Last Words On Service Pack 2 542
thejoelpatrol writes "So did Slashdotters call this one? Windows XP SP2 seems not to be so secure after all. A Register reporter goes in depth to find out just how safe a fresh install is. He provides a list of which dangerous ports are left open and which services are left on by default. I guess now we know why Microsoft's security timetable is 10 years." Reader ack154 writes "ZDNet is reporting that many Dell Inspiron users are reporting an extreme performance decrease since installing Windows XP SP2 - decreases as much as from 2.6ghz down to 300mhz. Dell claims no responsibility, claiming it is 'externally loaded software' and they don't support it. In the mean time there has been a fix posted on Dell's forums, which rolls back the processor driver." Finally, Marxist Hacker 42 writes "Amid complaints of too much XP Service Pack 2 coverage on ZD Net, David Berlind writes that Service Pack 2 deserved the scrutiny it got- and charges that it failed to live up to Gates' Trusted Computing Initiative." Finally, Microsoft warns that installing SP2 on a spyware-infested PC is a bad idea.
It deserves scrutiny (Score:4, Insightful)
So basically: (Score:2, Insightful)
Because I wasn't expecting that it would, but apparently somebody is. Unrealistic expectations also lead to insecure implementation.
I don't get it (Score:4, Insightful)
Oh boy an article from the Register! (Score:2, Insightful)
Tell me again why people other than rabid Microsoft haters read that garbage?
Of course SP2 isn't completely secure...neither is *gasp* Linux *gasp*. Nothing plugged into the Internet ever will be.
Easy Windows (Score:3, Insightful)
Re:I don't get it (Score:5, Insightful)
Having said that- I was surprised by his port scan of a SP2 machine, since my own tests at ODOT showed NetBios inaccessible after SP2 install, killing the ability for SMS to see the machine (one of the reasons that I'm NOT allowed to do testing on the real network for SP2).
Re:So basically: (Score:5, Insightful)
Re:CPU Driver Problem? (Score:3, Insightful)
I mean, a driver is something that tells your computer how to talk to some piece of hwardware - say a modem. It maps from a common API (say, the windows API) to the specific API of the device (say, use Int21 with ax=3 to hang up the phone).
Are you saying there's a windows API to the CPU? Something like HWND add(HWN ax, HWN bx) ?
That makes no sense at all.
Someone please explain this to me.
Re:So basically: (Score:5, Insightful)
Many of microsofts security problems could be fixed by just following best practices, and the built in firewall doesn't do shit.
It's not THAT bad (Score:0, Insightful)
M$ spent a LOT of time and money on SP2 trying as hard as possible to make it a quality piece of code. Hell, my 400MHz laptop boots twice as fast w/ SP2 installed and I haven't had one piece of spyware install itself, and I was getting 3-10 a week before. Kudos to the guys at M$ who worked their ass off to make my ancient laptop a viable machine for years to come.
And it IS a Dell.
ZDNet, huh... (Score:3, Insightful)
I'm not going to place any faith in benchmarks generated by someone who thinks performance is measured in clock speed.
Chris Mattern
Re:CPU Driver Problem? (Score:2, Insightful)
My guess would be that it includes CPU model specific definitions for power management and other features that need to be activated in a certain way by the OS for them to function.
This could also explain that the processor clocks it down as certain power management features do that to the processor.
Re:News for Nerds but not for Slashdot Nerds (Part (Score:3, Insightful)
Do you actually believe an article that has:
"Microsofties say they were more worried about Linux a few years ago, when it was a truly free program, spreading on its own, from user to user, like a virus."
The author insists on comparing Linux support costs to Windows product costs:
"If the Linux camp simply manages to create an operating system that does roughly what Windows does for roughly the same price, what will be the point?"
The author says the difference between support and the product is "semantics":
"... Red Hat
The author also drank some of the SCO Koolaid:
"You might need to buy insurance to protect you against lawsuits over intellectual property rights. (One outfit hawks such policies for $150,000 year.)"
Some other excerpts:
" IBM and Novell are pumping millions of dollars and mountains of brainpower into development of a commodity operating system--they are re-inventing the wheel."
Actually, I could just quote the entire article. I hope Daniel Lyons (author) got paid for his time in writing this press release for Microsoft.
