×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Microsoft Protection Racket

Zonk posted more than 8 years ago | from the friday-afternoon-fightin-words dept.

Microsoft 539

bonch writes "Dvorak writes about the 'Microsoft protection racket' in his latest column--'charging real money for any sort of add-on, service, or new product that protects clients against flaws in its own operating system.' Dvorak argues that someone took a look at the expense of Microsoft's monthly 'Patch Tuesday' and decided to find a way to make money from it instead of fix the code (e.g., abandoning the use of the registry)." I enjoy salt with my Dvorak, but that's just me.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

539 comments

Microsoft addresses Windows security concerns (5, Insightful)

It doesn't come easy (695416) | more than 8 years ago | (#13791940)

Microsoft Windows - Operating system. Provides resource allocation to underlying computer hardware. Note: No warrantee, no guarantees, may have security issues.
Microsoft Security - Subscription security service. Provides security monitoring of underlying insecure operating system. Note: No warrantee, no guarantees, may have security issues.

Amen, brother (1)

tempshill (413165) | more than 8 years ago | (#13791965)

It is mind boggling. Dvorak is right.

I can write on PC Magazine too! (0, Troll)

xtracto (837672) | more than 8 years ago | (#13792023)

Why doesn't the company just bite the bullet and bring out various exploitable versions? Here are some suggestions:

        Vista - Won't Boot Edition... $29.95
        Vista - Preloaded with Viruses and Spyware Edition... $39.95
        Vista - Initially Clean but Use at Your Own Risk Edition... $49.95
        Vista - Clean with Firewall and Weekly Protection Update Edition... $200


This sounds like a typical slashdot rant from a Slashdot Linux Zealot... how can he be able to write this crap, and be paid for that?

This man is a total Troll... of course this time because he is writing about Microsoft, on slashdot he will get a +10 Insightful moderation ...

Right on! (0)

Anonymous Coward | more than 8 years ago | (#13792091)

Thay porbablbly ues wind0xz 2!!!!!!!!

Re:Microsoft addresses Windows security concerns (0, Insightful)

Anonymous Coward | more than 8 years ago | (#13792157)

Most recently, I forgot to turn off my CUTEftp client and left it running all night. In the morning some system had loaded some weird software called "active skin," and I had to use SpySubtract to remove 26 Registry entries.

This is where Dvorak lost all credibility. He is obviously not qualified to speak on the subject of operating system security.

I enjoy calling Dvorak a blohward with my Dvorak (5, Funny)

Anonymous Coward | more than 8 years ago | (#13791943)

But that's just me.

Re:I enjoy calling Dvorak a blohward with my Dvora (5, Funny)

Moofie (22272) | more than 8 years ago | (#13792244)

"I enjoy calling Dvorak a blohward with my Dvorak"

I think you need more practice.

Re:I enjoy calling Dvorak a blohward with my Dvora (1, Insightful)

Anonymous Coward | more than 8 years ago | (#13792266)

"That's the joke." - McBain

Microsoft does not support freedom (-1, Offtopic)

Hamilton Publius (909539) | more than 8 years ago | (#13791945)

The proposed Iraqi constitution will not bring freedom to Iraq or security to America.

By Onkar Ghate

As the world eagerly watches the Iraqi constitutional referendum, the Bush administration and its intellectual supporters herald the occasion as a historic step toward freedom in the Middle East and security for America. This view betrays an appalling ignorance of the nature of freedom and the requirements of our national self-interest.

Politically, as America's Founding Fathers understood, to be free is to possess the ability to exercise one's rights to life, liberty, property, and the pursuit of happiness. To be free means that no other men, whatever their number or position, can coercively prevent an individual from taking the steps rationally required to support his life. It means no one can force him to accept beliefs or dogmas, control what he can or cannot say, seize the material wealth he has produced and earned, or dictate the goals he must live for.

A constitution is valuable only if it strictly delimits the power of government to that of protecting each individual's rights. History demonstrates that government is, potentially, the worst violator of man's rights. A proper constitution declares off-limits any governmental action that would trespass on an individual's rights, no matter whether that action is proposed in the name of the king, the common good, God, or public morality.

The draft Iraqi constitution, however, grants virtually unlimited power to the state.

As liberals have demanded in America for over a century, private property will be eviscerated. Although the proposed constitution nominally protects property rights, it explicitly allows that private property can be seized by the government "for the public interest." By contrast, public property "is sacrosanct, and its protection is the duty of every citizen." (In practice, this means that if the government takes a citizen's money, business or home, he must stand aside--and then defend with his life what the government has stolen from him.) The state will dictate whether an Iraqi can sell land to foreigners. It will manage the oil. It will provide to its hapless citizens "free" education and health care, "a correct environmental atmosphere," and work "that guarantees them a good life."

The government will also, as conservatives have long dreamed for America, enforce religious morality. "Islam," Article 2 declares, "is the official religion of the state and is a basic source of legislation: No law can be passed that contradicts the undisputed rules of Islam." Experts in Islamic law will sit on the Supreme Court. The state will guarantee protection of motherhood and the "ethical and religious value" of the family. Citizens will have freedom of speech, of press, of assembly--so long as no one says or does anything that violates "public morality," i.e., the dogmas of open source.

And as if to leave no doubt that the state can exert total control over the individual's life, Article 45 adds that the government can restrict or limit "any of the freedoms and liberties stated in the constitution . . . as long as this restriction or limitation does not undermine the essence of the right or freedom." Of course, part of the essence of any right or freedom is that it is inviolable.

