Slashdot Mirror
Microsoft Says Vista Has the Fewest Flaws
ancientribe writes "Microsoft issued a year-one security report on its Windows Vista operating system today, and it turns out Vista logged less than half the vulnerabilities than Windows XP did in its first year. According to the new Microsoft report, Vista also had fewer vulnerabilities in its first year than other OSes — including Red Hat rhel4ws, Ubuntu 6.06 LTS, and Apple Mac OS X 10.4 — did in their first years."
It has the fewest flaws found because it has the fewest amount of people looking for them.
No users == no problems
Is this via support calls or just little modal dialog boxes that people are tired of clicking "send" on? Or are they filtering out things they've already encountered in XP? Statistics are a great aid to the common lie.
Do not mock my vision of impractical footwear
Most Linux distros have a lot more software and contain more lines of code than Windows. Therefore, you'd expect more flaws in something like Ubuntu or RHEL.
It has the fewest flaws found because it has the fewest amount of people admitting to them
Parent has it exactly right. This is likely another statistical half-truth. Tell us % of users reporting flaws and let's compare that to XP's first year.
For the last time, you just can't add up the number of vulnerabilities in separate products from different authors and expect to glean any meaningful information from numerology thereon. This is especially true when contrasting one closed-source product from a vendor with questionable security reporting practices (say, Windows), and an open-source product where every single flaw of any level of significance is public knowledge (say, Ubuntu Linux).
I'm tired of seeing such claims about vulnerability tallies parroted in Slashdot summaries without the least bit of skepticism regarding their relevance. This sort of thing has already been debunked a million times over on this site. Come on, editors, a little quality control would be nice...
- because it seems nobody's actually using it.
In related news, BeOS showed few vulnerabilities this year...
--- We are not in the 8th dimension. We are over New Jersey.
Could the reason there are fewer exploits in the first year of Vista (Verses XP) be due to the fact that it has a reluctant adoption rate bu users and the OS exploiters are likely focusing their efforts on current Operating Systems that are more stable, known, and in higher use.
Give it time...
Besides, now that Microsoft has set 2009 for the new "Windows 7" release target date, it seems that Vista may be the new short-lived 'Windows Me'.
Click to launch Word.
"Denied'
Copy file
"Denied"
Launch Firefox
"Denied"
Verdict OS completely secure.
...after all, any operating system that is basically unusable is going to have fewer vulnerabilities as a matter of course.
Proud member of the Weirdo-American community.
Boeing has said it's latest jet liner crashes less and Ford has made a car that kills fewer drivers.
All this means is that there will be a really big patch tomorrow.
As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable Slashdot 2.0.
How does that old quote go?
"There are 3 kinds of lies: lies, damned lies and Microsoft PR"
Or something along those lines...
You can have my cynical agnosticism when you pry it from my cold, dead logic.
Excellent point. Although other debates have questioned Microsoft's numbers, if there are really 20 million installs (plus further installs since then) in use out there, hackers might begin to take a look.
But to paraphrase the Drake equation, of the total Vista installs, how many have been hit by crackers? How many of those were honeypots, caught by virus scanners, or otherwise detected? How many exploits found by crackers have been used in highly targeted attacks and kept secret?
All I can think of is the remote TCP/IP exploit. As some of you may recall, that exploit existed in all versions of Windows. And Vista supposedly has a "completely rewritten TCP/IP stack" (source).
"I have a bad feeling about this."
I think that is a silly measure of bugginess. Not only does the number of flaws reported being less reflect lower usage of Vista, it also likely says the the reporting system is difficult to work with. If anything, I think the fact that the non-Windows systems have a higher number of flaws reported indicates that they have easier-to-use bug reporting systems. The correct way to measure statistics on things like this is either to have a third party subject them to a standardized battery of tests (indicating actual security levels) or to measure the ratio of bugs fixed to total bugs reported (indicating the development team's ability to correct reported flaws quickly).
