it is indeed mediocre.

??? Normally I don't think much of Windows security, but the OS has had most of the ACLs and other security level systems it has needed since NT3 -- that's not really the problem. The problem is that nobody uses these features. Windows 7 made that a bit better by forcing programmers to use some of them, or end up with code that wouldn't work. Full use of mandatory access controls, ring levels, etc. that are ALREADY THERE would significantly improve security. Unfortunately, most people don't understand how to use these tools, and Microsoft still doesn't make it easy with the development environments it provides... they want to make things easy for the programmer, not more difficult.

Re:Microsoft Succeeded (1)

Billly Gates (198444) | more than 2 years ago | (#38692508)

So Unix has ASLR, DEP, compiler exception handling bounds checking?

VMS is the only other OS that has DEP support fully. XP has partial support by SP 2.

Checklist wise Windows is the most secure kernel

Re:Microsoft Succeeded (2)

causality (777677) | more than 2 years ago | (#38692688)

So Unix has ASLR, DEP, compiler exception handling bounds checking?

VMS is the only other OS that has DEP support fully. XP has partial support by SP 2.

Checklist wise Windows is the most secure kernel

I tend to doubt that. Have you checked out PaX and Grsecurity? I personally use Gentoo Hardened [gentoo.org] . It's a source-based distro so everything in userland is also built with SSP [ibm.com] which provides the bounds checking (one nice thing about having the source). It also includes support for SELinux (see the Resources section of that first link I provided).

Re:Microsoft Succeeded (2)

Lewis Daggart (539805) | more than 2 years ago | (#38692018)

If an operating system marketed at users gives users a better interface, how exactly is this a bad thing?

You are not their demographic, the "luser" is. As a developer, I would hope that you would understand the need to cater to the users, instead of maligning them for not being as knowledgeable as yourself.

As an aside, the issues that I recall everyone complaining about back in the day were blue screening and degradation over time. I can't speak to your experience but I haven't need a reformat since getting Windows 7, and blue screens and black screens are a thing of the past. The BETA was more stable than previous iterations, the only problem being its lack of driver support.

I guess the fact that I notice and appreciate these things makes me a Luser. Uh... down with MS. Here's a hilarious picture of Nazi Bill.

I WANT TO NAME MY FOLDER 'CON'

Re:Microsoft Succeeded (1)

0123456 (636235) | more than 2 years ago | (#38692230)

If an operating system marketed at users gives users a better interface, how exactly is this a bad thing?

If only Windows 7 did...

Instead we got a brain-dead reimplementation of the 'Start Menu', 'Libraries' that confuse the heck out of non-techies I know, the wacky new taskbar, shinier windows, and... UAC.

I would agree that UAC was a good idea, but the implementation is awful. The best part is when you start an application, switch to another application, sit there for ten minutes wondering why the first application didn't start up, and then eventually spot the hidden UAC window on the task bar so you can switch to it and click 'Yes, I do want to allow program WhoKnowsWhat to do random shit I don't understand'.

Re:Microsoft Succeeded (1, Informative)

Billly Gates (198444) | more than 2 years ago | (#38692578)

Windows 7 is great. I just hit the Windows key and type the file or program I want. It is nice if you forget the name of the file but remember something like sales figures for 2009 and it will display them for you. I go nuts on XP and feel crippled without it. I never go into the program menu at all.

I did not like the libraries feature at first and grown to like. On my desktop I have an admin account called God and the other one is my limited user account. I can just use public documents to share files back and forth. On my laptop with Windows 7 I can view them with homegroup too.

The libraries thing is for sharing very easily and it is nice. Windows 7 is a decent OS actually and a real upgrade from XP for those who get frustrated it is not identical to XP and feel XP is fine even though it is approaching 11 years old.

Re:Microsoft Succeeded (2)

Black Parrot (19622) | more than 2 years ago | (#38691544)

Since this is Slashdot, I expect the above well-written post to be marked flamebait within 10 minutes, because it dared to speak well of Microsoft.

Yet oddly enough, as I write it's modded "4, Interesting".

Slashdot doesn't suffer from groupthink nearly so bad as a lot of people like to (group?)think it does
.

Re:Microsoft Succeeded (0)

Billly Gates (198444) | more than 2 years ago | (#38692598)

10 years ago you would be modded down faster than goatse.

5 years maybe too. Most of the anti capitalist pro gnu and linux zealots have faded since the early years as this place turns more I.T. professional oriented

Re:Microsoft ----- Failed (0)

Anonymous Coward | more than 2 years ago | (#38692584)

No, just that the well-written post of four paragraphs was written in less then 45-seconds of the original poster. Need not worry I'm a stupid American idiot, and I'm not aware of how the Neo-cons control all forms of media information.

