Slashdot Mirror
Microsoft: We Make Hackers Obsolete
bahamat writes "This article explains how Microsoft was forced to yank a magazine ad by the Advertising Standards Authority. In the ad MS claims that they'll make the hacker extinct. The tagline reads "Microsoft software is carefully designed to keep your company's valuable information in, and unauthorised people and viruses out. Which means that your data couldn't really be safer, even if you kept it in a safe. Which is great news for the survival of your company. But tragic news for hackers." Does MS really think that people are too stupid to remember what happened less than 2 months ago? My favorite quote from the article is "Clarke described Microsoft's claim as "laughable". "
I wonder if they used stock photography again this time?
If you can't beat them, arrange to have them beaten. -George Carlin
So where is their product that makes hackers extinct! I havent heard of the release yet! This is great new! Does someone have a link to it?
This is almost too stupid to be true. The majority of the world would disagree with this, even my MOM! :)
I think their ad exec provided a self portrait with that Dodo.
I'll take the safe any day1
Instead of the ad showing the greasy hacker it should show the hacker with huge muscles and maybe like laser beams shooting from its eyes as it thrives in the microsoft environment. I bet then they'd run the ad.
-Eod
Maybe they've finaly refined their product to the point where you simply can't boot it anymore. Put your safe inside your computer and feel as safe as ever.
Computing in Hell:
The security of Windows, the ease of use of Linux, and a Macintosh mouse!
"Those who have never entered upon scientific pursuits know not a tithe of the poetry by which they are surrounded."
It IS hacker proof - we don't have access to the source, how are we supposed to hack on the code?
*rim shot*
Because it doesn't require a hacker to break into Microsoft products, any average user can do it.
I can't believe they would even consider pulling a stunt like that.
Sadly, many people would believe it, if for no other reason than total ignorance.
I can't believe it; someone LYING in an ADVERTISEMENT?! This threatens the integrity of the entire advertising field!
Windows 2000 Server:
3 vulnerabilities in 7 yea--- days!
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
It seems reasonable that, Oracle already having garnered the attention the press for its "Unbreakable" slogan, that Microsoft try it, too. (I'll let you argue amongst yourselves whether this is in keeping with Microsoft's traditional business practices.)
Precendent's been set. But the correct response from the geek public has been to attempt to poke holes in an(y) absolutist claim, as is its obligation.
The product is called "Microsoft Offswitch"
Microsoft's typical strategy at this point is to sue the ASA.
Jason
ProfQuotes
Seeing as you dont need a hacker to break it then technicaly they could make hackers obsolete. Of course the growth in crackers is and will be astonomical.
:)
If there serious in selling internet portales then a free site certificate thats certified by recocnised organisation might be a step in the right direction but the only hacker/craker proof NT system I've seen had a blue screen and was locked down solid as a box switched off
It might be the end of advertising as we know it.
" In the ad MS claims that they'll make the hacker extinct. "
I don't see what the problem is. It's true! Why be a hacker when you can do it all as a script kiddie?
From the Jargon Dictionary link in the article:
hacker n. [originally, someone who makes furniture with an axe]
Why would Microsoft even care about some crude pre-modern furniture makers? I am beginning to think there was more than one reason the advertisement got yanked.
Stallan once said if you stated a lie long enough it would become true.
...."Windows is reliable...Unix is reliable...Windows is scalable...Unix is scalable...Windows cost less then a $1000 dollars...???" ?
I remember how NT4 was supposed to be the unix killer. Anyone remember the microsoft ad on the internet which went something like this
At the same time Bill Gates did a show called scalability day. In the demonstration with Microsoft Transaction server they showed NT doing million of simulated hits for banking apps. Bill said if NT can do this with only pc hardware just imagine what it can do with 32 processor systems.
What a joke. We all know that NT4 sucked bigtime and it was no solaris as Microsoft claimed.
Same is true with this. Many companies like Motorolla and TI believed the lie and replaced all there unix systems with NT ones only to downgrade back to unix. NT just could not handle it and Microsoft transaction server was not the magical bullet Microsoft made it out to be.
Its like the story of the boy who called wolf.
http://saveie6.com/
http://phunny.drghetto.com/switchlinux3.swf
much more creative.
YOU SUCK BALLS!
Of course they make hackers obsolete. I just got done spending a week making dotnet asp/vb code talk to a unix based web services. Did I want to learn about the wonders of a new webform? A few years back I could respect myself (somewhat) in the morning after some serious ATL development. I wonder if there is a 'hacker' audience anymore.
Now what they did not say is 'we make Crackers obsolete'. Their marketing department gets one right and everyone gripes...
+++ UGUCAUCGUAUUUCU
If anyone else was confused by the appearance of the "Advertising Standards Authority", it should be pointed out that this all occurred in South Africa, and not in the United Corporations of America.
America, naturally, would never CONSIDER such an insightful group.
Um.. perhaps someone needs to enlighten Microsoft as to the real definition of hacker.
Directly from the jargon file, a list of common definitions of hacker. Notice the 'malicious meddler' one...