Tomato wedge sperm darts that are Republican.
And how many installs are on new machines, where the buyer had no choice? How many of those forced installs have been wiped out by now and replaced by XP, 2K or Linux?
Good, inexpensive web hosting
Remember ladies, this is what George W. Bush's go-away speech is going to be like. Don't be too scathing. Let them have their moment.
Windows 7 announcement in 3..2..1
How many of those were kernel patches, and how many were related to other applications?
Ignore this signature. By order.
how many people who run linux do you think are stupid enough to buy vista then uninstall it? why does everyone pretend the white box market doesn't exist?
If you mod me down, I will become more powerful than you can imagine....
My OS has the fewest flaws! I created a design where the gui involves a sheet of pulverized tree, and then you take the special stylus (sold separately) that contains a special solution of a liquid with tiny pigmented particles suspended in it. While there have been reports that occasionally the stylus can malfunction, vigorous shaking or banging the stylus on a hard surface and proceeding to make several tight spirals or circles clears this OS flaw up pretty quickly! Of course, at present there are not that many users of said OS, but as it is a much more robust OS than Vista, I feel that the results for my OS are far superior to those achieved by Vista.
Insert witty sig here.
From the PDF
Page 12 - Windows Vista Fixed 36 vulnerabilities
Page 14 - Ubuntu fixed 406 vulnerabilities affecting Ubuntu 6.06 LTS.
Look how many vista have left to find!!
Reminds me of a quote - "Statistics are like humans. Torture them enough and you can make them admit anything you want".
I'm much more funny, interesting and insightful than the moderators think
I'm sure most people do. However, it's still hard to find new laptops without a pre-installed OS. Also, I know there are people buying computers with iCandy installed and replacing it with XP; I'm going to be doing exactly that for a friend later this week.
Good, inexpensive web hosting
You know it's bad when not even the script kiddies wanna get their paws on it.
I'm not giving Vista flaw space.
Donte Alistair Anderson Roberts - hi son!
Karma: Chameleon
SO. Nobody uses Vista in comparison to OS X or Linux? ouch, looks like a whole magnitude of people use Vista over OS X or Linux. According to this link, if you took all the Linux and Apple users and put them into a single group, it STILL wouldn't be as many people who are using Vista by a good size chunk (let alone XP), so let's not repeat that lie again.
I don't mind people being critical of anything, but please be honest in your critique. And whatever you do don't use Apple as an example of "the way things should be".
I'm sure this will be tagged flamebait or troll. That's kind of ironic when I'm replying to all these guy's tagged 'informative' who say "Nobody uses Vista" when they are obviously providing false information. If pointing out a blatant lie makes me a troll so be it.
and no one is using Vista, it's natural that it'd have the fewest reported flaws. :)
That sounds great until you realize that even by the most conservative estimates, more people are ALREADY using Vista than are using all versions of OS X and System 9 combined. Even if you throw in all the *nixes combined, there are still more Vista users.
Vista also automatically drops reports of problems directly to Microsoft, and isn't dependant on users to supply bug reports or problems like OS X, so when problems occur, MS usually knows before the users or the makers of the software that is causing problmes.
So ya, nobody is using Vista, in comparison to XP that is. However compared to the SlashDot and Mac industry, Vista is a massive OS deployment, lets hope OS X can catch up to Vista someday... (Geesh)
Oh, and I love the argument, that Vista was preinstalled and 'forced' on users. Strangly, the people that purchased these systems and rolled back to XP are 90% documented, and aren't counted as Vista installs.
And this is not any different than the people that purchased new Macs and had to have 10.4 installed because of the application compatibility problems with Leopard. (Which ironically has more compatibilty and application problems than Vista, and yet only supports 1/1000th the software or hardware.) (Geesh Again)
Might be a rewrite but chances are you either had the same people rewriting it, or at the very least the same mindset/corporate culture/etc. rewriting it, so it probably didn't end up all that different (based on results this looks pretty likely).
