This discussion has been archived.
No new comments can be posted.
Windows Not Expected Secure Until 2011, Says MS
Related Links Top of the: day, week, month.
Say "twenty-three-skiddoo" to logout.
Say "twenty-three-skiddoo" to logout.
Palladium? (Score:5, Interesting)
I dont know if he really *uses* firefox... (Score:5, Interesting)
Buy a car from my company now! (Score:3, Interesting)
Of course we won't perfect the brakes or the air bags for another 10 years or so, but hey the seat belts work most of the time. So buy my car version "XP" now so you can get a taste of what a safe car of the future will be like
Comment removed (Score:5, Interesting)
Re:Four Questions (Score:1, Interesting)
And if it does take Microsoft 10 years to secure it's operating system, one could only imagine the leaps Linux will take
Wrong point (Score:1, Interesting)
The key to focus on, however, is that Toulouse has access to fast, easily applied patches for Firfox, while an MSIE flaw is fought with Russian law enforcement. When will the MSIE software be patched? "We're still working on that."
That's the gist of it.
Firefox? Your Fired! (Score:0, Interesting)
Everyone so far has missed the point (Score:2, Interesting)
Case in point, they are paying out huge dividend this year. Why? So they can all pocket a boat load of money before everyone finds out that Longhorn won't be delivered on time or with all features (see other recent story on
So now that they have drawn down that huge cache of money and paid it to all those that hold stock they can cruise control for a few years as they start figuring out ways to sell of portions of the company to turn it into money to put in thier pockets.
I believe they have seen the writing on the wall and have started the process of shutting things down. Only problem is that you don't shut down a colossus like Microsoft over night. Very similar to AT&T, they have been in a downward spiral for many years. In AT&T's case they have at most another 5 years before someone picks up the carcass and finishes stripping it. Microsoft will take another 20 years before they finally have squezzed every last nickel out of the user population.
Re:Bash away... (Score:3, Interesting)
And how many of them actually succeeded in infecting millions of machines?
Compare Microsoft to automobile makers. When they started, they were unsafe. So they added a 'fix' like seatbelts. Then they added crumple zones, an enhancement to make them safe. Airbags, side impact curtains, rear-sensors for backing up, and so on, and so on.
That analogy is useless. In computing, the OS can have near infinite control of all the computer's resources, including all of its outgoing connections/etc, while a car only has control of itself. Thus, in computing, if done right, an OS can use its power to limit unwanted use of its resources much more powerfully than a car can limit another from racing into it.
When Linux or Mac or Mozilla or whatever becomes the primary player, they will be found out to have just as many liabilities in the security department, I'm sure..
Your statements sum up to:
A. Windows is more targeted by attackers than other operating systems
B. Other operating systems are just as insecure
And you attempt to make B sound as the logical continuation of A. Well, it isn't, and B is only your personal opinion.
Re:Bash away... (Score:3, Interesting)
Re:Download.Ject (Score:1, Interesting)
Re:In case you're wondering... why? (Score:4, Interesting)
the idea that an MS head is using firefox
and that he projects such a long time for security to happen gives him greater credibility among IT people that have a clue.
MS has lost so much credibility in so many ways in the past that they have nowhere to go but up. Why pretend anymore?
IE share down 2% according to WSJ (Score:3, Interesting)
I also have to commend the graphic that accompanies the WSJ article. The article says that for the first time ever IE share dropped, presumably because of the virus threat. Also a few words about the Mozilla developers.
It's the fundamental APIs (Score:5, Interesting)
The heavy use of anonymous pointers, multi-function entry points, and DLL initialization/release interactions create an absolute nightmare to maintain.
Even for a relatively small project, you have to spend a fair amount of time just getting code separated into mainline and DLL. Then you get the joy of dealing with the weirdities of the Windows variation on process interaction with DLLs.
I can't imagine any way of securing that spaghetti except to scrap the Win32 API and make the .Net framework the Windows programming layer. Then you can get rid of those holdover APIs from DOS-thunker days and replace the kernel with one that was designed for multi-user security.