(Originally, someone who makes furniture with an axe) 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary. 2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming. 3. A person capable of appreciating hack value. 4. A person who is good at programming quickly. 5. An expert at a particular program, or one who frequently does work using it or on it; as in "a Unix hacker". (Definitions 1 through 5 are correlated, and people who fit them congregate.) 6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example. 7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations. 8. (Deprecated) A malicious meddler who tries to discover sensitive information by poking around. Hence "password hacker", "network hacker". The correct term is cracker. The term "hacker" also tends to connote membership in the global community defined by the net (see The Network and Internet address). It also implies that the person described is seen to subscribe to some version of the hacker ethic. It is better to be described as a hacker by others than to describe oneself that way. Hackers consider themselves something of an elite (a meritocracy based on ability), though one to which new members are gladly welcome. Thus while it is gratifying to be called a hacker, false claimants to the title are quickly labelled as "bogus" or a "wannabee". 9. (University of Maryland, rare) A programmer who does not understand proper programming techniques and principles and doesn't have a Computer Science degree. Someone who just bangs on the keyboard until something happens. For example, "This program is nothing but spaghetti code. It must have been written by a hacker".
-------
"In times of universal deceit, telling the truth becomes a revolutionary act."
-- George Orwell
*Ignorant Person reads ad saying Microsoft products are hacker-proof and security bug free*
Ignorant Person: "This is what I have been waiting for!"
*Ignorant Person runs to the nearest Wal-Mart and buys a copy of Windows 2000 Server.*
*Ignorant Person tries to install it over his previous server OS, Windows 95 original release.*
*Ignorant Person is satisfied once Windows 2000 Server is installed and IIS is running*
*Ignorant Person's web site is hacked, Code Red I-IV finds a new home, and Nimda exploits every unpatched bug and then some. Not to mention the original Melissa virus from the W95 days*
Ignorant Person: "Ah shit"
Are you some kind of robot? If yes, what powers do you have? Do you use them for good or for awesome?
Are they using the same crack(sic) team that created the WindowsXP protection scheme?
http://news.bbc.co.uk/1/hi/sci/tech/1633875.stm
Whenever the offence inspires less horror than the punishment, the rigour of penal law is obliged to give way...
..but can anybody out there make that claim? I doubt it. If you know enough to keep everybody out, you pretty much know enough to keep everybody out no matter what OS you're on. Windows' big problem (I'm referring only to NT/2K/XP, not 9x or ME. I wouldn't defend that line for nothing.) is its poor choice of defaults. Lock it down and it isn't half bad. I had an IIS server running for nearly 2 years without a single incident. The big thing I did (here's a free tip for you IIS users out there) was I installed 'URLScan' which applied a filter to all URS before parsing. This not only prevented people from trying to use buffer-overflow techniques to break in, but it also let me prevent very specific things from being run. Damn cool, but it really should come with IIS. Like I said, poor defaults.
A Linux box, by default, is hardly more secure. Within a couple of weeks of building an Apache Server with the latest Redhat, it got rooted. Yay. You still have to patch it up, lock it down, and monitor it. I know the tools are there to make it more secure, but the problem is that you have to get to know it. I'm new to the Linux world, and as such I was more vulnerable to malicious attack than I was with IIS because I was unfamiliar with it.
So I'm curious, who actually can make that claim? Nobody immediately springs to mind.
"Derp de derp."
So it looks like Microsoft doesn't realize how lucky it has been in recent times.
SQL Slammer - affected users had better be thankful the packets only caused congestion - a packet 5 times the size but had a damaging (as opposed to disruptive) payload would hurt a lot more.
The WebDAV hole - a hell of a good job keeping hackers out of the US Army website.
The JScript hole - so just by reading my (HTML and JScript enabled) mail, an attacker could potentially run arbitrary code on my computer?
SirCam and Klez - information really does want to be free, it keeps escaping from Microsoft products!
In Soviet Russia, Microsoft owns Hackers!
Doing the Right Thing should not be preempted by making a buck.
Which is great news for the survival of your company. But tragic news for hackers.
Even if it were true that Microsoft platforms were secure and immune to outside vulnerbilities, their advertisement implies that hackers would become extinct using their platforms.
This should lead us to believe that anyone who cares to code or develop applications on a computer, or any company that wants to have or just use any applications post-Microsoft platform era, should no longer use their platforms as they make hackers extinct? It is rather a catch-22 situation for Microsoft is it not, that their platform will prevent anyone from developing it further once hackers are obsolete (although with a perfectly performing system why would they need to develop it further?)
But thanks for the warning Microsoft, we should not develop for their platforms and must move to other platforms if we want to hack away at the system to create applications. How nice of them to advertise this fact.
... I guess
... and I'm sitting at work this afternoon, after corporate sent out the latest microsoft "critical update" notice and recommends that we patch all our servers...
so we are looking at an "update server" to keep everything up to date, and the guy I work with notices that there are over *900* updates for Win2K. Now, ok, not all of these are critical security holes, I'm sure... but... even saying that Win2K has been out since March of 2000, 3 years, thats almost a a patch a *DAY*!!
yeah, MS... they make stable secure software. Any day now those hackers are going to be gone... of course, it might be well after the next SQL Server hole is found, and your entire company's database is wiped out...
