Slashdot Mirror
IE Holes Not Microsoft's Fault, Says Bill
thparker writes "As part of the Media Center release discussed previously, Bill Gates had an interview with USA Today. Best quote: 'Q: Speaking of security, Internet Explorer has had well-publicized holes... Gates: Understand those are cases where you are downloading third-party software.' Well now we know -- these problems have all been our own fault." Any counterexamples?
Gates: Understand those are cases where you are downloading third-party software.'
Hrmmmm. Downloading third party software on my Macintosh does not seem to get me into trouble in the same manner as it does on Windows........Why is that Mr. Gates? Furthermore, I have performed the experiment: Install Windows on a computer and hook it up to the Internet. Leave it hooked up without downloading one bit of software from anywhere! and the machine will be compromised. Why is that Mr. Gates?
Moving along: Q: Might you add anti-virus/spyware protection in Windows? Gates: It's not a thing you build in. You have to offer a service......Why is that Mr. Gates? I would have thought that you would offer a secure environment as part of your product out of the box? What does that tell us about the quality of your products? After all, does not my automobile come with airbags and antilock brakes and skid control and all wheel drive? Under your logic, those features would only work if I paid a monthly premium.
You know, I kept waiting for something better to happen with Windows, but I have work to do and things to create, so I'll stick with OS X and my Macintosh. Thanks anyway.
Visit Jonesblog and say hello.
Comment removed based on user account deletion
No.
"Q: Might you add anti-virus/spyware protection in Windows?
Gates: It's not a thing you build in. You have to offer a service. There are third parties who are doing a good job. We're always taking a hard look, but we don't have any concrete plans."
So, apparently Ballmer isn't the only one there who Doesn't Get It.
John
Yes, viri, trojans and spyware tend to be third party. The problem is, IE lets you download these and execute, sometimes by just viewing a page.
Quid festinatio swallonis est aetherfuga inonusti?
Africus aut Europaeus?
Sick and tired of fixing spyware infested machines.
Those holes are what LETS third-party software install its freaking self.
mind you he said downloading....so once you install bonzibuddy.exe you perfectly safe!
A morning without coffee is like something without something else.
they just didn't want to make it hard on any kids who thought you could hack by typing "hack mainframe" the dos prompt
I wasn't aware Windows Update was third-party software...?
May I suggest you just get OS X and get over your Billy's OS problems?
Nothing beats APPLE!
I thought it was everyone else blaming their computer problems on Microsoft not the other way around.
Well, it has never been successfully tested.
is like Tony Soprano lecturing about law and order..
Gene Snitsky invades Redmont! Say it loud, say it proud: IT'S NOT MY FAULT!!! (WWE Fans unite.)
Q: Yes, but will people continue to do that with Media Center? Gates: You might well do it. We need to use approaches that block people from ever getting software onto the machine they don't want. Me: Great. Now let me get a PC from a major OEM without windows - oh, not that software?
Don't worry - its just stigmata. Pass me a napkin and don't you dare tell my mother.
...where you visit 3rd party sites. Obviously, it's not Microsoft's fault, but the fault of the 3rd party when you PC gets infected. So maybe IE just shouldn't be used except when visiting Microsoft's update site? Use another browser for anything else? I find myself in a surprising agreement with Gates...
Yeah its all that "3rd party Software" like viruses & worms that do the damage ;)
All lawsuits against defective products are dropped immediately. Any further lawsuits will be thrown off the court without any prejudice.
Thank You Bill Gates for clarifying the REAL CULPRIT behind all the problems that are plaguing Windows Operating System.
.
.
.
.
.
.
.
.
.
Hooray, I made a sarcastic remark, or didn't I?
So, pray tell, how is making a horribly insecure third-party application model (DirectX) and then complaining about how people are exploiting it supposed to hold water? YOU ARE THE API DEVELOPER. IT IS YOUR RESPONSIBILITY TO ANTICIPATE POTENTIAL ABUSES.
Because if I'm reading this right, then that's exactly what Gates is doing. No wonder Microsoft's products are so shitty; they think that security is something that happens to other people.
Sounds like Microsoft's Trusted Computing Initiative isn't getting as much executive support as it might've.
Remember that, Bill? When you said you were going to make all the Windows computers secure by focusing all your energies on securing your code?
Now, it's not your fault, and you won't do anything to fix it? Then why on earth did you tell everyone that you would?
A morning without coffee is like something without something else.
"If you just boot up IE and let sit there, it won't crash or infect your computer. All the problems come when you start viewing third-party web pages, which are a kind of software as far as IE is concerned. If you limited yourself to microsoft's web pages, where we offer things such as security patches, you won't have any problems. Don't blame us for third-party software issues!"
The more he reminds me of my ex girlfriend. As in - he is just as greedy and his side is never at fault.
Although he is much uglier and....male.
I hear them from the Bush administration almost daily and corporate america is getting a lot more brazen. No one fact checks, dissenting opinions are marginalized, and the corrections page doesn't have nearly the eyeballs the front page does. And that's assuming a correction is ever given.
This is the same mentality of shipping a crappy product and having tech support take care of the issues. Okay, fine, at least I have someone to complain to and I can return products, but with information you don't have that option. You complain to your peers, who are just an echo chamber. The fact that lying usually goes unchallenged in media makes for bigger more destructive lies.
The browser has holes, its a piece of software. This is way over the line. How did the information age become the disinformation age? Perhaps we officially entered the post-postman world where everything is a soundbite that flies through the subconscious and sticks there. Long corrections don't have the same stickiness, so lying is now smart business.
Keep it up Bill, you're making my next Apple purchase all the sweeter.
Disclaimer for the mods: Yes, many politicians lie. Apple isnt perfect, etc. But there is a difference between small and big lies. Lies which are harmless and those which cause destruction.
Especially the ones that you get while downloading the updates.
So the thing the users keep doing wrong is hook it up to the internet.
Internet Explorer's flaws are strictly the fault of Microsoft. Mozilla Firefox is far less flawed. If Microsoft hired more people in programming then it did in fixing flaws then maybe they would have a half decently secured system ala Internet Explorer.
Buy a Microsoft-based computer from any store, hook it up to the Net, get r0073d!
Install the Microsoft-supplied Windows CD (pick any version), hook it up to the net, get r0073d.
God forbid, if you dust off your favorite old Windows that you hook that up also!!!
Uh? This has nothing to do with 3rd parties SW, Bill.
Bill, if I could just add one thing...
Those who dare oppose us will stand knee-deep in the blood of their children.
Q: What's your take on making Windows Media compatible with Apple?
Gates: We're big believers in interoperability.
BWWAAHAHHAHAHAHHAHAAAHHAAAA!!!!!!
Yes yes... ofcourse, interoperability within Microsoft products
I suppose technically a JPEG is more like software than hardware, but as data it's not really 3rd party software. I mean, Windows programs can create a file called picture.jpg. And if you can't run programs from a 3rd party, then data sharing is rather restrictive now, isn't it Bill?
Saskboy's blog is good. 9 out of 10 dentists agree.
Mod article +5 Troll...
Wish there was a rating system for articles.
Q: There is talk of a Google browser. Internet Explorer has had its security woes. How do you keep users?
Gates: More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change. That's the one over 90% of people are going to keep using.
The reason I switched to Firefox on my Wintel box is because Nothing is going to change!
This Sig doesn't like The Force, The Matrix or Middle Earth. It also gets laid.
Anyone remember OS-9's CRCs?
How about putting a MAC on executables?
Of course, the question of who the clueless user trusts still remains.
That's interesting since current statistics are only showing:
2004 IE 6 IE 5 O 7 Moz NN 3 NN 4 NN 7
October 69.8% 6.0% 2.3% 17.0% 0.2% 0.2% 1.3%
September 69.6% 6.2% 2.3% 16.9% 0.2% 0.2% 1.3%
In other words, IE5/6 with 75.8%, not Bill's dream of 90% (not anymore). In fact, it has been since Jan 2002 that IE has had a number even close to 90%, when it was at 86.8%.
Bill, get a clue and stop using your PR department for your FUD.
We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"
Q: There is talk of a Google browser. Internet Explorer has had its security woes. How do you keep users?
Gates: More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change. That's the one over 90% of people are going to keep using.
Let us all remember the line above then. Nothing is going to change?
I think it will
The power of accurate observation is commonly called cynicism by those who have not got it. -- G.B. Shaw
I need lessons with Bill so I improve my english, I guess its easy to learn it, if you stretch the meaning of the words as much as bill.
Watching a website outside microsoft.com=downloading third party software.
Q: Speaking of security, Internet Explorer has had well-publicized holes ...
Gates: Understand those are cases where you are downloading third-party software.
Here how it goes.
If you never download, let say a third party web-browser like Mozilla's Firefox or Opera, you'd never realize how problematic Internet Explorer is.
So it is us, the consumer, who are to blame for downloading those third party softwares. Especially the ones that make IE look so horribble.
Gates: "Nothing is going to change."
Same Old, Same Old,
What Gates is saying is that Windows does not come with native viruses installed, you have to download them from other places. Well, I sure hope they see that they are missing a market opportunity here. Longhorn better come with its own, native viruses.
You can't handle the truth.
> Sig: In the end, It's all male cow dung you know
B-b-b-u-t-t, this tasted like female cow dung to me!
Poster meant ActiveX, but MOD PARENT UP
Thirdy party!?!
Democrats blamed Nader for Gore losing in 2000.
Now, Gates is blaming Nader for IE holes.
Nader just can't catch a break!
Sucks to be a third party.
And to start the ball officially rolling we have the well publicised recent GDI/JPEG vulnerability
Let me be the first to reply to Billy G
You sir, are a liar.
Visit CryptoGnome in his home.
Now I'm confused.
...and the dog ate my source code. He's
Si tacuisses philosophus mansisses. If you had kept quiet, you would have remained a philosopher.
Yes, and if they did integrate, or add antivirus protection somehow to it... you'd have half the fools around the world crying foul about 'monopoly'!!!
Sad, sad, sad...
The purpose of Internet Explorer is to download third party files (by viewing Web pages). Mr Gates's claim that vulnerabilites exist because of such downloads is therefore nonsensical; it's like saying we could end deaths due to automobile accidents by banning automobiles. Yeah, there's a certain logic to that, but it sort of misses the point. To take a recent, ongoing example: A malevolent Web page can use an image file to compromise a Windows system. This vulnerability is not created by users who have somehow previously contaiminated the local environment; it's a part of the system's design. The OS was originally built to offer features over security, and maintaining backward compatability rather than fixing those issues would make it more difficult to coax existing users into upgrading (and would also make it easier for existing users to consider alternatives rather than upgrading). I lost two years of my life covering the antitrust trial, listening to this guy and his minions cheerfully perjure themselves, and he just can't seem to stop making it up.
At least, not from Microsfot
It's a time to invent new slashdot joke
"In the proprietary software world vendor blames you for software faults"
"In the proprietary software world bug fixes you"
and so on
Han: "It's not my fault!"
Lando: "It's not my fault!"
Bill: "It's not my fault!"
IE Holes Not Microsoft's Fault, Says Bill
I got the impression it's "Third party software not Microsoft's fault, says Bill". A big question there. Of course, there's flaws in his logic since this software is sometimes (not at all always) let in by IE holes, but there's still a big difference from what he's saying here. It's these mistakes that spawned the "640K ought to be enough for anyone", I suppose.
Beware: In C++, your friends can see your privates!
Microsoft knew how people used they should have planed a better, more secure system. Microsoft blasé approach to system, for years (since when I was in high school, I just got my CS degree!) is directly responsible for the shit we are in today.
Yes, things are getting better, but they are not nearly where they need to be.
Microsoft needed to build a system that would protect the user from hurting themselves with the help of the criminals who write this Spyware crap (the fact that something may not be illegal does not make it not a crime (and vise versa)).