You can be grateful Microsoft is finally taking security seriously if you like. I look back on 10-15 years of pager calls, system recoveries, and late projects because of bugs, many of which have never been fixed. My patience with their problems and excuses ended a long, long time ago.
Don't forget Microsoft has been around almost exactly as long as GNU.org. Linux is a pup compared to Windows, yet look how much faster that team addresses problems than the much larger team at Microsoft.
If Microsoft's market share begins hurting because of their security issues, they've no one else to blame but themselves. If the industry demands POSIX server APIs and Windows can't deliver, Microsoft has no one to blame but themselves -- the Cygwin team seems to have managed the task.
Microsoft and a lot of other companies need to get back to re-verifying their core business and refocus on producing marketable products and services. Times change, and last decade's sure winner is last year's end-of-life product. A little less focus on the stock market, and a little more on realistic business models and long-term viability.
Re:Longhorn (Score:0, Interesting)
Just create a user/group called mysql (in the unlikely event that you don't already have them) ungzip it somewhere, and make sure ALL the directories/sub directories are owned by mysql and group mysql (this trips people up). Change to the directory created when you ungzipped it. Type ./configure and it'll sort itself out and start up. Then change the password for root etc... For subsequent boots, add an init script to start it automatically, or change to the mysql directory, type "bin/safe_mysqld &" and you're running.
Oh, well if *that's* all there is...
That that paragraph of proceedure is considered "simple" (on linux) is more a testament to the horrible install proceedures of linux programs in general as opposed to the simplicity of MySQL.
In the land of the blind, the myopic man is king.
Re:What is unfair here? (Score:2, Interesting)
What I want to know is whether Linux has even admitted that it has a security problem to work on? I know they try to be secure but it seems a great many people thing that Linux is already secure.
Re:I security really that important? (Score:5, Interesting)
Proven wrong again and again. (Score:3, Interesting)
"ALL SOFTWARE IS INSECURE" is just a cheap way of avoiding the fact that some software is less secure than others, that some architectural decisions lead to less secure designs than others, that some corporate environments are more conducive to insecure software than others, etc. The maxim "all sufficiently complicated software contains bugs" is absolutely not an excuse in any way for exceptionally buggy software.
I don't want to abuse your car analogy too much, but if one of the major auto manufacturers was lagging in safety technology by forty years would you still use the excuse that such things are incremental and no car is 100% safe? Did "all cars are capable of crashing" save the Corsair or the Pinto, or were these in fact crap designs?
I couldn't prove that Linux/Mozilla/whatever have fewer vulnerabilities. Nevertheless, your belief that they would be the same, based on the assumption that known vulnerabilities scale with popularity and nothing else, including the design of the software in question I find highly suspect.
Define "secure" (Score:3, Interesting)
What is "secure" anyhow? Is "As secure as a nuclear weapons facility" really secure? Not if we believe 60 Minutes last night. How about "As secure as Ft. Knox" - there was something a few months ago that said that Ft. Knox was susceptable to attack (especially air attack if I remember right).
So, nothing is really sercure. Secure is really an analog thing. The keys to your car make your car resonably secure (and if you want more security, add an alarm). But is your car really secure? No, many a locked and alarmed car have been ripped off.
Banks are secure right? If so, why are they robbed?
Windows will never be secure, because nothing can ever be 100 percent B.S.-free "secure" Not Linux, not Windows, not Ft Knox.
Will Windows be reasonably secure in ten years? Probably by many people's standards, yes. But there will still be need for added security when it is called for. Just like a typical bank has more security than a typical house.
Your argument is old, well known, and well refuted (Score:3, Interesting)
The historical record does not support your assertion.
Microsoft was not always the dominant player, and it is not the dominant player in all markets. In markets where they are not the dominant player it is still common to find exploits for Microsoft applications outnumbering non-Microsoft applications.
A technical examination of the exploits fails to support your conclusion.
