Slashdot Mirror
New Shared Computer Toolkit for Windows
cygnusx writes "Microsoft Monitor and Ars Technica are reporting that Microsoft has released an administrative toolkit (beta) to help secure Windows machines that are shared by a number of people. Features include protecting the Windows partition from non-administrative changes and Group Policy-like access restrictions. This should be good news because Microsoft seems to be recognizing that not everyone can go down the Active Directory path to manage their Windows machines better."
Shared computers are commonly found in schools, libraries, Internet and gaming cafés, community centers, and other locations.
If you're running a lab with 100 terminals, you should already using group policies.
Group policies address the needs for a particular market sector. This lock-down tool addresses the needs of another market sector. They do appear to be trying to do "the right thing"!
The problem lies more in the design, architecture, and implementation. One facet recently appeared here (The 12-minute Windows Heist) and here (Windows Users Ignoring LUA Security).
Microsoft "grew up" from a fundamentally different mindset than real (no troll intended, just pragmatic viewpoint) computing technologies. Microsoft takes credit (rightly or wrongly) for inventing the PC. PC, that's Personal Computer... and the directory structure (among other things) especially reflects these roots:
The third item above was especially interesting to me when I worked at Microsoft. This was the early days of NT, and when I hired on, I didn't have a machine in my office powerful enough to run NT. Wanting to get an early start on learning as much as possible about NT I had an office peer set up an account for me on another NT machine. I asked how to "login" to that machine. He looked at me as if I were mad. His (their) notion of multi-user meant my account on his box gave me access to file services pretty much, not much more.
Administration tools, while a nice idea, in light of the historical artifacts of Windows are only a bandaid over a compound fracture. It might cover up the bleeding and hide the potentially fatal wound, but it isn't going to solve the problem. Microsoft should have taken the time to desing the "P" out of PC when they completely re-designed the underlying technology. Had they done so, many of these problems today either wouldn't exist or would be much easier to fix.
This is just the same as the User/Root-Approah Microsoft plans - too lat, as always!
Do any of you believe in better late than never? Honestly, people bitch that Microsoft does nothing about security, if they attempt, they're flamed for a "poor attempt". Even now, they're trying to up security in XP, and 2000 users cry that it's too late. My sweet jesus guys, at least there's an effort somewhere. 2000 is pretty well EOL'd, I don't think it's their major worry right now.
Yeah, i'll get flamed for saying that it's not their major worry, and most likely for even backing them, but i'm sick of reading this horse shit.
Let's turn the tables for a minute. I tried installing Mandrake 10 on my laptop a year (maybe year and a half now?) ago. I couldn't get my WiFi to work regardless of how much tweaking I did, what "hack" I tried to implement. There wasn't a driver to be found. I switched to winXP on my laptop because of this, and i'll run XP on my laptop now, until I get a new one, at which point in time, I can't say that i'll try and get my WiFi working again. Are there efforts to fix it? Sure. But i've waiting a year and a half for them. You can offer wifi, but I think it's too late, i've moved on.
I'd bet five dollars that someone will say that it's either a completely different situation, or that I didn't look hard enough. I'd be told to cut the developers a break, at least they're trying, right? I just hate when people play favourites. I'm going to shut up now.
is generated randomly in javascript by the registration page. Eight digits - the first must be nonzero, the last is seven minus (the sum of the others, mod 7). E.g 10000006.
Finally, a voice of reason. True, this does not help the win2k users out there, and you know what? patches realeased now do not help the folks who are still using the linux 1.x kernels, the OS has moved on, MS has moved on. XP is, what?, 3 or 4 years old now. Its on SP2 for God's sake. If you have not moved up, then fine, use what works for you, and if it does not work for you then don't compalin that they are not making it work for you.
I have a slew of machines, evenly split between Windows and non-Windows machines. NT5.0 was a huge step forward as far as stability went, and 5.1 was a huge step forward as far as ease of use went for many users (though mine has been returned to the non-playschool look because that is what *I* prefer). Its not perfect, but then again, nothing is. Much of what I do is under Windows, and I have no real reason to complain. My machines are behind a firewall, I don't reboot my desktops except for the odd update that requires is, and I only shut down my laptops running windows when I take them out of the house (Off still uses less battery than standby and I'd rather have the extra 15-30 minutes of power than save 30-60 seconds of boot time).
So MS is now trying to make their OS, the current one better. Great. I think its a wonderful idea. I applaud the effort. Since XP is their current OS, its not too late, and if it works, its not too little.
Grow up folks. The "My Dad is better than your Dad" attitude does nothing to help the cause. Show valid reasons why things are better now, and don't act like my 2 year old when the competition fixes something to close the gap, instead, make something better to re-open it, that is how you win.
I reject your reality