Stop bitching (Score:4, Insightful)
Re:So basically: (Score:5, Insightful)
If they were to close off all those ports, they would risk all the clueless sysadmins screaming on MS forums that SP2 breaks everything, even basic windows sharing facilities.
I think the main point here is that MS has tried to appeal to people by saying that it's easy to be a sysadmin, that anyone can set up a network and run it. Real sysadmins all over the place freaked out, with good reason. They were accused of being set in their ways, etc, etc.
Now all those things that the skillful have said would happen, have happened. Rampant security problems, etc.
Re:It deserves scrutiny (Score:5, Insightful)
Re:Firewall is on by default (Score:5, Insightful)
So if these machines are not updated, and the owners don't know what they're doing, what makes you think they'll install SP2?
Re:Firewall is on by default (Score:3, Insightful)
But I'm anticipating SP2 making it onto new PCs at some point soon.
Re:any time now... (Score:5, Insightful)
What people don't realize (Score:1, Insightful)
Also note that many of the "flaws" in SP2 still have to do with users' stupidity. "A program running with admin privileges can make the security center falsely report that the firewall is on" - well duh, but why did you download that program in the first place, and why are you running it as admin?
Re:Spy ware and SP1 (Score:3, Insightful)
Perhaps not the first time you notice the problem, but after that, it's the university's fault. It's very easy to tell people to install and run adaware before installing the update...
Re:So basically: (Score:3, Insightful)
Ahh, but it is easy to be a sysadmin and setup a network in the Windows world. Good network? probably not. Secure network? probably not. However, it's going to be good enough for people to get their work done.
I once saw a small company with a terrible network. The configuration was an abomination and security was lax. Everyone in the company drove an SUV or luxury sedan (Mercedes, etc...)
If the bonehead sysasdmin somehow sticks up a firewall and figures out that spyware is bad, then that is golden. Sure they could get hacked and have sensitive data stolen and go into financial ruins, but probably not. They can get robbed or have their building burn down too, but probably not.
Microsoft is good enough. Perfect? Far from it, but good enough. That's why they're the king.
Re:Correction (Score:2, Insightful)
What crap (Score:5, Insightful)
He claims that WebClient, DCOM, TCP/IP NetBIOS Helper, Secondary Logon, Remote Desktop Help Session Manager, Remote Access Connection Manager, DNS Client are all on or set to manual and should be disabled. Thanks, but I'd like to be able to use WebDAV, COM/DCOM, share files with a roommate/family member, use remote desktop from work, VPN into work in the first place, and resolve DNS hostnames thanks.
I might also add that he rails on Microsoft not taking advantage of multiuser capability properly then recommends that Secondary Logon be disabled for home users! Without it, Windows can't popup when you try to install a program or run Control Panel and ask for an admin password to proceed... which makes using a non-admin account a pain in the ass.
He also whines about these network drivers being installed:
Client for Microsoft Networks, File and Print Sharing, and the QoS Packet Scheduler
But perhaps he assumes everyone has one and only one PC in their home and has no wish to share files between them (yeah right). Oh, and you'd like to take advantage of QoS for VOIP or bandwidth throttling? Forget it if the driver isn't available.
With "genius" insights like these I certainly wouldn't trust this yahoo to install a toaster oven, let alone an operating system.
Re:So basically: (Score:5, Insightful)
Ports 135-139 are enabled by defailt when joining a domain.
Windows Firewall is managable by DOMAIN POLICY.
Complaining that they're enabled by default is moronic.
Re:Why I didn't bother... (Score:4, Insightful)
For an added bonus: Installing Firefox and Thunderbird.
That's it. You're done. The average user installs far more than two/four pieces of software and someone put together a CD of this stuff, all of which is free or OSS, with simple instructions you could teach anyone to harden their computer. Hell, I've taught people who know nothing about computers some basic security. Now they ask me reasonably intelligent questions about what they can do to further protect themselves.
Items worth noting (Score:2, Insightful)
Re:Oh boy an article from the Register! (Score:3, Insightful)
Just because A is insecure and B is insecure does not mean A and B are equal in terms of security.
*gasp* *gasp* *gasp*
Re:Why I didn't bother... (Score:4, Insightful)
What about that software that uses IE APIs? Someone may not be running IE but they're still at risk because they are running software that is.
I just don't get it... (Score:2, Insightful)
Many Slashdotters spends a good portion bashing Microsoft for security. What does Microsoft do? Take a good period of time to try to turn things around and release a secure product (SP2).