Microsoft is good at making both their old software, and old hardware obsolete, along with hacking. .net on Windows 98, or read some CDs in a file system compatible with Win 98 but not NT 4+, then I'd say they are pretty darn good at making all sorts of things obsolete. .net, all the while them spouting about how it would make .dll hell disapear, make software for any Microsoft operating system including obscure ones like Windows CE Tablet, and not once did they mention that it wouldn't run on Windows 98.
When you can't read a file from the next version of MS Works in the previous one, or use MS
I was at a MS presentation of
Saskboy's blog is good. 9 out of 10 dentists agree.
Thriving? More like stagnating. There's not really much of a challenge. Just look at all the script kiddies going around these days. Maybe they mean "our software is so riddled with holes, real hackers need not apply".
Who needs hackers when the Windows can exploit itself over and over again...
I believe it's called self-abuse... for the more techie, it's known as digital-masturbation.
Welley Corporation - SLM Scammers
Holden: Yeah.
Banky: Good. Over here, we have a publicly accessible, secure, and intelligently maintained Windows server. Down here, we have a self-hating, angry as fuck, agenda of rage, bitter Solaris admin. Over here, we got Santa Claus, and up here the Easter Bunny. Which one is going to get to the hundred dollar bill first?
Holden: What is this supposed to prove?
Banky: No, I'm serious. This is a serious exercise. It's like an SAT question. Which one is going to get to the hundred dollar bill first? The male-friendly lesbian, the man-hating dyke, Santa Claus, or the Easter bunny?
Holden: The self-hating admin.
Banky: Good. Why?
Holden: I don't know.
Banky: Because the other three are figments of your fucking imagination!
http://us.imdb.com/Title?0118842
"My God, this must be a truly remarkable corn chip, to be so widely and confidently touted."
"814078: Security Update (Microsoft Jscript version 5.6, Windows 2000, Windows XP) Download size: 361 KB
A security issue has been identified that could allow an attacker to run programs on a computer running Microsoft® Windows®. The attacker would first have to send you an e-mail message or entice you into visiting a malicious Web site. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer. Once you have installed this item, it cannot be removed."
"I think you guys with quotes in your signatures should go have an original thought." -- Dan Miller
this is some marketing shmuck in M$ pulling what they do best , a publicity stunt. looks to me that we are the ones who need a reality check.
as another poster pointed out , oracle has the
unbreakable ads. heck every company advertises
their product as "the best", "the biggest innovation", "the change it all" - its called
marketing. agreed that in this case the disconnect between what they say and what is the truth is a little appalling.....
i guess the ASA was worried about PHB's and joe's being misled. well they are a decade or two, too late! The money is in the kitty and the people have already been misled
vv
Strong Bad is so awesome!
-- derby
Any logical person would conclude that what follows will be a conclusion presented by the advertiser, based on the afore-mentioned fact.
I have no doubt that some will argue that Microsoft software designers do not take security into consideration when designing software, or that Microsoft intentionally introduces security holes, so as to promote the purchase of upgrades to it's products (although msot security patches are distributed freely, think SUN and their policy of many years ago, requiring that companies wanting a bug fixes in Solaris were required to pay for the patch to be created).
The other issue is code change. The products to which the advertisement refers MUST be based on new code, because we know that in the past Microsoft did not design software with security in mind, because Craig Mindie said so:For this reason, IF the products are all based on new code, and IF you think that Microsoft would act in it's own best interest to sell more software and IF you believe that designing security in mind is likely to sell more product, then the ad is not misleading at all.
The key here is to see that Microsoft is NOT CLAIMING that their software IS SECURE they are claiming that they try to design it so that it is secure, and then draw the conclusion (however ridiculous it may be) that it is in fact more secure than a vault, but this is a conclusion, not a statement of fact.
--CTH
--Got Lists? | Top 95 Star Wars Line
bahamat wrote: Does MS really think that people are too stupid to remember what happened less than 2 months ago?
You don't need to look that far back. Try this week. It seems as though Microsoft has an ongoing program to nurture and feed the *acker types of the world.
"Weapons should be hardy rather than decorative" - Miyamoto Musashi
I think that goes for OS's too
"Lies, Damn Lies, and Microsoft Adverts"
What is music when you despise all sound?
From the article: Microsoft submitted documentation to substantiate its claims about the security of the software and said the advert was not designed to mislead the consumer.
Their substantiation is pretty fucking worthless IMHO, as long as the software includes a EULA that absolves Microsoft of any responsiblity should the software NOT be as secure as they claim.
~Philly
How many slashes would a slashdot dot, if a slashdot could dot slashes?
Evil l337 h4x0r: Mwah ha ha! I am going to break into this system, cause it to become slow and unreliable, trash lots of files, turn the security framework into pure unmanageable chaos, and make it send out IP packets violating several RFCs!"
(Typing...)