Ignorance Is Strength.

Re:Microsoft Succeeded (2, Funny)

Anonymous Coward | more than 2 years ago | (#38691308)

WOW,

you posted that entire comment in under 1 minute. You sir win an internet.

Re:Microsoft Succeeded (0)

MichaelKristopeit490 (2549324) | more than 2 years ago | (#38691320)

slashdot = stagnated

Re:Microsoft Succeeded (0, Insightful)

Anonymous Coward | more than 2 years ago | (#38691330)

I stagnated in your mom.

Re:Microsoft Succeeded (3, Funny)

stanlyb (1839382) | more than 2 years ago | (#38691460)

did you mount your hard drive too?

Re:Microsoft Succeeded (-1, Offtopic)

MichaelKristopeit490 (2549324) | more than 2 years ago | (#38691480)

cower in my shadow some more, feeb.

you're completely pathetic.

Re:Microsoft Succeeded (-1)

Anonymous Coward | more than 2 years ago | (#38691972)

cower in my shadow some more, feeb.

you're completely pathetic.

create some more accounts, nigger*.

the people browsing at -1 need something to laugh at. nobody else will ever see a word you say.

* no offense whatsoever is intended towards anyone of African descent. it's just a terribly ugly word for a terribly ugly asshole like him. seems appropriate.

Re:Microsoft Succeeded (0)

MichaelKristopeit488 (2549328) | more than 2 years ago | (#38692094)

ur mum's face is terribly ugly.

you're an ignorant hypocrite.

cower in my shadow some more, feeb.

you're completely pathetic. seems pathetic.

Re:Microsoft Succeeded (-1)

Anonymous Coward | more than 2 years ago | (#38692596)

I cowered in your mom.

Re:Microsoft Succeeded (0)

MichaelKristopeit492 (2549320) | more than 2 years ago | (#38692662)

cower in my shadow some more, feeb.

you're completely pathetic.

Not a shill at all (1, Troll)

oGMo (379) | more than 2 years ago | (#38691328)

A new user profile with a very fast first pro-MS post about the successes of MS and Windows? Can't possibly be a shill. I'm actually curious whether these people are paid for this stuff or they're just insecure MS employees with nothing better to do.

Like them or not, at least you don't see Google and Apple stooping to these levels.

Re:Not a shill at all (-1, Troll)

SJHillman (1966756) | more than 2 years ago | (#38691368)

Worse. They're insecure MS resellers with nothing better to do.

Re:Not a shill at all (5, Insightful)

grimmjeeper (2301232) | more than 2 years ago | (#38691378)

Shill or not, he has a point. Security within Windows and Internet Exploder have improved over the years. It may not be all wine and roses but it's not as bad as it once was.

Of course, there still is a long way to go...

Re:Not a shill at all (0)

Anonymous Coward | more than 2 years ago | (#38691762)

But we were told that it was impossible to improve IE's security because of its popularity/market share.

I guess the fanboys were wrong. Vulnerabilities do in fact follow poor design better than market share. So much for the whole "If Competing-product-X were as popular as Microsoft-product-Y then it would be just as insecure as the Microsoft one."

OWN UP BITCHES YOU WERE WRONG ON THE INTERNET!

Re:Not a shill at all (1)

roc97007 (608802) | more than 2 years ago | (#38691882)

> Shill or not, he has a point. Security within Windows and Internet Exploder have improved over the years.

How could it not? Alternate answer: Test by: Windows still exists as a product.

Re:Not a shill at all (0)

Anonymous Coward | more than 2 years ago | (#38691904)

Like them or not, at least you don't see Google and Apple stooping to these levels.

With a number like 379 and the above comment, I can only conclude that you've spent the last 5 years living under a rock, on Mars, with your fingers in your ears.

Re:Not a shill at all (1)

Captain Hook (923766) | more than 2 years ago | (#38692156)

It's not even like it's hard to see through so I can't see what MS thinks it gains by paying for stuff like that.

Re:Microsoft Succeeded (-1)

Anonymous Coward | more than 2 years ago | (#38691342)

Go away M$ shill. My unmanaged C i write in vi will ALWAYS be more secure than any garbage some M$ shill makes in VS. I get bluescreens every day when running M$

Re:Microsoft Succeeded (0, Offtopic)

SJHillman (1966756) | more than 2 years ago | (#38691390)

Thank you for including that dollar sign in place of S every time you abbreviate Microsoft. Not only did I not realize they were a for-profit company, I also did not realize the depth of your creativity. You have truly opened my eyes. Now let's see if we can change the characters used to spell Open Source to hint at Stallman. Maybe give it a beard and surround it with flies?

