Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Says Vista Most Secure OS Ever

Posted by ryuzaki0 on from the that's-evar dept.

darryl24 writes "Microsoft senior vice president Bob Muglia opened up TechEd 2006 in Boston Sunday evening by proclaiming that Windows Vista was the most secure operating system in the industry. But a bold statement can only go so far, and much of this week's conference has been spent reinforcing that point. Microsoft also acknowledges that nothing is infallible when it comes to computer security. In turn, the company has employed black hat hackers for what is called a penetration, or pen, test team."

17 of 440 comments (clear)

  1. The Slashdot Criteria by eldavojohn · · Score: 5, Interesting
    From the Slashdot FAQ:
    Slashdot gets hundreds of submissions every day. Every day our authors go through these submissions, and try to select the most interesting, timely, and relevant ones to post to the homepage.
    Or, as in this case, any story with a headline that will start an instant flame war.
    --
    My work here is dung.
  2. Acronyms by linvir · · Score: 5, Interesting

    I noticed in this article that they're treading on our acronyms.

    SDL - Security Development Lifecycle
    Relatively inconspicuous. Simple DirectMedia Layer has nothing to fear from this in terms of mindshare. But then again, they knew that SDL was in use. Why not show a bit of cooperation?

    RMS - Rights Management Something
    This one is amazing, because it's basically DRM named after Richard Stallman. Someone at Microsoft either has a sense of humor, or is a complete prick. I really doubt that this was accidental.

    It's superficial, but I think both examples are very symbolic.

    1. Re:Acronyms by Tim+C · · Score: 5, Interesting

      Treading on "our" acronyms?

      I'm sorry, but rms has meant "root-mean-square" to me for about 15 years, or roughly 8 years longer than I've known about GNU or Linux, and it's meant that to mathematicians for a lot, lot longer than that.

      Since when does anyone "own" an acronym? Talk about overly touchy...

      --
      It's official. Most of you are morons.
    2. Re:Acronyms by Anonymous Coward · · Score: 1, Interesting

      Do the people in Iraq who plant IEDs have IED? And do the IEDs have IED? Do they belong to the IED?

      I say to hell with acronyms altogether. Is it a disk operating system or a denial of service?

      (MRC="bandying", glad you got the MRC generator working again!)

  3. Damn formatting... by TWX · · Score: 2, Interesting

    The message should have looked like:

    ...sound like a challenge to me...

    Let's count the kinds of attacks that have existed in the past:

    Bad daemon/service design allowing for root control through the service itself remotely
    Bad daemon/service permissions allowing a buffer overflow to give one service-level command access
    Bad port use allowing for access to stuff that should be off by default
    Bad user permissions control requiring everyone who actually want to do something to have local admin access
    Bad MS software design giving software designed to look at public (read: anything) access to the service or kernel level
    Bad implementation of MS software allowing for public, untrusted content to arbitrarily install stuff on the PC (see also: the Balmer Story)

    Sounds like we have a lot of possible places to start, and I'm not even someone used to breaking into Microsoft systems. There are probably many, many more vectors of attack that I haven't thought of without even resorting to social engineering or taking advantage of stupid or ignorant users...

    --
    Do not look into laser with remaining eye.
  4. very old news -- XP was the most secure by Anonymous Coward · · Score: 1, Interesting

    I seem to recall similar statements made in 2001 about new and improved user-oriented operating system XP. XP was supposed to be the most secure O/S ever and M$ made lots of statements about it being very secure, best ever, very hard to hack, etc.

    http://www.macobserver.com/article/2001/12/21.5.sh tml

    It was so secure that a guide had to be published, Windows XP: Surviving the first day:

    http://seclists.org/lists/security-basics/2003/Nov /0555.html

  5. Yeah, yeah, yeah by HansKloss · · Score: 2, Interesting

    It's getting boring. I heard the same argument last time when they released Win XP, and before for Win 98.
    Would you stop already. Always the best and revolutionary like never before.
    Life will show that nothing really changed, except Microsoft coffins getting bigger

  6. Hmmm... by Anonymous Coward · · Score: 1, Interesting

    what's this in the article about MS using acronyms such as RMS and SDL? Could this be part of the extend and conquer strategy? Next thing you know they will use LIB, KDE, RHL, PHP, LAMP or OSS as part of their system naming scheme. No, really.

