__/ [ Gaz ] on Sunday 16 July 2006 12:31 \__
> Roy Schestowitz wrote:
>> __/ [ Colin Wilson ] on Sunday 16 July 2006 11:24 \__
>>
>>>>> As you may know, Microsoft has ended its support for Windows 98.
>>>> This may seem acceptable for some, but these machines are being hijacked
>>>> and are joined to form botnets.
>>>
>>> Win98 is probably more secure now than XP - it has attained security
>>> through obscurity.
>>>
>>> As long as someone with two brain cells configures a firewall and AV
>>> program, its probably as solid as you're likely to get without a shift
>>> to *nix.
>>
>> But this does not quite address the issue. Windows PC's are being hijacked
>> and cause damage even to those who never set their hands on Microsoft
>> software. Shouldn't someone be held liable?
>
> Those doing the hijacking?????
> MS sold you a product, they very generously provided a free service for
> downloadable updates for eight years. Do you still believe some kind of
> contractual obligation is owed by MS to you?
I take your point, of which I am well aware. However, many
severe flaws remain and they are often discovered /after/
they get exploited (i.e. after machines are compromised).
Only a few days ago, for example, a PowerPoint flaw was
discovered and already exploited (no patch available yet).
So even a fully-patched system remains vulnerable. This
enables people to carry out attacks on Web sites (mine
included), which costs Webmasters time and money, and
botnets also spam the Web (I get about 400 spam per day).
The ISP's seem hopeless because they cannot disconnect every
Windows machines (even fully-patched system are
susceptible). Frankly, I think Microsoft should be held
accountable (in one way or another) for designing a system
very poorly. Many experts have commented on the realisation
that Windows is insecure _by design_. Due to lack of
modularity, it was made easy to capture and the impact on
the Web is severe. And it gets worse by the day (a proven
fact). Can no justice be made? As in the case with the EU,
Microsoft rarely cares unless there is pressure. Even after
two years in the courts, they simply refuse to disclose
comminication protocols and facilitate interoperability
(fair play). When it comes to patches or redesign of
software, they are slow or apathetic. This is a case of
extrating monopoly power. Many people are unable to secure
their system, let alone migrate away, due to lockin and OEM
deals (no preinstalled alternatives).
I would appreciate your advice/help.
Best wishes,
Roy
|
|