Now a few people are saying security problems may still exist or that a few isolated people have had bad experiences with SP2 and people here bash SP2 as a failure?
ARE YOU KIDDING ME? What planet are you guys from? Of course it's not PERFECT you idiots - no OS and application is, no matter how secure you design from the start or whatever overused bullshit line of rhetoric you want to use. mistakes will always be there and improvements will need to be made as the product grows.
Saying slashdotters called it just shows that very few here WANT Microsoft to be secure because then it would take away your favorite hobby of nonsensically bashing an alternative to your OS of choice. You can't ignore the fact that SP2 did make MASSIVE improvements for many millions of people to make them more security aware and that is not a bad thing, even if it is a start.
Sometimes I feel when I read this crap that most people want Windows to remain insecure only for their own selfish reasons and forget there are people on the other end of those machines. Why not praise Microsoft for at least making a step in the right direction? It's this attitude that doesn't help things one bit and only comes off as childish.
And BTW, the Register article had nothing really incriminating against SP2 other than they disagreed with some of the services and firewall features. Yes the WMI hole is there but it requires more than just sitting the box on the internet. Yet many dotheads will assume this means that SP2 is just sitting open like Windows XP was straight out of the box.
Here's a fact:
Put a Windows XP box on the internet and it will get infected with spyware and other crap.
Put an XPSP2 box on the internet and at least you're protected from that crap. Hell people, that's a MAJOR step!
Anyhow, the Register is hardly a worthy news source for unbiased reporting. And the ZDNet guy even said "While this is not a complete list of what makes SP2 worthwhile, SP2 is worthwhile for the majority of Windows XP users". But again, let's be honest here - he's just a guy writing an opinion column, more heart than fact.
Re:Interesting... (Score:5, Insightful)
Suggesting that we turn off DHCP with a comment like "Unnecessary on most home machines" shows that someone is not in touch with the rest of the world.
Maybe in L33Td0M you only run static IPs so you can connect by typing in l33T IP addresses instead of machine names, but the rest of the world doesn't know an IP address to save them.
Comments like that show you have no clue, because the world is not full of command prompt users.
Re:Why I didn't bother... (Score:2, Insightful)
Fellow inspiron owner (Score:5, Insightful)
>So did Slashdotters call this one?
No. They really didn't. Of course SP2 was going to cause *some* problems, but poo-pooing everything MS in a knee-jerk fashion doesn't help anyone and probably is keeping people from installing it, which is a real shame because:
1. Firewall on by default. Power users can easily shut it off. How many Slashdot posts do we have that wish MS did this, but when they do suddenly MS is doing wrong. Yes an admin can shut it off even with an activeX control. Such is the life of running as admin.
2. Nag screens for anti-virus and updates. Much needed.
3. Better wireless interface. The old one wasn't so hot and this is a welcome upgrade.
4. "Drive by installs" are not going to be as common as IE requires an extra step to install/download stuff and blocks pop-ups natively and by default. Man, how many slashdoot posts did we have about "MS should do something about pop-ups and click installs!" Well, they did. Sure, they didnt remove activeX altogether, but no one was expecting that.
5. NX support for AMD 64. Wow.
> Finally, Microsoft warns that installing SP2 on a spyware-infested PC is a bad idea.
No shit. Installing ANYTHING on a spyware infested PC will cause all sorts of problems. Fighting spyware is what SP2 is trying to do. Give it time or at least introduce your friends and co-workers to a little thing called Ad Aware, especially if they'll never switch to FireFox. Face it, many people will never switch and will go to their deathbeds using bundled software.
>So did Slashdotters call this one?
Granted, if you take the negative approach to life 24/7 you will be right every so often or at least subjectively, but I feel these are much needed changes and will help technophobes better use their machines. MS can do things right. Yeah, break out the smelling salts...
Re:All I see is Security Center (Score:4, Insightful)
Microsoft as well as Apple and other companies understand more about the average computer user than most other software companies, especially when it comes to these particular rules:
1) 99% of computer users do not know what they are doing
2) People do not read unless they absoletly have to.
3) You must create all user interfaces under the presence of monkey. In other words, if you cant train a monkey to use it then your wasting your time.
The Security center for example, covers all three of these, it basically forces you to read it by prompting non stop, it's easy enough to train a monkey against and even a moron can understand that a big red blinking X covered shield means bad.
