Slashdot Mirror
Buy Vista or Else
theodp writes "Upgrade or keep crashing was the tagline when Windows XP was introduced. So how will Windows Vista be marketed? 'I'd hate to see something bad happen to your PC,' seems to be one pitch. Even if new features won't get you to upgrade to Vista, you should buy Vista for the security, urged Windows Chief Jim Allchin. Are commercials featuring Tony Soprano next? Bada Bing!"
maybe they should say "upgrade to linux for the security" (or macOS X)... Vista seems to be offering very little in terms of features, and will offer little else in terms of security, partly people go for it because it's what most people use, and partly because M$ just doesn't take security seriously enough... they need to have a root and branch change of how the OS is designed to give a greater emphasis on security instead of useless visual tweaks.
*''I can't believe it's not a hyperlink.''
Slashdot, who loves to post taglines of "Is this the end of the Internet?" or "Is Linux dead?" or "Microsoft security is going to destroy the world" now posts something that makes fun of Microsoft using security to sell their product?
Guys, make up your mind. It's very clear that no matter what Microsoft does, you guys are against it, even if they start embracing Linux. I mean, what would Slashdot do if Microsoft became pro-Linux? They would have no one to demonize... maybe they'll start hating Linux too?
I'm all for upgrading things to newer versions to enhance security. Secure by design should be the default, and if someone fessed up and said, "Hey, we fucked up last time, but we got it right this time", and could be trusted, then it wouldn't be extortionist of them to try this.
But we've all seen how Trustworthy Computing didn't really change things. New products came through that obviously weren't vetted, and plenty of legacy problems remained. I don't know who's really going to buy Vista because they'll believe the security "threat" perpetuated by MS.
500GB of disk, 5TB of transfer, $5.95/mo
"Even if they are not into home entertainment or in any of the specialty areas, they are just going to feel safer and more secure by using it."
"...[Alchin] demonstrated a collaboration tool that uses a "People Near Me" feature, which searches over a Wi-Fi connection for other Vista users nearby and then sets up a peer-to-peer network with them."
Your computer must be more secure -- it can automatically network wirelessly with other computers to share your files.
$nice = $webHosting + $domainNames + $sslCerts
I would say if the codebase is entirely new, the chances of making the same mistakes again would be lower.
What worries me more about rebuilding any codebase is the possibility of introducing whole new categories of bugs.
liqbase
Start shipping installs secured from the start. Require an admin/install user account for new system wide applications, sandbox user installed software in their home directory/profile. Users then don't trash everything when they fubar their profile or homedir. Windows has all the necessary features to do it, It's had them since the first versions of NT.
Microsoft frankly can't be arsed and there's no profit in a secured system when they can instead continually be selling you upgrades as security fixes.
It isn't rocket science, it's just segregation of responsibility. Unix has been doing it for 30 years. No wait, it must be closer to 35 now.
Deleted
If you want security and you must run windows apps, the only way to achieve it is to run windows under VMWare or Virtual PC on Linux, BSD, or Mac OS X.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Would you tell someone to stick with a several-flavors-ago version of your favorite distro, or to keep using Firefox 1.0? Yes, yes, free, all free blah blah blah. Believe it or not, the +/-$100 just ain't that big a deal for a lot of people, but the disruption of an upgrade (to the O/S or a significant app) is frequently the thing that puts the brakes on.
So... for most people (no, not slashdot readers), this will just happen as a new machine rotates into their life anyway. For a lot of users, "Oooh! Shiny!" is a reason to spend +/-$100. But upgrades are disruptive for people (not slashdotters) who don't actively like doing them, and the Grandma You've Talked Into Using Mandrake Who Probably Should Be Using Mandriva vX.whatever Which Means New Hardware And That Means While We're At It Let's Change Some Apps scenario is just as ugly. Never mind the dollars.
Don't disappoint your bird dog. Go to the range.
I found this little bit of info fascinating:
In particular, he demonstrated a collaboration tool that uses a "People Near Me" feature, which searches over a Wi-Fi connection for other Vista users nearby and then sets up a peer-to-peer network with them. The tool is meant mostly to enable laptop users to share applications and files, among other things.