Re:Microsoft Succeeded (-1, Troll)

Anonymous Coward | more than 2 years ago | (#38691452)

Welcome to the Internet.

'$' substitution is used as a handy way to show that the speaker perceives the company in question as more focused in making money, than in the quality of the service or product it offers.

Microsoft qualifies, so fuck off, troll.

Re:Microsoft Succeeded (0)

Anonymous Coward | more than 2 years ago | (#38691704)

You $ure told him. Enjoy your Micro$oft day.

Re:Microsoft Succeeded (0)

Anonymous Coward | more than 2 years ago | (#38691758)

FUck Open ^ource too (thats a dick head for the S instead of a dollar cause it reflects the people you deal with in the open ^ource community). I develop my own OS and build my own computers from sand rocks like that comic i wont link to because your a fag if you link to xkcd

these don't blue screened and dont black screen like craptastic linux where it just fucking locks up with no useful info or memory dump. at least i can dumpchk my M$ memory dump with some fucking debug symbols and see that it was A%I drivers that crashed it. thats a % for the T because it looks like a turd with a stick in it because A%I make turd graphics. only game looked good in them was M$ turd simulator 3000.

linux and windows are turds.

Re:Microsoft Succeeded (0)

Anonymous Coward | more than 2 years ago | (#38692002)

Window$ crashes, you're right.

Re:Microsoft Succeeded (5, Insightful)

Sarten-X (1102295) | more than 2 years ago | (#38691360)

For the past decade, Microsoft has been where it is now: equal or worse. Internet Explorer shares the browser market with Chrome. Windows 7 shares the desktop market with XP and OS X. XBox shares the console market with PS3 and Wii.

Being as good as your competitors means that when something bad does happen, like a new zero-day exploit in the wild that makes the headlines, the company drops back to second place. Regardless of its current improved security, Microsoft will never regain lost reputation until they produce a series of spectacular products that are consistently better than any competitor. I don't see that happening anytime soon.

Re:Microsoft Succeeded (1, Interesting)

DavidSell (2552582) | more than 2 years ago | (#38691478)

That might be so with the individual products, but there's another factors at play too. For example, for games DirectX has always been better than any other product. It has some minor competition from OpenGL and previously Glide, but they aren't even in the same ballpark and never have been. DirectX is complete package, technologically more advanced and has always had better documentation. It has always been better choice, both to developers and technologically.

This in turn made Windows really popular among gamers, even up to current day. It also did the groundwork for Microsoft to go for game consoles.

Similarly, Visual Studio and development tools have always been top-notch, and creating the huge software economy that Windows has. All of these things have helped Windows indirectly.

Microsoft is mostly interested in providing a platform, and they do it very well. Neither Linux or OS X go that extra mile.

Re:Microsoft Succeeded (-1, Troll)

h4rr4r (612664) | more than 2 years ago | (#38691556)

No, they are interested in using any tactics to lockup the desktop monopoly. This is one of those, apparently so is paying you.

Re:Microsoft Succeeded (2)

hedwards (940851) | more than 2 years ago | (#38691598)

That's not true at all. I remember those days and DirectX was a steaming load of crap. It just happened to be what MS was using at the time to make it less convenient to program cross platform.

Windows was really popular amongst gamers for the simple reason that it was the largest platform and attracted the most developer attention. It wasn't any better than the other options at that point, in many ways it was inferior. But, MS had the ability to crowd out the competition and get its OS installed on the vast majority of computers sold. In those days, MacOS was pretty much crap and required paying a premium for Apple hardware.

But, ultimately, I'm not sure why I'm bothering to replay to an obvious shill.

Re:Microsoft Succeeded (3, Insightful)

Sarten-X (1102295) | more than 2 years ago | (#38691602)

DirectX 9 was released 9 years ago, and hasn't been replaced because of the stagnation of Windows. OpenGL is cross-platform, and with OS X's adoption, sees growing use. New versions of DirectX do not add any vital features over old versions, so Microsoft still has no clear advantage in that field.

Windows does currently hold the gaming market, but OS X is gaining ground, with the porting of Steam and generally-growing user base. A multi-platform release is now an important goal for new games, just as it was in the early 90's.

Apple is also providing a platform, for which Microsoft has yet to provide a comparable answer. They call it iOS, and it's now the hip new place for budding programmers to make their debut into professional development.