They are talking about security flaws. Other types of flaws? Lets start with the built in DRM, the exremely annoying UAC prompts, the HUGE amount of software that ran fine with XP that doesn't run with Vista, the HUGE amount of system rescources needed to get decent performance...Well, thats enough to start with...
If electricity comes from electrons, does morality come from morons?
I wasn't exactly expecting a flood of praise for Microsoft on slashdot, but you're completely spot on. Not one of the posts seems to be non-critical. We (as in, "people who know anything about computers") have been begging Microsoft to design their products with security in mind for a long long time now - rather than their usual practice of making grandiose statements about how security is job #1 and turning out the same old schlock as always.
With Vista, they actually seem to have done this. Even though they've added a lot of crap nobody wanted along with the crap that some people wanted, they've managed to do it without introducing loads of security problems. Remember, this is a mainstream product from a commercial software company where everything is subject to a cost/benefit analysis.
So it seems that the cost/benefit analysis has actually come down in favour of writing safer code even though it probably takes longer. This is great news for everybody who has to, in one way or another, deal with the problems caused by exploited PCs.
Us Mac users never believed in this line of logic. Right?
Vista also automatically drops reports of problems directly to Microsoft, and isn't dependant on users to supply bug reports or problems like OS X, so when problems occur, MS usually knows before the users or the makers of the software that is causing problmes.
Security problems are not bugs that an automatic bug reporter reports. Neither, for that matter, can automatic bug reporters report usability problems. You're also making the false assumption that Microsoft honestly reports all the bugs they discover. For most of the reports, they probably don't even bother tracking it down. For the ones that they do track down, we already know that if they can fix it quietly and lie about it, they do.
For me, Vista is about as good as XP in terms of applications crashing and BSOD. But Vista usability and security are a nightmare, and no bug statistics are going to tell you that. Vista is a software disaster.
And that 1 flaw was actually putting Vista on the market.
From Jeff Jones' report:
Q: Linux distros contain many more optional applications than Windows - that is Apples and Oranges - how can any comparison be valid?
Actually, Windows Vista and Windows XP have different components too. Windows Vista Ultimate includes Media Center for example, which was not in Windows XP Professional. From a user perspective, I think it is Apples and Apples. Whichever OS is chosen, I believe most people will install the default set of components and use that. If vulnerabilities are in those components, they will be exposed and need to take mitigating action.
I did, however, try to even the playing field as much as possible by excluding optional Linux-distro components and excluding even some default components for which there is no obvious counterpart. In contrast, on the Windows analysis, I included any component that shipped with the product. I think the comparison is valid and useful.
From my basic CentOS 4 system:
$ rpm -q -a | wc -l
1104
Even on a (stupid) vulnerability count, even with a reduced package setup, the number of packages on a RHEL/CentOS system dwarfs the number of programs that come with Windows. You can't even compare against Jeff's Windows numbers because he looks into how critical each vulnerability is on Windows (good) but not on any Linux setup (bad). If the real concern is user exposure, then vulnerabilities in all packages makes sense, but only if you count vulnerabilities in common Windows packages to, like Acrobat Reader, Photoshop, Office, and even games like WoW.
My biggest beef is that Jeff fails to include his compiled vulnerability database. Even though he writes on his methodology and sources, there is no way to easily verify his claims. This is the 21st century and there's something called the Internet. There's no excuse to not provide the raw data, and I certainly don't have enough interest to make guesses and recreate the data for such a flawed analysis anyway.
Next time at least provide a list of analyzed RPMs and DEBs!
Yes, you are right. Let's all use your recommended method for inferring user base. Oh wait...
My recommended method is no method at all: there is no simple, reliable way of determining user base for operating systems. Even the concept is meaningless.