So Microsoft is, in effect, creating its own file sharing network? I wonder how the *AA will react?
How will they market vista ? , well first thing they will do is stop supporting XP, and when the new vulnerability comes up , both corporates and home user will have no choice but to upgrade. Security wise , i hope vista introduce newer programming model call "Advance improved Complex OLE and Advance COM and DCOM" , which BTW only virus writer and visual basic programmers understands and not C programmers. They can't implement unix security model , because than why pay for it :)
I think they have also implemented strong anti-piracy feature , which will not "allow you to update" if you don't have a "genuine" vista ,which is more laughable as it takes one malicious program to make genuine to un-genuine
Have a nice day.
"And beyond that it's probably safer to use something like OpenBSD instead of XP."
I mean, seriously, just who is your post directed too? I can tell my clients: Use Firefox instead of IE, I sometimes tell them use OSX instead of XP. I even see situations where I might suggest Linux over XP or OSX.
But for the life of me, I don't ever ever see a situation where I go: " Yeah!, use BSD - it's a viable alternative to XP or OSX".
Of what I have read, there will be, at least, one thing that could improve Vista's security. Also, several people have commented on it without having read anything about Vista. Users will login to a limited access user account, rather then an administrator account as the default.
Unfortunately, there are several bad points with Vista that will make me hesitate on upgrading:
"Be particularly skeptical when presented with evidence confirming what you already believe." -
You misunderstand, sorry my wording was ambiguous. OpenBSD and OSX have the same roots, XP and Vista have the same roots, was my point. The point that the article was trying to get across is that these two systems with the same roots have different characteristics in terms of security, which is also the case with OSX and OpenBSD. Of course, I'm not saying that OSX is as insecure as XP, however.
OpenBSD is a great system for secretaries and people in a finance department, for instance.
I worked at one firm that was having problems with the computer systems their secretaries and finance department were using. Many of the workers would play games, or worse, they'd manage to infect the existing Windows XP systems with spyware.
Considering they were doing basic word processing, spreadsheet and web-based data entry tasks, we decided that Windows XP was excessive. OpenBSD, OpenOffice, and Konqueror would be sufficient.
The main benefit was that the systems just plain didn't get infected with viruses, spyware, and some such software. The price was a big benefit, too. And the ignorance of the general staff towards OpenBSD, and UNIX in general, helped. Instead of playing games and chatting, the employees had little to do but work. Productivity rose significantly within the weeks after switching over to OpenBSD.
Cyric Zndovzny at your service.
I usually don't get involved in OS wars but here goes:
I keep hearing the argument that it is not worth it to write a virus for Linux because of a lower installed base. It seems to me that some Windows zealot would have done it by now just to prove it can be done if it is as easy as they imply.
This leads me to believe that either:
A: Windows zealots can't code
or
B: Linux is much more secure than Windows
Hm. Let's see... installing my Hauppauge card and Sage TV took approximately two hours on Windows, and that includes all the time I spent setting preferences. Oh, and it all worked on the first try.
I spent over 16 hours *attempting* to install IVTV (the "official" Linux drivers for the Hauppauge capture cards) before giving up.
During this period of time, I had help from two Linux experts. The best output I ever got from the cat was a postage-stamp-size mpeg2 movie with no sound and no way to change the channel. (Needless to say, the GUI TV viewer apps didn't work at all, and didn't give any clues as to why they wouldn't work.) That was on Ubuntu.
Then I looked at other Linux distributions, and noticed that SUSE claims to support Hauppauge hardware out of the box. So I spend the hours downloaded 5 freakin' CDs worth of CRAP so I do a single task (not counted in the 16 hours) and install SUSE with default settings to my PC. During the install, it gives me an encouraging message, reading something like: "We've detected a video capture card in your computer, so you should install these TV viewer applications." I hit yes, install. Get a working, booting system, open the TV viewer app and... nothing! No error message, it just froze.
Now, given, this was on Linux. But I can't imagine how it could be any easier on BSD.
