Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Most Successful Failure

Posted by Zonk on from the win-some-lose-some dept.

m4dm4n writes "As we near the end of mainstream support of Win2k The Register looks back at what it has achieved. What was meant to be Microsoft's most secure OS ever turned into a disaster. Worm after worm changed the face of internet security in Win2k's first 2 years. Five years down the line the battle is far from won, but the improvements are dramatic." From the article: "Things were different in the year 2000. Programmers felt vindicated that the Y2K bug didn't turn out to be that big of a deal. We made it past January 1st, and then it was time to move on. Windows 2000 came out that first quarter, just as security was becoming more interesting to more people -- and Windows was a good place to start. It was also seemed to be the start of a new breed of Windows hackers."

16 of 354 comments (clear)

  1. Learning Experience by strongmace · · Score: 4, Insightful

    If only I could make as much money from my mistakes as Microsoft does from its learning experiences.

    --
    "If we hit that bullseye, the rest of the dominos will fall like a house of cards. Checkmate." -Zapp Brannigan
    1. Re:Learning Experience by toddestan · · Score: 4, Insightful

      Many people did not *want* to upgrade to Windows 2000, but had little choice due to the lack of other options.

      Windows 2000 is one of the rare times in the Microsoft world when you actually want to upgrade due to it actually being a clearly superior product than its predecessors. There is no question that Windows 2000 is a better OS than any of the Dos-based ones. It's also more stable and easier to install than NT4, and has better driver support, plus it adds some of the nice touches introduced with Windows 98. This is completely unlike the Windows 2000->XP "upgrade", or the essentially identical last 4 versions of Office.

  2. say what you want... by msh104 · · Score: 5, Interesting

    but atleast it didn't took me 4 years to get my printer up and running... all in all I am very happy with linux, but why does it always have to be win=bad lin=good everywhere.

    1. Re:say what you want... by KoReE · · Score: 4, Insightful

      It's because of Star Wars. Everyone wants a guy with a red lightsaber, and a guy with a blue lightsaber. Gates has been handed the red one, and Linus the blue one. It's really quite dumb.

      I'm a big fan of the "best tool for the job". I like Windows for a desktop, Linux for a server environment...but Windows server environment is improving. I still think it sucks, but it's improving....

      --
      Instant Karma's gonna get you...
  3. MetaEditing? by bc90021 · · Score: 4, Funny

    So we've got a Slashdot palgiarism of two paragraphs of a Security Focus story that was posted on The Register. Is this like "meta-editing" or something?

    --
    libertarianswag.com
  4. Failure -- A bit harsh? by Blahbooboo3 · · Score: 5, Interesting

    I won't make an arguement about security problems in Win2k, since the article is correct. However, I will say that I think Windows 2000 is the best MS OS to yet come out. The GUI is far better then XP (IMHO), has support for all the latest "bells and whistles", and it is FASTER than the equivalent XP machine.

    1. Re:Failure -- A bit harsh? by zbuffered · · Score: 4, Informative

      Turn off the Themes service, Automatic Updates service, Error Reporting service, Help and Support service, Windows Firewall... Pretty soon you'll be getting near win2k memory loads, and your XP box will look pretty good. I once would have agreed with you -- I resisted the 2000 -> XP conversion for quite some time, but I have adequate resources and XP runs like a champ for me.

      --
      Synergy is your friend
  5. Re:Pardon me, but weren't most of the worm issues by OhPlz · · Score: 5, Informative

    IIS and the repeatedly exploited index server were distributed with Win2000. The RPC port exploit was also a Win2000 issue.

    I think it's a shame that they're twilighting the support for the OS. I still use it and have no real reason to upgrade to XP. I tend to wonder if the only "big deal" with XP is that it included a software firewall.

  6. Win2k, a failure? by JeffTL · · Score: 5, Interesting

    I can't see how you can honestly call Windows 2000 a failure -- Microsoft didn't spend more making it than they made off of it, and it was actually (in my experience, at least) more reliable than XP.

  7. It was successfull, kind of... by adolfojp · · Score: 5, Interesting

    I was the first STABLE windows platform that could handle multimedia apps.

    Security became a joke, but stability was superb.

    It was a gigantic leap from the 9x series.

    Cheers,

    Adolfo

  8. Re:2k was excellent except for one thing.... by TheRealMindChild · · Score: 4, Interesting

    A slightly off-topic comment, that I feel I have to make to someone somewhere...