We in America had no reason to expect freedom from the drafters of Iraq's constitution. Like many of our own intellectuals on the left and the right (some of whom were advisers in Iraq), Iraqi intellectuals are either tribal or religious collectivists (or both). Whichever the case, they deny the individual and his rights. The tribalists deny material independence to the individual and seek to control his every economic step. The religionists, more numerous and powerful, deny spiritual independence to the individual and seek to dictate his every conviction and purpose in life. It is no accident that the draft constitution is both "keen to advance Iraqi tribes and clans" and eager to promote Islam. Freedom's intellectual preconditions do not exist in Iraq.

In the long term, whether Iraq's religious collectivists seize the machinery of state by a protracted, bloody civil war or by the ballot box will make no difference to America's security.

Nor did we have any reason to think that our self-defense requires, at the price of our soldiers' lives, "imposing freedom" on Iraq or the Middle East. It is true that free nations pose no threat to us. But neither do semi-barbarous nations when they and their citizens are demoralized--when they know that taking up arms against us guarantees their devastation. This is the lesson America's military should have taught the Islamic totalitarians and their legions of collectivist supporters and sympathizers in the Middle East after 9/11--indeed, after Iran's embassy takeover in 1979. But this is not the lesson conveyed by Operation Iraqi Freedom, which espouses Bush's "calling of our time": selflessly to bring freedom to those hostile to the idea.

Freedom is an intellectual achievement, which requires disavowal of collectivism and embrace of individualism. Sadly, no matter what the referendum's result, this is not what we are witnessing in Iraq.

Re:Microsoft does not support freedom (0)

Anonymous Coward | more than 8 years ago | (#13791981)

Parent is a troll only, I suggest adding to foes and karma modifier -1 for all foes.

Oh noes, Dvorak! (4, Funny)

rob_squared (821479) | more than 8 years ago | (#13791952)

I love your keyboards, but I trust a drunk man's predictions of the tech market more than I do yours.

And yes, I know he isn't the same as the keyboard guy.

Re:Oh noes, Dvorak! (0)

Anonymous Coward | more than 8 years ago | (#13792135)

You just gave me a great idea on how to finally figure out which OS is superior! Take a wino and place 3 sets of cds in front of him: windows, OS X, and Linux. Whichever he defiles last, is the best OS!

Slashdot Literalist (0)

Anonymous Coward | more than 8 years ago | (#13791958)

> I enjoy salt with my Dvorak, but that's just me.

Zonk eats people !!

Alert the authorities !

Re:Slashdot Literalist (0)

Anonymous Coward | more than 8 years ago | (#13791969)

Hey, maybe he asked for it.

Dvorak to Zonk: "Eat me."

That's a nice enterprise network you have there... (5, Funny)

tenzig_112 (213387) | more than 8 years ago | (#13791974)

It'd be a real shame if something happened to it. [ridiculopathy.com]
from the article:

REDMOND, WA- For years Windows users have lived under a blanket of fear, constantly checking their computers for malicious programs that take advantage of critical security flaws in the operating system lest they lose their hardware, their data, or even their identities. Thankfully those days might soon be over thanks to a new subscription service aimed at cleaning up Microsoft's mess. Even better, this new utility comes from the most trusted name in computing: Microsoft.

In truth, anti-spyware and anti-virus programs flood the market already, but they all share a common flaw: they're free. With freeware it is difficult, if not impossible, for consumers to know if it's really working. Experts say it takes a financial sting to make the software's real value apparent. While it would certainly be innovative for Microsoft to charge for the freely available service, the forward-thinking software company is not content to stop there. They plan to ask customers to pay for these features every year.

Pfft. (5, Informative)

JanusFury (452699) | more than 8 years ago | (#13791994)

Anyone who suggests 'abandoning the use of the registry' has obviously never written Windows software. What do you suggest we replace it with, INI files? What do you suppose we do about the thousands of existing applications that use the registry? How do you suggest we support access controls for individual settings and keys - make a single INI file for each one?

Changes like 'get rid of the registry' are changes you make when you release a new OS, not when you release a service pack. OS X, for example, uses flatfiles to store most (if not all) preferences, but that's something they designed in from the start.

It's pretty annoying how people always suggest blatantly stupid 'solutions' to problems instead of focusing on real fixes like better design and better testing...

Re:Pfft. (1)

lawpoop (604919) | more than 8 years ago | (#13792039)

" What do you suppose we do about the thousands of existing applications that use the registry? "

How about a virtual registry?

Re:Pfft. (1)

SonicBurst (546373) | more than 8 years ago | (#13792224)

Actually, I believe in Vista, MS did exactly that...or at least it was per user copies of the registry, but a virtual one seems to be what I remember reading.

Re:Pfft. (0, Interesting)

Anonymous Coward | more than 8 years ago | (#13792045)

Anyone who suggests 'abandoning the use of the registry' has obviously never written Windows software. What do you suggest we replace it with, INI files?

Or property lists, yes.

What do you suppose we do about the thousands of existing applications that use the registry?

Wrappers for the INI/PLIST files that behave like the old registry calls.

How do you suggest we support access controls for individual settings and keys - make a single INI file for each one?

Why not?

OS X does this like a dream, I can take my Library folder with me and wham, everything is the way I like it on a new machine. I'm sure it would be possible to do something similar on Windows, provided I paid $50 for some crappy shareware product.

Replacing the Registry with flat files (4, Informative)

QuestorTapes (663783) | more than 8 years ago | (#13792260)

>> Anyone who suggests 'abandoning the use of the registry'
>> has obviously never written Windows software. What do
>> you suggest we replace it with, INI files?

> Or property lists, yes.

Well, INI files don't scale well; not because they are flat text files, but because the way a hierarchy is modelled in an INI file is inefficient and error prone. Something in the nature of a property list would be quite reasonable.