Comment of the year
Really? No complaints other than "I miss my games"? No training required? It just worked? I have a hard time believing this.
I am not saying that OpenBSD is a bad choice for this task from a purely technical point of view. But there must have been some problems during comissioning. It would be interesting to learn how you solved them.
617B3B7F7E7C7D7F00EOF
The saddest aspect of Vista's arrival, as far as I'm concerned, is that XP technology has been no improvement over Win2k Pro or Win2k Server in our company. And now we get another scary OS release from MS as the end-of-life date for 2000 products draws near. After SP4 came out for the 2000 products, the only real annoyance was the constant stream of critical updates, some of which unleashed mayhem on our network until we got a handle on update management. Otherwise, the Windows 2000 servers have been rock solid. Meanwhile, XP and Server 2003 have been insufferable turkeys, making me regret every installation. The memory leaks that have plagued Server 2003 should be getting a lot more attention than they've been getting in the tech press. I suspect Microsoft would say that hardware vendors have delivered faulty drivers, but we never saw the random crashes and reboots in Windows 2000 Server that we see in our 2003 servers. I can't trust the 2003 platform anymore - - we moved everything of importance back to Win2k. Service Pack 1 for 2003 Server was about as helpful as a broken ankle. I understand we might see SP2 in 2007. Wow, that's encouraging. Who here wants to dive for Vista? Thank the gods for Linux, Apache, and MySQL . . . .
It's only funny until someone gets hurt. Then, it's hilarious.
I know that the Slashdot crowd has mixed feelings about VMware, but honestly, I am a huge fan of it. VMware is what allowed me to switch from Windows to Linux, while keeping the programs that I need for school, and keep my wife happy. Further, I can run a different Windows for whatever the different need may be. For example, I have one Windows for personal use, work, school, security/spyware/malware research, Windows Server 2003, Windows 98, an Oracle enviroment, FreeBSD, and several different Linux bases installed. Before I made the leap, I tried VMware in Windows, and decided that it was a viable alternative and then made the conversion to Linux. The great thing about running Windows under Linux is that I have not had any spyware problems since converting, nor virus problems -- probably because I surf the internet and do email under Linux as opposed to Windows. The downside to this approach is that it 1) Expensive, VMware cost $189 for Linux, but they do give you a 30-day license; 2.) You have to have a lot of memory in order to get the full benefit. 3.) You still need a license for Windows. However, I get better performance for my Windows installations under Linux than I did with a native Windows installation. And then you can do snapshots and other features. Even if you manage to hose your Linux installation, short of deleting your virtual machine files, your virtual machines are safe.
Anyhow, the point of the post, is that if you seriously would like to be able to migrate away from Windows, and need to be able to maintain compatablilty, then look at VMware. Unlike some of the other virtualization solutions, VMware is extremely professional, polished, and does a slick job. I am the president of a Linux and Unix User group and we distribute VMware disk images for use in VMPlayer (which is free) to help people get farmiliar with Linux. The quaility of VMware is such that after using a beta release for two months I couldn't help but buy it after the beta expired -- their beta was so professional, I was really impressed.
And no, I don't work for VMware.
The views expressed are mine own and do not express the views of my employer.
Whether you meant to or not, you ended up sounding like a Linux fanboy, and that takes so much punch from your argument. Neither Linux nor Windows are perfect, yet you are basically claiming Linux is a field of daisies compared to the hellish swamp of Windows. Grow up.
-William Brendel
Funny how OUR 2003 servers are FAR more stable than 2k has EVER been (as a matter of fact, 2k is the single most problematic OS I've ever seen coming from MS, at the beginning, the drivers for most hardware sucked REAL BAD, so BSODs all the fucking time! It essentially made the whole OS worthless when it came out). Drivers for 2k aren't so bad anymore, but it's still nowhere near as stable as 2003 is (SP1 or not). No problems with 2003 R2 so far either.
Bashing a clearly more stable OS, and then being thankful for a toyish DB? Wow. 100% FUD.
Is security a binary thing? Is something secure or insecure ?
I don't think so.