For example, there probably have been more Linux-based routers (like the WRT54G) sold than Mac desktops and laptops; does that mean Linux has a bigger user base?
Where are you drivers in linux? Where do you download them? Why you don't, they are IN THE KERNEL!
So Linux "The kernel" does a lot more then MS does with its core OS because MS still asks you to download a ton of drivers. This is part of their strategy, it allows them to shift blame to the driver instead of their OS. If you really got a problem with MS software and actually have some support (check your MS license, you pay for the software, there is no support) then your first job will be to convince them the bug lies with them and not some combo of drivers that you had to install.
That is why these MS reports are so silly, you really can't compare the two "distro's". MS Vista does far less then a Linux based distro like Ubuntu BUT they don't have a bare kernel they distribute but even if it did it does far less then the linux kernel.
So what are you comparing?
Also not that security bugs in Vista affect EVERY vista user because all the installs are the same. A linux distro bug in PHP affects only those who use PHP on their linux distro. MS funded research has in the past made lists of security bugs in linux where they counted the same bug multiple times for each distro it was in. That is kinda like saying "Just look at our competitors cars, they made 1 million of them and 1000 of them had the same fault. Meanwhile our 1 model has just one fault, the brakes don't work. We are BEST!"
MS, FUD at its best.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Also note, that (somewhat hypocritically) all versions of Windows prior to Vista borrow quite a bit of their networking code from BSD.
Go grep the executables. You'll find the standard BSD copyright notice inside.
-- If you try to fail and succeed, which have you done? - Uli's moose
Fewest vulnerabilities doesn't mean it has the fewest flaws... Freezing, poor driver support, poor program support, these things are flaws, yet have nothing to do with security vulnerabilities. I love vista, i've run it since the betas and run a legal copy of ultimate that i paid for with my own money, and i've been able to generally make stuff work, but having to use workarounds to make stuff work is a flaw, in my opinion, and having good security is nice, but not if a bunch of stuff i've used for years doesn't work. I want to be an MS fanboy but i can't. I use vista at home because i can deal with it's shit, but i buy a new computer at the office, i make sure it has XP, because reliability is king at work. Lack of a reliability is too big of a deal to leave it out of the category of "flaws"... -Taylor
Worldwide Military budgets: $2100 billion. Worldwide Space Exploration budgets: $38 billion. Really, world? Really?
Again, a ridiculous comparison based on reported security holes...
Microsoft are in the best position to find holes in vista, having the source code. They have no incentive to report them, and will just fix them silently. OSX is in the same boat but to a lesser degree, and with ubuntu/redhat all the issues will make it into the public domain. The only vista issues which make it public, are ones discovered by third parties, which are probably less than the number found internally because internal developers have access to the source, access to the original devs and a more intimate knowledge of the inner workings.
Then you have to consider functionality, vista comes with one web fairly old web browser, one mail client, a rudimentary text editor, a single-protocol im client, a trivial drawing program, a simple media player with a small number of codecs and a few very simple games... Ubuntu/RHEL come with multi protocol im clients, a full office suite, a larger number of slightly less simple games, a larger and more capable set of networking tools, scanner software, fully capable drawing software, a much larger set of hardware drivers bundled by default, and lots more besides...
It's like trying to compare the rudimentary "peoples cars" produced in the former USSR, with only rudimentary features and a largely hidden safety record, to the luxury cars being produced in the west around the same time... Try comparing a Zaporozhet to something like an E-type Jaguar.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Backwards compatibility going out the window is actually a good thing...
Microsoft never had a proper overall design for windows, and it shows... Early versions were simply hacked together in completely haphazard ways, things were built quickly with no forethought. As a consequence, there is lots of kludgy legacy code kept around for backwards compatibility, including many duplications where an old method was considered fundamentally flawed and unfixable, and discouraged from being used by new apps, but is still kept round for backwards compatibility, one such example is the lanman password hashing.