Re:Microsoft Succeeded (3, Interesting)

Sarten-X (1102295) | more than 2 years ago | (#38691514)

I know replying to myself is bad form, but after posting I looked up the stock growth for Microsoft and its competitors [google.com] . Over the past 10 years, Microsoft is more stagnant than Slashdot (the site, not Geeknet as a company).

Re:Microsoft Succeeded (1)

DavidSell (2552582) | more than 2 years ago | (#38691630)

What's wrong with a solid, stable company? Except of course if you are doing stock trading you want lots of highs and downs, but otherwise it shouldn't matter. Stock price has little to do with how good company is doing, other than revenue wise. In Microsoft's case it just shows that Microsoft is a solid company and will stay stable as it is for many years.

Re:Microsoft Succeeded (1)

causality (777677) | more than 2 years ago | (#38692064)

What's wrong with a solid, stable company? Except of course if you are doing stock trading you want lots of highs and downs, but otherwise it shouldn't matter. Stock price has little to do with how good company is doing, other than revenue wise. In Microsoft's case it just shows that Microsoft is a solid company and will stay stable as it is for many years.

Okay then... tell me, what don't you like about Microsoft? Or, what do you consider the biggest weakness(es) of either the company itself or any of their products? I believe reasonable people can acknowledge they are not perfect on the basis that no company is perfect.

Re:Microsoft Succeeded (1)

DavidSell (2552582) | more than 2 years ago | (#38692328)

Of the top of my head, I hate that Microsoft killed The Courier [gizmodo.com] tablet and didn't see the potential it had. It was the first tablet that really got me excited, and in my opinion it was bad decision not to go further with it.

Re:Microsoft Succeeded (1)

causality (777677) | more than 2 years ago | (#38692396)

Of the top of my head, I hate that Microsoft killed The Courier [gizmodo.com] tablet and didn't see the potential it had. It was the first tablet that really got me excited, and in my opinion it was bad decision not to go further with it.

So you regret that their amazing genius was not applied to tablets? The only thing wrong with the Courier is that it didn't happen?

Do you believe there are any weaknesses in existing products that I could go purchase today?

Re:Microsoft Succeeded (1)

Billly Gates (198444) | more than 2 years ago | (#38692660)

Stock price has everything to do with where it is going, not how stable or how profitable it is.

The goal of any corporation is to raise its stock price. Not make money. ... the exception is a private corporation.

Since companies do not pay dividends the people who own the stocks do not make a single cent on the stock they purchase. So if it stays stagnant they make no money. Now if the stock price keeps going up and it keeps growing they can now make money to sell it to the next guy and so on and so on.

If you make profitablity but do not have the right accounting magic ratios that are used to value its share price then there is something wrong with the company as the CEO is ignoring his fidiciary duty to the shareholders.

Re:Microsoft Succeeded (0)

Anonymous Coward | more than 2 years ago | (#38692036)

I see that happening in February 2012 when they release the beta version of Windows 8.

Re:Microsoft Succeeded (-1)

Anonymous Coward | more than 2 years ago | (#38691374)

Dave Sell
Title
Senior Software Engineer at Microsoft
Demographic info
Greater Seattle Area | Computer Software
Current:Senior Software Engineer at Microsoft, Senior Software Design Engineer at Microsoft SQL Reporting Services Past:Development Manager at Autodesk Education:University of Idaho, Purdue University

Re:Microsoft Succeeded (3, Informative)

Relayman (1068986) | more than 2 years ago | (#38691658)

Not the same person as the poster. Sorry.

Re:Microsoft Succeeded (4, Informative)

HBI (604924) | more than 2 years ago | (#38691404)

To rebut specifically:

1) While most users do not need admin access and by default Vista and 7 do not give it to you, I still see people assigning admin rights to themselves and deactivating UAC as a prerequisite to using the computer, which puts the lie to your top two paragraphs. Once they take those two steps, the machine might as well be XP. They actually do it for (to them) legitimate reasons - software related and habit being the two largest.

2) IE9 still runs any script presented to it that passes a very crude ruleset based on zones. You Microsoft shills (sorry, that's how you come off) always try to compare Firefox without plugins with IE. IE has no facility for blocking scripts and flash selectively that doesn't cost more than a browser is worth. Noscript and ABP are a few mouse clicks away. You can have all the sandboxing in the world, but not letting the script run in the first place is the only effective defense against drive-by malware installs.

Re:Microsoft Succeeded (2)

hedwards (940851) | more than 2 years ago | (#38691618)

I don't get why people have a problem with UAC, I've found it to be only a bit more annoying that the Linux equivalent. It's not like with Vista where it would be asking for a click every 5 minutes or so.