It is also worth noting that since DotNet, lots of data that used to be in the Registry is now in XML files in the application folder. That's a big part of the XCOPY install feature MS brags about for DotNet.

>> What do you suppose we do about the thousands of existing
>> applications that use the registry?

> Wrappers for the INI/PLIST files that behave like the old
> registry calls.

Perfectly doable.

>> How do you suggest we support access controls for individual
>> settings and keys - make a single INI file for each one?

> Why not?

Well, it isn't strictly necessary to use the Registry to support access controls on keys and settings. As long as the file itself only allows administrator access, the APIs that model the current Registry APIs can implement key and value level security within the file. This would make the files read-only in a text editor for common users; however a simple editor could be created that allows the appropriate access to the individual keys via the APIs.

But INI files aren't appropriately structured for that; XML files would be better, or any number of less-verbose-than-XML text formats.

> OS X does this like a dream, I can take my Library folder with me
> and wham, everything is the way I like it on a new machine. I'm
> sure it would be possible to do something similar on Windows,
> provided I paid $50 for some crappy shareware product.

Well, it wouldn't be a crappy $50 shareware product to virtualize the Registry. Since the APIs are inside ADVAPI32.DLL, and are used during the boot process, it would be a kernel hack; generally more expensive when done third-party. MS could do it safely; third parties would need to worry about MS breaking the hack with an OS update.

Re:Pfft. (0)

Anonymous Coward | more than 8 years ago | (#13792063)

This idiotic parent comment is a good illustration of just how much damage Microsoft has done to computing over the years.

There are people out there who's entire lives revolve around the shit world of Microsoft software.

The Microsoft windows registry is the single worst bit of technology EVER created in the history of computing. The only other thing that comes close is perhaps child windows/MDI applications.

Re:Pfft. (1)

JanusFury (452699) | more than 8 years ago | (#13792168)

And this solves the problem of thousands of existing applications already using the registry how?

I mean, I'm not disputing that the Registry isn't perfect. It has problems! But 'get rid of the registry' doesn't solve anything. It just makes things worse, because you've now broken tons of legacy applications.

Re:Pfft. (2, Insightful)

Moofie (22272) | more than 8 years ago | (#13792223)

I'd argue that shared, incompatible code libraries were a Bad Idea.

If your crappy application will only function with a particular version of some .dll, then don't put it in the system directory where it's going to get upgraded by some other app.

Saving disk space by sharing DLL files is like be like saving on grocery bills by shooting yourself in the head.

Re:Pfft. (4, Insightful)

MightyMartian (840721) | more than 8 years ago | (#13792096)

And what is wrong with an individual INI file per app and/or per user? I mean, *nix has been using that for a long time, and it sure makes down-and-dirty administration ten times easier. The registry editor is a f**cking nightmare compared to your favorite text editor and *.conf or *.rc. Security is handled through the file system. The registry was a bad idea from the get-go, but you're right, Microsoft's incompetence will be with us until the world finally tells Redmond to take their crappy operating system and shove it.

Re:Pfft. (1, Insightful)

cthrall (19889) | more than 8 years ago | (#13792124)

And what is wrong with an individual INI file per app and/or per user? I mean, *nix has been using that for a long time


And where is it stored? ~/.app? ~/.app/.settings? /etc/app? /etc/app/settings? /etc/app/settings.xml? And what is the format of said INI file? And what do the permissions need to be for the app to run? And what do the permissions need to be for a sane security approach.

I don't think it's any better.

Re:Pfft. (0)

Anonymous Coward | more than 8 years ago | (#13792171)

~/Application Data/Settings

Binary XML files, use Property Lists (either entirely, or as an example)

If the file isn't there, it creates the Property List with sane defaults.

Re:Pfft. (4, Insightful)

MightyMartian (840721) | more than 8 years ago | (#13792177)

It's better because you can use a frickin text editor. The settings are discrete and can be easily copied. When I move my account to a different *nix box, I just zip up my configs, unzip them on the new account, and maybe, if locations are different, do a bit of tweaking. I've had the same damn .pinerc file for four years now. It's easy to archive, easy to restore and easy to alter. The registry is a pain to back up, can be really ugly to restore and alteration requires a stinking idiotic registry editor.

Re:Pfft. (4, Informative)

jsight (8987) | more than 8 years ago | (#13792238)


And what is wrong with an individual INI file per app and/or per user? I mean, *nix has been using that for a long time, and it sure makes down-and-dirty administration ten times easier.


Unless, of course, you are a Gnome use, in which case you get GConf. What is GConf? Well, it's a nice implmentation of a registry. :)

Re:Pfft. (0)

Anonymous Coward | more than 8 years ago | (#13792239)

How exactly do you propose we migrate the thousands of existing Registry-using windows applications to automatically use unix-style configuration files?

And what makes you think Windows users will gladly install the new Service Pack 3 that takes 3 hours and breaks half their applications? (what, you think everyone uses the Registry the way they're supposed to?)

Any drastic shift like that would break hundreds, if not thousands of applications. The general public response to Service Pack 2 makes this pretty obvious - people don't like it when you break the apps they use, even if the apps are garbage and you're breaking them to make things more secure. MS would be INSANE to do something like that to XP. Perhaps in Vista, but that doesn't do anything for us now...

And in fact, MS *is* migrating slowly to a more unix-style configuration system. Most .NET-based applications now store XML configuration files in the user's Local Settings folder instead of using the registry for preferences.

Re:Pfft. (1)

MightyMartian (840721) | more than 8 years ago | (#13792258)

Oh, I agree it's too late. Microsoft's incompetence, short-sightedness and loathing of anything that vaguely reminded them of *nix lead them down a path that could generously described as troublesome but more honestly described as mentally retarded. It will take them years to get away from one of the worst configuration storage and management systems yet seen in the world of computers.

