Slashdot Mirror
Buy Vista or Else
theodp writes "Upgrade or keep crashing was the tagline when Windows XP was introduced. So how will Windows Vista be marketed? 'I'd hate to see something bad happen to your PC,' seems to be one pitch. Even if new features won't get you to upgrade to Vista, you should buy Vista for the security, urged Windows Chief Jim Allchin. Are commercials featuring Tony Soprano next? Bada Bing!"
I'm all for upgrading things to newer versions to enhance security. Secure by design should be the default, and if someone fessed up and said, "Hey, we fucked up last time, but we got it right this time", and could be trusted, then it wouldn't be extortionist of them to try this.
But we've all seen how Trustworthy Computing didn't really change things. New products came through that obviously weren't vetted, and plenty of legacy problems remained. I don't know who's really going to buy Vista because they'll believe the security "threat" perpetuated by MS.
500GB of disk, 5TB of transfer, $5.95/mo
"Even if they are not into home entertainment or in any of the specialty areas, they are just going to feel safer and more secure by using it."
"...[Alchin] demonstrated a collaboration tool that uses a "People Near Me" feature, which searches over a Wi-Fi connection for other Vista users nearby and then sets up a peer-to-peer network with them."
Your computer must be more secure -- it can automatically network wirelessly with other computers to share your files.
$nice = $webHosting + $domainNames + $sslCerts
I would say if the codebase is entirely new, the chances of making the same mistakes again would be lower.
What worries me more about rebuilding any codebase is the possibility of introducing whole new categories of bugs.
liqbase
Start shipping installs secured from the start. Require an admin/install user account for new system wide applications, sandbox user installed software in their home directory/profile. Users then don't trash everything when they fubar their profile or homedir. Windows has all the necessary features to do it, It's had them since the first versions of NT.
Microsoft frankly can't be arsed and there's no profit in a secured system when they can instead continually be selling you upgrades as security fixes.
It isn't rocket science, it's just segregation of responsibility. Unix has been doing it for 30 years. No wait, it must be closer to 35 now.
Deleted
Of what I have read, there will be, at least, one thing that could improve Vista's security. Also, several people have commented on it without having read anything about Vista. Users will login to a limited access user account, rather then an administrator account as the default.
Unfortunately, there are several bad points with Vista that will make me hesitate on upgrading:
"Be particularly skeptical when presented with evidence confirming what you already believe." -
OpenBSD is a great system for secretaries and people in a finance department, for instance.
I worked at one firm that was having problems with the computer systems their secretaries and finance department were using. Many of the workers would play games, or worse, they'd manage to infect the existing Windows XP systems with spyware.
Considering they were doing basic word processing, spreadsheet and web-based data entry tasks, we decided that Windows XP was excessive. OpenBSD, OpenOffice, and Konqueror would be sufficient.
The main benefit was that the systems just plain didn't get infected with viruses, spyware, and some such software. The price was a big benefit, too. And the ignorance of the general staff towards OpenBSD, and UNIX in general, helped. Instead of playing games and chatting, the employees had little to do but work. Productivity rose significantly within the weeks after switching over to OpenBSD.
Cyric Zndovzny at your service.
KDE can be easily configured to be quite Windows-like. Many people didn't even notice, to be quite honest. We did our best to make the transition as seamless as possible, and we managed to do that well.
We labelled the OpenOffice Writer icon as "Microsoft Word", for instance, and people didn't know the difference.
We imported the Word templates and Excel spreadsheets they were using, tested them out with the OpenOffice equivalents, and for the most part they worked. The one problem we ran into was the font on the standard company letterhead was a bit too large under OpenOffice. That took about a second or so to remedy, of course.
When they asked about the games and MSN, they were simply told that they were deleted.
A little bit of preparation, forethought, and the use of quality software lead to a transition that went very well.
Cyric Zndovzny at your service.
I want to comment on some of the features you list:
"New printer technology (way beyond postscript)"
This is interesting. What could be "way beyond Postscript"? Postscript is a general purpose language, with rendering support. It has even been extended into a GUI (although that is irrelevant from the perspective of printing). By utilizing a common language for print rendering, different vendor OSs and systems can actually share printers. The reference implementation of Postscript is now (arguably) Ghostscript, which is Open Source. Postscript is also behind PDF technology.
If there is a new rendering technology, how will it be incorporated into heterogenous network?
"Support for user mode drivers"
Is this a good thing? I know that there have been attempts at providing "user mode drivers" to Linux, and other OSs, but that is a REALLY BAD thing to do wrt security. Transitions from less trusted code to more trusted code are ok, because the more trusted code can check its inputs. The reverse transition is not ok -- simply because the code is less trusted.
Of course the "user mode driver" may require signing, but then why not test it and put it back into kernel mode? The only other reason I can see for "user mode drivers" is that you want the driver code and data to participate in standard OS semantics (scheduling, swapping, etc.). Which may be a good reason to do it. But the security implications are immense: maybe front layer drivers only, that cannot do anything with the OS core or data, and where data only flows "user->user driver->kernel" -- you get the idea.
Still, I was under the impression that Windows was a micro-kernel (in some sense), which is supposed to eliminate the need for this hack.
"Application level audio control"
Can you elaborate on this? I was under the impression that that was ALREADY a feature (or are you referring to OS control on the application audio, which is more interesting - specifically, the ability to route the audio output from an application to another application which can provide filtering: say, low-pass. Of course, this provides a security hole for the media, and so I doubt that this will be implemented).
The other features will be welcome.
Ratboy.
Just another "Cubible(sic) Joe" 2 17 3061
I know that the Slashdot crowd has mixed feelings about VMware, but honestly, I am a huge fan of it. VMware is what allowed me to switch from Windows to Linux, while keeping the programs that I need for school, and keep my wife happy. Further, I can run a different Windows for whatever the different need may be. For example, I have one Windows for personal use, work, school, security/spyware/malware research, Windows Server 2003, Windows 98, an Oracle enviroment, FreeBSD, and several different Linux bases installed. Before I made the leap, I tried VMware in Windows, and decided that it was a viable alternative and then made the conversion to Linux. The great thing about running Windows under Linux is that I have not had any spyware problems since converting, nor virus problems -- probably because I surf the internet and do email under Linux as opposed to Windows. The downside to this approach is that it 1) Expensive, VMware cost $189 for Linux, but they do give you a 30-day license; 2.) You have to have a lot of memory in order to get the full benefit. 3.) You still need a license for Windows. However, I get better performance for my Windows installations under Linux than I did with a native Windows installation. And then you can do snapshots and other features. Even if you manage to hose your Linux installation, short of deleting your virtual machine files, your virtual machines are safe.
Anyhow, the point of the post, is that if you seriously would like to be able to migrate away from Windows, and need to be able to maintain compatablilty, then look at VMware. Unlike some of the other virtualization solutions, VMware is extremely professional, polished, and does a slick job. I am the president of a Linux and Unix User group and we distribute VMware disk images for use in VMPlayer (which is free) to help people get farmiliar with Linux. The quaility of VMware is such that after using a beta release for two months I couldn't help but buy it after the beta expired -- their beta was so professional, I was really impressed.
And no, I don't work for VMware.
The views expressed are mine own and do not express the views of my employer.