Sp2 also brings these concepts to the activeX realm. Spyware becomes almost impossible to install through IE using them most common methods used today. basicially you load a spyware infested page, it then drops down the "oh no this page is downloading activeX" box, forces you to click on it and say download it, Reloads the page again which screws most browser hijacking from occuring because most hijackers don't reload in a browser refresh, then promps you again to make sure you really want to do this.
They know they don't want people downloading this stuff, so they first force you to pay attention and read, then they actually break the #3 rule to purposely make it hard for John Q moron to install the scumware unless he absoletly needs it to survive.
It also has to be noted that the firewall and automatic patching is ON and encouraged to be ON by the security center. regardless of what you think of the firewall it basically stealth's you from the net and it's better than wide open anyday, and if everyone was patching automatically we wouldn't have had half of the infected blaster and sasser systems out there.
SP2 has flaws, basicially a complex virus could easily turn off the firewall, spoof the security center and go insane, but they did some under the hood things to deter rapid spreading and frankly I dont care which operating system your running, If a virus has root, or administrator or whatever is the highest access given by your favorite OS, Your Screwed because it will disable any protection you may have had and hapilly make you and your Net neighbor's life a living hell.
Re:I just don't get it... (Score:4, Insightful)
I think that most of us "in the know" will find that the step was not major, a major step would be to provide a locked down network configuration for XP and not rely on the user turning off services. Rely on the user to enable the services he or she needs, and force all users to run under unprivliged accounts. You are right that *nix is not more secure, its just more secure by default.
Busy Work (Score:3, Insightful)
It's a computer for crying out loud! Why can't the process be automated so users can do other things?
Re:Interesting... (Score:3, Insightful)
Re:So basically: (Score:3, Insightful)
If Microsoft had delievered a completely robust, all encompassing firewall product bundled in SP2, would you then gripe and bitch that was unfair and anticompetitive?
Damned if you do, damned if you don't. It's not strong enough or you're being unfair and bundling.
Whatever, either way, saying "doesn't do shit" is pure BS - it DOES do "shit", it just doesn't do everything YOU want it to do (or what you read that others want it to do).
On the contrary (Score:3, Insightful)
Methinks something is borked with this anaylsis. A lot of these services aren't accessible on the boxes I've tested with (both on and off domains).
Security Vs. App Compatibility (Score:3, Insightful)
1 -- "XP SP2 BREAKS TONS OF APPS!!"
Essentially, Windows is *too* secure and now breaks tons of programs -- so don't install it!
2 -- "XP SP2 IS TOTALLY INSECURE!!"
Too many Windows services are on, which means lots of apps -- including harmful ones -- are still able to run, which means XP SP2 is totally insecure -- so don't install it!
You can't have life both ways. Yes, added security will break *some* apps, but most will still work. Yes, it's not as secure as, say, a OpenBSD installation where you turn on one service at a time -- but end-users aren't expected to go through turning on service by service and tweak firewall settings every time they install a new app!!
By the way, for corporate deployments, most of that stuff (services, firewall, etc) can be administrated through Group Policy, anyway, so the default settings apply much more to home users than corporate ones who can pick and choose what services, firewall settings, etc to allow on their Windows PCs.
Re:Why I didn't bother... (Score:2, Insightful)
DNS Client service - misnamed (Score:3, Insightful)
He's too kind.
They should call it the "DNS on crack" service.
The only reason I can see for it existing is for sites where DNS is non-existent or badly broken, so that names pulled out of WINS, browsing, or by casting entrails or yarrow sticks can be used to let some applications run that would otherwise freak out. The problem is that when you do have working DNS it will, occasionally, freak out and return randomly wrong information.
Unless you're at a small business using a misconfigured Windows-based external firewall AND you're not willing to spring for an Active Directory server, turn this baby off and disable it. You'll be glad you did.
Dell responsibility (Score:5, Insightful)
As an OEM that sells systems bundled with XP, Dell, I believe, is obligated to support systems whose users apply service packs to the OEM-installed OS. There was some flak about this some time ago when some OEMs simply referred their customers to Microsoft, and I believe that they were reminded that they picked up this obligation as one consequence of their OEM arrangement. This support site page [dell.com] gives the particulars for Dell. In my experience, Dell acts like any other Windows sysadm: they wait until their own internal testing is done before they add it to the list of supported service packs, so that they can simultaneously publish a list of any issues (such as required driver updates). Until then, you take your chances (which have been minimal for me, though I tend to stay in the Latitude line, even for home systems) and rely on the forums. My reading is that Dell isn't done with its testing, and the particular spokesperson is only half right: not supported until their testing is complete and it appears on the above page.