You know it honestly shocks me how bad the Spyware problem is now. Spam never shocked me this way, probably because I grew up with it. But the idea that, probably 90% of the people out there running windows have malicious software running on, and fucking up their machines is just amazing. And no one seems to care!!. The only people I know who don't have infected machines are hard-core computer nerds.
Hell, I remember a year or two ago the CEO of red hat said that if people wanted a desktop machine, they should just use windows, and this was when Spyware was just starting to pick up! What a horrible suggestion!.
Sorry to rant, but the whole situation irritates the hell out of me. I think the newer versions of windows are pretty nice, as long as you never run an EXE from an untrustworthy source... and make sure your system is patched up.
And I did, in fact, get infected by Spyware once, I didn't run a program at all, I simply visited a page and crap installed on my system. I had to clear it out by looking at newly created files on my system, if the Spyware makers had thought to change the file-creation date I'd probably had been hosed.
The situation bites ass.
sinfulshirts.com t-shirts that make baby ash croft cry.
autopr0n is like, down and stuff.
A big question there.
_difference_
*drinks some coffee*
Beware: In C++, your friends can see your privates!
My unclosed tag makes baby ashcroft cry as well.
autopr0n is like, down and stuff.
You need to see a shrink. You are SO in denial mode. Take it from your users, not your PR cronies, IE is broke, always has been broke, always will be broke. Firefox is great ( but there are still some problems with it) and it will get better. But I doubt if it will ever get a big following. Bill has us by the cojones. We know it, He knows it. Thats why he can lie, lie, and lie some more. Thats it, Bill, blame your users. Just once, I would like for M$ to admit fault. I can dream, right?
More has been invested in making IE secure than any browser on the planet by a long shot
Pretty bold claim. Hopefully (for all of us) it's true. I for one am tired of seeying spyware on my pc because IE (or java-vm) had a hole in it that let spyware/adware/virus slip in.
First of all, you are a business, so you want to make money. Your target is average Joe NoClue. What is gonna get the attention of Joe NoClue? Features, a whole friggin lot of features. He's not a sysadmin. He's not a freaking security expert. And he certainly doesn't care about thing he doesn't see, like security. You might say that Joe NoClue doesn't like having his computer hijacked. Well he still doesn't have a clue about this. So this is not a problem. Problem arise when Joe NoClue loses some precious data. This is what's important as far as security goes.
...
So let's assume that your product will sell because of it's features, security isn't that much of an isue (Joe isn't going to know about those big gaping security holes, when the product will be at the middle of it's usefull life, then Joe might notice, but not before.)
If you consider this as your view of software and OS, I don't see what Microsoft has wrong. Of course thay have some version for sysadmin, but before being sysadmin, a lot of them have been user... on Windows system. If they didn't touch any other thing, they might try and use some version of Microsoft's server don't you think?
Anyway, the only thing i'm trying to say is that a lot of people, at some point in time, began thinking that Microsoft's main market is not common Joe Dumass. And then these people started expecting thing from Microsoft.
"Microsoft machines are poluting the Internet"
Well, yes, corporation don't care about polution, it cost way more to make something the clean way rather than pullution like a dumass.
Stop expecting secure systems from Microsoft. As long as Joe IDontCare doesn't know about security, he's still gonna be using Microsoft products. If you want to help make Microsoft systems more secure, start educating people around you about the need for secure system and the polution on the Internet.
You'll basically get the same response from people as if it where about nature and other kind of pollution.
People won't care until it's gonna be a problem.
Anyone if free not to share my opinion, but I beleive it's an environement problem. And Microsoft is only going with what people are freaking asking for.
Microsoft is in it for the money.
Features sell beter than security.
Is it that complicated?
that's why I use a third-party software called firefox, which has had ONE medium security threat in two years, while IE has had 27 major ones this year. the major exploits of IE involve the fact that it will allow 'third-party' software to install itself without prompting the user.
"Gates: More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change. That's the one over 90% of people are going to keep using." As a bad Japanese translation would say, my desire to comment on this quote gushes forth. 1. More may have been invested on making IE secure. Has it worked? Apparently not. 2. "Nothing is going to change." The download numbers for Mozilla speak differently. 3. "That's the one over 90% of people are going to keep using." I think we've already heard IE's swan song among serious Internet users, and it won't be long before the public begins to wake up more than they already have (see: NY Times article, 9/16). -improbable
But don't you realize that it's because MS being idiots about this that most of us here have jobs? (Or had, if you've moved beyond the hell of tech support.) Yes, crappy jobs that involve cleaning out crap from computers everyday. But imagine if there WAS a good built in virus/spyware scanner in Windows that automatically fixes systems--imagine if Windows had no holes/problems and fixed itself. Who would need tech support then?
read the bunni comic
The monopoly master talks the orwell talk that's kept his government sponsor above the fray for his whole career. Not only blame the victim, blame a nonexistent opponent for the insecurity of the system that you run unopposed. It's like saying "the World Trade Center didn't collapse until some assholes hijacked planes into it", ignoring the failure to secure the airspace, or promptly respond to the hijackings. The monopoly power complacency is so airtight, so selfserving, that the sense of entitlement to power and pardon turns even obvious failure into an excuse to claim victory.
--
make install -not war
So Windows Media Centre is going to allow you to navigat your media files in "a very rich way". And Longhorn and MSN search are going to provide a "very rich search" on the desktop. What exactly does this mean?
Are we going to all get gout from using Windows in the future?
I hope my mom doesn't read this, I told her that all the porn on my machine was downloaded by Windows.
My eyes, my eyes! These goggles do nothing!
anytime, anywhere, anyplace and you too can be a victim of the digital environment you call yours. why is it that neither the government nor the corporation can deliver a secure computing environment through coporate decision or legislation?
Could the state of computing security be just the way they want it? Is there a larger work at play here, the ability to get into what you want when you want whould you be the key master?
How can a non-US Government or Coporation even consider windows? What is it I am not getting?
NOthing has changed aside from security getting worse. A least I we have F I R E F O X , and I am not having to rebuild my laptop every 2 months due to unauthorized software.
How can it be this bad? What is it we are blinded by?
Last time I check MS still built IE and this hole 3rd party shit is a load of ass. THEY INTEGRATED INTO THE OS!!!! ACTIVE X IS SHIT!!! All seems to point to MS to me
Fuck you Bill its about time you got up and said sorry for IE.
microsoft HAD once an antivir tool.
well, without remembering the exact history i'd just reckon that they bought some tool and ran it to ground..
world was created 5 seconds before this post as it is.
FTA
More has been invested in making IE secure than any browser on the planet by a long shot
And it is still the most insecure browser in common use. Impressive.
meh
See, if you didn't visit third party sites, just microsofts marketing pages so you'd know which of their products you should be buying next, you'd be totally safe...
Gates: Understand those are cases where you are downloading third-party software.
Q: Might you add anti-virus/spyware protection in Windows?
Gates: It's not a thing you build in. You have to offer a service. There are third parties who are doing a good job. We're always taking a hard look, but we don't have any concrete plans.
So if I get this right the problem with security is that I download third party software and Mr. Gates thinks that it can be solved by third party service (which means probably downloading third party anti-virus software). Now I clearly understand why the problem is never solved...
The marketing skills the multi-nationals use apply EVERYWHERE. There will always be a lowest common denominator in any society. Pandering to it while keeping the anti-intellectual fires burning is how you go from information to disinformation.
Not to mention religion keeps skeptics and science from breaking into the mainstream. The power structures have no use for a media which upsets their interests. Media is privately owned which means you get ownership bias. There is a huge barrier to entry to even get into mass media.
Blame it on the user.
Again.
As usual.
As always.
Microsoft and especially Mr. Gates have both blamed the user for DOS and windows bugs, et cetera, ad nauseum, since the beginning.
It's one of the things that really encouraged me to dump windows. Being told personally, to one's face, by Microsoft and Mr. Gates that the problems with DOS and windows is my fault made it very easy to walk away from the huge investment in microsoft stuff.
Since the user is at fault, the user can fix it--like I did: dump microsoft.
that the viruses, trojans and worms are third-party software that you are installing :)
What I dont understand is how tactics like this have won him the title of richest man in america, Ive seen drug dealers with better customer relations
Like the saying goes, never underestimate the bandwidth of a station wagon full of tapes. -Pyrotic
where on earth have you gotten those values from? I don't know about the linux kernel vulnerabilities, but I can definitely pick out more than 1 windows XP vulnerability! Hell I can even exploit more than one vulnerability!
I can definitely not say the same about linux.
That's always Microsofts defence...
I had a fresh install of Windows (no 3rd party software what so ever) crash on me. Likewise with Office (Windows + Office, nothing else). Now, unless Windows and Office contain 3rd party code, that claim is bull. And now they blame the security holes on 3rd party. They need to take some responsibility for their mistakes.
Oh oh I know...
If he gets to blame security holes in his products on us, can we blame security holes in ourselves on him? Quid Pro Quo.
I think I'll sue Bill for that mean case of crabs I got after using the toilet at MSFT headquarters last year.
_KERNEL_ vulnerabilities.
n e/t emplate.asp
http://secunia.com
also read: -
http://www.worldtechtribune.com/worldtechtribu
Nuff said.
Come on, mod me +1 FUNNY for all those who haven't RTA...
I pissed myself when I read this one.
Does it go on forever?
XP SP2 isn't vulnurable.
Firefox is though.
And Mac OS X too.
You don't even know what you're talking about. You just grasp at straws.
Cars don't just "get old" - they wear out, after contact with their environment, including other parts of the car, and other cars. So too with computer "bit rot": the "rough edges" of other parts of the infosystem gradually accumulate enough damage that the system fails. Computers should have more redundancy, warnings, servicable (software) parts, and maintenance regimes. It took cars only about 15 years after they became popular in the 1940s to start including those features. Computers have had just about as long since their popularity started in the late 1980s. They might have learned from the car experience, but they've been driven by different customer feedback. Still, they're overdue, though it's not too late.
--
make install -not war
This is a classic example of how humans are.. Microsoft give us alot (in vulnerabilities) that cant be exploited until the user downloads a file. So its not the browser thats at fault its the user...
This is just like the pinto.. the car wasnt going to blow up unless the other driver was crap.
When you catch a viruse your technically downloading a third party program.
Funny My GNU/Linux workstation is entirely 3rd party apps and it's rock solid.
I mean, spyware and viruses weren't made by microsoft, IE just helps you download and install them more easily, and even sometimes automatically!
I think we should all thank Bill for coming clean about this ever increasing problem.
This is an example of the audacity of that oh so well known evil empire... they have dominated the market so well with their conservative and moronic views and vaporware that when i asked a some guy what Operating System he used he said, "you mean like windows xp?" i said yes and he replied "what do you mean what operating system, what else is there?"
I HAVE TO USE WINDOWS, for two reasons, i am a game addict, and some of my favorite software is on it (although i could use wine), i can't wait until an OS like ReactOS comes to work, hopefully it will support games. I HOPE that the source code of windows xp gets leaked out to everyone, then we will all be happy and microsoft will be ruined!!!! hahahahahahah!!!
Unless Microsoft's been writing viruses and exploits themselves!
I Browse at +4 Flamebait
Open Source Sysadmin
"In terms of pure music, Apple did a very good job. They did an excellent device."
"We've got smart competitors, Google and Yahoo,.."
But this one
" We're big believers in interoperability"
makes me laugh!
Gates: "We're big believers in interoperability."
It is kind of a catch 22. If Windows had built in anti-virus software no one would buy 3rd party anti-virus software and Microsoft would gain a monopoly in the market. They would get their asses sued and everyone would complain that they have a monopoly or they have created an unfair environment. We've seen it before. If Windows doesn't have built in anti-virus software everyone complains they don't.
