Microsoft's Most Successful Failure

m4dm4n writes "As we near the end of mainstream support of Win2k The Register looks back at what it has achieved. What was meant to be Microsoft's most secure OS ever turned into a disaster. Worm after worm changed the face of internet security in Win2k's first 2 years. Five years down the line the battle is far from won, but the improvements are dramatic." From the article: "Things were different in the year 2000. Programmers felt vindicated that the Y2K bug didn't turn out to be that big of a deal. We made it past January 1st, and then it was time to move on. Windows 2000 came out that first quarter, just as security was becoming more interesting to more people -- and Windows was a good place to start. It was also seemed to be the start of a new breed of Windows hackers."

Microsoft's Most Successful Failure

[PyWiz]

or just "Microsoft's Most Successful Business Venture"

Re:It was successfull, kind of...

[Inda]

NO! I was the first STABLE windows plat...

On Win2k and security

[freeweed]

This article does a pretty good job at summing up the major issue from the past 5 years in network security. Those of us tasked with watching IDSs and poring through firewall logs sure remember July 2001. Calling it the 9/11 of the Internet is pretty apt, imho - except that it happened again. And again. And again. It sure was easy to sell people on IDSs after Nimda, Slammer and Blaster :)

I think the experience with Win2k has finally turned the tide on shipping insecure default systems. Pre-2000, many (most?) Unix and Linux distros also shipped with a range of listening services by default, but within a couple of years, this all changed. Pretty much anything I try these days is locked down out of the box. Local exploits and user-initiated stuff, sure. But the days of so-called "Warhol worms" will soon be behind us (I hope and pray!).

Even Microsoft FINALLY took the hint. They're still leaving a bunch of things open, but at least XP now has a firewall turned on by default, which stops this nonsense. I'd much prefer they just close the damn ports, as I'd rather trust my system's TCP/IP stack vs. an extra piece of software on top, but it's a good start.

One thing I still chuckle at, however: the market share myth. Other than the Morris worm, I can't think of a single worm that really impacted the Internet to any great extent until 2001. 20 years of everyone running Unix, at least 5 years of (somewhat) widespread Internet use, and Windows NT 5 was the first (and still only) platform to be hit on a large scale. Considering how prevalent Unix was back then, you'd think we would have seen at least a mini Code Red at some point. I guess some people think that a multi-million machine Internet didn't exist until 2001 or so :)