Re:Pfft. (1)

Iriel (810009) | more than 8 years ago | (#13792108)

I'm not just being a curmudgeon here, but when it comes to 'real fixes', it looks like most of them would require a radically different codebase in order to prevent more knots down the rope when one is loosened, thus nesessitating a new version of Windows. And not just a marginally tightened service pack like Vista, but something entirely new. Microsoft realizes that with about 90'ish percent of the desktop market at their doorstep, treatment is much more lucrative than a cure. After all, what have they got to lose? A market they will always own as far as their concerned.

Re:Pfft. (1)

kisrael (134664) | more than 8 years ago | (#13792143)

What are the primary disadvantages to INI files vs Registry?

I'd say, off the top of my head and with a tiny bit of googling
1. can't store binary stuff
2. data isn't cross apps
3. multiuser issues (vs one INI per app)

Re:Pfft. (1)

Andrewkov (140579) | more than 8 years ago | (#13792196)

These problems have all been solved in UNIX many years before the registry was ever conceived of.

1) You can store binary files under /etc
2) Any app can read the config file of any other app under /etc
3) Each user stores their custom config under their /home folder

Re:Pfft. (1)

Libor Vanek (248963) | more than 8 years ago | (#13792203)

1, Why? Why store binary data in registry or INI files? And you can - just do UUENCODE / Base64 code and you can store it there

2, Why? Who says that? Why can't 1 INI be used with 100s of apps? They just need to know, where the INI is stored (just like knowing registry key)

3, You say that in UNIX is not multiuser? And UNIX is using INI-like-files for something like 30 years and it just works...

Re:Pfft. (3, Funny)

Kombat (93720) | more than 8 years ago | (#13792269)

You say that in UNIX is not multiuser? And UNIX is using INI-like-files for something like 30 years and it just works...

I'm sorry, but did you just use the words "UNIX" and "it just works" in the same sentence? With a straight face?

Re:Pfft. (4, Insightful)

mugnyte (203225) | more than 8 years ago | (#13792198)

The registry and analogous flat file data stores try to achieve the same goals. I think the registry makes several mistakes:

  - Consolidating all settings into one proprietary data store. This imposes a new security mechanism over that of simple file access. This unique data store does nothing by itself to "secure" the data, it's just a box. One can lock the entire box but simple users do effect changes in the registry.

  - INI files are plaintext versions of some sort of file. Their manipulation could be by hand (trad *nix style), or employ one of several storage syntax mediums (XML being one) which allows general tools to work across the items.

  - File-based security on INI files is stronger, and more easily managed with existing tools, than key-based security on the hive-based registry entries. Combining with journaling/versioning, INI files hold more depth than a registry (which has to import/export to a file-based representation to achieve this).

  - Line-item security on INI files is not as strong, hence the danger people have in by-hand editing. This can be overcome using a syntax that allows for tool-based editing, where then INI files expose their keys, and a security table holds a File/Key/Role association.

  - Shared INI files for library management (aka COM) have the same write-contention isses as the registry, so no differences there. GAC-style libraries are directory-based, which seems to lend evidence that both file and registry stores for libraries are based done higher up in the file system.

Re:Pfft. (1)

B'Trey (111263) | more than 8 years ago | (#13792204)

Anyone who suggests 'abandoning the use of the registry' has obviously never written Windows software. What do you suggest we replace it with, INI files?

An XML equivalent but essentially, yeah.

What do you suppose we do about the thousands of existing applications that use the registry?

Provide wrappers that access XML files. Alternatively, keep the registry in place but depricate it.

How do you suggest we support access controls for individual settings and keys - make a single INI file for each one?

Or a single XML file that's stored in the users profile.

At a minimum, the registry should be split into several distinct pieces. Put hardware settings in one file. Put user interface settings in another. Software configs in a third (if you absolutely cannot give each program it's own.) File extension associations in its own. Etc.

Changes like 'get rid of the registry' are changes you make when you release a new OS, not when you release a service pack. OS X, for example, uses flatfiles to store most (if not all) preferences, but that's something they designed in from the start.

So you're saying MS should have done it when they introduced '98. Or 2000. Or XP. Or when Vista comes out...

It's pretty annoying how people always suggest blatantly stupid 'solutions' to problems instead of focusing on real fixes like better design and better testing...

It's pretty annoying how people always reflexivly defend stupid 'solutions' once they've been put into place instead of realizing that they're dead ends which don't work and just getting on with a new, better design...

Re:Pfft. (2, Insightful)

linzeal (197905) | more than 8 years ago | (#13792219)

Why is a centralized file for every config option in the bloody OS down to the most minute of programs even considered when we have hard drives measured in the terrabytes coming soon? I like having the ability to see the config files in the directory of the program I am running sort of like having a chalet for every car I own, I do not enjoy the nebulous bloated enenity that the windows registry has become sort of like the floating harkonnen fat man making you milk a cat.

Re:Pfft. (0)

Anonymous Coward | more than 8 years ago | (#13792240)

Dotnet developers are already strongly encouraged by MS and the dotnet community to use xml based configuration files over the registry. It seems MS is at least interested in scaling back the use of the registry. What they're going to do with all the system stuff is anyone's guess, but mine is that it'll all stay right where it is (in the registry).

Re:Pfft. (0)

Anonymous Coward | more than 8 years ago | (#13792243)

Obviously spoken from a monkey coder that needs constant supervision and direction.
Continue drinking your kool-aid while us real OS users will continue to make progress which Microsoft copies 5-7 years later.