Re:Microsoft Succeeded (1)

jd (1658) | more than 2 years ago | (#38692294)

Because there's still a lot of software that doesn't work correctly if UAC is enabled.

Re:Microsoft Succeeded (1)

0123456 (636235) | more than 2 years ago | (#38692372)

I don't get why people have a problem with UAC, I've found it to be only a bit more annoying that the Linux equivalent. It's not like with Vista where it would be asking for a click every 5 minutes or so.

It happens a lot because of poorly-designed old software (or poorly-designed new software).
It regularly gets hidden when it pops up, so you don't realise that you've been waiting ten minutes for something to happen because UAC was waiting for you to do something.
It displays meaningless gibberish like 'Do you want to allow program HappyKittyScreenSaver to Access local disk?' so even techies don't know whether they should allow it.

Re:Microsoft Succeeded (1)

man_of_mr_e (217855) | more than 2 years ago | (#38691678)

Like so many people, you completely misunderstand what UAC is. UAC does not provide security, in fact, UAC's sole function is to lessen security. UAC is what GIVES you the ability to do things.

The purpose of UAC is the same as sudo, gives you privileges you wouldn't otherwise have. Turning off UAC would mean you couldn't do anything that required any privileges. What most people think

Re:Microsoft Succeeded (1)

HBI (604924) | more than 2 years ago | (#38691812)

No, I dont' misunderstand UAC. Turning UAC off removes the prompting for elevation of privileges. Combined with administrative access to the box, this enables you to operate entirely in the XP mode of full admin access without limitation or even warning.

I think you misunderstand. Try running as a local administrator on a system with UAC turned on. You get a significant level of prompting even though you should require no privilege escalation.

Re:Microsoft Succeeded (0)

Anonymous Coward | more than 2 years ago | (#38692320)

ehem.. running as a local admin with UAC on, and I've gotten a total of 0 prompts today... in fact, I only get them when installing a new program... that's about it. Not even debugging in Visual Studio needs elevation.

Re:Microsoft Succeeded (0)

Anonymous Coward | more than 2 years ago | (#38692548)

It does to run the Windows Azure emulator :-(.

Re:Microsoft Succeeded (1)

Kalriath (849904) | more than 2 years ago | (#38692718)

Windows 7 removed the prompting for a lot of tasks, such as attaching a debugger to a process spawned by the debugger itself (which kind of makes sense really, the debugger does technically own that process).

Re:Microsoft Succeeded (1)

Jeng (926980) | more than 2 years ago | (#38691728)

They actually do it for (to them) legitimate reasons - software related and habit being the two largest.

One of the titles I help support was written back in 1999, in order for it to save changes it requires admin access, the program that is. With Windows 7 there are around 6 or 7 different ways to give a program admin access, without the user having to log in as an admin. The easiest is right on the compatibility tab.

Re:Microsoft Succeeded (2)

goldspider (445116) | more than 2 years ago | (#38691732)

"1) While most users do not need admin access and by default Vista and 7 do not give it to you, I still see people assigning admin rights to themselves and deactivating UAC as a prerequisite to using the computer, which puts the lie to your top two paragraphs."

That's an issue of users trading security for convenience, not an inherent weakness of the OS.

Re:Microsoft Succeeded (1)

HBI (604924) | more than 2 years ago | (#38691838)

The only equivalent in a Unix concept is running as root. Which I am aware that people do, but it's hard to share that root access around. Not so in the ACL based Windows.

Re:Microsoft Succeeded (1)

goldspider (445116) | more than 2 years ago | (#38691934)

I can't imagine having to (often remotely) support 700+ PCs without having local admin rights via ACL, but then my experience on Unix-based systems (outside my Ubuntu/Mint desktop at home) is admittedly limited.

Re:Microsoft Succeeded (4, Insightful)

Anonymous Coward | more than 2 years ago | (#38691796)

To rebut specifically:

1) While most users do not need admin access and by default Vista and 7 do not give it to you, I still see people assigning admin rights to themselves and deactivating UAC as a prerequisite to using the computer, which puts the lie to your top two paragraphs.

I still feel Microsoft needs to be given credit for implementing the UAC by default to begin with. Nobody can drop the single-user paradigm that's dominated consumer-grade computing for the past 30 years overnight and expect end-users (let alone developers) to go along with it swimmingly. At home, XP was typically the first experience most users had with a true multi-user environment to begin with.

UAC makes the best of a bad situation that is not strictly (or at least not exclusively) Microsoft's fault. You'd sooner eliminate spam before you'd train all computer users to use runas.

always try to compare Firefox without plugins with IE. IE has no facility for blocking scripts and flash selectively that doesn't cost more than a browser is worth. Noscript and ABP are a few mouse clicks away. You can have all the sandboxing in the world, but not letting the script run in the first place is the only effective defense against drive-by malware installs.