Elh: Ah, crap, it's already running Windows.
When all you have is a hammer, everything looks like a skull.
I think this is great. With this predcedent set, not only will Microsoft soon have to pull *all* its ads, so will 98% of the rest if the universe. With any luck, the entire media industry will come crumbling down. Maybe Microsoft has finally managed to start what Al Quaida was hoping to start - the end of western civillization as we know it.
Ah'm grabbin' mah gun and headin' ta mah bunker!
that they can stop all these spammers claiming that they can increase the size of my penis?
Microsoft Disclaimer: Please uplug all Cat-5 and/or modem cables from your system and do not connect to any networks, especially the internet in order to take full advantage of our "Hacker Exterminator" Technology. Wireless networking is included in this disclaimer. Thank you for choosing Microsoft.
The two oldmen from Muppet Show:
-- I believe this ad is true?
-- Huh?
-- They'll be secure in a billion years and we'll be all extinct!
I wonder how many crackers and script kiddies cut their teeth on Microsoft vulnerabilities. I'd wager that the vast majority of the black hats out there owe their "careers" to Microsoft software.
The cure for cancer is coming: Reovirus
You may have stumbled on to Microsoft's secret security strategy here.
- Release insecure software for over a generation.
- Watch 'real' hacker skills atrophy with time.
- Implement all the code fixes they have been secretly stockpiling in Bill's underground lair.
- MS systems become inpenetrable.
Maybe this is the real reason MS wants Linux eliminated, because it keeps hackers sharp.
"The words of the prophets are written on the Slashdot walls."
Hi! Maybe I didn't read the article carefully enough, but I was wondering anyone had a higher-dpi image of the ad! I want to put it up in our office next to my Slackware box - I love the image of the Hacker! It's hilarious!
No, not really. Most firms are honest. Some firms exadurate, like Apple's famous "bicycle for your brain" hyperbole describing the Apple II or Oracle's "Unbreakable" advert. Microsoft, however is so dishonest that really large, generally clueless organizations notice:
When you get to the point where the postman. bankers and marketing droids notice you suck and lie about it, man, it's over.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Actually, advertising regulations for mutual funds are super strict ( but then again, so are all the laws regulating mutual funds... but I digress). The SEC will fine you (well, your fund) big time if its advertisments violate regulations (clearly mentioning that any famous poeple in the ad are paid, guiding people to the prospectus, warning of risks, etc.)
also- the NASD regulates its member's advertising as well.
DISCLAIMER: I am not a securities lawyer, I'm married to a soon-to-be securities lawyer. All my knowledge comes from a paper she wrote for her Market Regulations class. If its any consolation, she got an "A".
In the future, I would want to not be isolated from my friends in the Space Station.
Actually, to make this true you would really just need to revise the End User Licensing Agreement:
By clicking "I agree" below, the user warrants that:
1. 'carefully designed' means 'cobbled together from papers we found in a dumpster at Xerox Parc in 1981 and have been trying to figure out ever since.'
----
2. 'Your company's valuable information' excludes any material represented on fixed or removable storage media, in any volatile or non-volatile memory, or intercepted network communications.
----
3. Microsoft warrants that the operating system will keep viruses from damaging the system. For the purposes of this agreement, 'virus' shall be defined as any file ending in '.txt' or '.jpg'
----
3. Microsoft warrants that the operating system will keep 'unauthorized people out.' For a person to be recognized as 'unauthorized' for the purposes of this agreement, they must be registered in a handwritten book at the corporate headquarters of Microsoft's Solomon Islands subsidiary. Names may be added to this book in person, between the hours of 8:00am and 8:10am on the eleventh of every month beginning with "F." By appointment only.
-------
Believe me, I'm as surprised by my comment as you are.
"The 1974 Ford Pinto: Featuring a non-exploding gas tank!"
"Amtrak: No more deadly derailments, we promise!"
"Slashdot: Never a duplicate story!"
You can have .exe files on your computer that run. Basically most of the stuff is spyware and 900 numbers that charge you 400$/minute long distance
I hate those fscking sites. I work for a phone company and I get customers complaining about long distance calls they didn't make all the time. Then I test dial the number and get a modem screetch in my ear. Then I have to explain to the lady on the phone that her hubby or teenage son is a perv who has been visiting naughty websites.
Maybe they should claim compensation from Microsoft for making this possible in the first place.
(It also means I can't access those pretty picture myself using linux - bother!)
You make the mistake of thinking you can educate the fundamental stupidity out of people. You can't.
Technically speaking Gateway, as a result of the Escom buyout, which followed the Commodore buyout, owns the design patent on the two-button mouse. I kid you not.
bring in the script kiddies!
"Microsoft software is carefully designed to keep your company's valuable information in, and unauthorised people and viruses out." This statement has a factual basis.
But you are mistaken and Microsoft knows it. Silly fanboy, grow a memory.
What do you call a consultant who recomends M$ for security of private information? A baldfaced liar.
Friends don't help friends install M$ junk.
Does MS really think that people are too stupid to remember what happened less than 2 months ago?
