Slashdot Mirror
Security as a Profit Center?
Harry Erwin writes "This article seems to suggest Microsoft is now considering charging for security. I don't mind vendors like Counterpane Internet Security selling security services, but I would prefer operating system vendors to treat security as part of the core functionality of their products, if only because effective security has to be designed into the operating system from the start. This proposal would create a two-tier Internet and probably make things worse rather than better. Security is like public health and education--if you think it's expensive, consider the alternative."
How is this different?
Whats next? The patch that stops Windows from crashing so much?
Carpe meam simiam!
Do we have to pay for stability next? Uh-Uh!
Life sucks.
Microsoft is charging for something that should be free? When did this start?
--Forest C. Adcock--
Haven't we ALL already paid for Microsoft security? Trojans, worms, and virii have cost my company a hell of a lot.
Oh, you want the tires that don't explode? They cost extra...
The Right Reverend K. Reid Wightman,
Sounds like vaporware to me.
1. Sell Buggy OS & Software
2. ????
3. Profit
So, based on your previous security record, Mr. Gates, I gleefully award you this multi-million dollar contract for security services. I already feel safer from all those evil hacker dudez.
Honestly, what schmuck would pay Microsoft for security??
Charge for (in)security! Raise the TCO! Push even more people to other platforms!
DMCA - Chilling free speech since 1998.
Don't they already charge us (albeit in a different manner) when they give us new EULA terms for security updates?
This is not unlike the anti-virus companies who charge us for new virus definitions. Except that here, the mistakes they made shouldn't have been in there to begin with.
Unless they give us *some* kind of extra service beyond the patches, I can only see this developing into a *very* strong reason to use OSS instead of MS whenever security is important to what you're doing (essentially, always).
The alternative to government-provided, very costly and wasteful medical care is not nothing, as the poster implies. It is private, competitive, and inexpensive health care with much less bureacracy. I just wanted to point this out.
Companies are already distrustful of Microsoft; they resent having to pay such high licensing fees for the systems they need to keep their businesses running. Requiring that customers pay additional fees just to keep those systems secure will increase the pressure on cash-strapped (or just financially responsible) companies to make the switch towards alternatives like Linux.
Face it, Microsoft; people resent a monopolist. You can't continue to browbeat your customer base forever, and the more you do, the more will abandon you in the end.
[ home ]
which is perfectly legitmate.
But the idea that Microsoft can parlay their usless reputation in security into profit is laughable.
-Peter
If they are talking about charging for any of the security updates or patches to make things secure against attacks on specific flaws? then yes, it's horrible and will create a gigantic mess.
More than likely they are talking about custom security systems or services. as in a service to offer to customers and clients.
It's like redhat charging for the RH update.. they will shoot themselves in the foot if they charge for updates.. in order for your OS to be percieved as secure and safe to use you HAVE to give away free fixes patches and security updates... and make them as easy as possible to install if not automatic.
Do not look at laser with remaining good eye.
MS has a lot of nerve charging for security when they already charge and arm and a leg for their OS and it is an unsecure piece of garbage! Beyond that it takes them six months to get a security update released, if they even acknowledge the "security hole" as an actual issue!
Why the heck should I pay extra for MS "security"!?!
What a joke!!!
-APay monthly, and if you found something that they agree to pay back, you win!
At least they now can say that with Linux you can't sue anyone... with this, at the right price, you have your chance.
There's a difference between common sense OS security (closing unneeded ports, cutting down buffer overflows, doing intelligent rights/process management) and doing "extra" security that *should* be more $$$ like virus scanners or personal firewall software; things that shouldn't be totally integrated into the installed OS to begin with.
I enjoy hearing of the ways that Microsoft proposes to screw their clientele. I'm a Windows user, and will be until another OS, whether it be Mac or Linux etc., starts getting all the first-tier games before Windows. I don't do anything else with my PC, so why switch?
If Microsoft can manage to alienate the game playing crowd enough, more and more developers will transition to Linux development, and I can switch too. They are, quite charitably, squashing the chicken/egg problem in PC gaming.
Hello, Linux!
And I don't care what anyone says, RedHat 8.0 and Suse 8.1 look DAMN GOOD.
How many OSes really consider "security" as a part of "core functionality"? Only one spring to mind and that is OpenBSD.
Neither Windows, Linux, Mac OS X, Solaris state "security" as a "core functionality". Yes, all are securable, but on any OS it needs a certain amount of work (yes, even OpenBSD...you need to apply the patches!) This needs maintenance, and on "homebrew servers" (read: glorified desktops) security is unfortunately just a second thought. I do realise that a well administered server will probably be secured, but that is due to a competent admin, not due to "security as a core functionality".
I don't say that "security out of the box", should not be a worthy goal, I just think that it is a utopian dream.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
He gets confused and forgets that he's browsing slashdot and not Bigots 'R Us.
Silly poser, you don't belong here!
Slashdot is a place for Rob's political views.
And even Jon Katz's.
Just because it says, 'News for Nerds' doesn't make it CNN.
that are not trolls?
While not a microsoft fan by any stretch, I don't think this is necessarily a bad idea because of this: Now, when a hacker/virus/trojan attacks, maybe Microsoft will have to accept some accountability, after all I am paying for the security. As it is now, we get hit by nimda, microsoft is not really liable for any damages. If I am paying for security, maybe they would be liable. Just a thought.
I've never paid for a patch. They are all freely downloadable from their support site currently.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
wouldnt this be a monopolistic move for them to add security consulting. I mean we all know their track record...
but seriously. who is to say that they arent going to engineer security holes into their systems that only they know about - then come forward and say that they have the fix - but since its such a "complex" issue - the only option to fix it is to have their value added security consulting force come in and "secure" your systems.
no thanks Microsoft. I am not happy with you in general - why would i trust your lackeys to secure my systems. An MCSE is one thing - but a Microsoft employed security consultant is a whole 'nother beast.
Reminds me of that simpsons episode when Billy G want to buy out Homer's ISP - and he "writes a check" for the ISP through his thugs smashing the place up.
It's great aint it? We wanna build in the browser. But we're gonna sell security as an application.
JPK
C372 4AB5 1E89 36DD FF72 E0C3 2BE6 22E9 ED0F A822
The fact that Microsoft is considering providing security services for a fee, just shows that it knows that its OSs are not secure enough. But if they cant build security into the OS itself then is there any guarantee that they will be able to do it later on, for a separate fee? Judging from the number patches, they release, for other patches, i dont think that Microsoft is capable of providing these services for which it plans to charge.
-- Reality is just an extended dream.