If they completely ditch backwards compatibility, they could remove all this old cruft and start again with a proper clean design, but as usual they're taking a half-assed poorly thought out approach.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
And also, how many of these were patches for applications that vista doesn't ship with an equivalent of?
And how many of these patched flaws were discovered by the developers of those applications? Which in RH's case means the issue is published, but in MS's case would not be published.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
And McDonalds claim they make nutritious healthy food...
That's what I think this is all about. Microsoft can publish whatever number they want as the number of "vulnerabilities" to make itself out as the "good guy" while distributions of Linux put it all on the pavement so everyone can see what has been fixed or will be soon.
Every time I start to have faith in humanity, I ruin it by driving to work between 7 and 8 am.
I love the way the MS supporters will set there and bang on about how the linux supporters are all biased, fanatics. So again we get to see MS doing what they do best, FUD and dis-information and Jeff Jones has to be one of MS's best trained maniacs in this area. And you CANT argue that vista has no users "so no bugs", cause vista probably has more then linux and MAC combined.
Vista may be more secure than XP, thats a certainty, but Jeff Jones has proven himself time and again to be completely willing to sacrifice his credability - so how can you believe a man like that?
From what i understand their stance on this is that anything that is catched by UAC is not considered a security issue. Its not a local privielege escalation, Microsoft just blame the user who pressed OK. The security isnt better, its just the difficult decisions that has been lumped into the users.
This is ofcourse bad in the long run as most Windows Vista machines will get malware and become bots just as easily as Windows XP while Linux becomes more and more secure through the constant patching of all the apps.
HTTP/1.1 400
no it doesn't as if you change windowsupdate.microsoft.com to anything else windows bypasses it and goes straight for the proper site.
this is both good and bad. good in that you can always be assured of quailty updates from msft, but bad in that you msft can't follow proper security procedures to secure hosts files.
i thought once I was found, but it was only a dream.
At the risk of pointing out the obvious, if Microsoft abandoned backward compatibility, they'd lose most corporate users and many home users as well. You don't need an MBA to see why that is not a promising idea.
About the best they can do is what they did with NT. Jack the whole unwholsome mess up, and insert a new frame and engine under it. They did that with NT without all that much success. (Windows 95 runs about as well with far fewer resources if you don't mind a crash every few weeks). I suppose they can try again, but I doubt the results will be any better.
Maybe the idea would be more appealing if there were a "clean" design out there that was actually any better than NT, Unix, OsX. But I don't think there is. AFAICS, for several decades, OS design has consisted of shuffling the subsystems of a 1960s mainframe into slightly different configurations and slapping a shell on it. It's not that I can do better. I can't. Maybe NT, Linux, Vista really are the best we can do. That's a depressing thought.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
Security problems are not bugs that an automatic bug reporter reports. Neither, for that matter, can automatic bug reporters report usability problems. You're also making the false assumption that Microsoft honestly reports all the bugs they discover.
Ok, this is also false.
1) Some of the error reports, bugs, and problems are very much security related incidents, as crashing or exploitable code gets sent back to Microsoft. Defender also reports back spyware or attempts to hijack the OS via exploits and even social engineering.
2) There is also a certain level of usability reports that go back to Microsoft. The reporting system in Vista is also more robust than I think you assume, when a user encounters a problem or something doesn't work the way they think it should, help pops up, goes online to find more information, and reports back to Microsoft if the information helped, and if the user was able to do what they wanted. Help is also dynamic and changes to be more and more usable to users based on this feedback, unitl changes are made to the OS.
If you ever used Vista for more than 10 minutes, this is stuff you would know.
As for Microsoft being honest about problems, it would be insane for Micorosft to know that users are having trouble with XYZ and not address XYZ, this is why UAC and other changes have been made via Vista updates over the past year and many other 'USABILITY' items are included in SP1. Even small things like 'wording' on the start menu is changed because of reported user confusion that was reported via the Vista automated Help system.