They don't just think it... They count on it.
For example, just pulled from the Microsoft outlook home page:
If you have Outlook version 2002, you already have industry-leading technologies helping to protect your data.
Evidently, Security Bulletin MS03-003 is some of that industry-leading technology.
It says so in the license!
"Orthodoxy is unconsciousness" - Orwell
Don't they give MS authorization to go into your computer on a whim?
I dunno about you, but I don't give out the combination of my safe to anyone, including microsoft.
Alternative Title/Article
Microsoft: We Make Our Programmers Obsolete.
The article really reads: "Microsoft software is carefully designed to keep your company's valuable information open source at Microsoft, and unauthorised people and virii/worms in."
Which means your data couldn't be safer (unless you migrate to an open source operating system/applications or re-install Windows 3.11), even if you keep it in a Microsoft (TM) built safe (made of paper and duct tape). This is great news for the survival of our company (Microsoft). But tragic news for the uninformed suckers who purchase our products.
All that is required is the acceptance of our standard waiver of liability for installing Microsoft software, and the affirmation that your hardware & software belong to Microsoft... you just rent it.
When we (read: hackers/business users) find security holes in our software (read: spyware) we release download patches, amouting to about 10MB per week, and several reboots. This augers well with 56 K modem users who use Linux to dial their ISP (requiring MS-CHAP), when chap.secrets wont work. Don't concern yourself with patches to increase performance and reliability, we only release 'security' (cough) patches.
And to top it off, each new version of our software grows exponentially in size. The next version of Windows will require 2GB of hard disk space and 1024 MB of RAM to work as fast as it would have with Windows 98 and 64 MB of RAM. Never mind that you are doing exactly the same tasks, and the MS Office file format is ideantical in XP, 2000 and 97.
Microsoft programmers are first rate. They all get their qualifications with toys in breakfast cereal packets.
Prepare to be assimilated! Resistance is futile!
[In case you couldn't tell, I was being sarcastic. All hail Tux, commander of the USS Starship Future!]
I would have prefered to see the alternate add with the pictures of a unicorn, a mermaid, a pixie and a hacker with the caption;
"Just like the unicorn, the mermaid and the pixie, a hacker who cant compromise our operating systems just doesnt exist."
It just seems more appropriate to me...
"I'm tired of all this 'Aren't humanity great' bullshit. We're a virus with shoes" - Bill Hicks
It makes hackers laugh so hard, they can't even type. Thus, data is secure...sort of.
Microsoft must be really, really stupid to think that anybody is going to fall for that. The reliability of their software is a joke across the industry that EVERYBODY knows about.
Being an advocate of alternative software, I talk to a lot of people about Microsoft before I even mention that I advocate other stuff. I have never heard someone say that Microsoft's stuff is reliable. As a matter of fact, even the most naive computer users have stated plainly that Microsoft causes all kinds of trouble for them. It is a widely known fact.
So why would Microsoft make a stupid claim like this? My feeling is that they have a serious break in communication between their marketing department, which probably uses blueberry candy-apple Macs to make glossy, lickable presentations, and all other departments, which use UNIX for all of their operations because they know how much Windows sucks (because they made it) and refuse to use it.
'ta
It's great that Microsoft's advertising claims were shot down in this case for being unjustifiable, but they've still got some other pretty nasty falsehoods floating around out there.
I don't know if this particular campaign is appearing at American schools, but certainly at Canadian universities, Microsoft has launched a fairly heavy ad campaign for academic-priced software (I've seen the ads at Waterloo and Simon Fraser.) The ads feature bold print saying "Getting software for any less would be illegal", and in smaller print, below: "90% off the estimated retail price!". (See a banner ad of it at the University of Waterloo computer store.)
Hmm... given that I've paid less than their listed prices for the software on my computer, I guess they're accusing me of breaking the law. It's too bad that a lot of their competition's software is still cheaper (e.g. I use OpenOffice, myself, but I'm pretty sure I could get a full-priced copy of StarOffice for less than the student-priced Office XP.)
I would love to see Sun start a competing campaign saying "Getting certain other software at these prices would be illegal. Save money and keep yourself out of jail: use StarOffice."
Sure can! Real/32 can also. There are plenty that can. MS isn't one of them.
My other Beowulf cluster is... er...
"(Cr|H)ackers" by definition are people skilled at breaching the security of systems to gain unauthorized access. With the kind of security MS's products provide, all you need is a script kiddie level of skill. No more need for that skill set. :)
Wait, let me guess ... Before the exploit code can execute, Windows blue screens?
I'll grant Slammer was like that.
But the second WebDAV exploit was not patchable before it was out in the open. Heck, it's only been out a few DAYS!
The new JScript bug is even newer than that.
Both these bugs are currently listed on the Internet Storm Center as pressing issues.
(-pi, Circular)
Doing the Right Thing should not be preempted by making a buck.
To give them the benefit of the doubt, perhaps they meant an open safe, with a big arrow pointed towards it and the words "FREE STUFF!" spray painted on the wall. ;-)
As far as I'm concerned the name Microsoft means
'Hackers find another security hole, its so easy'.