  7. No they are speaking the truth by SmallFurryCreature · · Score: 4, Interesting
    It was their most secure OS ever, right up to the point that WMF bug was exploited and Vista was found to be just as vulnerable as every other windows version.

    Claiming Vista to be the most secure OS ever when it has already had a security flaw is just insane and tells us that MS still just don't get it. Or maybe they do get it. After all they make billions. It is sad but lying to the gullible pays better then telling the truth to the clever. There are just so many more gullible people. Last count about 6 billion.

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  8. Nothing new by Tony · · Score: 2, Interesting

    Remember "DNS?" Digital Nervous System?

    That's okay. Nobody else does, either.

    --
    Microsoft is to software what Budweiser is to beer.
  9. Re:Hackers? by Em+Adespoton · · Score: 2, Interesting
    ??? I thought the whole idea behind "black hat" vs. "white hat" was the relationship between the "hacker" and the victim. White hat hackers do their stuff with permission and with people's best interests at heart. Black hat hackers do things for their own interests, at the expense of the victims.

    Following this line of reasining, if MS really employed "black hat hackers," wouldn't such hackers immediately say, "Gollee, this OS is super secure! I couldn't find a single way to compromise it!" Meanwhile, they're digging around inside (being careful to erase traces of their visit), getting extremely familiar with an OS that hasn't even been released yet. 0-day exploits indeed....

  10. Re:Depends on the definition. by jcr · · Score: 5, Interesting

    Secure against whom?

    The user, probably. ;-)

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
  11. Re:Hackers? by StarvingSE · · Score: 2, Interesting

    Its called media speak. Black-hat hackers sounds like a group of evil-doers who are now turned to the light side and are helping MS secure their OS, but they are still bad boys.

    White-hat hackers sound like a bunch of pocket-protecting IT professionals who work in OS security.

    People will think that if the "bad boy" hackers aka the ones lurking in the wild can find all the exploits, then the OS will be "teh most secure ever"

    --
    I got nothin'
  12. Re:Microsoft + Stupid Claims = ... by foamrotreturns · · Score: 2, Interesting

    Hm, while we're talking about beta/not released, etc, let's make a "maiden voyage" comparison with a very relevant quote:
    "...when the New York office of the White Star Line was informed that Titanic was in trouble, White Star Line Vice President P.A.S. Franklin announced 'We place absolute confidence in the Titanic. We believe the boat is unsinkable.'"
    Source: http://www.historyonthenet.com/Titanic/unsinkable. htm

  13. Trusted Solaris by RedOregon · · Score: 2, Interesting

    What... no one's going to mention TSOL? Sure it's a royal PITA to administer, but it doesn't get much more secure...

    --
    Skivvy Niner? Email me!
    HEY! Look left just ONE MORE TIME!
  14. Re:Well, I suppose in the end, it *is* secure... by Zaplocked · · Score: 1, Interesting

    While I agree the amount of popups vista brings up is laughable, one wonders what you were doing wrong to fail at installing flash - I just went to macromedia's site and click the install now button. After 6 or 7 annoying popups and 2 minutes, it was installed fine.

  15. Re:Well, I suppose in the end, it *is* secure... by fermion · · Score: 2, Interesting
    So, it's the most secure operating system ever... and from my use of the beta, I might be tempted to believe that. Here's an example of that "security":

    *insert CD*
    "You've just inserted an insecure piece of removable media. Are you sure you want to proceed?"
    *clicks yes*

    When autorun is turn off for all removable media, and can only be turned on with an administrator password, and there is no override for "special DRM encoded media", then I will believe that MS is concerned about security. Until then, they are doing the minimum neccesary to meet a current PR, while making sure that control of MS Windows stays out of the hand of the end user, and in the hands of MS and it's partner advertisers.

    --
    "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black