A cursory inspection of the article yields (Score:5, Insightful)
The service is not enabled... it is in a state where applications that rely on it can start it if its necessary, but that would be performed by the user. Have it not enabled is not a security risk....
I love this service. I love that it is not enabled by default, but must (as above) be initiated by the user. Again, there is nothing wrong having this service in a state where the user can enable it without confusion...
This service is what allows fast-user-switching (multiple console logons w/out logging out). It is an integral part of the XP ui and absolutely should be enabled.
Newsflash -- Windows is not *nix, its user base is not a *nix user base, etc... Excuse the cliche, but "Mom" is not going to login as a "user" then launch setup apps in root/admin context -- this is just not something that "mom" can wrap her head around.
I'm calling bullshit on this one. Pick -- the end user should be smart enough to work in the user context until he/she needs admin access, then they should go use it for that specific context, etc... but they shouldn't know if they trust a site or not? And by default there is nothing in the "trusted" sites list, so the user is going to be prompted for each download attempt. If they don't like the "zones" idea that's fine, but complaining about the implementaion is different from that implementation being unsafe.
More of the same. We get it, you don't like the "zones" thing. There is no difference between what the review wants and what IE already does in this case. There are no trusted sites by default and the user is going to have to go out of his/her way to get some there. If you like reading some activex riddled crap page you should be able to view the site without being bothered every 2 seconds. You have that right.
As a matter of fact, can you imagine the user experience if these setting
Re:ZDNet, huh... (Score:5, Insightful)
Dell employees modded me down! LOL! (Score:3, Insightful)
windows 98 se (Score:2, Insightful)
Why should everyone use the latest OS . aka the win XP and suffer all these problems?
Except a few s/w that work on XP only , 98 does it fine.
what reay ou going to lose out if runnin g a in98 se - patched up system?
Dont tell me " bad looks" - aint like XP feel....thats garb.
plus virus writer these days target XP mainly...98 escapes...example: Blaster.
Think about it.
Why SP2 sucks! (Score:2, Insightful)
It automatically, re-enables, MS's worthless firewall, and changes Automatic Update to download and install without any user input regardless of what you had it set for already.
In addition, the security center is an annoying piece of sh!t. I just got done setting up an elementary school lab with 35 new PC's, and once Automatic Update kicks in and downloads SP2, I'm gonna have to make a return trip just to reset every goddamn thing back to the way I had set it.
That is by far my biggest gripe, MS simply doesn't think about computers that are going to be used in a multi-user environment outside of a family room. I feel sorry for school admins across the country who are gonna have to deal with this shit at every school with XP machines. Thankfully, I only have to deal with one school.
I wish OS developers would include a special User account specifically designed for "Students".
Re:Slowed Down? (Score:3, Insightful)
And now that you have SP2 installed, it will take longer than evar!11! to get bogged down again.
Yay111!1
Re:Why I didn't bother... (Score:3, Insightful)
Re:I don't get it (Score:2, Insightful)
DNS client service, isn't that for making DNS lookups work? Anyone know?
The WebClient service is used in the
The author also wants the firewall to bother the user everytime anything goes in or out. Sorry, you can't do that to users who doesn't understand what those apps are. I just fixed a computer that had had the DHCP client denied access to the DHCP server because the guy who was clicking the buttons didn't know what the app was (and he shouldn't have to!).
First, anyone with physical access to the machine can reconfigure it and possibly destroy important files, whether intentionally or accidentally.
Um, can't anyone with physical access just use a magnet intentionally? I mean granted, I don't think it is a good idea to run as root on Unix, but still! I'm not for having users be Administrator on Windows (and especially against the Administrator having a blank password when you boot up in safe mode), but this guy is making up complaints against Microsoft.
JavaScript is enabled. (We would leave it disabled.)
Uh huh, and have tons of websites break (including GMail and other popular webmail sites).
Conclusion
I'm not a M$ fan by any stretch of the imagination (I use a Mac and highly recommend that other people get one when they ask me), but this isn't an article, just complaining that Microsoft doesn't turn off everything that makes their operating system semi-user friendly.