Yet another security patch for 98... good thing it's end of life is June '03. Then I won't have to worry about anymore patches.
The funny thing here is that independent verification isn't required unless everyone already knows the claim is a lie. Also worth noting is that a company with 1/1000th the cash that M$ has could get independent verification for anything they wanted (we've all seen the court cases where the sleazy side has their expert witnesses). Heck, even M$ bought some expert witnesses for their antitrust trial. But even M$ couldn't find anyone who was able to claim M$ software is secure with a straight face.
I'm an American. I love this country and the freedoms that we used to have.
From the article:
Laubscher says despite the decision, Microsoft fully maintains that its software is able to fulfil the task of keeping hackers and viruses out, making the customers' data safer than if kept in a safe.
I try to be open minded, but when you walk around with your foot hovering in front of your mouth, eventually, someone is going to push it in. This is worse that walking around with a "kick me" sign on your back, because they did it on purpose.
The claims they made are so over the top, its obvious their marketing dept. has lost all contact with the real world. No one with a pulse is stupid enough to believe it just because they said its true. This is insulting to their existing customers, who know better.
Tequila: It's not just for breakfast anymore!
Yes, they can. Unfortunately (or otherwise for myself) I believe that I happen to know of something like 8 or 9 exploits giving you 100% access to any Windows box (not behind NAT or firewall'd). Windows based firewall software running on the same box, is, well, useless. ZoneAlarm? You'll never hear a thing...
I started the migration for the company from Windows starting in 01/01/01 for at the time were 30+ reasons -- many of which are being found and patched.
What scares me is I'm a schmuck and don't like/use Windows and I keep finding them. How many are there for real? Sorry Microsoft, but I have a business to run, and the job you've been doing creating the software to run my computers has stunk. UNIX to the left, UNIX to the right...
Unix is a complete joke as far as security.
I don't know what you mean by "Unix", but I'm assuming it includes all POSIX-compatable operating systems (including GNU/Linux, *BSD, etc). In that case, maybe you should look at OpenBSD. It's about as Unix as they come, being BSD-derived and all. Yet it is also one of the most secure general-purpose operating systems out there. In the past 7+ years, OpenBSD has had one remote root hole in the default install (the OpenSSH off-by-one hole, I believe) and a handfull of priviledge escalation holes and the like. Compare this to Solaris or Red Hat Linux, and you'll see that not all Unixes are the same.
a.) It's ancient so most of the flaws are finally worked out.
I agree here, but I think that the point deserves more elaboration. Many of the flaws in Windows and Windows-related products like IIS stem from fundamental design problems, the kind that only massive time and energy spent reworking can fix. For example, the fact that any NetBIOS-enabled Windows machine will send you its password hashes upon request (by getting the machine to retrieve a remote file:// url) has been acknowledged by Microsoft as a pretty much unfixable design flaw. Similarly, the IIS URL parsing mechanism is overly complex, leading to holes like the Unicode ../../ problems. With Unix, most of the fundamental design issues have been worked out or worked around. True, there are still a few fundamental problems; the inflexible permissions system and the fact that many things run as root just to get one specific priviledge (ping, daemons, etc) come to mind. But most of the flaws in Unix programs come from buffer overflows, format string vulnerabilities, unchecked perl open() calls, and the like: little, isolated errors that are easy to make and almost as easy to fix.
b.) Nobody _gives a shit_ about Unix so there aren't a lot of hackers out there targetting it.
This point blatantly contradicts the others. If Unix is so unimportant, why (according to point a) have there been so many flaws found and fixed? Besides that, have you looked at how many companies are into Linux these days? I think that Red Hat, IBM, and HP (just to name a few) would disagree with your statement that "Nobody _gives a shit_ about Unix". With the release of Mac OS X, Unix is now also a popular desktop OS with a significant market share. As for "hackers" (I'll assume you meant crackers) targeting Unix, take a look at any security-related mailing list and you'll see that many Unix-related flaws are researched and found, and often exploited. Crackers and script kiddies do care about Unix (it accounts for over half of all webservers*, for example), and this is why so much effort has gone into and will continue to go into securing Unix.
*Netcraft says that 64.19% of sites run Apache, but does not mention the OS distribution. Since most Apache installs are on Unix systems, and since there are also some non-Apache Unix webservers, I figured that saying 50% was more than reasonable.
This message may appeal to naive purchasers, but does not address real-world threats. Most corporate fraud is committed by insiders. Microsoft is proposing an overly simplistic threat model: the villains are outside the wall. In reality, villains inside the wall account for greater damage.
This advertisement tells us quite a bit. Microsoft has indirectly revealed breath-taking advances in huge ball-enlargement technology.
pr0n - keeping monitor glass spotless since 1981.
I guess you guys didn't read the extra fine print. It says that the user must... 1. Use a hardware firewall with both incoming and outgoing ports blocks.