And even if Windows did have built in anti-virus software, can you honestly tell me, given their track record, that you would feel secure with it? If everyone used Windows built in anti-virus software wouldn't it be just that much easier to exploit and cause even more damage.
Nerd: Derogatory term typically directed at anybody with a lower Slashdot ID than you.
They tried everything to stop people from doing safety studies and stopping laws making safety devices mandatory. It did not fit their marketing image to have to put safety features in.
Sounds very similar eh? Gates blames insecurity on bad users. The car industry blamed it on bad drivers (this fits marketing as noone thinks of themselves as a bad driver).
Until enough studies came out showing how dangerous cars were (things like the steering column being a spear aimed at your chest) and the public started to get aware and goverment was starting to take action ONLY then and very slowly did the car industry do something. That still won't do anything until laws enforce the use of seatbelts and even then you will have idiots claiming using seatbelts is unsafe. Same as I have met person (not heard about, actually talked to myself) who didn't use anti-virus software because it was reading their files.
So don't hold your breath waiting for MS to move on its own. SP2 was already a huge achievement. Anything more will only come after a long long struggle.
Or a very short one if you install the flippered OS. Or the horned one if your into necrophilia. Then again, that is like driving a volvo. Not cool. Sure your kids might survive an accident but who cares about that eh?
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I was going to rant and rave, then said to myself, "Self, why bother?"
Gates is still an ass. Those with half a clue get it; the rest won't, like some in my family who still think Google is their browser!
Happy Friday,
Mal the Elder
P.S. Won't someone out in Redmond go stick a boot up Bill's wazoo? Thanks.
Now protest are starting with a huge strike yesterday but that doesn't matter because come next election the sheep will elect the same party again. People don't like to think. It hurts.
You can see this very well with the american elections. A majority thinks kerry is the better candidate. There feelings tell them bush is more likable. So in the same interview they will say kerry is the better candidate with the better policies but they will vote bush anyway because he seems to really believe what he says. (They don't agree with what he says, they just like the way he says it)
What the fuck can you do then eh? Democracy is fucked.
Maybe we should split the world. Not according to race or religion but according to "has got a clue or not." Where is the B-ark when you need it.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
But what he's saying is right, a lot of the vulnerabilities have to do with people downloading third-party software. If I wanted Fox News style reporting I'd .. watch Fox News.
There was a lot more interesting news in that interview than 'OooOOoOOooOo He said ', and a lot more to be worried about if you're still wearing the tinfoil hat, than that one meager line of text.
Moo
Everyone wants MS to remove things like CD-burning, Media Player, IE etc because it is anti-competitive and now you WANT THEM to build MORE APPS IN??
Sometimes I read a post like this that is so dead on that I feel like I could mod it up through sheer force of will...
*squints hard*
+5 Insightful'd!
It doesn't fucking matter because 'virii' is a fucking SLANG TERM... Maybe you should go back to grade school and stock up on social skills.
Silly me... I prefer to socially develop while maintaining my understanding of language.
It's one thing to use a slang term - which 'virii' is not. It's quite another to make a common mistake - which 'virii' is.
I will never understand. If a grocery store so as much hires someone *unlikeable* to work the cash registers, they lose customers. likewise with vehicle manufacturers. If a bad car is designed, it is branded a lemon, and is treated as such by all consumer reporting websites/newsletters.
So why Bill Gates is still in buisness after making such a comment: "Understand those are cases where you are downloading third-party software" it makes my eys roll. Why is the customer always right? because only the customer knows what he or she wants. If the customer wants a good solid car, they are going to buy a good solid car from *insert favorite car manufacturer here*. So why people put up with this slander from the biggest man in Microsoft is beyond me.
Personally, i think i run a very tight ship. I dont need antivirus, and a nice firewall is all that stands between me and the next script-kiddie on the block. Problems i've ever had are related to IE and poor OS performance.
Because i will shortly be entering my era of University in 2005, my thoughs turn to my financial future. I will not be able to afford a new computer, much less new games/new MS OS. When the time comes when i can no longer play games on my current setup, windows will have no further place on my computer.
*Deep Breath* - Thank you for your time.
You are confusing me with someone who cares.
What people still use that relic from the 80s? Come on move on people theres 4 flavors of Unix and a zillian Linux Distros to suite what ever your need is. Theres also companys to hold your hand, Novell, IBM and HP.
Gates: Understand those are cases where you are downloading third-party software.
...
Well, sure, if you call the payload in a buffer overflow attack "third party software"
in real life customers are almost always clueless idiots who don't know what they want, and often belligerent idiots who don't know what they want, but it's not what people more knowledgeable than themselves offer them.
Understand those are cases where you are downloading third-party software.
True, that. Now the point is that you're downloading this "third-party software", aka virus, trojan horse or spyware, even though you never wanted to.
Assorted stuff I do sometimes: Lemuria.org
Why don't they offer the option of never trust Microsoft?
When longhorn is launched,you could probably start using the next beta version of windows....
Ofcourse,All this only if someone wants to run Msoft windows.............and not *nix.
Why does yahoo do this
The only webpage I've used in the last few years that required IE was my University's web-registration system, and even that has become standard-compliant recently. Even Microsoft's own homepage works fine in Firefox and Konqueror.
We really need to teach kids how to tell the difference between a lie and the truth. Every high school student should take at least two years of logic and rhetoric so they can intelligently parse what people are saying.
It's not enough. To unravel a lie you need information. I and presumably you have enough knowledge of computers and software to see through lies by Gates and Ballmer, but if a microbiologist lied to you, would you know? How about a geneticist, or a geophysicist?
Politicians lies are fairly simple, but most of the population have absolutely no clue about what goes on in the world, and quite frankly they don't give a shit. Knowing logic and rhetoric are probably not going to change that very much.
Where is the B-ark when you need it.
Didn't the people of Golgafrinchim die of a disease contracted from a dirty telephone?
Put differently,how does microsoft.com manage to be stable?
Why does yahoo do this
Last Q/A in the article:
Q: There is talk of a Google browser. Internet Explorer has had its security woes. How do you keep users?
Gates: More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change. That's the one over 90% of people are going to keep using.
[Italics and bolded sentence my own markup]
So let me get this straight, Mr. Gates. You have thousands of people working just on Internet Explorer, and yet...a thousand or two thousand people working on Mozilla have bested you?
Nothing is going to change, indeed, Mr. Gates. You're going to keep spewing the same old story, ignoring obvious holes in your own logic (third-party software is to blame for all security problems, true...but that doesn't mean your software should allow third-party software to install itself without the user doing a thing), denying any obvious falsehoods in your own statements (" We feel like we are pioneering an experience that to us is a clear thing most households will want." - Gates, regarding Windows Media Center PCs...I'm sorry, I didn't know you pioneered multicasting from a set-top box...I presume Linksys is paying you licensing fees for their video broadcast device, to name one alternative?), and hoping people will be stupid enough to follow it.
The saddest part of the above discourse is, Gates is probably right. People are, until told otherwise, going to keep using bug-ridden products, until they are shown that there are alternatives...I know many users who have never clicked Windows Update in their lives, and not because they've never used Windows.
I could be wrong, but I'm sensing a downward spiral, when M$ can announce things such as they did in their article, and not get negative feedback from the interviewer. Just my $0.05.
It's only an insult if it's not true.
How all the nutjobs take the bait and let themselves get whipped into a foaming-at-the-mouth frenzy. I looked through here and there's literally nothing but noise, all -1,troll. I used to think MS had a real problem with their image among some people. Then I figured out, crazies will always hate something, no matter what.
The main reason there are any "anti-virus" companies is that one large company with a lot of market share peddles software with fundamental design flaws, not just production flaws, which make it easy to spread malware. Look, just because you downloaded the latest service pack (or in the case of XP SP2, OS upgrade) out of band and installed it before plugging your cherry XP box to the 'net doesn't mean it won't get hit. Plenty of exploits, both public and yet to be announced, can hit fully patched XP boxes
There's enough question of how much the service packs really fix.
Go see a shrink about your Stockholm Syndrome there so you can move on and heave those defective products.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
Gates: What the consumer wants is pretty clear: a single remote control that lets them navigate photos, music, videos, TV in a very rich way.
Already doing just that using my modded XBOX and XBOX Media Center, thank you very much...
Cannot do that, sorry mr bush.
Our children are being indoctrinated from a very early age to believe what authority figures (parents, teachers, the tv, etc.) tell them. Should we be surprised when a concept ingrained for 10+ years during the most formative childhood years translates to an easily misled populace?
Do not believe anyone. Do not believe politicians, scientists, priests, your parents, the police, and please don't believe the mass media.
Teach your children to think, not believe.
Q.
Insert Signature Here
Downloading third-party software is exactly what gets people into trouble with Windows... especially when IE holes cause them to do so unknowingly!
"IE Holes Not Microsoft's Fault, Says Bill"
I'd blame Dunkin Donuts.
I just did.
Gates: What the consumer wants is pretty clear: a single remote control that lets them navigate photos, music, videos, TV in a very rich way. They want to see that on any screen in the house and then have a great portable device where they can take that stuff wherever they want anytime. The full realization of that dream is still years away, but we've taken a dramatic step in delivering that with Media Center.
I think it'd be great if we could beat Microsoft to the punch by offering all of this and more using Linux and open formats (not WMA Bill!). It seems like there is already a lot of work in the area going on (MythTV, Freevo, Mister House, VLC) but is any of this ready to be easily set up by the average Joe? Is there any work being done to put all the pieces together. Perhaps a modded distribution geared specifically to creating and setting up a Media Center type environment. Not only could a Linux based solution put anything from MS to shame it could also force Movies/TV/Music industries to support open formats if the Linux Media Center becomes the dominant player.
Am I dreaming or can the open source community take the lead here?
"He who is good for making excuses is seldom good for anything else. "
I think that the model that Microsoft uses and the community that they have is very different from alternatives. Not only are they the target of security flaws, which is the first defense you hear in this conversation, but their development model is different. They have flaws in the first place because debugging an operating system is pretty difficult. God knows that with as much cash as Microsoft has, they have enought money to try to find their major flaws, if only to shut up Linux/Mac people if that was all it took. If Linux or one of its major pieces of software has a large flaw, and it has, and it is discovered pretty quickly, as it usually is, they post a patch or a new package, and we Linux zealots eagerly apply them. Even if Microsoft came out with updates immediately every time, few would apply them. Even if this is an exaggeration, better attention to updates would do Windows users better, (even if the updates are sometimes flawed).
Well what he means it that you downloaded a virii file "third party" software and then your compouter got compromised. So it wasnt microsofts fault because the "thid party" program did all the damage "after" YOU download the "third party" program :P
0.o
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Utter crap.
If you know your customers are going to behave "unreasonably" ie, you know, actually *use* the computer, browse web pages, click stuff, then the OS should protect them guide them etc. So why is it that Windows installs a huge sign saying "COME FUCK WITH ME I'M OWNED BY SOME TWAT WHO CHOSE TO USE WINDOWS"?
The fact that OSX can and does do so much better proves that it's Windows fault. Or are you trying to say that Windows users are a self selecting bunch of morons? For those that *choose* Windows I'd agree, but most people don't get to choose: they either don't realise there's a choice or they have Windows forced on them.
Bad analogies are like waxing a monkey with a rainbow.
Pardon my ignorance, but what exactly happens to a non-firewalled Windows machine attached to, say, a cable modem? Do attackers find your ip address by random guessing and then exploit services that are left running by default? That must be the case, but I've never read an explanation. (For that matter, I've never learned much about Windows networking at all, being more interested in Linux). I know on my Linux box, I remove or deactivate everything that can be accessed remotely and I've never had a problem.
the statistics prove it:
....if you check the NOT worksafe link this statistics are for)
nedstat (work safe link) You can also check the statistics for other sites here.