It seems to me that if Microsoft didn't have the reputation that they have with regard to security and reliability, the insurance policy wouldn't cost 'em so much. Kinda like auto insurance -- those that prove they can drive responsibly for a period of time pay far less than somebody who crashes 3 times in a week.
This form of extreme capitalism makes me sick! Why not share some of their money with developing countries, instead of increasing their income.
Next they'll charge for Internet Explorer.
...when Microsoft are going to start charging for other vital parts of their operating systems?
"Oh so you want a file system, network ability, and you want to run applications? Thats another $X per machine per month I'm afraid - the initial $300 is just for the operating system..."
No matter what ill will the average /. user bears towards Microsoft, you can't possibly say that they are idiots.
And starting to charge for hotfixes, and obvious security holes in the OS would be an act of complete idiocy.
I have a feeling that whatever security initiatives MS is working on, certainly aren't aimed at hte average home user. There's no money in it. MS makes it's wad off corporate licensing. Where they don't have to worry about retailers, or packages, etc. The home user is an important market to them. But it's not what put Bill on top of the Forbes 400.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
If MS makes security easy, who will buy their services?
Luckily, they didn't seem to be considering that option in the first place, but now it's even less likely!
Windows XP = Windows Xtra Payments?
"The objective of securing the safety of Americans from crime and terror has been achieved." -- John Ashcroft
Says the story write-up:
Internet Explorer is a fundamental, inseparable part of the operating system; but security is an add-on product. I love it.
When asked about security Mundie states:
"Because customers wouldn't pay for it until recently."
I interpet this as:
People ASSUMED they were getting something secure. When they realized they were not they went elsewhere to find something that was. Microsoft ironically wants to be the elsewhere too. They can get there two ways. Make the product more secure the first time, or continue as normal and sell yet something else on top of or next to the other product. A tier level of security I guess. Seems like a very odd way to operate..
Bad boys rape our young girls but Violet gives willingly.
it sounds more like they are going to charge for security extras not for basic security patches and what not. This isn't MS cutting its massive user bass off, its MS trying to make a few extra bucks off the companies that need enhanced security. Sure, you could argue that the best possible security should be available on all versions of windows, but they are a for profit company and are trying to make a few dollars in this rough economy.
This is not a troll.
Asked why it has taken Microsoft 25 years to get trustworthy computing into the forefront of its efforts, he said: "Because customers wouldn't pay for it until recently." Admitting this was a flippant answer to a flippant question, Mundie said that chief information officers had only recently begun to demand security
I wouldn't say that was a flippant question. Obvious yes, and valid to be sure. But how is that question supposed to be 'flippant'? Why has it taken 25 years for you to take security seriously? Nevermind that you're asking me to *pay* for something that should have been an intrinsic part of the product from the start. Seems like a good question to me.
Is there something in the Micros~1 corporate culture that breeds contempt for anyone that dares to ask an valid, though perhaps embarrassing question?
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety" - BF
In allowing someone to hack into your Win2K/IIS box, and not providing you some method of protection, how close is a company like Microsoft to Aiding felon? Especially if they release a security advisory with an exploit!
More and more like the Mafia, every day.
If you willingly pay a company for security that has a proven track record for being insecure, who's the fool? Microsoft is looking for any way it can increase its profits, but has it considered that consumers who pay for security will actually EXPECT real security? What happens after the first couple hacks prove the quality of their security?
I was taking one day at a time, but then several days got together and ambushed me. (from a Rhymes with Orange comic)
...now promise E coli-free food for an extra fee. A spokesperson for McDonalds said, "Our revenue model doesn't normally lend itself to our being held responsible for the hygenic quality of our food; however, for a fee as disclosed in our End Eater License Agreement, we will make sure your burgers don't carry a horrid, filthy plague."
All's true that is mistrusted
Security is like public health and education
;-)
Isn't MS's security already at least as good the quality of teaching in our government schools?
Good judgment comes from experience.
Experience comes from bad judgment.
At some point a vendor has a reasonable right to drop support for a product. There is no way they could afford to support with patches etc. Every product released has a "life span" and face it. Office 97 is WELL past it's expected life span. It's 5+ years old, and 2 full versions back now.
If you want code that's open to updates forever, go with open source. No vendor in the commercial software markets will support products once they have reached "end of life" status.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
1. Make big insecure operating systems ....
.... is just what it means.
2. Form Securtiy Consulting Arm
3.
4. Profit!!
in this case - the
This is totally nuts.
In presenting Microsoft's trustworthy computing initiative, Mundie defended the company's reluctance to follow through and accept legal responsibility for the security of its products. "If we took that responsibility, say for a big contract at Airbus, I would have to take out a giant insurance policy from Lloyds or another insurance broker, and pay a giant invoice," said Mundie. "The product would then cost not 50 euros, but 50 million."
Maybe we should hold the liable?
It seems to me that if Microsoft can charge for enhanced security, then they are admitting that their non-enhanced versions are partially defective. From a legal standpoint, it sounds like they would be culpable for such security defects in their non-security enhanced versions, because they cannot then claim that such defects are intrinsic to the complexity of their software itself, and they cannot claim that they just didn't know how to fix it.
On the other hand, if a third-party adds security features, that company can claim that they have found ways to secure Windows, which Microsoft was not able to do.
I'm not a lawyer, but it seems that charging for security enhancement would be like charging extra for a car with a working airbag, instead of a cheaper model that works maybe 80% of the time.
How would this compare to a warranty on consumer products? It seems like a warranty is just like insurance, because you get cheaper repairs in case something goes wrong. Is this applicable to software?
BTW, I'm asking a legal question, not a ethical business question.
Charging for security will back fire like the current EULA does..
..OUR PRODUCTS SUCK AN DBLOW GOATS ON SECURITY BUT PAY US ANBD WELL WILL SECURE OUR PRODUCTS..
It send snegative PR message
They made the same miss steps with the current EULA , the court case, adn etc..
Can we say MS RIP 1975-2005?
Don't Tread on OpenSource
I understand that a system needs patches, but is it really so hard to make an operating system whose maximum uptime is limited to 2-3 days because of the stupid required reboots. I know a couple of such operating systems.
I am sorry, but you will need to rewrite the whole damn thing.
this will make the M$ bug-tracking policy different? I mean, now you should report a bug to them and can't tell anybody else, then wait till they release a fix and hope they have listen to you.
If you're going to pay for that, you're expecting a better way of doing things, and I don't think it'll happen.
-- --
You do it wrong!
It was "Stephen" M.C. Hawking who was gunned down in a gansta shooting! Even if you though "A Brief History of Time" was imbicilic, you have to admire his contributions to Britian's gansta rap scene. Truly a English icon, he will be missed!