2. Use Mozilla instead of IE and Outlook Express.
3. Have two anti-virus programs that checks for updates every five minutes.
4. Sanitize all floppy disks with magnets before use.
5. Check for and download Windows updates daily, unless the updates undoes the previous fix (e.g. Slammer) or breaks the Windows. Consumers should buy a second system and a second copy of Windows.
6. Leave the system off. If you must use your computer, try your local library computer lab. If you must use your home computer, turn it on just long enough to do your business and turn it off when finished. Note that acorrding to EULA, by merely turning on the system, you are acting against the recommandation of MS and therefore, MS is not liable for any damages.
7. Upgrade to the new version of Windows as soon as it is released. Delete your old partition and do a clean install as the new and improved Windows magically wipes away your past problems.
8. If you get hacked with the latest version of Windows, that probably means that you are a pirate.
9. If you are not a pirate, that means that you must have violated one of the clauses above and MS shall not be held liable.
10. If you followed all the clauses above, by EULA, you must submit the problem to us, so that we can put a clause excluding your error in the future EULA (to be installed with the next patch) so that MS MS shall not be held liable. If you do not submit your error, you are in violation of EULA and MS shall not be held liable.
1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
but the ad says: "No everybody benefits from our secure software", Now my question is :
How is M$ software involved in the extinction of the dodo,the wooly mammoth and the sabre tooth tiger??????
Any suggestions?
"Windows hackers extinct! Now if we could only get rid of the generation of script kiddies we've created."
Each key on a keyboard is unique, with a different symbol, and thus a different use.
On a single button mouse, a single click is unique, and a double click is unique, as is a click and drag or a click and hold.
With two buttons, then there's a question: Which button to use in any situation? With three buttons, you've also got to worry about two button combos (keyboards have combos!)
So in a sense, it's just less training. The Mac OS is designed to be sufficient with a single mouse button, and every additional button and scrollwheel is acceleration.
The Windows OS is *not* designed to be sufficient with a single mouse button. Rather, it's extremely inconvenient to use only a single mouse button.
On the *flip* side, the Mac has not traditionally been designed to be run mouseless (OS X may be more so, but I haven't tested that capability), while Windows has been designed from the ground up to be navigable without a mouse. Not terribly pretty, but it works.
So the bitching about a single mouse button is wasted energy; if you're using a Mac, you don't need more, though you are certainly welcome to use more if you want it, while on Windows (and Linux) it's just different, not worse, not better.
GPL Deconstructed
Just shows how low the media whores in this country. No objection to printing that in Time magazine. An African country can see the absurdity of these ads and force retractions, but not here.
Now you've pissed a bunch of hackers/crackers off. Let's see how many exploits they can find now.
There is nothing inherently safe about liberty. That's why so many people died protecting it.
Claiming to be secure is pretty laughable when coming from Microsoft. But his isn't the first bonehead ad they've run.
I mean with all of the patches that they put out almost on a daily basis, why would they pick a butterfly (a bug) for their MSN mascott?!
Maybe I have a sick mind but Microsoft choosing a bug for a mascott just strikes me funny.
The race isn't always to the swift... but that's the way to bet!
Tell a big enough lie and people will believe you.
The race isn't always to the swift... but that's the way to bet!
"Microsoft software is carefully designed to keep your company's valuable information in, and unauthorised people and viruses out. Which means that your data couldn't really be safer, even if you kept it in a safe. Which is great news for the survival of your company. But tragic news for hackers."
Obviously Microsoft does not value grammar:
1. You can't start sentences with "which".
2. "But tragic news for hackers." is an incomplete sentence, and so, is wrong.
Perhaps instead of lying about how safe their software is, they should work on improving Microsoft Office's grammar checker.
-Dae
"Alle reden vom wetter. Wir nicht." - SDS Sozialistischer Deutscher Studentenbund.
j00 4r3 3n73r1ng l337 w0r1d.
The reason hackers are obsolete is now you don't need to skill of a hacker to break Windows, any old Joe can do it now (and you don't even need to try hard!)
Remember NT Server 4.0 achieving DoD C2 Certification?
Remember how MS touted this certification to the world, saying that if it was good enough for the U.S. Dept. of Defense, then it is good enough to be run anywhere on the Internet?
Remember how we found out that the C2 certification applies to a computer ***with no LAN/Internet connection?***
That C2 line smeared thick BS over the eyes of many an IS manager. I can think of several offhand that converted entirely because of that certification.
Life is tough. It's tougher if you're stupid. --John Wayne
anyone know the ISA Server's track record? I hear it's very secure and it's firewall engine inspects packet data and not just source and destination address. Didn't they win a secure computing competition recently using the ISA server?
Your thoughts are appreciated
A: War Is Peace was taken ;)
I agree that the one-button mouse is absurd, but I started with PCs and currently use Macs and PCs roughly equally. Most of the people I know who've used Macs from the start have no problem with a one-button, given that Ctrl-click performs the same function as a right click.
;-)
I guess it all depends on what you're used to. I'm typing this message on my new PowerBook, and after the first couple of days I've hardly given it a second thought. I can certainly see where you might be annoyed by it, but it seems a shame that you consider it to be a deal breaker.