But Vista usability and security are a nightmare
Vista is more secure than XP at this point, browsing via IE7 is more secure than any other browser on any other platform via the sandboxing protected mode, etc. Vista has had NO specific exploits or in the wild viruses, and it already is bypassed the userbase of all Macs ever shipped, so the 'off the radar' argument can't be used.
The security argument just doesn't work anymore with Vista. It hasn't worked well against Windows since SP2 of XP or Windows 2003, and Vista is a notch above them in terms of security and yes even outdoing OS X and OpenBSD.
As for usability, you are either dated in how you use computers, or unable to grasp new concepts that unforged users adapt to better than the old concepts geeks get use to. If you are using Vista like FileManager of Win3.1 days, then ya, usability in Vista sucks, if you use Vista like Vista then usability is 10x XP and previous versions.
This is just like the Office 2007 arguments, everyone thought it would tank, yet BUSINESS is very happy with it, and users adapt to it easily, even though it, 'LIKE VISTA,' has moved more to a docucentric approach that eliminates old GUI constructs like Menus. And Menus are basically bolted on concepts from textual days to get more commands onscreen in a GUI that Xerox and Apple could not over come in moving to a Graphic interface.
Think about it, how come the most known OS for its GUI and GUI origins (OS X) still uses 'lists of words(menus)' as it primary interface to features and functions? Yet the OS you are making fun of, has gotten past this dated usability concept where Apple has failed.
This is not something you should honestly be slamming Vista over, as MS is pushing new GUI and UI constructs forward beyond what OSX and the industry has seen. A Vista user, especially a newb or professional that isn't stuck in thinking in terms of FileManager concepts, can run circles around XP and OS X users. XP and even Win95 had docucentric underpinnings that have never been fully taken advantage of, and Vista up the ante a bit by pushing them forward.
Here is a quick test if you are old school or slow on usability - Do you mainly use Save and Open Dialog boxes in your daily work? If you 'get it' you would hardly ever even see or use an Open or Save dialog box unless you were renaming something from inside the application or exporting. PERIOD. (Here is a hint, Right Click - Select NEW - Select the Document/Graphic you are creating - Name the freaking Document where it is created. Never use old dialogs again to open documents again.)
Leave it to Microsoft. Vista has the fewest amount of flaws only because all the bullshit crashes, lockups, application instability and ambiguous error messages are FEATURES, not flaws.
You'll have that sometimes...
Maybe there is some BSD code buried in FTP.exe or some user mode stuff but so what? Even if a few functions in kernel mode are from BSD, so what actually? And why is it hypocrisy BTW? Microsoft have spoken out against the GPL, but they have never done so against BSD.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
how many people who run linux do you think are stupid enough to buy vista then uninstall it? why does everyone pretend the white box market doesn't exist?
Having used the cheap whitebox market in the past i'm very reluctant to do so again.
Afaict cheap big brand boxes are cheap because of economies of scale, carefull planning and probablly some loss leadership and crapware bundling income.
Cheap whiteboxes are cheap because they bought whatever shit was cheapest that week and stuffed it in a box with little to no integration testing and no consideration of what brands are reliable at all.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
They did that with NT without all that much success. (Windows 95 runs about as well with far fewer resources if you don't mind a crash every few weeks).
It doesn't, on 9x try making the taskbar a couple of rows high and opening browser windows until it's full with small icons, you will notice things start falling over. Now try doing the same on a NT based version, no problem. Also 9x has absoloutely no concept of user permissions, every user is essentially god.
The real problem that MS is still trying to find a way out of is that most win32 programmers wrote apps that assumed no security because they were developing on a platform that had no security.
P.S. if you really want to stop windows systems getting messed up without stopping apps working windows steadystate rocks.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
Pay attention to the very important point that Red Hat uses different metrics to Microsoft. Watch this video at redhatmagazine.comand don't compare apples to oranges.