Mundie, speaking about MS Windows: "The operating system is designed to run on machines that are not designed yet."
There's a joke in there somewhere, but I'm having trouble finding it. Discuss.
RP
I'm going to start charging for sex. And to think, I've just been giving it away for free! Thanks Microsoft!
If tits were wings it'd be flying around.
Does that mean it would be possible to sue M$, if they fail to provide a bought service, ie) security?
"Windows runs an arbitrary set of applications, in an arbitrary configuration, with arbitrary devices, said Mundie. 'The operating system is designed to run on machines that are not designed yet.' While Microsoft could demand that it creates the drivers for all hardware, the industry would not accept that. 'Each time we accede to the reality of the industry, we accede to the problem,' he said."
Yep. All those string buffer overflows are obviously caused by the ram. And those virii that use Outlook automation obviously use the fact that Windows has to account for various pieces of hardware too.
As beeing a first class Microsoft disbeliever I just have to reflect on this. Microsoft is feature (like in revenue) driven company. The famous "Know the strengths of your competitors and make them yours!" slogan has a downside, you can't know the vision behind the implementation of a competitor. You then become a rather shallow copycat. Sure it looks good at the surface, but once you scratch it you will find myriads of compromises and half hearted attempts to overcome incompatibilities. Windows NT has a more sound base to stand at, coming from the VMS master brain himself (I was never good at names), it promissed a lot. The question I ask is weather Windows XP is another huge compromise or if it has a sound design knowledge base (VMS)? Ofcource Microsoft will charge for security, if it can, nothing has happend to Windows, its just that the world has changed around it (i.e. Internet) and it wasn't designed for that. It was designed for BBS like functionalty like MSN, remember?
Starbar!!
Where's the incentive to make the OS secure. Keep it as insecure as possible and then make a killing selling the security options. Wait a minute! Maybe that was their plan all along. That would explain a lot.
In my humble opinion, the secondary cost of the operating system's security should be inversely proportional to the control granted by said operating system to the external network. What do I mean by this? The more networking gadgets one puts into their operating system, the more they are responsible for the access to said gadgets.
Security in DOS was practically non-existant, because frankly, you couldn't do much on it. The worst you could do was write data to COM1, and native DOS wouldn't do anything with it. Then came Win2 and they introduced the OLE concept, where a person could control application A through application B. Security req: still marginally zero, because of the single-user environment. Win311 brought us the Network Neighborhood, and now you could control application A over a network to control application B. Because of MS's DLL approach, the operating system now must track login names, and validate IDs, and coordinate data flows. Now we have XP, with automated updates, drivers for everything, protected modes, lots of complexity that MUST be secured by the operating system.
Brief Analogy: I build you a house, and I install a cardboard front door, then to protect this cardboard door I want to sell you the steel door as a security "upgrade". In a perfect world without crimes, we wouldn't need any doors, but that's not the way things work...
In short, Microsoft measured their rope, and now they're trying to avoid the gallows. They built an operating system that's practically transparent to the network, then they're horrified that someone other than MS might exploit this transparency. If they aren't willing to protect the public from their own products, then someone needs to inform the public that there are better products in existance...
"Profit center". Ugh! I feel like I have to wash my brain out with soap and water just for thinking it.
Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.
This is great, just stand back and watch Microsoft hang itself.
stop including security in the basic OS so all the pirated copies are wide open?
Of course once M$ has a biz plan where customers pay extra for security the incentive to no fix (or even leave in) security bugs will be tempting ...
What was the Only commercial OS to recieve a B rating from the DoD? yes!
Multics! We should all go back to Multics! There you will be secure for all times
~~~
Click here, you know you wanna!
You are neglecting the fact that patches, by definition, are used to 'patch' things up, i.e., to fix something that is broken -okay, so patches can also be used to enhance performance and such, but the point carries across, I hope.
:)
However, the article (which was written based on a hypothesis), doesn't really specify what the new security services would be.. if MS starts offering for example antiviral software and security consultation, this might be reasonable (well, as reasonable as anything they do).
The point to argue is rather whether the OS should already display all of this functionality.. certainly things patches are applied for, bugs in code and such should definitely be fixed, but the matter on the more external matters isn't quite as clear.
I, for one, consider security to be one of the core functions of an OS, and, in fact, it IS stated in most of the abstracts/declarations of the operating systems. They promise reliable, robust and (often) easy to use engines for your computer.. and honestly, an insecure computer is d) none of the above.
What should and shouldn't be the responsibilities can and will be argued as long as anyone argues about what should and shouldn't be a responsibility of the OS
E
Marxist evolution is just N generations away!
I wonder what the refund policy is?
...that will make GNU/Linux all the more appealing.
This page was generated by a Barrel of Circus Midgets, and that is the way I like it!!!
Any bets on how long it will take MS to get exclusive, multi-billion dollar contracts with US Government Agencies to help secure Microsoft products?
And are an US taxpayers interested in suing both parties when it happens?
Microsoft is at a conflict of interest and as an end-user, I am not impressed.
We all know how secure MS products are. By having MS consult in areas of security, there would be no motivation for MS to make their products more secure. Also, what stops MS from deliberately leaving holes in it's software to have its security consultants patch them up later?
Instant Karma's gonna get you - John Lennon
From what I read, it looks like Microsoft is saying "Yeah, Win9x has all the security of a convertable with the top down and keys in the ignition, but that's what people wanted.", but are now noticing that people will pay a few more bucks to get a secure system. I don't think it's that Microsoft is going to charge more for a secure version, or charge for security features, it looks like they are either going to charge more for the product overall while adding security to make it worth it, or they've realized that an actually secure Windows would be more valuable to customers, and may not actually change the price. (Give customers more for same amount, and keep them buying MS for a few more years.)
M$ charging for security!? That's like Bill Clinton charging for marriage guidance.
Companies would gladly pay big bucks for secure products, if the promise of security is backed by liability or some kind of warranty. If EULA stays the same, MS will not provide an extra piece of mind, and nobody will pay more money for "maybe more secure" software.
For many of us, Windows 98SE and Office 97 are still quite acceptable packages that accomplish what we need. Why is the life span so short, besides to allow new profit on the same ideas with bugs fixed, security holes patched, and a few bells and whistles added (BTW, some bells that I DON'T want and can't turn off in the one Office 2000 I run). If there was a patch, keep it available for those who choose not to update. I don't expect Office 97 to run on Windows XP, nor am I asking for a copy of Office 2000 -- just a simple security patch to fix a hole that should not have existed in the first place.