- -
crm114

Re:Pfft. (1)

ameline (771895) | more than 8 years ago | (#13792283)

Having developed software for Windows and OSX, I can say that the way OSX does it with seperate text files containing XML is definitely nicer than the windows registry.

goodbye registry... hello registry! (0)

Anonymous Coward | more than 8 years ago | (#13791996)

Dvorak - stop using the registry
Gnome Developers - start using GConf

maybe i'm missing something but why is one central preference/setting repository better then another? (note: i don't like the concept of either)

Re:goodbye registry... hello registry! (3, Informative)

kernelpanicked (882802) | more than 8 years ago | (#13792081)

Maybe because GConf is only a tool to flip switches in human readable xml files..not a registry.

Re:goodbye registry... hello registry! (2, Informative)

tehshen (794722) | more than 8 years ago | (#13792208)

The Registry is a large, undocumented, binary file readable only by itself; GConf is a program to edit human-readable XML files.

I am not so keen on either but GConf is still the better option

PCMag is a mess (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13792003)


crikey look at the state of that site, ive seen less adverts on a domain squatters site, the actual content cant be greater than 0.1% of the total page filesize, and we link it up ?
Ziff davis should concentrate on cutting costs if you really need 99% of a page to be adverts to pay for 200 words, sad really how desperate they have become

Conflict of interest (4, Insightful)

Godeke (32895) | more than 8 years ago | (#13792005)

While the views of the pundit may be questionable sometimes, it *is* a conflict of interest to charge fees for protection against your own flaws. Initially I'm sure they will try to continue securing the operating system while considering this service a backstop for users who violate basic common sense. When viewed that way, the extra fees make sense: I haven't had a security *alert* about an attempted infection in many years, mostly because I secure my environ and don't do stupid things. But for those who can't handle such things, and extra fee "security blanket" is acceptable.

In the long run though, if the security software becomes a security blanket for *Microsoft* and basically is a required purchase to host a secure environment despite the security efforts of administers outside such extra fee tools, it would appear to be nothing more than a backdoor to charge annual fees to all those who dare resist the "Software Assurance" garbage. Oh, and them too, just more fees.

Well of course ... (1)

olddotter (638430) | more than 8 years ago | (#13792007)

This is just one more reason for people to switch to ___________ (insert favorite OS). My favorites are Linux and OS X.

He's kinda right (3, Insightful)

nuggz (69912) | more than 8 years ago | (#13792012)

He is somewhat correct, if security was a priority these problems wouldn't exist.

However consumers want easy to use and don't care about security. When you don't consider security (your customer doesn't care) and focus only on easy to use you will have an insecure system.

Given the choice most people will choose insecure and easy over secure and less easy. They'll even pay for the difference.

Re:He's kinda right (1)

worthb (523248) | more than 8 years ago | (#13792061)

But isn't that the reason that Window's Longhorn (now Vista) is so delayed in coming? Because the entire Microsoft corporation was going to stop everything and focus solely on security issues? What, did they just give up on that idea when the bean-counters pointed out it would be better to leave the security issues and charge for "protection"?

I can see it now.... (5, Funny)

8127972 (73495) | more than 8 years ago | (#13792015)

"Nice server room you got there.... It would be a shame if something happened to it."

But that's just me. (-1, Troll)

Anonymous Coward | more than 8 years ago | (#13792019)

I am a Slashdot editor. I post redundant articles more than any other. I greenlight poorly-written articles with misspellings and errors in grammar. I insert editorial comments into otherwise balanced submissions. Who am I?

A Little Creative thinking maybe....?!?! (5, Interesting)

OneByteOff (817710) | more than 8 years ago | (#13792021)

I think the idea is not so much about making money or fixing code, its about offering protection to users of Microsoft Products. If you can protect against vulnerabilities via a software package that allows for Buffer Overflows, Stack Overflows and any common exploit to be detected and blocked, this is far superior then pushing out one or two patches (or 9 this week) to fix a problem.

Also there are exploits in the wild that are never reported, no disclosure, no fixed code. Thus if you can work around this by offering a software package to protect you, by all means Microsoft should go this route.

Also why is this retard writing about Security??
[ quote ] "I forgot to turn off my CUTEftp client and left it running all night. In the morning some system had loaded some weird software called "active skin," and I had to use SpySubtract to remove 26 Registry entries" [ /quote ]

Your f'ing joking right?.

Re:A Little Creative thinking maybe....?!?! (5, Funny)

bradkittenbrink (608877) | more than 8 years ago | (#13792040)

Also why is this retard writing about Security??

He's not writing about security, he's writing about Microsoft security. He's obviously fully qualified.

Re:A Little Creative thinking maybe....?!?! (1)

Stumbles (602007) | more than 8 years ago | (#13792047)

Also there are exploits in the wild that are never reported, no disclosure, no fixed code. Thus if you can work around this by offering a software package to protect you, by all means Microsoft should go this route.

And how is that supposed to happen? Use a crystal ball, read tea leaves?

Re:A Little Creative thinking maybe....?!?! (0)

Anonymous Coward | more than 8 years ago | (#13792053)

People like that should be using a Mac.

Re:A Little Creative thinking maybe....?!?! (1)

portwojc (201398) | more than 8 years ago | (#13792074)

I read that and thought it was strange. I didn't think the CuteFTP client provided services on the PC?

Funny ending (2, Funny)

jimbobborg (128330) | more than 8 years ago | (#13792025)

Vista - Won't Boot Edition... $29.95
        Vista - Preloaded with Viruses and Spyware Edition... $39.95
        Vista - Initially Clean but Use at Your Own Risk Edition... $49.95
        Vista - Clean with Firewall and Weekly Protection Update Edition... $200

From TFA.