1 Internet Explorer 6.x 79.0 %
2. Internet Explorer 5.x 6.0 %
3. Opera 7.x 3.3 %
4. Netscape 7.x 3.3 %
5. Mozilla Firefox 2.7 %
6. Mozilla 1.x 2.3 %
79 + 6 = 85 is rounded up to 90. Bill is not that far off. Specially since he has the statistics for hotmail.com & msn.com. An both fail from time to time to render with other browsers. (think opera & msn & borked.
(anonymous
firefox is also available for Windows as well, it's much more convenient to use than IE, has more features, less security holes, and IMHO there's no point in using IE all the time just because there are one or two crappy sites that don't support browsers other than IE...
nothing to see here, move along...
Just like to write that I did not write that flame-bait, that was submitted to this article. Thank you to those that have notified me.
Halo, Nick!
Likewise everything else from the Internet, so Bill's right from his viewpoint.
...911 dials YOU!
.. you should use linux instead :P
thats obvious isn't it - its all that third party software that exploits internet explorer.
and that internet thing - if that didn't exist, internet explorer would be bug free.
unfortunately this isn't the case, and the bugs that were 'introduced' by third party softare and the internet are real. maybe microsoft should have designed internet explorer to be internet safe (or called it intranet explorer)?
Bill does believe in interop, insomuch as IE provides an api to all sorts of things in Windows, like the phone number used for internet access. The api's a bit rough'n'ready, but who expects clean code from MS?!
J.
You're only jealous cos the little penguins are talking to me.
That is a obvious lie. If your are installing Windows and your computer is connected to internet (so you can download service packs etc.), it is not even possible to finish the installation without getting Sasser and various other security exploits. And this is while finishing Windows installation a lot sooner than any third-party software installation.
"Gates: We're big believers in interoperability."
Hahahahaha!
echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
Actually, iffn I can see through the haze of time (lost a few brain cells since then), I remember that MS-DOS 6 included antivirus software. Anyone remember how cool that was?
Didn't think so.
Karma only matters to me now and zen.
Q: Speaking of security, Internet Explorer has had well-publicized holes...
Gates: Understand those are cases where you are downloading third-party software.
What is implied by these comments:
Fear:
Trusting "third-party software" will get you rooted. Only use official Microsoft software.
Uncertainty:
Perhaps we have been being lied to by all the reports about how vulnerable IE is, nevermind that IE may not give you a choice or even let you know that your system has downloaded and installed third-party software (spyware/viruses). I think it is safe to say that IS an IE bug regardless of what your definition of "is" is.
Doubt:
According to Bill, you probably shouldn't trust those comments from CERT and the like about using, say Firefox or Opera, because it is all caused by other people's software.
*Bill waves hand*
Microsoft software is not vulnerable, only third-party viruses are.
Technical capability of the users.
Good industrial design makes sure, that the average user does per default the save things and doing unsafe things needs extra effort. For this reason, nearly all motorised saws and knives have clever hand- and finger guards to reduce the chance of accidents.
Microsoft and most other software companies take with the opposite approach, they just put the onus of safe operation on the user. Considering that most user don't have don't want the necessary knowledge to do that, this idea will fail.
The solution is not to educate users, but to build systems that can be operated in a safe manner by following simple and logical security rules that even my grandmother can understand.
Rules like: As long as you don't click on it, it can do no harm.
Yeah, you can get away with running some applications using the "RunAs" command, but that is nowhere near as powerful or as capable as the much older *nix version of that.
Seriously though, out of the millions of people that use computers running Windows, very few of those people are even aware different levels of access to the PC and a smaller number of those folk understand that there is a utility in MS Windows called "RunAs".
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
IMHO, weren't people already complaining that Microsoft has been installing too much applications in their Windows OS and by doing that, creating an monopoly? Make up your minds, do you want Microsoft to build in those apps, or do you want Microsoft to have a monopoly. There is no two way.
with Microsoft?
billy, I broght u in 2 tis werld & that is wat u call mee?! u ungratful son u!!! & wat did our dad say abot u mentianing are relasion ship??? he said u aint alloud 2 talk about it any moor becuz our daddy & i r goin out now!!! so shut up, billy!
It's not his fault if Firefox or Opera are better, this I concede.
Also, let us not forget, viruses _are_ third party software we download (albeit unwillingly).
I guess he's right, after all.
And people who buy Windows (even if bundled with a new computer) deserve such a lousy treatment. You know, as I always hear in pro-Windows sites -- like OSBlews, "you get what you pay for".
Gates: Understand those are cases where you are downloading third-party software.
We understand that you are lying, Mr. Gates. There are plenty more where those come from.
At least twice a year Microsoft comes out with another security patch to try and block the latest holes in IE, without changing the underlying design flaws that make the explouts possible. Shortly afterwards, another hole surfaces. Everyone with a passing understanding of the 20th Century knows the expression "generals are always prepared to fight the last war": assuming the lessons learned in the last war are all that is needed to prepare them for the next. The classic example is france preparing for trench warfare all over again, caught unprepared for the German Blitzkreig.
Microsoft doesn't do that well. They're forever preparing for the first war all over again, never learning the lesson they're faced with after every new exploit.
The problem is that Microsoft is trying to use discretionary access control to implement a design that requires mandatory access control. In an environment with mandatory access control, every object (document, program, web page, email message) in the OS has its security level bound to it in such a way that an application displaying that object can have no more rights than the least secure object it has accessed. The only way to raise the security level of an object is through a trusted component that has explicitly been granted the rights to do so.
Their "security zones" can't be depended on unless the whole operating system and all applications operate on this basis. If they're not going to create a compartmentalised Windows AND make it the default configuration (and wouldn't people scream at that!), the only place they can create these compartments, these internal layers of sandboxes, is by having the applications themselves handle their own sandboxing. Remove the responsibility for trust management and remote access from the HTML control and let it merely render HTML. If the document displayed wants to access an image or stylesheet or script, run a script or a plugin or embedded component, let it ask the application for it, and let the application decide if the request should go through. Internet Explorer would let it fetch remote documents, but not run scripts or applets that weren't sandboxed, nor pass URLs or files to applications that aren't prepared to enforce the same level of mistrust. Windows Explorer wouldn't display remote documents at all. Outlook would be even more restrictive. And IE wouldn't blithely pass files to arbitrary desktop applications to open.
You can't do this by having the HTML control guess, no matter how good a guess it can make, because it's not in a position where it can actually know what rights the document should have. Only the application does.
Split the HTML control down the middle like this, and restrict IE to only running fully sandboxed applets and scripts, and there would be very little change in the user's experience. About the only thing they'd notice is that Windows Update would have to become a separate program instead of an ActiveX plugin (and likely run faster), and a few applications would need updates because they were doing dangerous things. There would be an enormous improvement in security, though, and Microsoft could quit wasting time on fixing the unfixable and get around to working on the NEXT war instead.
Q: Speaking of security, Internet Explorer has had well-publicized holes ...
Gates: Understand those are cases where you are downloading third-party software.
This is just a lie. I wonder if he really belives this bullshit.
Q: Might you add anti-virus/spyware protection in Windows?
Gates: It's not a thing you build in. You have to offer a service. There are third parties who are doing a good job. We're always taking a hard look, but we don't have any concrete plans.
And here you can see that the whole attitude towards the security is weird at M$. I mean I don't want Anti-Virus or Anti-Spyware Software from Microsoft. I want the structural problems of Windows solved.
If you start MacOS X the root user is disabled per default. That is why Spyware doesn't have a chance. Even the most stupid user will think twice if he has to enter his system-password if he installs Software. Same with Linux. The whole Spyware-thing would be much much less trouble if the default install of Windows would create a user account.
And Windows has these capabilities. But at the moment this feature ist pretty much unusable because most of the software vendors don't give a shit about multi-user install. And why do they do this? Because M$ creates a default Admin-Account anyway. If M$ would change that, the software-vendors would adapt very quickly, like they did with SP2.
Same with Firewall: First install zillions of services which most of the users don't need at all. And instead of swichting these services off per default, you create a Firewall to fix it.
It's the whole "If we have to decide between usability and security, we will always go for usability" approach that bothers me...
Suppose my favourite carmaker sells me a car that explodes when I hit the brakes. I guess that, by Bill Gates' logic argument, I would be in fault for braking with third party boots on.
In addition to being dorky, it simply doesn't exist, apparently. The following page sums it up nicely, to prove that "virii" is simply a spelling mistake, not jargon, not underground term, not Latin: http://spl.haxial.net/viruses.html
i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer
After all, our customers had a choice.
Just to get the question of bias out of the way, I'm typing
on an Apple laptop.
Twice this week I've had to help customers either remove or
completely rebuild/restore Windows because of spy/malware.
In the first case the machine was 'enhanced' with a 'search-bar'
that replaced key parts (read dll's) of IE, removal of this
'enhancement' would render the machine unuasable, while
this software was installed previous to installed SP2 and the most recent batch of Microsoft issued security patches it none the less went undetected by the OS and was only found when NAV was ran.
Now I understand that Microsoft has argued that what you add to IE is your own fault and to some point I agree, but only in
the case where you realize your installing software; If you install fast freddy's pronfinder tool bar you most likely want others to watch you. But Microsoft should concede that the browser, which they've stated is truly part of the OS should be treated wtih more care then if it were just an application (as it should be).
Given that security usually comes at the cost of some
ease of use; Microsoft has choosen to make its OS easy and
at the same time they choose to ignore the customers demands
for more secure default for firstrun. It would not be hard to lock the machine down until its had a chance to check for patches/updates/service packs (call them what you will).
Recently I've read about motherboard manufacturers building appliance style firewalls into their onboard ethernet, sounds like a cool option but they're doing it because their primary audience *NEEDS* it, and truly this might be best for all of us, so long as the filters can be configured to curb outbound traffic as well.
Unix, an obscure operating system developed by bored researchers in an attempt to get a better game playing experience.
That just rules! We believe in interoperability, as long as you bow befor us! Kneel before Zod, errr... Bill! It is almost laughable, if it weren't so sad, to hear Bill Gates saying bad things like the above quote. Isnt what he accuses Apple of EXACTLY what Microsoft has been pusing the world to for years? What is the difference between being the sole supplier of iPods and iTunes (which Apple is) and being virtually the sole provider for desktop OSs, and using such position to force the adoption of "standards" that favor MS products.
Funny, thats the exact thing that was said about web browsers before IE became so ingrained into the Windows code base that its pretty much inseperable... Its amazing... it really is. Its like, his lips are moving, but the words coming out dont match the movements. Just like a poorly dubbed kung-fu movie. Ummm... if that is the case, if I were Bill, et al, I would be demanding a refund on the IE "security" expenses..."Our funds have never taken part in toxic or death spiral convertible financings of any sort" -BayStar's managing partne
Why isn't there a checkbox for "never trust Microsoft"?
.. is why BG is so utterly, evidently 100% dim about what's actually going on.
Figure this: A man who's managed to gather an amount of chash that's literaly impossible to spend in a lifetime say this and actually seems to believe it himself. This is going to be the M$ downfall.
Two years ago it would have cost M$ next to nothing to join the service oriented business and everybody would have thought Linux "has been bought by Microsoft", as some people actually still think will happen (honestly). But for some reason these people just don't see the light.
Yeah, so MS is going to be an inhouse software company until the end of their days.
Fair enough. So be it. That's perfectly OK with me.
Bottom Line:
It appears we're actually going to see the end of days for MS.
We suffer more in our imagination than in reality. - Seneca
Yes, Internet Explorer is a 100% safe and secure product. Its only when you use it browse web sites that it becomes vulnerable and dangerous.
If it is the third party plug-ins then why don't I have problems with Netscape?
Friends don't help friends install M$ junk.
And if you say one is need for file shares your an idiot. Since file shares are not enabled by default (only when you share folder) there is no need to have the service open before I start sharing.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Q: There is talk of a Google browser. Internet Explorer has had its security woes. How do you keep users?