I was taking one day at a time, but then several days got together and ambushed me. (from a Rhymes with Orange comic)
...in order to secure their products, Microsoft today announced its new line of security software: "MS/GNU/Linux".
"I have never let my schooling interfere with my education." - Mark Twain
Don't forget to take into account the horrendous inflation of the 1970's and the cumulative inflation since then.
That's one thing that bugs me about old people, their tendency to not take inflation into account.
http://www.wld.com/conbus/weal/wprodlb2.htm
Cheap pete trying to buy a copy of outlook from Microsoft. "So, your saying that Windows XP costs $199 and I have to subscribe to it for $10 a month for updates? Thats a lot of money!! How about I give you $10 and you send me a copy of Windows XP 3.1 when it comes out?"
13 year old white supremacists are shitty web designers.
Second, Microsoft can't use inflation to explain their ever increasing prices. Except for the cost of ever more programmers to create ever bigger bloatware (but nobody to check those buffer overflows or fix those bugs^H^H^H^Hfeatures), they don't have an explanation for their pricing. Except of course for the real reason: Monopoly.
Microsoft Windows XP: $100/license.
Microsoft Office XP: $300/license.
Paying extra for security: Thousands of dollars per site.
Realizing there's a free, secure alternative: Priceless.
Some things money can't buy. For everything else, there's Microsoft.
"I may be quite wrong." - Socrates
Two weeks ago I went to the "Presidents Critical Infrastructure Protection Board". The idea of making presidential advisors available to the industry, in the form of "town meetings" is to raise awareness for computer and network security.
The governments idea is to "convince the bulk of the general public" to do what they can to shield their computers until market forces cause computer hardware and software to be built with the primary idea of security from the start. The people at the meeting figured that this could be achieved in five years.
So, for MS to charge for this as a separate item, they would have to ignore the government and the up-and-coming "market forces". Well, they are Microsoft.....
I get lots of good ideas. I'll even give you some for free. But hire me afterwards, OK?
1. Well, you can charge people less for running at lower resolutions like 640x480. See? It even sounds better than saying 'our higher res clientele will have to pay more'
2. You can also charge extra licensing fees for users that think they might need a mouse. Heck, Linux does it... yes linux does too, since the mouse functionality costs nothing, which is precisely as expensive as the whole OS...
3. You might as well begin to start charging admission fees to all buildings that contain a machine with windows on it. KA-CHING!
That's it. 3 ideas are all you get. Now will you hire me?
Blearf. Blearf, I say.
Bill Gates rules and you all suck off his cock
Enough customers do want added features, that product revs are inevitable.
And as the codebase moves forwards, eventually older versions of it are going to become sufficiently arcane that nobody continues to understand them, etc. It's just the nature of business, that they can't possibly support all products forever. Not even when it comes to vulnerabilities. I'm sure that you could dig up vulnerabilities in other 5 year old applications, and odds are, most/all of those vendors either aren't supporting the product anymore. Or they simply don't exist anymore at all.
Just ring up IBM, and ask them for bugfixes for SmarSuite 97. Good luck.
It's the nature of the beast, that eventually support WILL die off for old products. That's the case with almost any industry. And the computer industry prides itself in moving further, and faster than any other industry in history. Part of moving fast, is the danger of getting left behind.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
MOSCOW. Oct 8 (Interfax) - Russia is a third of the way through the HEU-LEU deal with the United States, by which Russia supplies weapons-grade, or high-enriched uranium (HEU) extracted from dismantled nuclear warheads to the U.S. in a diluted, low-enriched form (LEU) suitable for use as nuclear power plant fuel.
"So far, more than 150 tonnes of HEU have been turned into nuclear fuel. In other words, we have managed to rid humanity of more than 6,000 nuclear warheads or the equivalent of 1,200 megatons of TNT, and converted this into 2 billion megawatt-hours of electricity,"
"...but I would prefer operating system vendors to treat security as part of the core functionality of their products, if only because effective security has to be designed into the operating system from the start."
I find this comment a little short sighted: The problem is that security has an inverse relationship to features/usability. The reason that a virus can do damage on a Windows system isn't a flaw in the OS (though I suppose the OS could be patched to fix it), but rather because a program like Outlook Express has a feature that somebody learned to exploit. That feature was put in for other reasons, mainly to make OE more usable, but it also provided an outlet for mischief.
Frankly, I'd rather a company make money by being more secure. It gives them a good solid reason to not only add features, but test them against potential exploits. Money is a much better motivator than a good mission statement. When MS thinks it can make money at something, it usually excels at it. If MS thinks people will pay more for 'security', then let them have a go at it
The worst that can happen is that MS actually loses money for failing to meet that promise. Yeah, I'm sure the Slashdot floor would be wet with tears of that happened. But the best that could happen is that MS combines a good user experience with security, a product we could all benefit from.
Share the wealth, please!
-- Mbuto Seesse Seiko
-- And just about every other ruler in sub-Saharan Africa of the last 40 years
to have security in your software in order to charge for it?
At what point does the consumer stop doing business with a company that admits that everything they sold you in the past is a POS in order to get you to buy yet another upgrade? At what point do corporations decide it might be a bad idea to single source all its software from a company that considers security to be optional?
"Freedom means freedom for everybody" -- Dick Cheney
Judging on their track record of application and OS security, they're going to need to sell security add-ons for their security add-ons!
You want to be safe in your car, right? You want an airbag, no problem! $1000, Seatbelts? $100 per seat, anti-locking breaks? $500. Windsheilds that don't shatter into pieces when a tiny rock hits them? $5000.
Microsoft
You want your company to be safe? Just pay $500 for our OS, $500 for these patches that should have been in the OS. And if you don't want hackers, we recommend the $5000 security package that includes all the security features we ripped out because we decided we could charge you money! Oh and if we find more security problems in the future we need to ensure you are on our license which includes a $5000 fee for the first year, and $500 each year thereafter for each machine you have, even if you don't run Windows, we have to charge you in case you change your mind later, it is just easier that way.
Linux
Security? Yeah we just discovered that bug, it'll be fixed shortly, oh look, they just released the fix (okay not really, but most bugs are fixed in 24 hours of report).
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Kids these days.
I didn't mispell it, it's Cylon.
(Berserk would have been an acceptable answer, although it wouldn't work quite right.)
IANAL, but it seems reasonable to me that if you use a product as it is intended to be used, and it wrecks unexpected havoc on your system, you should be entitled to redress.
If Microsoft now starts charging for extra security and other such 'features,' I'd think that would increase their liability if something does go wrong. I can't believer their EULAs are that iron-clad
I'll tell you what the 'effect' is! It's pissing me off!