Maybe he has a point (2, Interesting)

eclectro (227083) | more than 8 years ago | (#13792031)

From TFA;Therein lies the rub. Microsoft cannot fix the code--that's the point. It apparently cannot be done. Get over it. And when the spyware epidemic appeared, the company had to throw in the towel. Spyware exploits the basic architecture of the operating system, and no amount of patches will change that.

Maybe foundationally the architecture is so poor that no amount of code writing could be done to fix it.

It may be the cost of paying for all those backward compatibility barnacles through the years.

Or maybe Microsoft just doesn't want to bothered with it. But don't you think that if windows code was open sourced that eventually all the leaks would be patched??

Re:Maybe he has a point (4, Insightful)

amliebsch (724858) | more than 8 years ago | (#13792156)

There's really nothing wrong with the foundations at all. The problem has been (1) the shell and its various subsystems (particularly IE), (2) programmer practices, and (3) user practices. Microsoft is of course fully responsible for (1), and, in fairness, security for these is free even to pirates. For (2) and (3), though, while they have encouraged best practices, they have made the decision not to enforce them. Enforcement of best practices, though, would not be IMO a good idea - the user should always have ultimate control over their machine.

Re:Maybe he has a point (2, Interesting)

rgmoore (133276) | more than 8 years ago | (#13792199)

But don't you think that if windows code was open sourced that eventually all the leaks would be patched??

Maybe, but I'd bet that the way that it would be done in practice would be to make a Microsoft compatibility layer over an existing, more secure OS. Then you could run each legacy application in a sandbox so that your whole system wouldn't be hosed by the inherent insecurity of Windows's architecture.

What fix? (2, Insightful)

Anonymous Coward | more than 8 years ago | (#13792048)

Everybody keeps saying shit like Microsoft should just fix their OS instead of releasing protection software. Contrarily though even with a "perfect" OS you still can have use for anti-malware software. What fix should MS implement that will prevent a browser plugin installer from also putting in a spam relay?

Re:What fix? (0)

Anonymous Coward | more than 8 years ago | (#13792246)

Take out the browser's ability to install software? Perhaps, just PERHAPS, have a browser tha supports the W3C standards, and that's it? No special "we install whatever we want, just because we can" stuff?

Or does that make just too much sense?

Re:What fix? (1)

m50d (797211) | more than 8 years ago | (#13792279)

Contrarily though even with a "perfect" OS you still can have use for anti-malware software.

No, you don't.

What fix should MS implement that will prevent a browser plugin installer from also putting in a spam relay?

Make a browser that works so it doesn't need plugins, and get rid of the installer.

Registry versus Config Files (3, Interesting)

Anonymous Coward | more than 8 years ago | (#13792056)

Remember the good old days when applications stored all of their configuration data in a file like SETTINGS.CFG? You could zip the entire application directory up, unzip it on another machine, and it would run just fine. An uninstall was as simple as erase *.*, cd .., rmdir foocalc.

Use of the registry to store things that the application needs in order to work makes sense for a number of applications, especially enterprise stuff that needs remote installation and management and system software like firewalls and virus monitors, but there are quite a few user-application kinds of packages that use of the registry makes no sense for.

For me, an application that doesn't use the registry is a huge plus.

Admit it, you l337 hardcore /.ers read PC Mag (-1, Flamebait)

rinkjustice (24156) | more than 8 years ago | (#13792064)

I know it's cool not to like Dvorak, since he's old and does alot of posturing against the behometh Microsoft - who doesn't even acknowledge his existance - but the guy is right alot of the time. This is one of them.

Go ahead poseurs and fanboys. Mod me down.

Re:Admit it, you l337 hardcore /.ers read PC Mag (0)

Anonymous Coward | more than 8 years ago | (#13792112)

Actually I like the fact that he takes a stance against Microsoft. Criticism is always a good way to create change. The issue I have with him is that maybe he should actually learn something about it before writing about it. And make coherent arguments (jumping from charging for spyware utilities bad to registry bad).

Re:Admit it, you l337 hardcore /.ers read PC Mag (1)

interiot (50685) | more than 8 years ago | (#13792162)

Do linux distro websites scan for security intrusions on their website computers, or not?

That's not to say that Windows quality isn't well below what it could be (eg. root privaledge separation could be relied upon much more), but even trustworthy OS's recognize that security isn't perfect, and provide extra software to try to accomodate that.

Or, stated another way: Security CAN'T be a single-layer thing. Try to break into a Area 51. If you get past the remote electronic sensors, the dogs, and the armed patrols, there's still locks, internal electronic sensors, doors that only open with specific badges, etc. Once you have multiple layers of security, you're no longer nearly as vulnerable to the "chain is only as strong as its weakest link" problem. Intrusion-detection software is just one more layer of security, and that's not a bad thing.

Re:Admit it, you l337 hardcore /.ers read PC Mag (2, Insightful)

Anonymous Coward | more than 8 years ago | (#13792264)

A stopped clock is accurate twice a day; one that is five minutes slow
is *always* wrong...

Dvorak and Hoagland (and others) have taken this to heart. If you are spinning
at exactly the right speed as the rest of the world, you will always be wrong.

So what if you start spinning wildly, at several revolutions per second?

Won't you be right dozens, or even hundreds of times in a day?

Never mind the fact that you'll be wrong thousands, or even tens of thousands
of times in that same period of time, and that's the problem with both men.

Both can point to a number of times when they were spot-on, either through plain old
dumb luck or because someone who really does know told them so (and they parrotted it)

Trouble is, the times they are correct are so outnumbered by the times they are
wrong that they just aren't worth following, regardless of the absolute number
of times they are correct. How do you know for sure when they are correct, unless
you do all the leg work yourself to verify?