    My boss and I were talking a week or so back, and we were talking about taking a bunch of our libraries and somehow making them into something we can use everywhere. Now realize that we, unfortunatly, have about 200 applications to maintain, across Visual Basic, Delphi, Java, C++ in many flavors (Borland and MS are the majority) and a slew of other crap, including some VB scripts.

    Now, obviously, a plain DLL isn't going to cut it... VB would be a pain in the arse to translate all of the declares to, and Java would need something similar to use a native library.

    This IS where ActiveX control/libraries come in. And thanks to even automation, I can EVEN use said libraries in the windows scripts via a magical CreateObject.

    The nightmare of using ActiveX controls on a webpage shouldnt blur the actual usefulness of the technology possibly elsewhere.

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
  9. Oh for one last time..... by Boss,+Pointy+Haired · · Score: 4, Insightful

    Programmers felt vindicated that the Y2K bug didn't turn out to be that big of a deal.

    It was a big deal. Lot's of us here worked very hard to make sure that nothing bad happened and this really gets to me when people throw around the opinion that it was all a fuss over nothing.

    Get a clue.

    1. Re:Oh for one last time..... by Chris+Burke · · Score: 4, Insightful

      Absolutely, and it's all an after effect of the way it was presented in the media.

      It's kinda like there's a big office building on fire downtown. The news reporter is standing in front of the blaze, speaking in a calm voice layed thinly over barely-contained hysterics: "As you can see behind me, the fire continues to burn! If left unchecked, this fire could spread to nearby buildings, and from there continue to spread, until eventually the entire metropolitan area is burned to the ground. From there, who knows how far it could spread! Civilization itself hangs in the balance! Flee, flee for your lives! And buy duct tape!" Meanwhile, fire fighters work like hell to put out the fire, and it eventually dies. The next day everyone is wondering what the hell the big deal was and what they are going to do with all the duct tape they bought. Feeling gullible and duped, they forget that there really could have been a disaster if the fire fighters had just sat on their thumbs watching the building burn...

      --

      The enemies of Democracy are
  10. Re:where would we be.... by AKAImBatman · · Score: 4, Interesting

    just imagine if the nature of the stack wouldn't allow [buffer overruns]. If some kind of mechanism beside a simple jump had been used. Like registering an address in the CPU via an instruction and then calling that jump.

    Would it annoy you to no end if I explained that you've just described the segmented memory model that has been available on the 386 and up since 1986? It just so happens that today's "Modern OSes" (right load of bull that is) map only two memory segments, then completely ignore the GDT, LDT, and TSS after that? It is, of course, done all in the name of "Performance", the mini-god for which many a programmer has sacrificed his first born for, but has never actually managed to show that this "performance" was worth it.

    <sarcasm>But wait, we must claim that Java is slow in order to appease this mini-god! </sarcasm>

    --
    Javascript + Nintendo DSi = DSiCade
  11. Warning by geekee · · Score: 4, Funny

    parent post severely affected by Linux reality distortion field.

    --
    Vote for Pedro
  12. "More innocent times" .. yeah right by dustmite · · Score: 4, Insightful

    Article is pure MS propaganda.

    - They're trying to divert attention away from all the security problems that XP has had. XP is BY FAR the "biggest disaster" of any OS in the history of humankind when it comes to security. Something like 25% of XP boxes are still to this day infected zombie machines. Typical time-to-infection of any pre-SP2 XP system hooked up to the Net was something in the order of seconds or minutes. But wait, let's rewrite history by claiming that 2K was far worse, so that people think don't XP was so bad in retrospect, and that people think MS were already improving their security between 2K and XP.

    - They're trying to pretend, yet again, that 2K and XP were written in "more innocent times" when "security problems" were unknown - so that the public is tricked into thinking that their shocking neglect of security was somehow excusable. Spin, spin, spin. All of today's security problems were very well-known by any IT professional even by the 80's; even Java in the 90's touted security over and over as one of its major selling points, and when started pushing their ActiveX-based "trust" model in response ('hey, we have an object model, let's just pretend it's secure and market it heavily') anyone who knew anything was already warning that that was going to be a disaster.

    Microsoft knew that security was going to get this bad, but they ignored it in favour of pushing for better time to market to be ready for upgrade cycles and attrition sales.