I think "security" is a blend of many things.. the _correctness_ of non-security features, the selection and depth of security-focused features, the process around resolving defects (because there will be defects), and the conditions under which a user can use the machine.
Even if Microsoft had done everything they knew how to do to make XP "secure" when they had made it, would it be secure today? No. Because today new threats are understood and being used that weren't in existance when XP was designed and shipped. Is XP retroactively insecure? Or it just less secure than something newer, all things otherwise equal, that was developed with the context of the threats that have emerged since XP was released?
In the specific case of Vista vs XP, some of the things that are "better" this time around are
- more credible run-as-non-admin story
- better sandboxing and least-priviledge stuff, even within a normal user account (i.e. its not necessarily true that IE running as you can do anything you can)
The run-as-non-admin thing "worked" in XP, but with enough caveats that it was hard to credibly say "everyone, do it that way". The POR for XP was to ship with non-admin-by-default until very, very late in the ship cycle, where there was just too much stuff that didn't work as non-admin. They made the hard decisino to make users=admin by default, and nobody was happy about it. This is a problem that Microsoft has been chipping away at for a while now, because the goal is "let everyone run with as few permissions as possible" and it often conflicts with the other goal of "20 year old software written by 3rd party people needs to keep running"
I have no problem buying that Vista has more security-focused features than XP. I have no problem buying that Vista has better code correctness in non-security features than XP. I don't think the security response process will be any worse in vista, infact, i know of at least one technology that makes it better (but im not sure if its public yet?).
Will Vista be "more secure" than XP? I think so. Will it be "as secure" as OpenBSD? Probably not. Will it do more things that more users want than OpenBSD? Definiately. Will Vista have a better intersection of practical security vs functionality than OpenBSD?
Microsoft thinks so, and I think I agree with them.
My opinions are my own, and do not necessarily represent those of my employer.
You get stuff like this on both sides. Here's mine.
I built 2 64bit AMD boxes, and purchased WinXP X64 for both. I figured one would be a Win box for my wife, the other would be dual boot, Win for games, Fedora Core 4 for development.
I spent about 2 weeks finding and downloading drivers for the Windows installs. Everything on the motherboard (including 1Gb network card), the DVD RW, video card...
I was ALMOST afraid of putting Fedora Core 4 64bit on it, but figured I could get it working with some work. So installing Fedora was a much, different experience. Put in the DVD and follow the install screens. No drivers to find and everything worked out of the box.
So in MY case, Windows took days, Linux was less than an hour.
1) Two hours is about right for setting up a PVR. That's how long it took to set up my parent's Dish Network PVR, more or less.
2) The computer didn't freeze, and it wasn't a hardware error. (The hardware works flawlessly in Windows.) It was the TV viewer application that froze.
3) Hauppauge cards don't work on OS X. But at least OS X doesn't *claim* that they do, unlike SUSE.
Comment of the year
I think Transmogrify_UK was refering to websites that say you should use Windows 98/2000/XP and don't provide support for any browser besides IE, leaving you unable to view anything because of the massive ammount of ActiveX plugins used in the site. And even if there are no ActiveX plugins, i'm sure most Windows-using webmasters couldn't care less about standards compliance and modifying their websites to work with Firefox / Safari / Konqueror. Still, I have in fact run into websites from my school's macs that completely deny mac access. A little tweaking can solve that, however.
- Nick
Linux has one problem that over-shadows all others :
* A monolithic kernel
You're kidding, right? Microsoft has pretty much gutted Cutler's NT microkernel design, what with moving so many subsystems back into the kernel and all. And OS X? It's a full fledged BSD kernel running on top of a Mach microkernel - really, a microkernel arrangement in name only. The only reason they keep it around is because Mach provides some... interesting IPC facilities, which OS X exploits heavily. Everyone has either moved back toward the monolithic kernel, or hasn't strayed *that* far from it; outside of research or very limited, purpose specific OSes, a full-blown microkernel layout is pretty much nonexistant.
Sam: "That was needlessly cryptic."
Max: "I'd be peeing my pants if I wore any!"