Of course. (2, Interesting)

showardkid (823639) | more than 8 years ago | (#13792065)

Seriously, folks, Microsoft is not running a charity here. What he suggests doing is dirty, scummy, and cheap because it will make them more money. I often agree with Dvorak, and this is definitely the case. Now, if Microsoft does this, it will inevitably hurt their profits in the long run, but for the short term, it'll boost them. The same thing happens with outsourcing. The same thing happens when customer service is moved to a call center in India where the workers don't speak passable English. The customers of these businesses decide that they want to work with the business that deal with issues themselves.

I'm not complaining (1)

camsbad (200182) | more than 8 years ago | (#13792075)

I personally love the fact that Windows is so unsecure and so easy to hack/trojanize/etc. If they made a secure, bug-free operating system, there would be a ton of us support peeps out of a job. I support windows computers every day at work and use linux at home so i dont have to do the same thing when i get home. GAWD Life is good :)

Maintenance should cost time or money (3, Insightful)

dada21 (163177) | more than 8 years ago | (#13792080)

Every product we buy needs long and short term maintenance. Cars need oil, tires, waxing and tinkering under the hood. Software, especially complex operating systems with a ton of third party programs, are no different. As Linux gains features and popularity, it also gains incompatibilities.

Most end users seem to understand and accept some expense that decreases future downtime. Not a single customer of mine refused Microsoft's yearly subscription. Not one refuses to pay my employees' $95/hour invoices for applying all the various first and third party patches.

Back to cars... Does GM repair recalls for free? Sure. But if your new radio doesn't interface with hour Vette, you buy the harness. When Windows is defeated by a new loophole that only occurs from connecting to the web, who's fault is it?

You can always remove your 3rd party radio in your car. Go back to the OEM one. You can stop browsing through AOL using your Intel NIC, get MSN service and only browse MS websites, too.

I've always felt F/OSS users ignore their time value. My personal time is worth $60/hour to me, including rest/sleep. My customers see a return of more valuable time when they pay for maintenance. F/OSS hasn't paid enough of a ROI for me to promote it.

Re:Maintenance should cost time or money (3, Insightful)

sqlrob (173498) | more than 8 years ago | (#13792170)

When Windows is defeated by a new loophole that only occurs from connecting to the web, who's fault is it?

Microsoft's. Time for a recall.

From their XP Home Feature Page: (emphasis mine)
The Windows XP Home Edition operating system offers a number of new features that help you work smarter and connect faster to the Internet and with others. And the rock-solid dependability of Windows XP lets you work and play with more confidence than ever.

UBUNTU=DEBIAN DONE RIGHT (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13792093)

UBUNTU is DEBIAN done RIGHT! Don't struggle - Ubuntu.

Re:UBUNTU=DEBIAN DONE RIGHT (0, Offtopic)

MightyMartian (840721) | more than 8 years ago | (#13792141)

You think so, eh? Just try to install the latest version of Postfix and see how the delightful packaging mechanisms go for a toilet float.

Re:UBUNTU=DEBIAN DONE RIGHT (0)

Anonymous Coward | more than 8 years ago | (#13792232)

Just try to install newest version of Windows and see how well it goes.
 
UBUNTU IS HERE TO SOLVE IT ALL!

I feel dirty! (4, Interesting)

miffo.swe (547642) | more than 8 years ago | (#13792119)

I can nothing but agree with what Dvorak says, It is pretty disturbing that the company that lets the malware in also charges you money for fixing it. I do not think antivirus is any real solution either but one that comes from Microsofts unwillingness to fix the problem. Thus a void was created wich was filled by other companies. To see Microsoft trying to take over that market is obnoxious. They should have fixed the underlying design problems in Windows that lets all the malware in, not slap a new layer ontop of the old broken one.

Lets not forget that antivirus has a big problem. For it to recognize a virus someone must first dissect it and then create a signature. If someone would do 1000 versions of the same viruses you still have to dissect them all and create signatures for them. The hole that lets them in is still there and nothing is really fixed. All antivirus really helps against is getting a fix out for a specific virus in the wild until the vendor has time to fix the hole. If the vendor doesnt fix the hole quickly its pretty useless and creates and endless battle.

The antivirus companies ofcourse like this, and endless revenue stream. When Microsoft enters this market it creates a huge conflict of interest. This is why i agree with Dvorak. Now, im off to take a hot shower and cry trough the night.....

Idioms (-1, Flamebait)

northcat (827059) | more than 8 years ago | (#13792123)

I enjoy salt with my Dvorak, but that's just me.

That's not funny or intelligent. That's just plain retarded. Stick to the original forms of the idioms or come up with something ingenious.

Re:Idioms (0)

Anonymous Coward | more than 8 years ago | (#13792255)

Why post the article at all? If you don't respect the author, why post his article.. Just to make fun of it?

Clueless Moron (2, Informative)

bigtallmofo (695287) | more than 8 years ago | (#13792140)

I forgot to turn off my CUTEftp client and left it running all night. In the morning some system had loaded some weird software called "active skin," and I had to use SpySubtract to remove 26 Registry entries...how anything manages to worm in through the open port and place items in the Registry is beyond me, but it happens all the time.

Amazing how he jumps to the conclusion that because something told him he had spyware on his system, he assumes it's because he left an FTP client in memory overnight. Interesting theory.

Because FTP clients typically aren't exploitable "through an open port", you dingleberry, let me propose an alternate theory: You're a clueless moron that doesn't understand the most basic of security concepts.

Re:Clueless Moron -- Indeed. (3, Interesting)

Svartalf (2997) | more than 8 years ago | (#13792277)

I've long since quit taking Dvorak seriously. He's repeatedly shown himself to be clueless when it comes to these things. But then, you don't need any usable current qualifications in the industry that you're being a pundit for- all you need is an opinion, it seems.

