Slashdot Mirror
Black Screen of Death Not Microsoft's Fault
Barence follows up to the ongoing Black Screen of Death Saga by saying "Microsoft says reports of 'Black Screen of Death' errors aren't caused by Windows Updates, as claimed by a British security firm. The software giant claims November's Windows Updates didn't alter registry keys in the way described by Prevx, which said that the Microsoft Patches caused PCs to boot with just a black screen and a Windows Explorer window. Microsoft is now blaming the problem on malware. Prevx has issued a grovelling apology on its own blog."
Since when does apologizing to someone for your own baseless accusations amount to "groveling"?
From the post in question:
Having narrowed down a specific trigger for this condition we've done quite a bit of testing and re-testing on the recent Windows patches including KB976098 and KB915597 as referred to in our previous blog. Since more specifically narrowing down the cause we have been able to exonerate these patches from being a contributory factor
. . .
We apologize to Microsoft for any inconvenience our blog may have caused.
Wow. Way to kiss ass.
You know what would be even more pathetic and embarrassing than this kind of "groveling"? Standing behind claims that you know to be false.
Breakfast served all day!
Grovelling? How sad it is that an honest apology gets an insult. If you find "We apologize to Microsoft for any inconvenience our blog may have caused." as grovelling, then I feel very sad for you and your vision of how people should relate to each other.
When users are happy to type "sudo rm ...", it doesn't really matter how impervious the system is.
Nerd rage is the funniest rage.
You assume that accepting blame and fixing the problem aren't mutually exclusive. Just because Microsoft said "that's not our fault" doesn't mean they won't fix it.
Maybe one day Microsoft will get rid of the Windows Registry. It's like putting port holes on the bottom of your boat. Sure, they let you see the fish, but sooner or later one is going to break and sink your ship.
The Windows registry has always been a bane of Windows use since it's inception.
Any OS is susceptible to malware. Malware is what users explicitly run, and then it does bad things to their system. You can't secure against that, and no OS on the market today does that. You can pop up tons of prompts, but then it's the "dancing bunnies" problem - depending on how enticing the malware author can make it sound, the user can be convinced to click "Yes" on each and every prompt.
Does the sudo part really matter anyway? The most important files on my system are those in my home directory and they're owned by my own user account, thus no privilege escalation is required to touch them.
Having great security around the base OS is a good thing but if you don't also provide good security for the users' files, it's kind of like getting a bunch of guards to protect a bank but leaving the vault in an unprotected building next door.
On the other hand, I really don't want to have to deal with UAC/sudo/etc. every time I edit one of my own documents, so it's kind of an unwinable situation that only good backups can protect against.
"People that quote themselves in their signatures bother me" - athakur999
Any OS is susceptible to malware. Malware is what users explicitly run, and then it does bad things to their system. You can't secure against that, and no OS on the market today does that.
Since switching to Ubuntu, I have had no need to install weird things off the internet. I just go to Ubuntu's software repositories, and I can download thousands and thousands of pieces of software that have been tested just for my operating system. No malware, no viruses, no attention seeking software that wants to embed a brand in my brain, no nagging to buy additional products, nothing.
I consider it to be the case that my free OS does indeed protect me against malware, where proprietary offerings that cost hundreds of dollars more do not.
-1 Uncomfortable Truth
In other words, this problem will never be solved until people finally get over the baseless notion that they need administrator rights to check their email and read the news online.
Not quite...
Were those the only applications required, the notion would indeed be baseless, but...
There is still a huge raft of Windows software that will not perform properly without admin rights. Until that is fixed, the problem will never be solved.
Just out of curiosity, shouldn't Microsoft be responsible for ensuring that only valid data makes it into the registry? If this is the core information source for the system, it would seem that there should be checks in place, at the OS level, that prevent changes to core items.
Ok, I give up, why you?
Actually you can, to some extent. Anything the user runs on OS X for the first time after download issues a warning, and then you need an administrator password beyond that to modify the kinds of system level files we are talking about here.
Vista/7 do both things (warning about launching of binaries that originate from the Net, and requiring a confirmation to elevate to admin) as well. This doesn't solve the "dancing bunnies" problem, however, which is the source of vast majority of infections out there. Why bother with security vulnerabilities at all, if you can trivially convince the user to run the payload himself, and click through all the prompts?
The base issue is that in Windows 7 Microsoft weakened UAC, so even if you have it disabled a program can do some system level things without warning if you are logged in as administrator.
The "weakened" UAC in 7 doesn't let any random programs do any system level things without warnings. The only thing that's weakened is that certain (effectively whitelisted) programs that come with OS can change system settings without elevation - most notably, built-in screens in Control Panel.
The real question there is really a matter of user freedom vs. turning your choice over to whomever manages those repositories as a gatekeeper. It's an easier choice to make on a smartphone since people are going to generally use it for the same major reasons, but on a laptop or desktop, it depends more on what you want to get out of it.
Some folks don't mind being given the freedom to determine what is going to be bad for them and what is going to be good for them...and some folks want their hands held for them. Linux does give you both options, it just makes it a PITA for "ordinary folks" to do it one way and thus, guides them into the repos.
Microsoft announcing that they'd be the absolute gatekeeper for software installs would probably be like dropping an atom bomb on a lot of legitimate software companies along with a lot of illegitimate companies that produce badware. They had a little experience with this already, what with Palladium and Trustworthy Computing. Didn't go over too well, did it?