__/ [ BearItAll ] on Thursday 24 August 2006 10:08 \__
> Roy Schestowitz wrote:
>
>> __/ [ BearItAll ] on Thursday 24 August 2006 08:50 \__
>>
>>> 7 wrote:
>>>
>>>> Roy Schestowitz wrote:
>>>>
>>>>> Windows Vista's Speed Bumps
>>>>>
>>>>> ,----[ Quote ]
>>>>> | Unfortunately, after many months of using Windows Vista, I conclude
>>>>> | that Microsoft has placed a thick security facade around the
>>>>> | operating system that impedes usability compared to Windows XP.
>>>>
>>>>
>>>> Wait wait wait...
>>>>
>>>> What are they saying new here? The security system is thick?
>>>>
>>>> I thought micoshaft security was always written by thickies!!!
>>>> And the users who rely on it are even more thickies!!!
>>>
>>> You can see the way it's going to go though can't you, MS at last making
>>> an effort towards security, but their users are likely to reject it
>>> because it isn't as easy to use.
>>>
>>> I think MS are in a no-win situation with Vista even if they serve it to
>>> customers on a silver platter.
>>
>> I think there's something worth distinguishing.
>>
>> Mozilla Firefox is a fortress
>>
>> Internet Explorer is a cardboard box defended by prompts.
>>
>> Linux and Windows likewise. As Windows is inherently insecure (and some
>> already argue that Vista is less secure than XP SP2), all you can do is
>> guard it from the outside (e.g. OneCare, which was recently renames...you
>> know, "Wanker..").
>
> They are starting from behind, and chances are they would have carried on
> insecure as long as they could have gotten away with it.
I have a hard time believing all these arguments about security. It's a false
sense of security -- an illusion that is bound to burst like a bubble soon
after Vista is released. It has already been penetrated (i.e. hijacked) by
Symantec and it has been receiving critical updates on that last Patch
Tuesday. Why does Microsoft tout security? Because it can (or could until
recently). With the beta (beta two, which going by its state is really just
an alpha), there can always be supposedly-valid excuses about it being
premature to judge. "It's just a beta", Winvocates will tell you. But it's
not a beta; it's Vista (that rhymes). Vista is in many repsects in a fragile
state. Not just when it comes to security, but also when you look closely at
the number of bugs in the O/S and the software (but, hey, what /else/ is
new?).
Steve Ballmer said that there was a "development crash" and Microsoft "needed
to reboot" (Windows). That was just a few months ago. He must have referred
to the time when Longhorn was dumped after 4 years in development. Windows
Vista is just that fragile Windows Server 2003 (a close XP sibling, with or
without service packs).
> MS Win as it is would be extreemly difficult to secure properly. They
> should have taken the opertunity since the release of XP to plough money
> into developers to do a full rewrite with full layered seperation. But they
> didn't spend a penny, there have had all this time and wasted it. Instead
> we get them writting to developers in the last year or so before Vista's
> release, asking us to help make it secure. (I got one because of work I did
> in the past which I mentioned in this group).
>
> But having said that, now that MS are starting to get motivated in the
> direction of security I think it will be a sad situation if their users
> reject it. We all know how dumb people can be which is one reason why they
> will reject it. But the other reason is because MS users are so used to
> slash-n-burn computing, losing their work and emails because they had to
> reformat because of yet another virus or worm or corrupt system, they tend
> to shy away from the things they might want to keep. What I mean is, they
> simply don't venture into those areas anymore. You see it all the time in
> home users, you say to them 'why don't you do so-and-so on your computer?'
> and they say 'no, its to risky'. Instead the PC is used as a transient
> tool, do things that you don't care whether you lose it or not.
But let's not miss the important issue here. Many of these supposedly-needed
chores are an unnecessary evil. Why needn't we ever defrag my computer? Or
scan for viruses? Or tolerate many prompts? Because we use an O/S which was
designed with a secure (multi-user) setting in mind. Windows was built for
play and admiration (the American dream of a PC on every desk). Inevitably,
it was forced to be glued to this 'thing' called the network and the
Internet. But it was still that gaming toy... not an O/S that was prepared
for outside intervention through (ill) collaboration.
> Remember that it is to all our benefit that all PCs that connect to the
> global network are as safe as possible. Because until the MS machines are
> safe, we are all held back from advancing in global applications and
> networks because of the weaknesses that MS brought into the game.
Definitely. I keep complaining about the levels of SPAM and DDOS attacks only
because these affect /everyone/ -- even those who turned their back
/completely/ on Microsoft. And I think it's just unfair and irresponsible.
> I hope this Vista is more secure, even if it is only forcing proper user
> levels onto it's users, with No internet action for administrator levels.
> If they at least make a decent effort I'll be willing to slap them on the
> back, but I would expect a continuing increase in this security.
If there are 10 million zombie 'in the wild' at this moment, then even if
Windows Vista was embraced (which it won't) and was secure (which it is
not), things would not change. As long as you have some second-world
countries that turn a blind eye to urgent patches and witness the cost or
Vista (and lack of added value), no change will be made. And with financial
incentive, cybercriminals will continue to pursue botnets. Windows is easy
pickings. Even brute-force SSH-type attacks would not be fruitful because
firewalls will, by default, deny such access.
Best wishes,
Roy
--
Roy S. Schestowitz | Linux: just set it and forget about it
http://Schestowitz.com | Free as in Free Beer ¦ PGP-Key: 0x74572E8E
Cpu(s): 18.9% user, 2.7% system, 1.0% nice, 77.4% idle
http://iuron.com - semantic engine to gather information
|
|