Another thing to bear in mind is that you always have the option of plugging in any USB 3-button mouse- no drivers required. When I'm at a desk using a full keyboard and mouse the mouse is a Compaq (Logitech) 3-button scroll mouse which works like a champ for me. Additionally, I know that Kensington makes some pretty amazing trackballs that are Mac-only, so there's really no dearth of multi-button options.
To each his own, of course.
BTW, I'd love to see your ad idea produced, but they'd have to find a way to include a couple of lingerie-clad women having a catfight.
-Cybrex
Boundless Expansion, Self-Transformation, Dynamic Optimism, Intelligent Technology, Spontaneous Order- BEST DO IT SO!
It's still happening right now! Hilarious ad from MSFT, I wouldn't be surprised if it was actually an Onion pardody though. =) I guess it being from MSFT makes it even more hilarious.
see, now I've used three button mice with AIX, two and three button mice with windows, and one button mice with mac.
I can't see any advantage to having all three buttons on the mouse except to cause repetetive stress injuries faster.
with the ctl and alt buttons on the mac, (laptop I might add,) I have been able to avoid repetetive stress injuries that plagued me as a windows and UNIX user in the past. my wrists thank me for using a mac.
what's your problem? wrist pains got you down???
some of us have better luck with women and cars, but hey, I work for a circus.
cheers!
-- it's ridiculous how many people misspell ridiculous... (damn, damn, damn...)
The result of this evaluation is that both products are not safe to use on the Internet and as a public terminal:
(Read it yourself.)
So Windows is indeed certified to be hacker-proof, unless you connect it to the Internet, or the hacker is unwilling to cooperate.
I would think the following words would also be applicable:
They never said anything about locking the safe.
Always read the fine print... even if it isn't there.
OS Software is like love: The best way to make it grow is to give it away.
Although the concept of wanting to make hacking impossible in time is a commendable one,despite the near comedic boast of Microsoft. I wish them luck in this,and it's luck they will need,because the enemy they face is not merely "hackers",but...
Human Nature.
For every person trying to achieving the mythic "Good Thing",to bring to the world something useful and wonderful,pouring their time energy and sweat in pursuit of some happy dream of an idea,for every person trying to contribute to the betterment of their fellow human...
There are a thousand assholes who will break,hurt,interfere with,muddle,malign,and oppose anyone not because it will benefit themselves,not because of misconceived righteous indignation,not with tangable reason.
But because it's F-U-N. Grief play. Entertaining to make the worms wriggle when you are only a worm yourself.Sad,true.But it might be possible to drag these muck dwellers to the shores of enlightment by making such acts of hacking punishable like real crimes.Theft is theft,sabotage sabotage.Throw enough of them in jail and maybe the rest might take the hint.
Or maybe not.It's Human Nature after all.
Microsoft software comes pre-hacked.
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
Mod parent to: (Score:5, Irrational & Paranoid)
Such good timing I would say ....
http://196.30.226.221/sections/software/2003/03032 00801.asp?A=%&O=F
They have had it for years. You press the f8 key as it boots. No services are runing in safe mode so you can't get online or do anything. So that must be microsofts secret weapon. When noone is looking they throw a master switch behind microsoft's secret development door and 'poof' all computers running windows slip to safe mode adn there are no more security leaks. The precurser to this strategy was when they had the update in OLE where noone could open an attachment, to help enhance security, and never told anyone about the new security feature.
The laughter is overwhelming - so far there's 57 +4/5 Funny comments.
"Smithers, are they laughing at me?"
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Microsoft: We Make Hackers Obsolete cuz Any idiot can hack windows.
As a rock-in-roll Physicist once said, No matter where you go, there you are.
In Holland someone sued M$ Netherlands for this commercial. You can read it in this article (dutch). M$ lost the case, so sue them in all countries! :-)
So that's the killer app they have been working on.
We are the people our parents warned us about.
That's funny because the definition for "hacker" states: "...A slang term for a computer enthusiast, i.e., a person who enjoys learning programming languages and computer systems and can often be considered an expert on the subject(s)..." So in theory wouldn't MS be making their own obsolete?
How can you hack a computer that is always frozen or rebooting from a crash.
In the correct sense of the word "hackers", they are absolutely right. Microsoft aims to make thier apps so "easy to use" that they eliminate the need (and the ability) to hack things. Their goal is to sell to average desktop users and average business owners, so that they can do things without having to hack and tweak with things. This is the reason Microsoft is so successful.
Unfortunately this "dumming down" produces many security holes, runtime errors, and eliminates the freedom we enjoy with Unix/Linux/BSD. This business model also moves software away from the 31337 h4x0r$ like us, and makes it nice and shiny and "easy."
This is fine, and useful, however the problems are: Many MS programs are notoriously bug ridden (IE, IIS, Exchange, Windows, etc.)
In thier quest for global domination, the code is top secret, and the programs loose much of their hackability. It is a good analogy to say it is "like a car with its hood welded shut."
Sorry if I duped anyone.
P33(,
Arthur K.
Patent: from Latin patere, to be open