NoScript is still relatively unique to Firefox, but IE9 has most (if not all) of the capabilities of AdBlock Plus out-of-the-box. You can subscribe to your favorite flavor of EasyList without installing any additional add-ons, third-party or otherwise.

Re:Microsoft Succeeded (5, Insightful)

artor3 (1344997) | more than 2 years ago | (#38691932)

While the OP is clearly a shill, your refutations ring hollow.

Using Firefox's own usage stats, only about 0.5% of users use NoScript. Comparing that tiny segment to the standard IE install makes no sense.

Then, on the other side, you focus on people who turn off UAC, and ignore the hundreds of millions who leave it on.

Basically, from each group, you're cherry picking whichever segment best supports your argument, even when that segment is in no way representative.

Re:Microsoft Succeeded (1)

antdude (79039) | more than 2 years ago | (#38692602)

Where did you see these statistics? I am curious about other addons/extensions like AdBlock Plus.

Re:Microsoft Succeeded (1)

clodney (778910) | more than 2 years ago | (#38692656)

While the OP is clearly a shill, your refutations ring hollow.

Where did this widespread belief the Microsoft pays shills to defend its honor on /. come from? Did everyone crank their tinfoil hats up to 11 or something?

I don't think Slashdot is influential enough to have any impact on Microsoft's business, and as a practical matter, if there is a cadre of professional shills, you don't think somebody would spill the beans? How big a conspiracy is needed?

Re:Microsoft Succeeded (0)

Anonymous Coward | more than 2 years ago | (#38691936)

1) While most users do not need admin access and by default Vista and 7 do not give it to you, I still see people assigning admin rights to themselves and deactivating UAC as a prerequisite to using the computer, which puts the lie to your top two paragraphs. Once they take those two steps, the machine might as well be XP.

I would argue that those actually capable of deactivating UAC and adding their account to the Administrators group are the exact users who don't require those protections.

UAC in particular is there to benefit vast majority of Windows users who don't t know what the term "executable" means. It helps prevent their PC getting hijacked by the russian mafia because they clicked on a dancing hamster, by giving them an "are you SURE?" prompt. I don't see what's wrong with power users disabling the feature.

Re:Microsoft Succeeded (1)

Billly Gates (198444) | more than 2 years ago | (#38692738)

Not true. Go look at your internet options and you will see different zones for intranet and internet? For one, IE only runs signed activeX controls on the internet, and by default will put a nag are you you want to run X, unless its disabled by default.

IE 9 blocks access to bad domains and scripts that reference them as well. Go google the study finding IE the most secure browser from 2 or 3 months ago. These blacklists are updated regularly. As an add on you can download additional lists too from the addon website to block ads as well kind of like ad-blocker. I believe VBscript is disabled by default too in IE 9 on the internet.

Most users have an admin account because software still requires it. Most do not know how to disable UAC, but with ASLR, full DEP, and other security improvements even running as admin is a BIG improvement over XP anyday.

Re:Microsoft Succeeded (1, Offtopic)

h4rr4r (612664) | more than 2 years ago | (#38691434)

So this is your only comment with a new account?

So does it hurt to shill that hard?

I agree with the top 3 paragraphs, but please don't spam forums.

Re:Microsoft Succeeded (0)

Relayman (1068986) | more than 2 years ago | (#38691680)

The original comment is well thought out and there isn't much objection in subsequent comments. I don't see where the spam is that you're referring to; he's not shilling for a product.

Re:Microsoft Succeeded (0)

h4rr4r (612664) | more than 2 years ago | (#38691700)

He created an account just to use for this thread. He clearly copy pasted it, and he is just using it to sell VS.

Re:Microsoft Succeeded (2)

stanlyb (1839382) | more than 2 years ago | (#38691440)

He is apparently a paid cheer lady, but nevertheless there is about 80-90% truth in his comment. The newest VS2010 is so far one of the best IDE, there are a lot of MS libraries, tools, etc., that helps the poor developer doing his job, even if the MS environment is so clumsy and bloated.

Re:Microsoft Succeeded (1)

Relayman (1068986) | more than 2 years ago | (#38691692)

He is apparently a paid cheer lady ...

He says he doesn't work for Microsoft, that's another person with the same name.