Gates: More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change. That's the one over 90% of people are going to keep using.
That's what I'm worried about.
I know that in XP a "Limited User" cannot write to the root. Not to make excuses for it; basically, your average worm or spyware program will be able to propagate and do bad things as a Limited User, but it won't be able to persist on the system. Reboot and it will be gone. It can't write to the root or to the run keys or Startup folder or anywhere like that.
This is a tough problem for Windows, because the real answer is that for safe average every day use there needs to be an approved whitelist of programs and everything else blocked by default. This isn't an acceptable situation, and most consumers don't have a responsible admin available.
If normal users were running Linux they'd have the same problem - they'd run into something on the Internet, want to run it and the system would prevent them, and what would they do? Run as admin or just complain?
"YOUR SYSTEM has become busy or unstable."
"THIS APPLICATION has stopped responding."
"Because Windows WAS NOT SHUT DOWN correctly..."
etc etc etc - never once have i seen it admit "Sorry, but Windows just crashed."
So no surprise to see that once again, the blame is on the user and/or the applications installed.
Why a fresh install of XP puts at least 11 instances of Alexa (known spyware) and 5 DSO exploits on a box? Try it, install XP and then Ad-Aware and Spybot. Run them both and see the results. No computer that comes into or is built at the white box store I work at, leaves without those two programs installed. Yesterdays updates put 3 instances of Alexa back in.
Professional Politicians are not the solution, they ARE the problem.
in 1956, i believe (yes: http://www.lemurzone.com/airbag/belts.htm) to offer seatbelts as optional equipment, but the public ignored them...
btw, my great uncle was impaled on a steering column, but i blame the smoke from the coke ovens that obscured his view of the intersection...
ironically, 40 yrs later my bro. left part of his tooth in the steering wheel when he drove thru coke oven steam right into a coal truck turns in front of him;-}
Yes, Angula. I've seen Demudi run off CD Live with zero configuration. It worked well on a 1GHz class computer. Show me a CD from M$ that does half as much.
Knoppix does some of the same.
Mepis also does much of the same but comes with non free goodies like Flash, Real Audio and a version of Xine that plays WMF.
I also think that players like Xine, Noatum etc. have been able to play non free formats for a long time. While it sucks that companies continue to make devices that use such nasty formats, it sucks even worse to not be able to use all those toys. Free software is more than up to the challenge. Sooner or later, those companies are going to turn to free formats as it's cheaper and better.
Friends don't help friends install M$ junk.
Almost anyone with connection to the internet needs a browser.
Not everyone needs a virus scanner, if they are half smart with keeping their box secure.
There is a difference.
Personally, I think it would be cool if they made some kind of free web-based virus scanning tool... That way they don't have to build it into the OS, but can easily guide the user to it if needed, like from under the new security panel in XP SP2.
Are the works of mid eastern terrorists.
irc.enterthegame.com #linux
Did nobody else notice the complete lack of information in that interview? It seemed to me that Gates had two major responses:
1) We're looking into that and we're going to do it better than everyone else.
2) We suck at that so we're pretending to look into it, but don't expect any actual products.
There was no real information there. Reading that interview was a complete waste of my time and bandwidth. What a complete piece of shite. Whatever happened to hard-hitting journalists that won't let CEOs and others like them just dodge every question?
Then again, what can should I have expected? Fantastic answers to interesting questions? Gates can't really say anything because there's nothing to talk about.
Interviewer: Blah, blah, blah?
Gates: Blah, blah, longhorn. Ooh look, shiny thing.
Hmpf!
*grumble, grumble, grumble*
--James
*puts on a Politically Correct helmet*
And off on a tangent, as an American, I am very tired of being automatically grouped with the particular gunslinging, pie-eating, cowboy-hat-wearing, cross-waving warmonger people that are far too prominent around here. Sure, this country has its share of stupid sheeple and corporate/political lack of scruples, but not all of us are so quick to swallow lies and follow propaganda.
Ironically, the stereotyping I find myself subject to is the exact same stereotyping that a vast majority of the people around here have about the Middle East in general. It makes me wonder when people will stop using one person (or idiot, as the case may be) to represent an entire populace.
If they wouldnt install any applications we didnt produce, or use that unsafe 'internet thing', then they wouldnt have any problems.
The users should only use our products, and only connect to our new fangled 'secure-NET'.
And if they dont, well, in 5 years we will force them too anyway.. For their safety of course.
---- Booth was a patriot ----
Lets face it, your uncle could have survived with a seatbelt and or collapsble steering column.
Wasn't MS response to its lack of security that until recently the public didn't want to pay for it? Sounds an awful lot like this.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Everyone says this and that about IE. A good portion of it is true and some not true. User error can't be counted out. If you download a virus without virus checking it, then yes you just got screwed. However my friends... there is a solution. Mozilla. See I used to be a fanatical IE5.0+ user. I defended it to the ends of the earth. Then ofcourse my buddy showed me what mozilla could do. I am so damn addicted to tabbed browsing. I would say the main reason I switched a good while back was that Mozilla had a built in pop-up blocker and IE didn't. Another interesting switch story was that of my fiance. She used IE 6 for a great deal of time. I tried to get her to switch but she never wanted too... that is until, the trojans started happening. Her virus checker was finding about 6-7 trojans a day and she could never figure out why. So I switch her to Mozilla to see what happens. After 3 months she has not had one trojan. Not one. I think that says alot in itself. As minorly thrilled about Mozilla as she is, I can say she is happier that her computer is now virus free.
e.g. according to bush on tv "every" person held in guantanemo bay was captured in action in afghanistan. That's just a plain lie - several were arrested from normal places in other countries - even other continents.
So instead of trying to second-guess *exactly* what the person is saying to find out the truth (which I do, and other fans of political satire programs, but many others don't alas), I have to look for completely separate sources of information. That's more work for me, and is annoying.
Developers, developers, developers.
You know, the guys who come up with third party software. Last week, your allies. This week, your scapegoats.
Weaselmancer
rediculous.
And how do you propose several hundred million people get their news, and know its 'fact'?
Reember they have lives, and that they dont live anywhere near the records, which are often kept from the average citizen anyway. ( perhaps not techincally restricted, but the artifical barriers that have been erected serve the same net result )
And btw, the same goes for your totally OT statement about Senator Kerry, appears you dont know diddly either.. Start reading his public voting records and then compare them to what he says.
It should be easy, he tended not to show for work too often.
Or just listen to televised debates, and actually listen to what he says from sentence to sentence.
Where did you get your 'facts', from another biased news service i bet?
( and no, i dont claim his main opponent is any better.. before you go blame me of being biased )
---- Booth was a patriot ----
Q: Might you add anti-virus/spyware protection in Windows?
Gates: It's not a thing you build in. You have to offer a service.
Imagine if automakers charged to offer seatbelts and brakes as a service.
An answer befitting a reboot/reformat monkey.
From all those people that have struggled with your crappy software over the years I say a hardy "fuck you and fix your shitty products".
"I hate to advocate drugs, alcohol, violence or insanity but they've always worked for me" - HST
Every copy of windows since 98 MUST USE IE!!!!
You may not use it openly for for browsing the internet, but it is so embedded into the OS that it cannot be removed (just double click on your "my computer" icon and it is IE that browses the hard drive). Don't you remember the browser wars? this was Micro$ofts way of making sure their browser is installed into the OS no matter what.
MacOSX, because making *NIX better is a lot better than waiting for Micro$loth to fix Windows
So Bill your saying it was your OWN fault?
It's also a problem that has affected Gates personally. He said his home PCs have had malware, although he has personally never been affected by a virus.
"I have had malware, (adware), that crap" on some home machines, he said.
remember?
...unfortunately no one can be told what The Mat^H^H^HGoatse is...they must experience it for themselves...
Old billy has been calling Bugs like this Features for many many years... Why is anyone surprised?!??! But you can bet that all the TCO figures that come out of MS and Its paid lackeys don't include the software and hardware that is required to Secure a Windows Operating system when comparing to a linux platform.
Who needs WiFi when we can have Packet Over Sheep! http://datacomm.org/PoS-InternetDraft.txt
Government Agencies has strict rules against unauthorised software. (So no third party software is normally allowed) Yet they still have the same vulnerabilities. Try again Bill, obviously your yes men are giving you worse answers then the presidential nominees have!
... "grossly over-simplify the argument, chuck in some spurious statistics and come up with an inflammatory headline that completely misrepresents the story."
Isn't windows supposed to work with 3rd party party apps? If so, then msft can't excuse msie security flaws because users dared to use a 3rd party app.
As to the email client. Ehm, we are talking default gentoo installation. What email client?
This port is not open UNTIL I TELL IT TO OPEN. Very different from the windows where ports are open for no good reason by default.
Rememeber that code red or whatever? That had a lot of people finding out that their windows box had IIS installed by default? that is what I am talking about. Windows doing stuff you don't need or know about.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
They are for interoperability when it will make them money, and against it when it won't. Duh. No contradiction here,hence no funny.
Well.. maybe. Or Maybe not. But Definitely not sort of.
O.K. I admit it.... the holes.... my fault.
I was so dissatisfied with IE one day that I crept into the coders room and beat them all stupid with a bat.Of course that was V 1.1 and the holes have been popping up since.
Dont like it? So sue me.
Does it take a degree to go get Moz or Opera?
You complain a lot.
Hey,IE is pretty good for being written by the mentally handicapped,no?
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
The bug mentioned in this Security Focus article most definitely *IS* the fault of Microsoft. I've seen their patches re-open previously corrected, unrelated security holes. Seems like QA isn't up to snuff at MS, though that's not really that surprising.
since Billy Borg probably had a list of questions the interviewer was allowed to ask and not allowed to ask, it was basicly Billy Borg just talking to himlself thru a interviewer...
pure unadulterated HogWash
new viruses appear all the time..
when is the last time you had to renew your airbag condition of openings definitions?
every day http://en.wikipedia.org/wiki/Special:Random
So in a sense it's harmless; it's just a built-in web search. But it's generally considered to be spyware because of Alexa's reputation.
It probably got installed when you did the Internet Explorer update. I think you get it out-of-the-box when you install XP.
More information here: http://www.imilly.com/alexa.htm
But there's something to be said for -- you know, being reasonable.
Gates' kurt answer gives me the feeling that he's really annoyed and just doesn't want to deal with the mess his company has made for itself with security.
Fuck the system? Nah, you might catch something.
"Q: Speaking of security, Internet Explorer has had well-publicized holes ...
Gates: Understand those are cases where you are downloading third-party software."
Ah, that's it. Viruses, worms, spyware, adware, and other nefarious programs, being 3rd-party applications, aren't an issue caused by the OS manufacturer.
It's kind of like a house builder bearing no responsibility for buglary, because it is a 3rd party. Never mind that there might be design or implementation defects in the doors. And don't forget that any potential responsibility is waived anyway when you sign the house EULA.
Q: What's the difference between a cow and a bull?
A: The bull smiles when you milk him...
So is he suggesting that if we built a 100% Microsoft system (only Microsoft Apps) that it will be 100% secure?
If that's the case it's pretty rediculous that SP2 whines because it can't see my Norton Corprate Antivirus.
Perhaps this calls for a new project....build a 100% M$ software based machine, plug it into my campus's connection which has viruses crawling across it 24/7, and try to install Windows Updates.
Wondering if anyone does CS anymore?
A bad manager is one who throws up his/her hands and says 'too difficult'. Two years to do something, and the joint still has serial quitters, full of excuses.
The issue is that applications are BYPASSING security checks - IE is quickish, because it pulls dirty tricks, and what routines it calls, can also be somewhat insecure.
This CAN be fixed, and extra context sensitive rules defined to cut out the worst - at the cost of breaking rouge applications.
Want to see properly designed security?