Nobody is forcing you to upgrade. But at the same time, if there was no market in improving the product, MS would just let it die off. And in that case there wouldn't be support for it either. Just try and find patches for MS Bob.
As I said. ALL consumer products have a finite life span. Computer based products moreso than any other. And sooner or later, you have to either upgrade, or live with a static, unsupported product.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
since when did the responsibility for making sure your system is secure fall on the shoulders of the software manufacturers? when you buy a car, does it come with thief-proof measures? no, it comes with basic security measures that most any car thief can get through easily... if you want more, you've gotta buy more. same with your house... you get deadbolts and whatnot, but if you want better security, you get an alarm system from ADT or whomever.
perhaps microsoft isn't absolutely the best company to go to for security software, but i ask again... who said it was ever their responsibility to make sure that no one is intelligent enough to crack/trojan/poison your system? come on guys... you can't have it both ways. one or the other.
i'd actually go for this whole deal. let me purchase a system that doesn't come bloated with inane, ineffective security measures... then let me decide how to best protect my investment. i'd be insane to demand what you're demanding from the company who makes my car. take some initiative and responsibility and thank the heavens that you might have a chance at a less bloated OS.
in the end, who do you want to be responsible? yourself, or the software companies. if you said the software companies then stop bitching about all their EULAs that supposedly invade your privacy. hey, they've gotta cover their asses so snot-nosed brats can't come back on them because the system wasn't protected... therefore you see the EULAs with all the stipulations about allowing microsoft to install software without your permission. if you said yourself, go ahead and bitch about the EULAs, but make sure you know what you're doing when you design your system.
common sense, people... common sense.
> Honestly, what schmuck would pay Microsoft for
> security??
I think you misunderstood the article. Microsoft isn't going into the "security" business, they're going into the "Protection" racket. Microsoft's reputation here shines, judging from the number of companies Microsoft "protected" itself from.
If you pay Microsoft the "protection" fee, it will not only protect you from Linux and similar cancers, it will send in the BSA to protect you from employees who use up more licenses than they supposed to.
Asked why it has taken Microsoft 25 years to get trustworthy computing into the forefront of its efforts, he said: "Because customers wouldn't pay for it until recently." Admitting this was a flippant answer to a flippant question, Mundie said that chief information officers had only recently begun to demand security, and it is only in the last ten years that Microsoft has attempted to play in the security-requiring worlds of banking payroll and networked systems.
The reality is that M$ sold products that were expected to perform to a base level in terms of quality and security. Because users can't look under the hood so to speak, the quality and security issues didn't emerge until it was too late. Now the customer is screaming for relief and MS is there with its hand out.
Also does it sound like the lines between security and DRM are being intentionally blurred here?
The article doesn't specify what "security" is.
Will MS be selling firewall and antivirus software? Or do they mean they'll sell a more secure version of Windows?
EROS, the Extremely Reliable Operating System, by Jonathan Shapiro et al., is a capability-based operating system, inspired by KeyKOS and other academic systems from a decade or so ago. A capability is similar to an object handle - you can only access an object (file, process, etc.) if you have a capa that gives you the kinds of permissions you need for the action you want to take. Lots more information at www.eros-os.org.
(Note: that's eros-os.org, not eros.org, which is something entirely different :-)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
way,way back in win95 time, don't remember the exact quote, but didn't bill gates say he wanted windoze to be THE gaming platform. that's why all the work into directx, etc.
btw, don't expect all the first tier games to work on linux/mac. if you need some, try transgaming's wineX.
but, of course isn't watching all the windoze users scramble at the latest virus problem a game?
My problem? I was perfectly gruntled, until some numbnuts came by and dissed me.
Win98 -> Win98SE -> WinME Sounds like they have been charging for patches all along
Windows 98 Service Pack 1 included all Win98se changes that weren't new features.
Will I retire or break 10K?
Hey, it takes a lot of work to install Unix, set up WINE, and then get all the MSOffice applications to work well on top of WINE :-)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Man, all these years Ive been wondering why Microsoft just couldnt get their act together regarding Outlook and virii and worms and Internet Explorer with all its security issues.
...
It was a carefully planned and executed marketing strategy.
Now they get to charge extra for "Peaceful Outlook" and "Internet Explorer - The No Worries Edition"
And it shoulda been obvious
Now they turn around and say "oh, actually, we *can* do that... but it'll cost ya." Real cute, folks.
My deviantArt site
This article seems to suggest Microsoft is now considering charging for security.
In other news...
California convicts in correctional facilities around the state will now be running a daycare service for parents.
Lumberjacks from the state of Michigan will be opening up a private hospital neighboring their lumbermill. They advertise that amputations are their specialty.
And finally, George W. Bush announced that he will be dedicating himself to balancing the budget and eliminating the national debt within 10 years.
Case in point: If you don't have the skills, don't sell the services.
Funny... the big thing about Free Software is that it generally forces a software company in to a service business model. The reason IBM can make so much money while throwing all their clients towards Linux is that they have an insanely large services division.
.net's emphasis on web services and the entire passport/hailstorm project, which doesn't rely on selling software but providing transaction services. This just seems like another piece of their overall scheme.
Perhaps Microsoft is trying to copy this. They know windows is already a commodity, as is Office. This is not only a possible new revenue stream, but a potential salvation should they have to start giving Windows and Office away for free (this is a very distant possibility, but a possibility nonetheless).
This also fits with other moves on their part, like
That said, I don't think by charging for security they mean charging for updates. More likely providing extra software outside the core OS functionality or a consulting division to deal directly with customers.
"I may not have morals, but I have standards."
I have considered the alternative to public health and education and found I much prefer it.
Microsoft has seen how much Symantec has been making in this market, and they want a piece of the action.
When people talk about software security, they're putting the cart before the horse. Security is a metaphor for quality. Every time a vulnerability exists, it is because of some sort of an error. This is true almost by definition.
Microsofts products are not crappy because they are insecure. They are insecure because they are crappy.
If you take the article in question and substitute the word "Quality" for "Security," it becomes a much more truthful statement of what's really going on. Microsoft never cared about quality because they had a monopoly. Their overriding concern has never been quality, it's been in maintenance of their monopoly position. So they've shoehorned in any new feature that has shown any promise of being a technology that they can monopolize down the road or that can comoditize the work of a competitor and thus help drive them out of business.
"If we took that responsibility, say for a big contract at Airbus..."
He is referring to the REAL Blue Screen of Death apparently.
This just one more reason to use Linux/BSD. It's more secure to begin with, has very few viruses written for it, and security updates are timely- and free. Debian and OpenBSD are looking better all the time.