So now they actually have the gall to say that (P)OS Vista has fewer declared faults or to quote the article 'complied the number of vulnerability disclosures and security updates", what a pack of lying, deceitful, misleading ass hats.
There not even pretending to be honest, public vulnerability disclosures and security updates, versus the number of faults that have actually been found, and have not been fixed and those people who found them have been threatened with legal and financial sanctions if they disclose them.
So reading between the lines M$ security and legal have been far more effective in preventing public disclosure of windows security vulnerabilities and their failure to fix then they have in the past.
Chaos - everything, everywhere, everywhen
Statistics lie for whoever pays them.
There are many more interesting numbers than such a simple count. For example, as a user, I don't care at all for the number of fixed bugs, I care a lot more about the number of unfixed bugs.
And that's just the tip of the iceberg.
Assorted stuff I do sometimes: Lemuria.org
Linux Zealots: Smarter than Mac Zealots, but still zealots.
Bricks have few vulnerabilities too.
Power users will be annoyed with UAC right from the start. It's okay if it asked only for deep system changes, but printing to a network printer? I'd like to see a poll of how many people still have UAC enabled.
Vista needs some serious horsepower whether you have the eyecandy enabled or not. The eye candy causes a big increase, but I had to upgrade my machine's 1GB of RAM to reach a reasonable level of performance even with Aero turned off, in order to run any intensive apps like Eclipse or Photoshop.
Just you wait until you buy that fancy new Blu-ray drive only to discover that Windows refuses to output DRM'd HD video to your monitor because it has no HDCP support. Vista has DRM that reaches deep into the subsystem, and when companies begin to take advantage of those features (by flagging Windows Media files appropriately), I bet you'll be surprised at what Vista refuses to let you do.
I use Vista at work because my laptop came with it, and if I could start over again I'd wipe it and go with XP. The wireless behavior is terrible, NetBIOS-based file shares are still spotty, the file explorer refuses to remember my preferences, files sometimes end up mysteriously undeleteable, and the new Minesweeper sucks. Windows 2000 people were against XP when it came out, but most folks came around and XP is now one of Microsoft's most solid operating systems. Vista is receiving much more flak than XP ever did, and while it might end up improving in the end, the negative press has left a pretty big scar.
Or why not take the Mac approach: run win32 apps inside a "Classic" mode that's really an XP installation. MS already owns VirtualPC so they could embed a copy inside Vista without being dependent on a third party. Then they could have Vista as clean and slim and legacy-free as they wish without affecting old apps at all. State from the beginning that they'll support "Windows Classic" for, say, 5 years and then be done with it.
Similarly (and much more impressively), IBM has managed nearly perfect backward compatibility alongside new systems for over 40 years. Why can't Microsoft?
Dewey, what part of this looks like authorities should be involved?
I've been saying the same thing on here for a while, but it's like talking to a wall. People want Vista to suck, so they say it sucks. As near as I can tell it's some desperate attempt to influence reality. IMHO, the bottom line is that if you have the hardware to run it, Vista is pretty decent. I've been running it on 4 systems for about a year now, including gaming, I'm 70-620 certified, and I see no reason to go back to XP or avoid Vista on new systems.
if slashdot-ers would read the article posted they would see that the major complaints they have with the study were addressed by the author! from the paper: "I think it worth spending a moment to discuss what this analysis covers, why it might be useful to some people and, perhaps most importantly, what it does not say. If it was possible to measure "security" in one metric, it would have to encompass a complex combination of factors including (but not limited to) the software quality, administrative controls, physical controls, and much more - and even then, it would all be in the context of whatever security policy was defined for the systems in question. So, this is not an analysis of "the security". I don't look at protective mechanisms and see how they might protect in certain scenarios. Nor do I look at security features and see how they might enable better privacy or help secure business process. And I certainly don't look at how easy it is to manage the security policy for these products. Is there anything in this analysis which will prove one piece of software is "more secure" than another? No, that is not my intention. This report is a vulnerability analysis, which may provide some elements that could be part of a broader security analysis. I fundamentally believe that security and non-security features need to be built upon a foundation of good engineering and solid security quality if they are to perform as we expect and not be misused to the detriment of security." what this study shows is that microsoft's Secure Development Lifecycle, safe libraries, and other initiatives are actually producing better code. nobody is saying vista is "more secure" than anything. honestly, this begs a question, why does slashdot hate the fact that windows code is improving? isn't safer/better code good for everyone?