BSD's, Dec VMS, IBM ZOS, and OS X, and XP.
XP has granularity, and it is about time someone had the stones to switch on fail(warn/log) or fail(Abort) for those familiar with ACF2 or RACF.
XP (SE) ; secure edition - bring it on.
"Many Windows programs won't function unless you're an admin."
So? They were never written for modern Windows OSs then. They were never upgraded by their lazy developers to be Windows 2000/XP compliant.
Is this Microsoft's fault too?
Viruses, Spywares, Adwares and any exploits are third party software. It is the user's fault for using an unsecured operating system - if you bought a door without a lock it would only be your fault if someone just opened your door and completely cleaned out the house. Sure, the door is pretty and inviting , and the eXPensive model almost doesn't break or mysteriously changes color to blue - but it requires special sensors and secuirty fees and cannot be operated safely by those who only know how to open and shut the door and turn the key.
Oh, and as long as the door stays in the box with all the original parts and not connected to the hinges it is perfectly safe.
First sign of trouble and you will be reminded (in triplicate) that it is your fault "FUCKI1!!!!!! MORON!!! RTFM!!!!!" Moreover and further problems will be met with a rude "write your own software if you have a problem".
At least Bill is polite. The Lunix "community" is commonly anything but.
[When you are coming back to Kuro5hin anyway SilentChris?]
"More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change"
I am not surprised at all from the above statement. After all, IE has the biggest security problems, so it is natural that IE had the biggest expenses in making it secure.
My biggest problem with this is semantics.. The statement makes you think about plugins like google bar.
Actually, downloading 3rd party software can be construed as typing in a web address, where an evil script will run, download your computer, create holes in your system, and get you in trouble.
So, true it's from downloading "3rd party" software, but IE shouldn't allow that in the first place. Geez, gates is such an idiot. Admitting his problem would at least be a commendable act.
I don't like windows or Mac.. In fact, I really just don't like computers anymore. See you at amishcountry.org.
...::----::...
I am in no way affiliated with this sig.
My Linux box is "targetted" as frequently as any Windows box.
Of course, since most of those attempts are from compromised Windows boxes, looking for other unsecured Windows boxes, the attacks don't get very far.
It just that the overwhelming majority of compromised machines are Windows machines that are now looking for other Windows machines.
I make good bank flushing spyware/malware from constipated PCs. My kids eat and I get to buy myself toys. I hardly ever see a Mac come in unless it has a hardware failure.
Make windows secure and I'm going to need a real job.
(Written on an iMac)
We changed our whole company over to ThunderBird and FireFox, mainly because of Bill's position when it comes to security. Saying that it's the consumers fault that they get infected with crap is such a dodge of responsiblity. Just think what would happen if more companies (Microsoft needs to the most) started practising ethical businesss and became responsible for they're actions. The universe would explode.
-Pizentios
Ok so someone probably already posted something like this, but this is my two bits:
"Q: What's your take on making Windows Media compatible with Apple?
Gates: We're big believers in interoperability. "
Umm... So WHEN are they going to release the standards for NTFSv5 so that the Linux folks can be fully interoperable? hmm....
"It isn't pollution that's harming the environment. It's the impurities in our air and water that are doing it." -- Dan Quayle
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
I have to agree with Bill on this one. Even if you are not paying a fee for your virus proection, it is a service that someone provides.
Nope. Remember the old macro viruses for Word and Excel? You had to download updated virus definitions all the time because different attacks were based upon those.
Finally, Microsoft figured out that macros should not AUTOMATICALLY run when you open the document/spreadsheet. Since then, macro-viruses have dropped to almost nothing.
Virus infections are a failure of the security model of your system.
This is diffrent from an automobile with airbags because you typicaly don't have to update/replace your airbags. You do have to pay to get your car serviced and you do have to update your virus definations.
Your car is a physical object that will degrade over time. Software is not the same.
Now given that windows will auto update, you could argue that this is something that microsoft should provide out of the box.
No, the Windows Update service should be patching the holes that allow the viruses to spread.
Why is it that a virus from 5 years ago will infect a brand new XP box? Why hasn't that security hole been patched yet?
The simple answer is that Microsoft is not interested in fixing those holes because doing so would impact the "ease of use" that they are so focused upon (even to the detriment of security).
It's easier for Microsoft to blame other people and demand that you have a continuing band-aid system to react to the latest attacks rather than fixing their model to prevent those attacks.
Is there a class action suit perking away somewhere that we don't know about?
Derek
It's painfully obvious that Windows was originally designed without any thought to security. There are a lot of really good features Windows has, that allow for great usability, flexability and customization. This all comes at a price though, because these features allow too much access to the System by 3rd party apps. The onus is on the OS to provide a secure environment against attacks of any kind, even from local users or applications(as much as possible anyway).
That having been said, I require a few 3rd party apps just to keep it running. Anti virus software, adware/spybot removal, popup blockers, etc. And to tell me that going to a web page that hijacks your browser via the MS implementation of javascript is installing 3rd party software is just asinine.
I think Bill needs to have the old saying, "The first step toward fixing a problem, is admitting it exists.", impressed upon him.
--Not to be worried, Pitr fix.
You know that you can run just the 1 single process as admin don't you (look up runas)? It still sucks BIG TIME but at least it doesn't force you to run all processes with elevated security.
The problem with windows is it was designed to "just work" for "stupid people" and of course the easiest way to do that opens up the computer to nasty attacks. Hopefully the tide has changed and we will slowly but surely work to the happy medium where things just work without letting everything just work and also to where people learn a little about securing thier computer.
"You can now flame me, I am full of love,"
> Gates: Understand those are cases where you are downloading third-party software.'
Is that why a virgin Windows box installed fresh from a Microsoft CD with no OEM extensions can get 0wned in 20 minutes?
No one believes you, Bill. Not the press, and not even your own customers.
How does viewing a jpg count as "downloading third party software"?
The problem is FORCING people to take it and building into the .dll's in such a way that it cannot be completely removed.
No one would care if IE had been bundled with Windows, as long as you could get it replaced with an alternative by the OEM and you could completely remove it.
As it is, you cannot completely remove IE and because it is so "integrated" with the OS, the IE exploits become SYSTEM exploits.
Anti-virus: Viruses/worms are a failure of the security model. If Microsoft fixed their security model, you wouldn't see many viruses/worms.
==================
From: hottie6667@hotmail.com
To: BGates@Microsoft.com
Dear Bill:
I got bored with my paper-clip and decided that I needed a new friend. With your Interweb Explorer game I found a new friend immediately! I would like to thank you for making it so easy to program my PC computer.
would you like to try my natural herbal enhancement? click here for a free sample.
==================
IE is used in Windows for a lot of different tasks: web browser, file browser, help browser, anything that can be made to involve browsing. It needs to have deeper access to system internals than a simple web browser like Firefox.
Right - It is used for a lot of stuff other than web browsing.
Wrong - I needs deeper access. All of the help files and such can easily be handled by handing the file off to the default browser, whatever that is. The directory browsing is also handled in Firefox. file:///c:/
Right - Firefox is Open Source.
Wrong - This does not make patching it any easier than by Microsoft's leagions of paid programmers.
Also, it's more possible for the community as a whole to take the initiative regarding security; while a kludged security risk may be left in a commercial product to make a ship date, it is likely to be replaced fairly quickly in an Open Source environment by a volunteer.
That's getting to the point.
Microsoft's products are based upon MARKETING's desires. If a design is completely wrong from a SECURITY standpoint, but it helps advance MARKETING, it will go in and security be damned.
So you end up with a system that is riddled with holes and, essentially, un-securable (if it is still connected to a network/floppy/CD-drive).
Microsoft's FIRST step towards security would be to rip out everything NOT 100% necessary for the core OS functionality and make those things modular and removable.
That will never happen.
Developers Developers Developers Developers !!!!!!!!!!
What good ol' Bill was trying to say is that the security flaws aren't his fault because OTHER people write third party software that can crack into it. This is all made worse because stupid end users keep downloading and running it. Well, kind of, anyway. They get email with the viruses, and Outlooks actually does the runnning part of it. Come to think of it, Outlook does the downloading, too. But it's THOSE people's email, so it must be THEIR fault, or at least the fault of the people who sent the email, and definitly, certainly NOT Microsoft's fault, so there.
Wake up - the future is arriving faster than you think.
He wants his (LAME) punchline back
NO SIG
what if those third party apps use IE activeX controls to do web browsing and that's where there's a security issue?
Actually, a RO OS makes a lot of sense to me. Then it would force application developers to write applications, not system extensions - OS updates are more thought out as they involve the replacement of read only media (though it could be just as simple as burning another CD).
You let people write user data to disc, but anytime the system boots you are guranteen to have a clean OS, sounds like a great idea really, for most users!
But as the poster was saying you'll probably not really be able to do that with Windows because so many apps like to fiddle with the system on install.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Is it MS fault that a 3rd party app needs admin to run? Install yes but run? I would say so if all applications needed that permission. Lay the blame where it is deserved. The application developer not Microsoft (for once).
I thought some USB drives had a "lock" switch that prevented writing. That seems infallible.
The basic idea is a really good one. It adds anothe rlayer of defense, as how many spyware and virii REALLY are going to try and write to mozilla.exe?
People should make more of a distinction between what is possible and the reality of what is around now. A number of people act like because you COULD write spyware for OS X or Linux, that there's no point in switching - when the reality is Windows is the only system you have to deal with that crap right now and it will probably be years before anything hits the other systems.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Don't know if this is relevant in your relatives' case, but they may only need to change a few file permissions.
/Applications/Disney Interactive/Pooh's Great Adventure/userinfo .
As an example, you may know that many educational games keep track of kids' names and progress. They seem to want to save this info within a directory buried within that applications own directory. The problem is, at least with Mac OS X, when you install an application in the global "Applications" directory, non-admins only have read access, meaning they can't write to the directory keeping track of their progress. This leads to all kinds of crazy things happening.
The solution, in these cases, is not to grant admin status, but to enable write access for them to those specific directories. For example give them write access to
Like I said though, don't know if it will work in their cases.
The only Microsoft product I like is the MN 520 wireless card for my Fedora Linux laptop. It allows me to surf the net and sta connected without the virus threat. Thanks Bill
Life is a gift. And my Karma couldn't possibly be 'Positive'
Please tell me I didn't read this!
...
Q: Speaking of security, Internet Explorer has had well-publicized holes
Gates: Understand those are cases where you are downloading third-party software.
Q: Yes, but will people continue to do that with Media Center?
Gates: You might well do it. We need to use approaches that block people from ever getting software onto the machine they don't want.
Q: Might you add anti-virus/spyware protection in Windows?
Gates: It's not a thing you build in. You have to offer a service. There are third parties who are doing a good job. We're always taking a hard look, but we don't have any concrete plans.
Let me see if I get this straight... he blames security holes in a software application that they build into an O/S on third party softare and then further discusess how they plan to block people from putting any software on ("that they don't want" yeah right) and then goes to say how you wouldn't build in protection... ARGH!
Man, MS just pisses me off! Perhaps, just perhaps if they developed IE independant of the @#$%ing O/S and didn't wrap it up in ever release of Windoze this crap wouldn't happen...
Honestly, did I just get transported to another planet where common sense is replaced by mindless jabbering??? I'd love to see these folks in IT who are in the spotlight interviewed by real technical folks who are able to dissect what is said and call "BS" when you smell it. Just once!
I brace myself for the impending "Redundant" mod.
Oops, how did this get here?
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
I recently reinstalled XP. Doing so required me to re-run the autoconfig for my linksys router/firewall by plugging direct from computer to cablemodem to aquire the proper settings. (granted, I'm no expert, so I went the easy route). In the 30 seconds that I was without hardware firewall while it did what it needed to do, my system was compromised.