No, we'd have a three-tier net. We've already got two - Unix and Windows.
This space intentionally left blank.
It is unfortunate that as it stands it makes sense for Microsoft to charge extra to be accountable for their product. I am sure there are other examples of this, but the vast majority of software developers don't take any responsibility for their product at all.
This may actually be an opportunity to commercialize OSS. If a company is willing to pay Microsoft to compensate them for monetary loss caused by Windows then might that same company want to pay less for the same assurance for an insured distro of linux? Insurance for linux should cost less since it is inherently more stable.
I guess this is just a sign that the software market is finally maturing to some extent. In a mature market, like automobiles, everyone guarantees their product and the cost is included in the price of the vehicle.
...this isn't a free market. It's a fee market. Microsoft has greased all the right palms, they are pretty much above the law at this point in time, and will probably remain there so long as they have so much money to throw at politicians.
First.. they said they were not ready to approach trusted computing until people were ready to pay for it.
Well, does that not make sense? there is no business sense in spending the money to develop something if people are not willing to pay for it.
Trusted computing is not about security.. it's about accountability. It's about being able to have a proper audit trail for who did what when, no matter what. Your data can still be stolen, you just know who did it.
Microsoft is not talking about charging for security patches or updates. They are talking about complete trusted systems, something they don't have yet (though NT goes further in this regard than linux does, by quite a bit. Notice how if a user changes the permissions on a file so adminstrator can't read it, then Administrator can't read it until he a) takes ownership of it and b) changes the permissions. Admin still has the power to read anything, but not without leaving a mark that they did it.)
They are talking about having secure offerings for trusted computing.
If SUVs didn't look cool with high bumpers then stupid Americans would stop buying them, resulting in massive losses by GM and Ford that would plunge the US into a major depression.
FYI I am an American and I resent the massive waste of resources that SUVs represent.
I PAID for a /. subscription, why not for security in Windows Apps.. same thing right? :)
"It's not like your minds are as open as the source you love..." - Me to the majority of Slashdot.
For 20+ years Microsoft didn't take any flak for security because their market was shmoes running spreadsheets and games. It's a flippant question because it only takes a modicum of thought to realize that no one was complaining about Microsoft security until the internet became easy and affordable.
A valid question might be "Why didn't Microsoft build security into their first generation network protocols and products?"
1. Release unsecure software.
2. Sell services to mend the broken software
3. Profit 2-ways!
HTTP/1.1 400
1. Add Security to MS products. 2. ??? 3. Profit!
Random is the New Order.
Anyone remember the satire-wire spoof? It's not so funny anymore.
Come test your mettle in the world of Alter Aeon!
I am now charging for security as well. You all must send me a check for $1000 (paypal accepted) in exchange for me not breaking into your house.
This space intentionally left blank.
And sooner or later, you have to either upgrade, or live with a static, unsupported product.
Or use an open source product where you can get the bugs fixed.
May we never see th
Those damned SUV's and trucks with their lift kits piss me off too! They should not be allowed on public highways.
- uses the Iframe and MIME type vulnerabilities in IE.
- attempts to disable your anti-virus program, if you have one.
- starts a keylogger.
- steals your passwords, if you're running Windows 9x/ME.
- opens port 36794 allowing someone to mess with your system
And if you're using an unpatched version of IE, the virus can execute itself, using IE's vulnerabilities! So if you haven't already, get patching, foo'!More information and a removal tool:
Symantec Security Response
--
I would prefer operating system vendors to treat security as part of the core functionality of their products.
Some do.
So Microsoft's *web browser* is a vital part of the core operating system, inseparable despite all the efforts of their engineers...but security is an add-on product.
Odd how "harsh technical realities" always seem to favor MS's bottom line.
May we never see th
I'm wondering if ballmer realizes what he's doing...
So, Microsoft says Internet Explorer is an inseperable part of Windows and is not a seperate product (despite it being available on a variety of platforms), but "security"... .nah, that can't be part of Windows.
sigs are a waste of space
isn't this like parents putting thier children in charge of hiding the cookie jar, or ballancing thier allowance? I fail to see the logic in this.
coder: "hey Bill we found a security flaw"
bill: "okay well wait till we release the next os before you fix it so they have to pay for it"
coder: "good idea Bill, now I see why you get the big bucks"
-- "of course thats just my opinion, I could be wrong." --Dennis Miller
Try explaining to the DOJ that a browser is really part of an OS, but a security fix is not...
Opus: the Swiss army knife of audio codec
coder "hey Bill, should I "create" a security flaw"
Bill: "When was the last time you go a raise?"
-- "of course thats just my opinion, I could be wrong." --Dennis Miller
"You know, if you don't get our new MS Security Plus! you'll probably get infected with all sorts of viruses."
Now I am just *dying* to hear that from a kid at my local Circuit City.
I've heard the argument that open source companies rely on the difficulty in using or installing their products (i.e. sendmail). However, now that MS is pondering charging for security, doesn't that suggest the argument that they are charging for what they can most easily make money on? Having many issues with security could become a strong business model and effectively force people to pay for the fixes as the "default" patch level that the OS ships with becomes correspondingly decrepit and bug-ridden.
Anonymous 'cause I may need to work for Microsoft someday...
Look at the posts on this thread. They are all talking about cost inflation and the price of autos. Hilarious.
Guys... they meant proper tire inflation. If you are not a citizen of the USA, then you are of course pardoned. If you are a US citizen, I can assure you that where you live the news usually comes on at 5, 6, and probably also 9, 10, and 11.
SO HERE'S a little history.
The real reason why everyone else modded this joke up was that at the a certain point in the debauchery that caused so many Expedition/BIG Ford SUV deaths, both Ford and Firestone tried to shift the blame on the consumer stating that most of these roll over deaths could have been prevented by the driver having proper tire inflation.
This, in a sense is the equivalent of saying that if a consumer does something so benign as not change their VCR remote batteries on a regular basis, then they deserve to be electrocuted the moment they try to turn the TV off manually.
Nice old article but exaggerated. Microsoft doesn't want to ruine tcp/ip, just want to make money making it "trustworthy".
Somehow /. is breaking that link, putting a space before the five at the end; it happens in this post too (at least, when I preview), but the quoted URL in the href attribute seems to work.
Microsoft has a long history of creating different end user experiences by doing minor back end production tweaks. What's the difference between XP home and professional? One gives you more control over security parameters, for one thing. How about Windows 2000, pro, server, etc.?
Here's a clue. MS sells bright shiny objects. MS is run by marketroid doofuses like blow-me Ballmer, not by talented programmers. MS programmers are invisible. Oh, yeah, except for boss Bill, programmer uber alles. Yeah right.