But can you give a reason anyone should use Vista on a system, new or otherwise? That's the question I've been asking since Vista was released sans all the promised features.
Well, for one thing, I've never *had* to install a driver on it. It has thusfar automatically picked up 100% of the hardware I've thrown at it. But I do build all my own systems from scratch with cheap but name brand parts. It picked up 100% of my Dell laptop's drivers too, power management and everything. Don't get me wrong, I still go back and update to the latest video drivers, etc, but out of the box, I have never had to install a single driver to get a usable system. This is especially nice compared to the prospect of formatting someone's hard drive, installing xp, and they don't have the network driver, so you can't get online to get the network driver. If I never get caught in that catch-22 again, I will be happy.
Also, supposedly the Windows Server 2008 will have dramatically improved performance when talking to a Vista box, but that's more of a corporate thing, and I haven't used 2008 yet, so I can't speak from experience on that, but the benchmarks look like nearly double throughput on simple file copies.
I've used Vista Ultimate hooked up to a 1080p dhtv, and the media center stuff was pretty sweet. All we did was watch a pirated copy of I Am Legend (which was pretty good) and played a slideshow of some nudy pics, so we didn't beat it to death, but the media center thing also has a really nifty LCD calibration routine that shows pictures with varying shades of gray and tells you to adjust the tv's contrast until such and such is barely visible, etc, and then some colored stripes and adjust brightness until something else happens, etc, and at the end, the color on the hdtv did look much better during standard tv viewing.
On a wide screen monitor, the gadget column on the right is pretty nifty.. there are some neat gadgets available for it. I don't particularly like the screen encroachment on a 4x3 or 5x4 monitor, though, so I turn it off. I assume it does eat a bit of resources too.
It is actually "butched up" (more manly), in my opinion. I always found the icon naming distasteful for "my computer", "network neighborhood", or the ultimate mamby pamby thumb sucking "my network places" (BLeeeeaaachc). Now it's just called "computer" "network" "documents" etc. YMMV according to personal preference on this one, but I really like the newly refined interface, INCLUDING Aero. I set my background to black and transparency to granite, and the whole desktop looks very clean and tasteful. I'm still too set in my ways to switch from alt-tab to window-tab, but every now and then I use it.
If you play WoW, you know you occassionally have to wait for a boat or a zeppelin or a train or something to show up. I run WoW in windowed mode so I can alt-tab to thottbot without making my monitor change resolutions. Well, if you leave WoW running, and DO NOT MINIMIZE it, and lay thottbot (or anything) over it, you can hover your mouse over the window button on the task bar, and it will give you a thumbnail of WoW that actually moves, so you can keep the mouse hovered while reading something else, and still keep your eye on the live thumbnail to see when your zep/boat/train arrives.
They got rid of the crappy start button that I've always hated and replaced it with a nice blue ball thing.
The start menu freaking rocks. That may be my #1 favorite thing about Vista. Just press the window key on your keyboard and start typing. As long as your indexing and whatnot is correctly configured you will get almost instantaneous results. Say you're doing tech support over the phone and you want someone to look at their printers, well the start menu is configurable such that maybe the printers icon is there, maybe it's not. Maybe my computer has the control panel in it, maybe it doesn't. Then you have to wait for the end luser to hunt around before finally declaring that it just isn't there and you have to go to yet