Bill is technically right that the security exploits involve downloading third party software, but the problem is that IE is insecure by design or rather offers a very brittle framework for ActiveX security. I.e. once a signed control from a trusted source is vulnerable, your PC is vulnerable.
.Net. You can have *no* security if you blindly trust a signed control from a given manufacturer.
This problem is unfixable because you can always force an older ActiveX control to be downloaded if you are an attacker. I.e. security patches are ineffective.
This *is* Microsoft's fault, and I am sorry to say that this concept of signed controls still pervades
Secure Microsoft Software? I will see it when I believe it. They seem to have this bizarre concept that security of content (i.e. DRM) is more important than the security of software. Go DMCA.....
LedgerSMB: Open source Accounting/ERP
Just the names that MS gives to applications give them a very very big advantage over Linux Open Source applications.
"No, what lets third-party software install are stupid users and incompetent admins."
Oh yeah. The following is based on a true story.
1: I turn java off in IE. Security settings in IE up to top. Shut off applets and everything like that (sorry don't know names of the settings, i haven't used IE in a long time).
2: I surf around some websites.
3: I find out CoolWebSearch has hijacked my computer.
CoolWebSearch is more damaging that most computer viruses.
lots of script kiddies constantly scanning the range of ports
Exactly why Linksys is a bad router buy.
gewg_
Unfortunately, it only works on himself.
Reading Slashdot is ruining my spelling and grammar.
My favorite quote is:
Gates: We're big believers in interoperability.
Apparently hell has frozen over.
I think what Gates means to say is that these problems are the result of attackers running third-party software. No Microsoft software is capable of mounting these attacks.
I really don't think this is the case. People say that windows boxes are targeted more, and sure, they're the ideal target since you've got a great chance of getting in and a great many to get into, but to say they are targeted sooner or more overwhelmingly is taking it a bit far. The amount of IIS exploit attempts I see coming through my apache logs and the amount of failed authentication attempts I see in my smbd logs say that my Mac is getting hit plenty, and with complete disregard for platform when selecting a target, except that the expected exploit will be found in windows. The fact that I see these hits on my Mac means any node has an equal chance for getting hit just as soon or just as frequently as windows. The "windows is targetted more" only holds true when you factor in the desired target platform, the number of exploits on that platform and the number of nodes that platform has, not the frequency or timing of attacks.
belief can be manipulated. only knowledge is dangerous.
critical thinking, rational thought, logic, doubt, curiousity, effort... these are things most of the world is lacking.
keylaeris
...for reminding us all that no matter what supposedly philanthropic gestures you make, at heart you are still just a liar who is only interested in the profits of his company. You can give away all the money you want, but it won't make up for your evils.
In other words, what Bill is saying is that if terrorists get past airport security and blow up a plane, it's not airport security's fault or the airline's fault, because they didn't blow up the plane. It was a third party.
Bull shit. Either you get to own something and be responsible for it, or you don't get to own it. I wish all these mine-mine-mine IP fanatics would get that concept into their thick skulls.
"Welcome to President Bush, Mrs. Bush, and my fellow astronauts."
"The future will be better tomorrow."
"We have a firm commitment to NATO. We are part of NATO. We have a firm commitment to Europe. We are part of Europe."
check out the best blog ever:
http://oehlberg.com
Isn't this like a rapist claming "spontaneous penis insertion"?
"I was just walking down the street, minding my own business, when my penis was spontaneously inserted into the victim's vagina. Honest, it's not my fault!"
Man, they lied to me... :-(
.. and after you are finished doing that, please read the the reply to that other comment. I think you will find it tells quite a different story about Alexa!
Of course you know that your car's safety features don't have to be constantly updated. It's a one-time thing. But on a PC, new spyware/adware comes out every day and older ones are updated now and then so they can combat any anti- program trying to disarm them. That level of attention needed to be as up to date as possible is expensive. At least M$ acknowledged and fixed alot of vulnerabilities with SP2. That is, if you can install it without any BSOD from previously installed ad-ware. (tv media did one of my clients in).
Really I think this is just bad design - they could be written to operate normally under non-admin accounts, but ren't. and it's not just games - numerous applications on windows do this for various reasons (registry access/file access etc..)
This is a very, very good point, but it's even more interesting if you dig just a bit deeper.
Why is it that games and other Windows apps are not written to run under non-admin accounts? Because both the developers and nearly all users always use admin accounts for their day-to-day work. Why is that? I mean, Microsoft's NT operating systems have had an excellent system for managing and enforcing access control for a decade now (it's actually better and more flexible than the system traditionally used on Unix systems). So why doesn't anyone use it?
Culture. The culture that has developed around Microsoft's operating systems was jointly created by Microsoft and its users, and that culture started with MS-DOS, on machines that were not connected to anything, were used by only a single user, or a very small number of users, all of whom trusted each other. Security was irrelevant.
Times have changed, and Windows has grown up, but the culture has *not* changed. Developers at Microsoft are just starting to catch on, but they still seem to have a tendency to focus on features and polish first, and security as an afterthought. And Windows users have been taught that they should never have to deal with security.
Contrast this to the Unix world. Unix grew up in corporate and university environments, where access control was an issue. Further, Unix was the primary platform on which the Internet as we know it was developed, so remote access and the related security issues became deeply important issues in both the code and the culture surrounding it.
Even today, when you introduce a Windows user to Linux, one of the first differences they notice is the fact that they *must* log in. Although both Windows and Linux can support logins either with or without user authentication, the defaults are different. And, of course, the typical Linux system does *not* grant admin privileges to normal user accounts, where Windows does.
The culture affects all aspects of the system, too. OS developers, app developers, sysadmins, users, everyone. Although some subcultures are getting more savvy, the expectation of the rest is that security should not ever be in their face. It's annoying, and they don't like it.
Compare that to, say, the world of automobiles. Just like Linux, if you were to teach someone to drive who had never seen or used a car before, one of the first practical lessons you'd give them is how to unlock the door, and how to use the key in the ignition to start the engine. Security is an accepted and normal part of the process, and drivers and passengers think nothing of it.
But that's not the Windows world. Not yet, and it will take plenty of time for it to become that way. Meanwhile, Unix has been there for 20+ years.
That is why Unix/Linux is more secure. It's not market share (though obscurity is good for security), it's the code and the culture and the way things are done.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
The test case of hooking up a Windoze PC to the internet unpatched is irrelevant since Gates was specifically asked about IE. Also Gates has a valid point about anti-virus/spyware protection. A subscription pricing model would be necessary to support continuing anti-virus protection. There are several companies that provide this service for Windoze, which means that MS is not obligated to do so themselves.
That said I think the real problem is actually the interaction between MS and 3rd party developers. MS builds convenient, easily compromised interfaces (like ActiveX). Companies develop real software based on these interfaces. Black hats exploit these interfaces. MS is then caught between legitimate business usage and illegal exploitation of their wide-open APIs.
The only way we can make MS fix their mess is to stop using their products. They will fix things when they start losing market share to Mac OS, FireFox, Thunderbird, Linux, etc.
By default, Windows is configured to automatically execute scripts. By saying "Windows" instead of "Internet Explorer", what is implied is Internet Explorer since the browser was so nicely crafted/welded into the OS that its impossible to remove. Since the OS relies on the browser and vice versa, security policies become global. All I'd need to do is run a macro that places an Active Desktop item on your desktop and have it randomly phone home, or, allow me to tinker with your registry because Remote Registry service is enabled and so is Remote Assistance!
Bill, what you're doing is Ballsy. I hope you're ready to take on the entire IT market in a no-shit bar-room brawl. What you've done is morally obsurd and would be similar to walking into a local motorcycle bar, publicly addressing all the big burly guys that you think their mothers dress them funny and that you had sexual-relations with their mothers last night. Oh, and that they should move their tricycles so you can park your Honda in the lot.
Since Windows is insecure, DUE TO MY OWN LACK OF INTELLIGENCE, COMMON SENSE, AND EXPERIENCE, I feel the drastic urge to shift completely to Linux and not look back. Linus Torvalds would be MORE than happy to accomodate me with better software, less-expensive overhead, lower cost of maintenance, and not to mention, better support (not from fucking India), and better stability.
Sure this sounds like a flame-war with Satan, er, I mean, Bill Gates, but I've simply taken enough abuse from this craptastic, sorry-assed excuse of a company called Microsoft. I'm tired of the constant patching, the hotfixes, the workarounds, and the blame being placed squarely on me. WTF did I do? I didn't write the code. And his article from last week saying that bad code isn't the coders' faults, it's management's?
If this is the case, which it is, this means that any insecurity I cause due to an unpatched/insecure API is simply because one of your managers failed to do his job. You are a contradicting, self-righteous bastard who would more than quickly drown your own children because your wife's meatloaf sucks.
Bill, get a life, clue, something. Stop crawling up my ass with stupid bullshit like this because your company can't hack it.
"Dress right, get a Tux."
-- Game Developers: Stop porting badly-textured games from crappy console systems!
I disagree, I've been playing with a borrowed powerbook, and I have to say that MAC OS X "just works" for stupid people -- everything just works right the first time, and it's not full of security holes.
Windows is just badly implemented.
Now I finally understand why there shouldn't be any third party apps. Some day very soon we can live in world where there is only one big app, Windows/IE/Office.... Then everything will be integrated secure and just plain fine. I wish that Uncle Billy had explained it all to me long ago. I'm gonna run out and buy an extra copy of Windows so that I can help Uncle Billy bring about the new world order faster. This is so cool because in order to get to the store to buy my new copy of Uncle Billies best I'm gonna get to drive my new Yugo over the new bridge that I just bought.
Gates says more has been _invested_ in making IE secure than any other browser.
That's probably true. The problem is, it's the wrong approach: no amount of
investment will make IE secure.
Cut that out, or I will ship you to Norilsk in a box.
If the guy who built my house failed to put lock levers on the upstairs windows and I get burgled I'm sure the insurance company will accept the builder's explanation that it's all the fault of the third party company that made the ladder they used and nothing to do with him failing to secure the house.
Feeble Gates.... just feeble.
Hmmmmmm..... Deep fried and look like Squirrel.
When was the last time that /. posted an article that wasn't pure flamebait?
You never really know how close to the edge you can go until you fall off.
horny whether or not it smiles...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
...you may/might be hit by his "bull dagger", hehehe...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
A good application will save the user's data in ~/Library/Preferences Registration data is something to store within the application's bundle, but not game saves and such.
Why not:
--have the main computer be RO/OS, with a bootable CD or R/O CD or DVD.
--store changeble data on a 250 MB keychain/memstick?
The more data to be stored, the more you swap sticks, or just use a USB port to keep adding more sticks.
Of course, you'll have to make sure all your favorite apps' settings are found, but then if you suffer a system failure, your data will be on removable media, which you can take to another machine.
Imagine the disruptiveness toward mshaft:
Users buy:
-- a flatscreen display for $399 (maybe they'll start coming with PDA-style HDD connectors for power-users with lots of graphics to move?)
-- a solid-state, diskless computer (maybe a PS/2 or something smaller) with USB ports for peripherals
-- a separate and separately powered HDD for special needs
-- a USB device for storing data that is downloaded or locally generated
I personally would be thrilled to see this occurrence. It's inevitable, anyway, but the faster it crumbles ms, the better off the unprotected surfers will be, and the better off will be the developers who learn to do new code that uses a paradignm of openness and truer colloboration.
As the industry of programmers shrinks, it too will be inevitable that not ALL of the devs will be on payroll. Either they'll strike out on their own, doing legacy work, or they change to do new, revo-/evolutionary work, or they'll change career paths, or do something drastic...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
These are the cases where you are downloading third-party software: viruses, worms, and other malicious code. But it is IE's fault that you are able to execute such malicious code without even asking, due to buffer overruns and other Microsoft bugs.
Oh yeah... Now I remember. Thats the DNS server ip that my contract gig with the Department of Defense was giving us to install on new desktops.