Re:Microsoft Succeeded (0)

Billly Gates (198444) | more than 2 years ago | (#38692430)

... until you hit help

using admin account is more secure (1, Interesting)

todorb (169225) | more than 2 years ago | (#38691566)

Windows users also weren't adjusted to having to work under non-admin account.

by using a non-admin account for the last couple of years i learned that the system is much less secure this way.

on windows the only program that could auto update was google chrome. firefox, flash, thunderbird, java, etc, all required manual update checks (which a non too computer savvy user, like my wife, won't do). firefox actually shows that there's an update available when chacking manually, but requires to be "run as administrator" to actually install it.

same problem for the mac. system update checks won't happen automatically in non-admin accounts.

eventually i got pissed of having to update everything manually and switched my accounts to admin.

Did It Occur To You (0)

Anonymous Coward | more than 2 years ago | (#38691612)

That Your Laziness could possible switch accounts for a minute to perform the updating ? Yes, security is a process which requires effort, ya know.

Re:Did It Occur To You (1)

s.petry (762400) | more than 2 years ago | (#38692778)

The same can be said for spell checking, and pressing the shift key when appropriate. Did I spot a trend perhaps?

Re:using admin account is more secure (1)

causality (777677) | more than 2 years ago | (#38692364)

Windows users also weren't adjusted to having to work under non-admin account.

by using a non-admin account for the last couple of years i learned that the system is much less secure this way.

on windows the only program that could auto update was google chrome. firefox, flash, thunderbird, java, etc, all required manual update checks (which a non too computer savvy user, like my wife, won't do). firefox actually shows that there's an update available when chacking manually, but requires to be "run as administrator" to actually install it.

same problem for the mac. system update checks won't happen automatically in non-admin accounts.

eventually i got pissed of having to update everything manually and switched my accounts to admin.

Not having a centralized package manager to easily and automatically take care of these things would drive me crazy if I ever had to use Windows. I really don't know if Windows could ever have a proper Linux-style package manager able to take care of the entire OS and all applications by itself. Even the freeware applications often have licenses that don't explicitly allow you to redistribute them, making it extremely difficult or impossible to operate a comprehensive central repository. Each little application having to run its own updater demanding that you manually babysit it for no good reason is both redundant and cumbersome.

That, and for some reason developers of Windows software just love stealing focus, popping up little balloons, and filling up the icon tray. All of those are distracting, tend to interrupt your workflow when you're trying to get something done, and create clutter. Obviously that's not an inherent issue with the OS, but does seem to be part of the culture surrounding it. On my Linux system running KDE, I can concentrate on a task for hours and never have anything pop up demanding my attention.

This isn't something you notice and appreciate until you've gone a long time without ever touching Windows and then one day you sit down in front of someone else's Windows machine and try to get something done.

Re:Microsoft Succeeded (0, Interesting)

Anonymous Coward | more than 2 years ago | (#38691606)

Windows users also weren't adjusted to having to work under non-admin account. That was the reason most people had issues with Vista, and by the time Windows 7 came out, application and hardware vendors had fixed their issues.

No. That is absolutely wrong. Wrong, wrong, wrong.

The reason people hated Vista was because it simply would not run on less than 1GB of RAM. It was so unforgivably bloated and slow, that when people tried to use Vista as if it were a software upgrade that did not require a hardware upgrade, they immediately became enraged that they spent $100.00+ only to be told that they did not read the fine print, and that the System Requirements demand 1GB of RAM MINIMUM.

XP Era Home Desktops and Laptops could not run Vista, and to ordinary users who are absolutley terrified of swapping out RAM DIMMs, are actively prevented by vendors from swapping hardware, or were simply running laptops with buses for which RAM upgrades were tough to acquire (read: not sold at Best Buy), this meant buying a new PC in order to upgrade their software.

Re:Microsoft Succeeded (1)

man_of_mr_e (217855) | more than 2 years ago | (#38691710)

Of course 2GB of ram only costs $30 at the time, and XP SP2+ basically needed at least 512MB, preferrably 1GB anyways (and standard machines had been shipping with 1GB for a couple of years). So yeah, there some people who were affected by that, but most weren't

Re:Microsoft Succeeded (1)

roc97007 (608802) | more than 2 years ago | (#38691866)

> Windows 7 is a very good OS, actually so good that Microsoft really needs to step up their game in windows 8 so that W7 won't become the new XP.

Why would that be a bad thing?

Re:Microsoft Succeeded (0)

poetmatt (793785) | more than 2 years ago | (#38691910)

Windows is only vaguely secure when you keep it entirely, 100% stock. This is not a realistic situation for any company and thus, doesn't exist.

The second you add anything third party which is out of their control, security goes out the window.