When is the last time you heard a profound mission statement eminate from Redmond that came from the mouth of one of their programmers? Do you want to be a wage slave? Do you want to have no voice, no significance, other than your contribution to your overmaster's coffers? Work for Microsoft.
Come on Microsquishies! Let's hear your voice! Stand up and be proud!
No! Toe the corporate line! Make Bill proud!
They already have years of experience of releasing insecure products and now the customer needs to pay even MORE to secure their own faults ???
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
...but when I opened it the box had Debian printed on it.
Seriously though, if the plan is to provide security consulting services to big companies for mission critical servers, it's not that bad of an idea. But if they are planning to charge home users for WinXP service pack 2, I expect the net to become virtually useless as Code Red 2.0, etc starts running rampant on unpatched machines.
Of course this could just be a ploy to "encourage" people to buy the next version of Windows -
It'll cost $200 to buy the anti-Nimda patch for 98/ME/2k/XP so you might as well buy Windows.DRM for just $300.
My previous car, a Pontiac Pheonix with about 4 inches of ground clearance, would get stuck in the snow regularly in mild snowstorms because it kept getting the underbody resting up on top of the snow without enough weight left on the wheels to have any traction. This lead to many towing bills. My current car, a Jeep Cherokee, can drive through up to 8 inches deep of snow (more, probably, but I don't want to push it too much), and I haven't gotten it stuck once. Call that image or vanity if you will, but I call it the difference between being stuck at home and being able to go to work.
Don't label something "offtopic" unless you know the topic well enough to tell what's on topic.
Yeah, Tellie, like I was telling you there's a difference between book smarts and common senses. You take Vinny, he's got no education but a MSCE and lots of smarts. He always said that "Protection" was a good market. Now here's Bill Gates telling him he was right all along.
See? Ya gotta pay to play and if ya don't pay for the anti-viral and odda important stuff, ya gonna regret it.
Friends don't help friends install M$ junk.
Could security be thought of as an additional feature, or maybe, another add on product? By including "security", or "bundling" it with the operating system, would Microsoft be opening itself up to another day in court?
Basically, by charging for "security" as an additional product, they will compete in the security market for Microsoft operating system add ons.
Isn't this what we all wanted?
Debian or any other Linux distro is not such a bad idea afterall, and i am being serous...
As long as you're purchasing more than 5 units for a "starter" purchase, you can get corporate licensed product. That's 5 total units, across multiple sku's if so desired. So 3 Office, and 3 Windows, and you're already there. And corporate product doesn't require activation at all.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
Establish bug-ridden products as market leader.
Once firmly in control of the world, begin charging for updates to make already purchased products functional.
Thumbs up, Microsoft!
That's is absolutely an option.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
get support on 7.5? Or did your innocent, pure "hardware" comapny end-of-life that product too?
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
I don't know what product he's talking about, but 50 euros sounds like it might be volume discounted Windows XP. Being conservative and assuming the insurance company wants a 50% profit margin for taking the risk, it seems Mundie is telling us that using Windows XP causes the average user 25,000,000 euros of damage. Well, Microsoft would want its 50% cut too, so make that 12,500,000 euros of average damage. It still sounds like a lot. I know several people who use Windows XP and I don't think they've suffered that much damage yet, but I'll have to ask them.
OK... and since when is my data, on my home computer less important than that on some corporate server?
Just because I can't afford to cough up another $10,000 in security costs, or even another $100, does that mean MS shouldn't give me all their latest fixes in a timely manner? Do you really want another CODE RED worm making its way around hundreds of thousands of home based web servers, all because MS thought it could make money off of selling security patches? Should my system be left wide open to be raped by any script kiddie who can figure out how to download the latest root kit for my Win98 box, because MS doesn't think it's profitable for them to provide patches for that discontinued product?
Your Servant, B. Baggins
... if it is implemented across all customers.
Small businesses on a budget, non-profits and home users will mostly choose to save a little money. They generally don't think their website/fileserver/workstation has anything valuable on it, or the fact that they had to get help when they forgot the password makes them think that the security is enough.
DDOS is a hard concept for a lot of ordinary users to understand.
This sounds like a job for RICO
Physics is like sex: sure, it may give some practical results, but that's not why we do it.
We would still need doors.
I'm a recording engineer, it takes 3 solid wood (airtight sealed) doors to get to the recording space from the control room, this means that sound is not able to leak.
Doors are NOT JUST for security, they are for other, totally unrelated things as well. [Actually each of the three doors has quite serious locks on them, but that's cause they open to the outside and so do have a need for security...]
/* FUCK - The F-word is here so that you can grep for it */
What if Microsoft is doing this as a method of guarunteeing that Palladium infiltrates business?
Some businesses will pay for this security. Microsoft will implement Palladium. Because these businesses have money, people will start to provide them with external Palladium services.
Thus Palladium starts of small amongst the rich and is popularised, until Microsoft's security services are affordable by the masses.
Still, maybe it will do what everyone else suspects - disgruntle the customers.
This is like an article I found on MSNBC. Even though fundamentally security should be an inherent part of an OS they want to charge for it. Like the MSNBC article that says some phone companies charge you more money to try to shut away the telemarketers, kind of like extortion.
This SIG pulled due to lack of funding. (This damn war is costing too much!)
Sun's Java license goes into great detail about what you may not do with the product. (Basically, they skirt the whole issue of liability by saying that you can't use java when reliability/proper functionality/etc. are a life and death issue.)
So if Microsoft is saying, "We're not going there; and if we do, boy, it'll cost you," they're not singing that different a song than Sun -- other then leaving open the possibility of pursuing the big dollars in the mission critical space.
--
* Helen *
Windows 2004 Home Edition
Windows 2004 Stable Edition
Windows 2004 Secure Edition
if you think it's expensive, consider the alternative
You mean Linux?
Living here in Norway, that being about the same latitude as Alaska, there's hardly any SUVs here. If you americans need a big car to compensate for something I don't care, but don't blame it on the weather.
Kjella
Live today, because you never know what tomorrow brings
Microsoft: "Legal liability would cost the user greatly"
So if they pay the damages that people (and companies) have because of their bugs and raise the price for that, people would pay much more for the product? Somehow I have the feeling people having the damages (just about everyone I suppose) pay for it anyway, but not to Microsoft at the moment.
If you think that charging for security is a new practice, please think again.
Car makers like Ford, GM, Lexus, BMW, SAAB, and so on, routinely charge their customers for SECURITY, in the name of "add-ons" - like anti-lock-brakes, air-bags, front-side-collision-protection, et cetera.
