Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vista Security Discussions Get a Rocky Start

Posted by ryuzaki0 on from the get-it-together dept.

narramissic writes "A technical glitch Thursday morning prevented many security vendors from participating in the first online discussion regarding Microsoft's plans for opening up the Vista kernel, ITworld reports. In a blog posting on the subject, Microsoft Senior Product Manager Stephen Toulouse wrote, 'We had a glitch where we sent out a messed up link. ... We're very sorry about that, it certainly was not intentional and we definitely see that was not a good thing for people to experience on such an important topic.'"

6 of 111 comments (clear)

  1. Extra! Extra! by Anonymous Coward · · Score: 4, Insightful

    Microsoft employee sends an email with an incorrect URL in it! Collapse of Micrsoft predicted! End of the world is nigh! Extra, Extra, read all about it!

    Slashdot has just sunk to a new low of pointlessness in their "articles". Urgh.

    1. Re:Extra! Extra! by PreacherTom · · Score: 4, Insightful

      Oh, come on. This is the definition of amusing irony.

  2. More eyes is a good thing by BadAnalogyGuy · · Score: 5, Insightful

    While it seems more a move to placate a rabid EU, this move is actually pretty good for all users.

    First, not all users will get the APIs. In fact, only a tiny fraction of users, all of whom work at security and anti-virus companies, will get to see these opened APIs. Why then is it good news?

    It's good because it brings into the fold those most able to spot security issues. Despite Microsoft's money and the experience of their top engineers, they all have tunnel-vision when it comes to Windows. And it's not hard to see why, after all, it's their baby. So even though they've got top security people working for them looking deeply into these issues, the very nature of those engineers' employment makes it difficult to see some of the problems that an outside observer would be able to spot easily.

    By turning the baby over to the wolves, so to speak, Microsoft is getting Vista tested by the best testing teams around. The OSS motto is "more eyes makes all bugs shallow", I look forward to that same principle working well here.

    1. Re:More eyes is a good thing by arth1 · · Score: 4, Insightful
      First, not all users will get the APIs. In fact, only a tiny fraction of users, all of whom work at security and anti-virus companies, will get to see these opened APIs. Why then is it good news?

      It's good because it brings into the fold those most able to spot security issues.

      Why do you think those who work at security and AV companies are those most able to spot security issues?
      I won't mention names, but some fairly well-known "security and AV companies" have made their business on buying up other companies products, redoing the interface every year so they can demand people pay for a new version, and dumbing the app down by removing functionality whenever something breaks, because they don't have people smart enough to fix things. Outsourced $10/hr drag-and-drop "programmers" will only get you so far, and expecting them to possess intuition, assembly language skills, or a love for discovering what a function can be pushed into doing is expecting far too much.

      Also remember that security and AV companies don't want security -- if their products actually fixed security holes, they would put themselves out of business. They want their products to temporarily block attempts, nothing more.
      Gurus, on the other hand, work to get the problems fixed, permanently, and the people who made the mistakes aware of what they did, and just why it was bad, so they don't repeat it.

      Regards,
      --
      *Art
  3. "...we sent out a messed up link..." by Browzer · · Score: 5, Insightful

    Like it never happened to anybody!

    This is beyond bashing, this is being anal.

  4. Re:Symantec was one of the vendors shut out by Anonymous Coward · · Score: 4, Insightful
    Symantec and Microsoft have a long history of a love/hate relationship and Microsoft has put more and more things into its operating system products that have closed entire markets for Symantec (and it's predecessors).

    What's your point? That's the nature of the "work around defects in the operating system" market. Eventually, even Microsoft fixes them, and you don't have a market anymore. I hate Microsoft, and I still can't blame them for this. It's not like they're the first vendor to include, say, a filesystem that doesn't require constant defragmentation, or a stateful firewall.