I must have typed it in over 1,000 times setting up those new Dells...
I can't remember much more than that other than we weren't supposed to ping it or write it down to do port scans from offsite or otherwise they'd send out... Oh wait... Oh yeaaahhh... *wink*
A UNIX variant that SCO owns? Huh?
>The only MIcrosoft product that doesn't have an >exploit *yet* is their keyboard.
Thanks for the info, I'm gonna fix that oversight. (-;
Microsoft is pure dog-ma. FreeBSD is pure cat-ma.
My anti-biotics didn't help me recover from a third party infection. *coughs*
I just don't suffer like any of you.
Attacks against me: 0
Intrusions compromising information: 0
Spyware that lasted more than 30 minutes on my box: Gator (approx. 45 minutes)
Viruses on my system: 0
Virus Killers on my system: None needed. See Previous.
I'm not an average user, but I'm not a super-geek either. I just don't download anything I don't need, and I audit my system for all executable files bi-monthly. Any executables that I don't know of, I find out what they are and delete them. The last time I had to delete any was more than two years ago when I was still running Win98, and even then it was only Gator.
Even so, my system hasn't been accosted by any worms, either, so it can't be just me. All I do about that is keep my active programs properly patched. That's it. If you think that Linux is 100% safe when unpatched, then I defy you to prove it.
Is this just another case of "The ones who know the least are the most vocal about it"?
*Starts slow clap*
I would think that an informed community like that here would be a little more level headed. But, I a geek as well, can get fired up so I guess it is to be expected.
Truth be told, MS is not nearly as bad as every super-ubber-hipster type with a mac and a couple lines of javascript under his belt will lead you to believe.
I love the "destroyed Netscape" as a prime example. Am I the only one who happens to recall that Netscape is a big steaming pile of _____ ? Now, I know that MS' hands are not clean by any means but to paint the picture like there was this power house of perfection, elegance and beauty that was razed to the ground by evil marauders is not just untrue, but it is pretty silly. Truth be told, Netscape sucked...sorry, sucks. Bad. Seriously. And MS was in the best position to take advantage of that. So, if you are gonna get all puffy, why are you not upset at N for making such a...oh wait, cuz super hip with the Mac has yet to point that out to you.
And the security thing. I will try to apply a little common sense there as well, for what little good it will do. Ok, you guys have taken a math class or two and you probably have a simple understanding of probability (I am somewhere sub-simple). If you take a couple minutes to read, you will find out that Mozilla has holes you can drive a truck through. Opera has some pretty serious issues as well. All of 'em pretty much. IBM just found a massive security flaw in one of their whats-its. The difference is that noone cares. MS is the big boy on the block and all those hippster hacker wannabes would love nothing more than to put that feather in their hat. With their market share, their reputation, their insall base and the legions of hippster Mac boys it is simply a matter of statistics.
I would love for someone to do a feature or line by line comparison and report exactly what the reality is. Because reality says that Gates is not MS. MS is a huge cooperation with armies of really, really bright programmers and designers and the perception that somehow Bill writes or authorizes every INCLUDE is just assinine. Reality is that bugs will always be in code. Reality is that a good portion of the IE problems came about from third party product. Doesn't excuse MS by any means, as interoperability should be a major concern, but it does pretty much prove that if Mr. Gates said, "I think the sky looks blue today." there would be 100,000 forum threads talking about how (first MS came along and destroyed the sky's true color of azure) Gates is so fundamentally morally bancrupt that he would claim the sky was blue.
Reality is that this whole thing is pretty tired. Really intelligent people are painting themselves as either ignorant or zealots (not sure which is worse) and it the whole thing is just becoming riddled with hyperbole, conjecture, assumption, half-fact and in some cases outright mistruth. Either get a penis extension and get over it, or find a third world dictator who truly deserves your attention.
Go into Windows XP Service Pack 2. For maximum jaw-dropping effect, be logged in as GUEST.
Go to Run.
In the box type:
control userpasswords2
You can now reset ALL user passwords, including the admin.
If anyone can find a way to use a Guest account access root with a built-in command in ANY, absolutely ANY non-Microsoft OS, and it'll be a debate again.
Until that point, this will be fact:
Windows is the LEAST secure OS ever. Don't even start up the conversation unless you have a counter-example.
Thank you Bill Gates for creating a niche for my anti-spyware, virus-removal, data-recovery business!
Windows can be like that, which was my point, they just need to get it there. They took the easy route and it is biting them now.
As far as 3rd party applications go they are equally guilty of taking the easy route and just asking thier users to be admins.
"You can now flame me, I am full of love,"
Q: Speaking of security, Internet Explorer has had well-publicized holes... Gates: Understand those are cases where you are downloading third-party software
He's right. When people get bitten by these security holes, they download Firefox.
Wow, that's easy. The incentive is that it does what people want. If you are building hardware, it costs you less to use free software and it does what 99% of your market wants it too. When you look at it that way, it's hard to understand where the incentive to sell someone the same thing that costs more is.
Friends don't help friends install M$ junk.
As my uncle used to say, "You're full of hooey!" My brother and I never did figure out what "hooey" was, exactly, but we knew it wasn't anything good.
The higher the technology, the sharper that two-edged sword.
Blame the Mosaic guys, that's who Gates licensed the core of IE from.
Once Gates stops using FLAWED OPEN SOURCE code (Mosaic), and gets MS to code up their own browser, all this Firefox/Opera/Mozilla bullshit will go away.
my fault for using IE, a package riddled with security holes..
my fault for not listening to Microsoft and unchecking the box that says "always trust content from microsoft" (wait... should I trust them on that?)
my fault for visiting those sites that can send me to any random virus-ridden URL when I use the "back" button, and can actually infect me because somehow going back disables security zones...
yes.. all *my* fault.
On XP Home with multiple users, hold the Windows flag key and press the U key at the login screen, and then press... Oh wait, I'm still working on that one. ;)
FUD! That's a general trouble-shooting page, dealing with copy-protection issues.
Attempting to load the program when logged in as administrator is the 10th item on the troubleshooting list, and is entirely reasonable given that administrators can configure each user's access as they see fit. You can't expect Microsoft to make their programs run when the user doesn't have access to the physical drive that the copy-protection media is in.
Under default settings, at least some of these programs will run just fine as a non-admin user, I've tried it myself.
"We have to go forth and crush every world view that doesn't believe in tolerance and free speech." - David Brin
What you need is a capability based system. And by capabilities I don't mean POSIX "capabilities" but the real ones. This is hardly a new idea. Read some papers by Norman Hardy. Start from Capability Theory by Sound Bytes and read the referenced articles until you start getting the idea. Then read about GNOSIS: A Prototype Operating System for the 1990s, a 1979 paper by Bill Frantz, Norman Hardy, Jay Jonekait and Charlie Landau. Then read about KeyKOS, a persistent, pure capability operating system. Then read about EROS: The Extremely Reliable Operating System. I think it will be enough for a good start. As you see all of those problems we discuss today in this article have already been solved in the '70s or '80s at worst. But those who don't know the history are doomed to repeat it.
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
CEO's are always in denial mode. To be otherwise is perceived weakness and unwillingness to protect shareholder value. Denial assures shareholders that you are practicing due diligence. Blaming anyone and anything else externalizes costs. That's why it's always Apples' fault, or mostly the users. Hence the mantra of 'no software liability'. It's why OS's controlled by corporations will always be never-ending voids of other people's innovation and crap.
Linux. Because it's our fault.
insecurity asks the wrong question irritation gives the wrong answer
"Gates: We've been spending a lot of time with studios." Ya I bet he has - making sure that there is no dvd playing software created for linux by any commercial software company. I bet he helps financing and finding the people that are supposedly stealing music. I alway knew this was the way he was going to take to try to beat linux. He is groing to try to outlaw it and then tell the world that his windows longhorn has digital rights management and if you use it you will never be prosecuted for stealing any software but if you use linux you are on you own. Finally - how does he know what people want - I want my tv simple - just turn it on and it works I don't want to have to go through tons of menus to get where I want or deal with viruses, reboots, defrags. - I tried digital cable once and just got rid of it - there is just too many channels and not enough quality. I was even going to try tivo but when the Janet Jackson thing happened at the super bowl and there were reports on how many people hit the replay button - well it was just too much. I don't want people to know if I hit the replay button - can't I have a little privacy please. Finally, I would not trust any os put out by Billy Gates - he is just in it for the money he does not give a shit about the customers - he is just going to ram down our throats the way he wants to have it and that is it - he just wants people to worship the ground he walks on - I wish he would just go away.
I always figured the switches were some kind of hardware limitation which rendered the media physically unmodifiable. Very interesting it's up to the computer to honor it!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Twitter, you're a petulant cock-gobbling sycophant to Linux Torvaldyos! Quit taking DP from ESR and RMS's feculent cocks and why don't you try to stop sucking quite so much? Get out of your parents' basement and see the real world - maybe then you'll see how pathetic you sound, with your neverending stream of bullshit about how Microsoft is stalking you. Wasn't it you who said that Microsoft believes your insane ranting is actually a threat to them, so they PAY PEOPLE to reply to you on Slashdot? No sir, I don't get any money. I do it for the love. Someone has to go up against your paranoid whining. So get back in your cage and shut the fuck up already.
Twitter, you're a petulant cock-gobbling sycophant to Linux Torvaldyos! Quit taking DP from ESR's and RMS's feculent cocks and why don't you try to stop sucking quite so much? Get out of your parents' basement and see the real world - maybe then you'll see how pathetic you sound, with your neverending stream of bullshit about how Microsoft is stalking you. Wasn't it you who said that Microsoft believes your insane ranting is actually a threat to them, so they PAY PEOPLE to reply to you on Slashdot? No sir, I don't get any money. I do it for the love. Someone has to go up against your paranoid whining. So get back in your cage and shut the fuck up already.
Twitter, you're a petulant cock-gobbling sycophant to Linux Torvaldyos! Quit taking DP from ESR and RMS's feculent cocks and why dont you try to stop sucking quite so much? Get out of your parents' basement and see the real world - maybe then you'll see how pathetic you sound, with your neverending stream of bullshit about how Microsoft is stalking you. Wasn't it you who said that Microsoft believes your insane ranting is actually a threat to them, so they PAY PEOPLE to reply to you on Slashdot? No sir, I don't get any money. I do it for the love. Someone has to go up against your paranoid whining. So get back in your cage and shut the fuck up already.
Precisely my point. There is no use to building security into a system if the developers for that system keep releasing bugware that requires the security be disabled in order to function.
Providing children with admin access in order to run eduware is a major hole in any system's security. Could you imagine the uproar if you had to log in as "root" on a Linux box in order to run a videogame? Yet this very foolish behavior is tolerated in the Windows world in the name of "ease of use", while many other software vendors demonstrate time and again that you can write great software without requiring such security holes -- even with Windows.
I do not fail; I succeed at finding out what does not work.
I didn't look at the kernel vunerabilities in thoroughness, mostly because the first one that I looked at had the fix "upgrade to the next version of the kernel - it's fixed there".
I try not to troll, and it's not likely that you'll see this anyway (being an anonymous coward and all) but you are just an idiot for showing a link claiming that linux is less secure because it doesn't have as high-a EAL as Windows. You're saying "this company that owns pretty much a hundred billion worth of assets (not real stats) has a higher EAL than an operating system that's given away for free".
The reason why you're an idiot for believing that piece of crap is that EAL costs money! A quick search gleaned that Microsoft made 1.5 billion pounds worth of profits last quarter. In comparison Redhat made 47.6 million. Redhat doesn't have the money to spend millions (and yes it does cost millions) of dollars for an EAL writing.
This is aside from the fact that EAL requirements doesn't test something like . . . say . . . going on the internet . . . connecting to a network . . . installing any piece of software . . .