Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Says "War on Terror" is Overblown

Posted by ryuzaki0 on from the also-sugar-is-sweet dept.

SlinkySausage writes "The endless security measures imposed on society as a result of the "war on terror" have become overblown and intrusive, according to Microsoft Redmond senior security analyst Steve Riley. He made the comments in a talk at day one of Tech.Ed Australia about software security. Riley also fessed up that Microsoft cocked up XP from a security perspective. "We let you down with XP," he said. Microsoft also showed a very interesting new desktop virtualisation technology called SoftGrid, which allows applications to be virtualised individually, rather than a whole OS. Think Virtual PC or VMware, but instead of virtualising an OS, just a single application is virtualised."

7 of 666 comments (clear)

  1. XP isn't that bad ... by b0s0z0ku · · Score: 3, Informative
    It's mainly the tight integration of the browser with the OS that is/was an issue. Don't use IE and don't run executables from unknown sources and 95% of the security issues go away. SP2 is actually a pretty decent OS.

    -b.

  2. Should fix the article headline by the+computer+guy+nex · · Score: 3, Informative

    Microsoft didn't issue a press release, one guy voiced his opinion.

  3. SoftGrid isn't new by Anonymous Coward · · Score: 4, Informative

    SoftGrid isn't new, nor is it a particularly close relative of WINE as some Linux enthusiasts suggest. It was a Microsoft acquisition, the former product name being Softricity. It's not just virtualization, it's packaging, so a single file, streamed from a server as needed, encompasses the program and all of its settings, creating a layer over the regular file system, registry, etc. with copy on write functionality; if the program tries to change the host OS in any way, it just adds to the shell of program specific settings within the single packaging file. Extremely handy for network admins who need to distribute programs, and want the performance of local apps (once the whole package is streamed, it runs locally, with the streaming order prioritized based on what the user is doing), but want the simplified administration of centralized programs with standardized configuration.

  4. Re:Our way of life is not under threat! by rossifer · · Score: 4, Informative

    In the United States roughly three times as many people are killed in gun accidents per year than 9/11.
    Not to disagree with your overall argument, but this statistic is wrong. Three times 9/11 would be about 9000 accidental firearm deaths per year. According to the CDC, there are actually about 750 accidental deaths attributed to guns each year in the US (CDC Mortality Statistics - select "after 1999", then "intent -> unintentional" and "cause -> firearm"). Which is about 25% of 9/11.

    I would suggest using automobile accidents in the US as well, since it only takes about three-four weeks of US automobile fatalities (~45,000/year) to equal one 9/11.

    So why is there talk about trading liberty for security? Even though the security vs liberty argument is as flawed as the mythical man month, the point still remains - why do I need this extra security anyway? It's expensive, it costs me my rights and it's ineffective.
    Hear! Hear!

    Regards,
    Ross
  5. Re:Our way of life is not under threat! by Xehn · · Score: 4, Informative

    I saw a chart on digg a while back that your comment reminded me of. Here is the link. It isn't 100% accurate, but it does a great job of illustrating the point.

    http://stpeteforpeace.org/real.threat.html

    I just wish people would listen to reason when it comes to all of this.

  6. Re:WINE, Anyone? by _xeno_ · · Score: 3, Informative

    First, ignore all the comments pointing out that WINE stands for WINE Is Not an Emulator. You're using "emulate" in a different sense than the WINE acronym is. By "WINE Is Not an Emulator" it means exactly your point: WINE does not emulate a physical machine - or, in other words, virtualize the process. WINE implements a compatible version of the Windows API, but it does not create a virtual machine. It's best called a compatibility layer or something like that.

    Cygwin does something similar under Windows for UNIX. It emulates a UNIX environment under Windows, mapping standard UNIX calls to Windows equivalents. WINE does the same in reverse - it maps standard Windows calls to UNIX equivalents. (Pedantic note: I know I'm misusing the term UNIX. Someone else can come up with better terms.)

    In any case, WINE is not a virtualization approach. A Windows program run through WINE is executed directly by the hardware the OS is running on. WINE simply provides a loader that can load and execute EXE and DLL programs, along with compatible implementations of Windows API.

    Short answer: you're right. WINE is not virtualization.

    --
    You are in a maze of twisty little relative jumps, all alike.
  7. Re:Security or Convenience by lymond01 · · Score: 3, Informative

    Sorry, but did you just say you can have something be both secure and convenient? I'd love to see an implementation like that because it's never been done in the history of all things.

    Not so fast. When was the last time you locked the bathroom door?