Good grief, what a bunch of FUD.
Re:Last Words? (Score:5, Insightful)
The entire summary is inflammatory. "Did Slashdotters call this one?" Well, gee, I'm so surprised that Slashdotters think SP2 is a failure. And then it even links to the widely criticized "Windows Secure In 10 Years, Says MS" article.
I am fully convinced there is a smear campaign going on against Microsoft that goes beyond merely being a pro-Linux site--as in, it is going beyond normal levels of criticism. I suspect it has to do with the fact that this website is corporate-owned, an entity of OSTG which is a company that makes money off of selling OSS and Linux products. The rate of anti-Microsoft articles has increased dramatically with the release of SP2, and headlines/article summaries are often wildly exaggerated or even completely false. If Microsoft owned a tech news site, and the articles it posted were inflammatory and exaggerated in the same way Slashdot's are, you know that Slashdot itself would be all over it with criticism! But Slashdot's misleading "news" is given a pass because a lot of people here have chosen this website as the haven for their frustrations with Microsoft. This place is the Ain't-It-Cool-News for IT nerds.
I'm sure many of you will disagree, and I respect that because I used to like Slashdot too back in the 90s when it was still a good place to find cool science and computer news, but since the corporate buyout, it has been a major source for three major things--anime news, anti-Microsoft news, and OSS project releases. In between those are scattered various articles intended to generate page hits by inciting emotions in the majority viewpoint of Slashdot--anti-capitalist, anti-corporate, left-leaning computer geeks (which makes it all the more amusing that Slashdot is actually corporate-owned, displays large banner ads, and sells subscriptions). That's why we get "More Automated DMCA Lies" articles--as if an automated system was an actual live being that could "lie" to you, when it's really just some automated system that made a mistake--and anti-RIAA, anti-SCO, and anti-copyright articles. We all know the formula for those articles.
Finally, it does not surprise me one bit that this article was posted by michael. Plenty of others have said enough about him. Even Jon Katz's articles were at least genuine in their subject matter. Michael's are almost always a cynical backslap against someone. Let's not forget his all-caps "ANTI-INTEL" troll in the 64-bit chip article, which would have been modded down had it been a normal comment and not an article on the front page.
If you disagree, reply and let me know why you do. But this whole obsessive-compulsive desire to bash and bash and bash Microsoft is just boring me to death. This is supposed to be a LINUX site, remember? Isn't there anything cool going on in OSS lately? I miss the old articles we used to get on Slashdot, and the fascinating discussions that used to take place (as opposed to the karma point games that go on now as everyone plays comedian and makes +5 Funny jokes that aren't funny). Do we really need yet ANOTHER SP2-bashing article?
Wait a month for the first patch (Score:2, Insightful)
FUD?? (Score:4, Insightful)
Agree with you (Score:4, Insightful)
I have complained about editorial policy in several of my posts, but (silly me) haven't ever suspected that ownership of Slashdot could have to do with what gets posted here.
I have also complained about low quality FUD troll articles by michael and suggested that articles be moderated, too, so that we can filter out that cheap propaganda that pollutes the site.
Of course, it seems it'd be "complicated" (suddenly it became hard to tinker with
This year has been really bad.
I my opinion, some 40% of all articles and 80% of all comments are of miserable quality. Sometimes one has to browse four pages of comments to find 3-4 insightful posts. And as the parent post says, you can't get rid of worthless comments because totally stupid articles get modded insightful or funny.
As articles can't be modded or filtered ("michael filter" anyone?) either, it's becoming quite unbearable.
Sadly, that is the new Slashdot - perhaps it's "If you don't like it - leave!", so I've been thinking if I should still visit Slashdot.org any more or perhaps join one of commercial tech sites with quality articles and forums.
Truly pathetic.
P.S. In past months I've been getting to moderate ONLY anonymous posts - now I have started to suspect that happens because I've voiced my dissatisfaction too many times... Anyone else gets only to moderate only posts by anonymous cowards?
Re:Last Words? (Score:2, Insightful)
An operating system which dominates 90+ percent of computers, yet the writers can't criticize it without it being regarded as flamebait?
Get a grip. MS makes billions of dollars from their products, which happens to cause billions of dollars of damage worldwide. As long as their apparent disregard for security runs rampant over the internet, writers will be crawling up MS's ass to criticize it.