On other operating systems, adding third party programs don't compromise the entire setup like that. So in reality, windows is no more secure than ever since it still gives users the ability to compromise security. Not to say that anyone else is better off, but to act like windows is more secure than it used to be is to be blatantly dishonest to compare to things like the NSA loophole, FIPS loophole, and other government backdoors (such as the ones Microsoft gave themselves) which continue to exist as ways for people to crack into a windows system.

The worst part is trying to tell people they're secure.

Now it's Android's turn (0)

Anonymous Coward | more than 2 years ago | (#38691294)

Troll because it's true.

useless (-1, Troll)

epicar (885334) | more than 2 years ago | (#38691382)

What a useless article. Keep this crap off slashdot.

Commercial Software Businesses (0)

Anonymous Coward | more than 2 years ago | (#38691504)

Security is not selling more copies of a product, but all the "executives" who can sign purchase orders will be willing to shell out money if they can see a laundry list of new features.
Most companies have only one imperative: increase sales in the short run and feel good. Collect fat bonuses for the former. Security does not drive sales, does not increase bonuses.
Spending 100 million dollars on security is puny as compared to the total revenue of MS, even in a single month. If they really wanted to be a leader in terms of security, they would have had to change their processes, tools and management approaches radically. Instead they did something to achieve security levels which were good enough to continue selling their stuff.
Imagine writing software in a language which is inherently safe - MS did some research into that, but the technology never made it into Windows or Office. Just using an STL with checked vectors, strings and other containers would have immediately fixed thousands of exploits, but that would have meant changing the C++ coder mindset, which still is "my code will never overrun any array and bounds checks are a waste of precious CPU time". The truth is of course that even the best guys are sometimes tired or a little sick and that bounds checking only increases CPU load by about 10 %.
This is all marketing talk - the only thing where MS is excellent.

Oblig XKCD (-1)

Anonymous Coward | more than 2 years ago | (#38691534)

"Trustworty" if you trust Micro$oft (2)

Velska1 (1435341) | more than 2 years ago | (#38692190)

It's true that Win 7 is a step ahead for windoze systems. It' practically workable! That is if you happen to like the way it works, because to tweak it even just a bit, you need to either be an expert or then buy a customising software.

But "Trustworthy Computing" has much more heinous objectives than making your windoze box more secure. It wants to make UEFI standards so that no other OS's can be run on a machine that uses M$ OS. It wants to make listening to your own music dependent on the presence of a TPM chip that takes care of all the critical security stuff, like Digital Rights Management. I guess it's in their interest to suck up to MPAA, RIAA and book publishers?

If George Orwell had had the vision, he'd have Micro$oft working for the Big Brother monitoring the people they don't like. I'm sorry, but I'll never again give M$ direct access to my hardware: it will always run in a virtual machine. I need to do it now and again to make sure that my stuff will also work with M$, specifically Internet Exploder. Granted, there are some pluses in IE9 over IE6, but they're negligible, basically eye candy.

Get behind FOSS or get left behind, is what I say.

Made up numbers (2)

LoudMusic (199347) | more than 2 years ago | (#38692256)

The profession of inventing numbers has always intrigued me. The article says, "The hiatus cost Microsoft $100 million." Well, sure they can figure out how much money they usually make in a time frame, and how much money they didn't make during this time frame, and BAM you've got a number. But that number, $100,000,000, just seems a bit too ... round. It seems like someone said, "Hey, call the department that makes up numbers. We need one that's not so small it seems insignificant but not so big no one believes it. Not too cold, not too hot. Not too lumpy, not too soft. Something that's juuussssssttt right." Which is certainly a shorter route to 'news' than actually doing the work to figure out what it actually cost. It also sounds like something a 7 year old would say on the playground in a screaming match about fathers' occupations, "OH? Yeah?! Well! My dad works for Microsoft and they lost a hundred million dollars!"

And how can they know that's what it would have been? Maybe that was the month, had they asked, that Apple would have sold out to Microsoft. But they didn't ask and no one will ever know. Would have been more than a hundred million dollars, for sure.

Yes, wildly off topic, but it's the crazy shit that goes through my brain.

Secure Communication (0)

Anonymous Coward | more than 2 years ago | (#38692312)

"With telephony, we rely both on its availability and its security for conducting highly confidential business transactions without worrying that information about who we call or what we say will be compromised."

Isn't it interesting how much has changed in the past 10 years. Now the U.S. government has given itself the right to warrantless wiretaps on all communications and almost every device on any of the digital networks gives them a back door. Telephony is as available as ever, but I don't think of it as secure any more.

Re:Secure Communication (1)

0123456 (636235) | more than 2 years ago | (#38692410)

... and you phone gets malware and either stops working or starts calling phone sex lines in Butfukistan.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?