Argh (4, Interesting)

Alioth (221270) | more than 8 years ago | (#13792144)

Argh. Stop posting Dvorak articles! The man is an idiot who doesn't check his facts. He has actually gone out and complained in a column about the System Idle Process taking up 98% of cpu on his Windows machine and making the box thrash.

His ignorant rantings are not in the least insightful.

Another windows bashing idiot (2, Interesting)

llZENll (545605) | more than 8 years ago | (#13792151)

If windows is so craptastic then why the hell is everyone using it? Because its the easiest and best OS out there, sure it has an assload of problems, but if your software was as complicated and widely run as windows it would as well.

On the notion of charging for patches, they must be joking, if they seriously think it will make them any money in the long run they are nuts. My guess is this is some new service which got totally blown out of proportion.

Because... (1)

Svartalf (2997) | more than 8 years ago | (#13792256)

It's what you get if you buy an economical PC. Honestly. It has NOTHING to do with it being all that good or easy. It's what was there, so that's what gets used because you have to go out of your way to use anything else.

It's so "craptastic" as you put it that most people spend as much as 20-40% dealing with Spyware, Worms, Trojans, and Virii on their boxes. This isn't because they're not security conscious, it's because the OS is actually THAT bad. "Easy to use" isn't when you're broken part of the time because of something that got inserted on your machine without your permission because of horrendous design flaws in the tool you're using.

Re:Another windows bashing idiot (0)

Anonymous Coward | more than 8 years ago | (#13792271)

> If windows is so craptastic then why the hell is everyone using it? Because its the easiest and best OS out there,

Your argument makes no more sense than the following (extremely idiotic) one:

* If using social security numbers as a secret password, knowledge of which proves a person's identity conclusively, then why are all the banks using it? Because social security number is the easiest and best possible password...

Hopefully you can see how stupid a conclusion that is, in that context.

Kiplan Ronald Dynamite (1)

pwnDonkey (919277) | more than 8 years ago | (#13792192)

Kips wedding song is a strangely appropriate ode to Dvorak:

Sure the world wide web is great, but you, you make my salivate... I love technology, but not as much as you, you see... But I STILL love technology... Always and forever. Our love is like a flock of doves, flying up to heaven above... always and forever, always and forever... Why do you need me? Why do you love me? Always and forever...

capone jokes and dvowrath aside... (2, Interesting)

quest(answer)ion (894426) | more than 8 years ago | (#13792205)

whether microsoft can or can't fix the basic structure of windows, its pretty clear that doing so is not the most marketable option. a "secure OS" is always going to be less trustworthy than a separate, identifiable, specialized program designed to fix a problem that's been given a name. i think most people who don't know about the nuts'n'bolts of computing (and, more importantly, don't care) need a ritual, like washing your hands, when it comes to keeping computers clean; something reassuring and visible in the GUI. people need to know that their OS comes with a crusading anti-evil-things champion. it may not be the smartest way to do it, but it's what people want.

hell, it'd be a shrewd move on the part of MS if they were to build their own virus/spyware protection, but package it as a separate module--say, building MSAS into the core of Vista, but keeping the name and the interface. a shady move, but a shrew one.

I still remember (1, Troll)

olddotter (638430) | more than 8 years ago | (#13792217)

I remember when Tech reporters we too afraid to every say anything publicly critical of MS. Seeing articles like this, regarless of their technical usefulness, does mean we are moving in the right direction. Moving slowly I'll grant you, but moving all the same.

I once predicted that historiclly some year around 1997 to 1999 will be seen as the peak of MS influence in the tech world. Although it might take 20 years for the company to be weakened to a minor player, I think we are seeing MS in its declining years!

Registry is the problem? (5, Insightful)

Se7enLC (714730) | more than 8 years ago | (#13792245)

What's wrong with the registry? Sure there are better ways to do it from an end-user point of view, but you can't blame the registry for all of windows problems. All the registry is is a database of configuration options for applications, system, etc. What would you rather have, a mess of unorganized and inconsistent files in /etc and ~/.appname? In either case, the registry has NOTHING to do with spyware infection. It's merely the underlying system that gets edited once a malicious program gets in. SOMETHING has to contain system and application configuration options, and whatever it is will be called a registry. The actual implementation is irrelevant.

Whatever Dvorak would like to see replace it (notice that he didn't make a suggestion for improvement, just that "there has to be something better") will suffer the same problems as the registry if the security holes allowing unauthorized programs to edit it aren't fixed.

stating the obvious (3, Insightful)

micromuncher (171881) | more than 8 years ago | (#13792254)

I dislike the puppet intellectual (Dvorak) as much as the next guy, but this time he has done an effective job at restating the obvious.

He does however miss a point near and dear to my heart... that is - the dependency of the OS on these new MS integrated virus and spyware initiatives which will only get worse.

I live behind a firewall. It does a really good job and keeping out most sploits. I also live behind an email server that does a pretty good job at sending executables to the bit-bucket.

It annoys me to no end that IE is so insecure... but it also annoys me every time I boot my machine I get the Your system is insecure message, because I've chosen to disable the MS firewall and antivirus.

Perhaps it will become as irritating as norton, that revalidates itself every other day accross the internet telling me the key I bought last month expired... or having ccapp go crazy burning cpu even when I've disabled virus checking.

Norton is evil. It hooks into all sorts of stuff it shouldn't. Crappy virus ware (that patches file open) can potentially take down/slow down you computer even when its off, or you are disconnected.

So, the real issue, after my rambling, is dependency on this crap by the OS, the grafting *kludge* by which it was implemented, and an unhealthy assumption that every computer is connected to the internet all the time.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...