Security Flaws May Be Microsoft's Undoing

← Back to Stories (view on slashdot.org)

Security Flaws May Be Microsoft's Undoing

Posted by ryuzaki0 on Monday January 14, 2002 @07:18PM from the you'd-think dept.

tarpitt writes: "According to this article in the LA Times, repeated software flaws in Microsoft products has begun to raise concerns that they 'threaten the stability of a major piece of the world economy and to raise questions about Microsoft's future.' Flawed security is seen as a stumbling block to accepting Microsoft sponsored on-line services. It is also driving discussion about making software manufacturers liable for damages caused by flawed products." This piece in eWeek on troubles with XP's automatic updates is an interesting companion; releasing often doesn't seem to be enough. Update: 01/15 15:00 GMT by J : Bruce Schneier's January Crypto-Gram came out this morning, and is also topical: "Microsoft treats security vulnerabilities as public relations problems. Until that changes, expect more of this kind of nonsense..."

13 of 505 comments (clear)

Ahem... by nurightshu · 2002-01-14 19:27 · Score: 5, Funny

...begun to raise concerns...
Begun to raise concerns?! That's like saying, "In other news, repeated appearances of the star Sol on an approximate 24 hour basis have begun to raise concerns that it may do so tomorrow."
Microsoft never built operating systems with security in mind. The last time I checked, the security testing group at MS consisted of two Norwegian Black rats, a four-year-old, and a blind, deaf, chimpanzee with a drinking habit. It still hasn't occurred to them that improving their security might, in fact, be a good thing.
There, I feel better.

--
They that would sacrifice their .sig space for that cliched Franklin quote deserve neither.
1. Re:Ahem... by servasius_jr · 2002-01-14 19:37 · Score: 5, Funny
  
  The last time I checked, the security testing group at MS consisted of two Norwegian Black rats, a four-year-old, and a blind, deaf, chimpanzee with a drinking habit.
  
  This allegation you're making is both hurtful and untrue. That chimpanzee is a friend of mine, and I'll have you know that he only drinks socially, and conducts himself with the utmost professionalism.
2. Re:Ahem... by Inthewire · 2002-01-14 19:46 · Score: 2, Funny
  
  Sure, he only *drinks* socially, but the reason he has a job is to support his heroin habit.
  
  --
  
  Writers imply. Readers infer.
3. Re:Ahem... by Rogerborg · 2002-01-15 01:20 · Score: 3, Funny
  The last time I checked, the security testing group at MS consisted of two Norwegian Black rats, a four-year-old, and a blind, deaf, chimpanzee with a drinking habit
  
  Typical anti-MS FUD. When I asked Microsoft PR to verify this, they assured me that the "rats" are in fact Siberian hamsters
  --
  If you were blocking sigs, you wouldn't have to read this.
NDA disclosure by Anonymous Coward · 2002-01-14 19:42 · Score: 1, Funny

I'm under NDA, but I can shed some light about the security testing group at MS. Actually, we use a team of infinite monkeys on infinite typewriters for the security testing suite; however, with a bit of a twist: we throw the code from the typewriter printouts away. The monkey feces is laid upon inifinite number of scanners for optical character recognition and fed into an infinite serial stream of code. Another team of alert monkeys then disects the code and processes it through their mandible compilers for another round of fecal scanning. When the sequence is right for a successful compile through VB, it passes QA.

There you have it! Now you know.
Why are they worried about autoupdate? by wo1verin3 · 2002-01-14 19:43 · Score: 4, Funny

There are hundreds of quicker ways to have your windows box become unstable...

Installing programs --> unsupported
Installed additional hardware --> unsupported
System booting --> unsupported
Using a monitor --> unsupported
Bypassing a circumvention device --> unsupported
DVD Playback --> unsupported

ever try to get help from MS, or esculate a real bug with them for any of the above?

How much worse could the software be without updates? :)
Re:Product liability by AtrN · 2002-01-14 21:01 · Score: 4, Funny

I think it'll go the way of the car industry with hot rods looked down on. Machines (h/w + OS) will need to be certified before they can be "driven" on the public roads ('net). People who drive (admins) need licenses (MSCE, oh god no!) before hooking the machine to the 'net. Cops look out for drivers (probe open relays etc...) and eat donuts while reading /.
Re:Impossible by NewsWatcher · 2002-01-14 21:13 · Score: 2, Funny

Both statements could be accurate. ie, that their programmers are merely average, and that they hire only 2 per cent of applicants. It may indicate that they recruit badly, or that they attract people who are generally below par.
Having a degree does not make a good programmer necessarily. I say the proof of the pudding is in the eating. In this case, MS programmers eat alot but produce very little - a sure sign they have worms.

--
If the pattern goes 9am, 10am, 11am, why isn't noon 12am?
Security flaws in XP? by Rinikusu · 2002-01-14 21:24 · Score: 5, Funny

that's the most stupJ00 4r3 0wn3d!id thing I've ever heard! My Windows XP box h45 b33n h4x0rd h4h4h4h4h4! sorry, I don't know what's wrong with my keyboard10wn3dj00 it keeps messing up.. but anyway, Microsoft security is perfectly fine here

--
If you were me, you'd be good lookin'. - six string samurai
Re:Liability. by IronChef · 2002-01-14 21:49 · Score: 5, Funny

Your mistake is wanting to fix the problem rather than litigating a solution. Silly rabbit, you must be some kind of Canadian or something!
Microsoft's director of security assurance by Anonymous Coward · 2002-01-15 03:34 · Score: 1, Funny

Steve Lipner...gee, i'm sure he goes home everyday with a sense of having served his purpose. BWAHAHAHAHAHA
Re:Unpatched IE security hole list by roystgnr · 2002-01-15 03:41 · Score: 2, Funny

Run any command or program off the hard disk

You know, once you get to this entry, it's really kind of redundant to continue with the rest of the list...
Quote of the day by mcrbids · 2002-01-15 04:19 · Score: 5, Funny

Ok, Quotes of the day;
First:
"Microsoft treats security problems as public relations problems," said Bruce Schneier of Counterpane Internet Security in Cupertino, Calif.
And then:
"We're going to make our systems more resistant and more resilient," said Microsoft's director of security assurance, Steve Lipner. "We want to be unquestionably, unequivocally the best."

Director of Security Assurance ??!?!
If you can imagine a more Dilbertified position within a company....

--
I have no problem with your religion until you decide it's reason to deprive others of the truth.