There are entire classes of security holes, like "cross zone" exploits, that only exist because Microsoft's software is using fundamentally unsound designs. There are classes of exploits that nobody even bothers to seriously track on Windows because Windows is missing the security boundary that such an exploit would attack: there can't be a "break chroot" exploit in Windows because Windows doesn't have "chroot", and the equivalent of a "local root" exploit on Windows is uninteresting because enough Windows users run as Administrator all the time... because that's how Microsoft sets the default user up... that it's irrelevant.
Microsoft's design is such that they only have to fail in one place, and at that point the game is over, the attacker has won. On other platforms the attacker has to first get their exploit into an environment where it might be executed, then (because automatically executing untrusted content is a Microsoft innovation) they have to trick the user into executing them, and then they have a fairly limited ability to cause problems until they break root. And it's possible to run your browser in a chrooted environment or jail to add a fourth hurdle that must be overcome before they can change any system or executable files. On BSD a fifth layer of security, the immutable flag, would mean they'd then have to wait for a reboot before they could have a hope of compromising the system.
Why does UNIX have all these layers of security? Because it was developed in a hostile multiuser environment from early days. Particularly BSD: you have professors and students working on the same computers, with the only thing keeping the students away from their professor's files (next week's test, their grades) was the local security. This isn't all that unusual, most operating systems developed during the '70s and early '80s were subject to the same evolutionary pressure... and UNIX-based operating systems benefit from that historical background.
Windows was not developed for a secure environment. The assumption was that there was really only one local user and he could do anything. When NT was shoehorned underneath this, most of the security capabilities had to be bypassed because they made things just too hard for applications that had been developed for a more trusting environment. It will require a significant redesign *and* breaking many many applications (for example, every application that uses the HTML control) to fix this.
I don't see that happening. that's why I said this guy has a really tough job.
"Secure" is an end user decision - a balance (Score:4, Interesting)
I've switched people (end users, not techies) to both Mac and Linux, and in both cases there was a general relief of not having to patch so much (I let them try for a month first). "So much" is the defining factor here - it's way, waaay too much for a common end user (and now well beyond the capability of an average modem to cope with, see SecurityFocus.com). To stay with car analogies, the Windows end users now run cars that need a brake fluid change every half mile. And when they ask the dealer they are told that the next car they buy will be better - out in the next couple of years or so.
Ask yourself: would you really, really like to buy another car of that make when there is a growing mountain of evidence that it can be different? Those I switched over didn't want to go back once they passed that first "It's new and scary" hump. That tells me more than marketing campaigns or "facts" give me.
Enough is enough - they had their chance. Anyone responsible for running a business should start to look at the risks they run - and insurances should start to have a good look at how much risk they insure if the business runs Windows.
Re:Doubledge sword (Score:4, Interesting)
They aren't.
The only thing I can think of that you might be referring to is Avalon. And that is considerably more advanced than Quartz Extreme. Quartz Extreme is like the current Windows rendering engine on steroids - it does more in hardware, it does more fancy stuff, but at heart it's still 2D bitmap-based software rendering with some fancy anti-aliasing, alpha compositing, and Expose bolted on top. Avalon is fully vector-based and done entirely in hardware. You simply can't compare the two directly.
Re:What?? 100% known secure isn't possible. (Score:3, Interesting)
To be 100% secure, you must demonstrate the following:
None of this requires the typical "inspect 'til you collapse of old age" method of securing software. If a component is verified or proven, then it's 100% bullet-proof, or damn close. By then placing the additional constraint that it can't do anything outside of a rigidly-defined scope, you render any flaws that do remain unable to be exploited.
As great as this method is, there are problems. Specifications, of any meaningful size, are extremely difficult to write. Most Software Engineers don't bother, precicely because it is so hard to do well enough to be useful.
Proving a specification as complete and robust is relatively straight-forward, but still very time-consuming (and therefore expensive).