I am not here to argue on behalf of Microsoft.
I am here just to point out that we, as consumers, have routinely been milked for inferior and/or defective product, and then, been fleeced again for the so-called "added protection devices".
How many of us have pay taxes to the government ?
And then, how many of us have to pay _again_ to install "security devices" in our houses, or hire security guards, or getting "security firms" to "watch over" our own residential and business premises ?
Ain't one of the basic tenet for us, the tax payers, in paying our tax, the authority (government) in return will hire police and all the other "security apparatus" to safeguard our safety ?
But then why are we paying MORE MONEY to protect ourselves ?
The fact is simple - all of us have been programmed to think that it's okay to PAY EXTRA for security, because we have forgotten that the so-called "SECURITY FACTOR" should have been BUILT-IN in the products that we bought, or paid for, in the first place.
Sorry for this digression.
Muchas Gracias, Señor Edward Snowden !
Let them try. Using their OS monopoly to commandeer the browser market nearly got the company split in two. I should be interested to see what happens when -- using their monopoly power -- they push defective operating systems and take a foothold in the security consulting market.
again it probably is, what a nutcase. A case in point
The mini/mainframe is like a bank vault very secure not everone in the office is allowed in and only good for specialized work.
Of course all of the paradigms are shifting desktops are blending into the workstation area, workstations are blending into both the desktop and mainframe domains and SuSE is selling linux for IBM S390's.
so the desktop has tried for only ten years, then subtract out work on proprietary projects when BSD had the equivalent running better and more securely; this realy makes them the new kids on the block.
Back 1976 one of my friends dialed a wrong number on the computer and was completely flabergasted when another computer answered, now it's hard for the grandkids to call grandma because she's always on the internet.
Apocalypse Cancelled, Sorry, No Ticket Refunds
I'm never one to avoid kicking Microsoft (when it's down or up), but the ZDnet article seems rather unfair and narrowly focused.
Reading what the Reg has to say on the topic, it sounds more like MS is licensing encryption algorithms for inclusion in other products: programs (and smartcards?) to allow people to carry their encryption keys around in their PocketPC's, and giving better security to it's Passport service.
MS is a big enough company with more products than Windows, and if they offer improved security in these, or even products geared exclusively towards security (like carrying around encryption keys) then I'm sure companies will buy. (After all as far as many CIO's MS made a great solitare program so their other stuff must be just as good!)
The security flaws in Microsoft's programs go much farther than RSA Inc. could hope to deal with, and adding their nifty new algorithm to encrypt X by Y is not going to fix it. The only trouble that appears here, is that people may see this and think that buying the MS Windows add-on to carry keys on their PocketPC will make Windows and Office more secure - cuz it won't.
credo quia absurdum
Silly me thinking the alternative indeed was better...
This also means that there will be a lot more DDoS zombie machines on the Internet. Previously, many people would quickly patch their machines before getting exploited, and run some anti-virus software or something if they did get exploited, which significantly reduced the number of zombie machines out there. Now, they can't patch their machines (a lot of people don't have the $16M to pay Microsoft for the latest version of Windows plus security "insurance" for it). In short order, more than 90% of all Windows machines on the Internet will have a well-known security vulnerability, and will likely be DDoS zombies as a result.
Now those damn packet warriors on IRC will be able to take out not only my dialup, but my whole f***ing ISP. Great.
The only way the typical /.er can pick up a chick is with a forklift. -- AC
MS Sales: Thank you for your purchase of our new operating system, Windows EXT! ...
Customer: Ok, bye!
MS: Have an insecure day
C: What do you mean by that?
MS: Well, we didn't try too hard with security in this release, and know of a handful of really dangerous bugs.
C: Can you fix them?
MS: Yes.
C: Phew! I thought my network was screwed!
MS: I didn't say we would fix them. Not for free anyway
C: Huh?
MS: As part of our new Windows EXT OS, we've introduced a new system to save you money by selling basic security!
C: But how does that -
MS: You wouldn't want to get hacked by the RIAA for that illegally included Metallica MP3 we put on your system, would you?
C: Damn you and your italicized sarcastic threats!
MS: Sir, that comment violates the ULA that your MS Intellimouse auto-clicked for you. Your license is now terminated. Thank you for using Windows EXT!
C: But I haven't even instal -
MS: [click...tone]
$8.95/mo web hosting
You cannot secure an application using Oracle's data base without paying extra for their Advanced Security Option (ASO). They've gotten away with that being an extra-cost option for years. Why shouldn't Microsoft copy a business model that Oracle's customers have apparently been happy to accept for so long??
FWIW, ASO adds two things to Oracle:
Any questions??
~REZ~ #43301. Who'd fake being me anyway?
Yes, sometimes more.
That $0.25 candy bar is now $0.59, $0.69, or $0.79.
But they do sales where there product is 3/$1.00
(old, overstocked, or just need to boost those revenue numbers!!!!!)
Aggregate cost is roughly $0.59.
So, yes 2.2 times sounds about right.
We won't discuss CoKKKe or Pe"BRITNEY-HEE-HEE"si, as 2 liters are cheaper than 20 ounce drinks.
Makes you want to stick something in her mouth to shut her the hell up.... Hmm,
that I can't start spreading my "Hello. I am the nephew of the late Stephen King.." Nigerian-variant spam yet? Poot!
One line blog. I hear that they're called Twitters now.
I think Microsoft just did some research and found that a lot of money is being made by companies like Symantec on virus scanning and security software sold by retailers with new PC's.
This is when consumers are most likely to buy into the sales pitch that they need to pay for 'extra security' to protect themselves against a bad user experience.
So now Microsoft knows that a lot of PC buyers walk out of a store with a PC under one arm and Symantec security software under the other. Why can't Microsoft get a piece of that action?
It is hippocritical but nobody said big business needs to have a conscience to be successful.
Remember that old Dilbert cartoon where the PHB is trying to motivate the engineers by providing an incentive plan for every bug they fix? Immediately Wally responds that he's "going to go program himself a mini-van" (that is, write buggy code that he can then be rewarded for fixing.)
There was also a joke on Rec.humor.funny that was along the lines: the judge in the Microsoft case orders the company split into two divisions. One division will support all of M$'s current product line while the other division provides patches.
When I read about M$ charging for security, it really is a lot like the consumers being Dilberted. M$ can purposely write bad code which their $ecurity update then fixes. And now they have the audacity to charge for it.
Science is built up of facts, as a house is with stones. But a collection
of facts is no more a science than a heap of stones is a house.
-- Jules Henri Poincar'e
- this post brought to you by the Automated Last Post Generator...