Mathematically proving that a program is both a complete and sufficient implementation of a specification (ie: any case that can happen to one will happen to both in exactly the same way) is absolutely horrible to do. Even a relatively simple, short function can take days to prove. Something like the Linux kernel would take decades - by which time the kernel you'd verified would be so out-of-date as to be useless.
Making a function 100% bullet-proof on the resource front isn't easy. Resources aren't so easy to handle in pure mathematics, because they are finite in size, react in finite time intervals, and otherwise behave in inconveniently Real World-ish ways. Here, you'd have to demonstrate a total mapping between the theoretical ideal and the physical reality, and the appropriate trapping/handling of errors and extreme conditions.
Finally, the security model. It is always possible to miss something, even when using very exacting, detailed models to describe the behaviour of software. It is also always possible for someone who understands the behaviour well enough to exploit what should happen, for their own purposes. By running every single component of the software through a security model that rigorously controls what can happen, you trap any missed errors and any correct but abused behaviour.
I mentioned that this was difficult, time-consuming and expensive. A company the size of Microsoft, investing every cent it had into formal software verification, could probably produce a 100% secure version of the Linux kernel within a year or so. It would then go broke, having spent nothing on making an income in all that time. The "security" would last up to the next kernel patch, after which new bugs may well have been introduced.
"But that means it's impossible!" No, not quite. If, say, the US Government invested that kind of money into Linux security, you could be looking at provably-secure "A1-compliant" full-featured Linux distributions by 2011. It's not impossible. But it's not that likely, either.
There are no "provably secure" commercial or free OS' in existance, and any military ones that exist are probably very specialised, extremely secret, and utterly impossible to maintain. (The number of people who could maintain such a beast is extremely small, and not growing any larger. With the move away from robust designs, those who even could do the work have no incentive to keep those skills honed.)
I do not expect to live to see the day where there is even mo
Re:Download.Ject -- CORRECTION (Score:4, Interesting)
Hee hee hee... I find the following bit from Microsoft's instructions on how to clean the trojans funny:
Basically, they're saying that you don't have IE in pants-down mode, so their ActiveX scripty-do can't run. Is that ironic, or just amusing?
Re:Doubledge sword (Score:3, Interesting)
Actually I went retro on my PC and erased the drives and installed Windows 2000 pro. I am actually glad to be rid of XP Pro. Since most of my school work will center around 2000 pro that does not hurt either
Re:Doubledge sword (Score:2, Interesting)
More like 9 steps, but yeah, that's the big deal.
Re:Doubledge sword (Score:5, Interesting)
-To Read Email
-To Use Office (or other word processing/spreadsheet/presentation application)
-To Surf the internet.
That's all. My grandmother doesn't care if KDE provides quick access to the console terminal, nice configuration of profiles or quick ways to make system level modifications. And she definitetly wouldn't care about ports or tcp-ip (even if she had a vague idea of what they were). In short, she would have no intention of touching these features in the first place even if they were present in Windows.
Your case of installation is another excellent example. Windows install methods are kept basic for the simple reason that even your most average user has to be able to perform it (and Microsoft knows it). Having a variety of installation methods and added complexity tends to scare people away from any product in general. Whether it's simply choosing 1 application from hundreds that you want to install or telling someone to setup partitions and swap space, they'll be terrified if you put too much in thier face.
Linux Distribution companies realize this, and are working hard to simplyfy thier installation methods. Based on what i've seen when I picked up SuSE 9.0 a while back, this is certainly true.
In time, people will come to become more computer literate, and perhaps these features will have some meaning. Till then though, it's not going to be all the fancy under-the-hood features that sell a product. It's going to be simplicty.
flamebait? (Score:3, Interesting)
Without editing files and getting complicated? 95/98/Me/2000/XP/NT 4
Pardon me, but I've used KDE for quite some time now but I never edited a single KDE config file. Since I started using Linux I've done less configuration fiddling than under Windows.
All the other answers are also simply flamebait or plain incorrect (maybe except the hardware thing). For example, BSD 'is' not the only operating system that is more secure than windows.