But there's a huge difference between nmap and the problem at hand: nmap is just a tool. Raw sockets are the "dangerous" system level resource that nmap relies upon to perform its task.
The problem Microsoft is trying to solve doesn't lie within nmap, or any particular tool. It's in the widespread distribution of this dangerous resource. To beat this tired gun analogy to death, nmap isn't the gun. nmap is a just one bullet, which requires a gun or it's pretty useless. To make nmap work, you are saying that they have to hand out the dangerous resource (guns) to everyone who may potentially want to run nmap (fire a bullet). And with zombie clients, that means unseen skript kiddeez or unscrupulous spammers (actually, I know of no scrupulous spammers) get to remotely control all those unwatched, unprotected guns.
You mentioned nmap is a tool that should command respect. Raw sockets are the real feature that deserve that respect, not just nmap. And believe me, there are precious few computer owners who have any idea what they've got installed, other than "hey, it's got Microsoft XP AND Doom 3! I am soo kewl!" They will never have respect for their tools, since they don't even recognize what they have. They will also never need nmap, and therefore they don't need raw sockets.
I still think Microsoft will come out with a "Network Admin SDK" which will contain replacement network drivers that will once again allow unfettered raw socket access. That way someone who needs the tools will have them available, while not distributing them to the hands of everyone who doesn't. They'd be useless to the skript kiddeez because the ordinary zombie victim won't have them installed, and the only reason these attacks are viable is because the worms can launch hundreds of thousands of simultaneous attacks. One or two clients isn't a big problem, and would much more easily be traceable to the perpetrator. (Of course anything installable could be distributable as well, so they may only offer "tagged and licensed" copies of these drivers, or even a complete cut of the OS: "Windows XP, Network Admin Edition", at the low, low price of $899 per seat.)
A gun in the hands of a peace officer is usually a good thing.
A gun in the hands of a lawful owner is usually a good thing, as well.
But, in the case of Windows and the umpteen thousands of clueless users all allowing their wide-open windows machines to run zombies that DOS everyone from Yahoo to Google to Microsoft, the ability to write to raw sockets is a bad thing.
To apply the gun analogy to this situation, I'd say giving raw socket access to the hordes of WINDOWS COMPUTAR USARS would be similar to leaving a box of loaded guns in the toybin of a daycare center.
Yes, it'd be nice to leave a way for the people who want it to still have access to raw socket writing, but how would you provide that access to some without making it accessable to all? Anything the user can install, a zombie or worm can download and install. By cutting off the main flow at the source, it's done. If you need raw sockets (nmap, SATAN, whatever) you can run a different OS. Microsoft wisely recognized there's no way to "sort-of" secure it, and decided their customer base would be just as well off without it.
I answered his question with Microsoft's own words. If you bothered to read them, Microsoft only said:
XP SP2 will not send TCP packets over raw sockets.
XP SP2 will not send UDP packets unless their source address matches one of your network interfaces.
Microsoft did not say raw socket sending was disabled. As a matter of fact, they implied it's still allowed with this line: "the ability to send traffic over raw sockets has been restricted in two ways" [emphasis mine]. Not "disabled", but "restricted". They just said that now they won't allow you to send certain flavors of packets over a raw socket.
As others have already pointed out, ping and tracert use ICMP, which are not on the "bad list." Both are stateless, and require nothing more than a reply from a host, so they don't require those hosts to allocate lots of expensive resources (a la SYN flooding.)
The only (semi-)legitimate use of raw TCP packets is for specialized networking tools, such as nmap. Apparently, Microsoft has ceded that business to the Unix world. Either that, or perhaps they'll offer a "Network Admin SDK" containing replacement drivers that will restore the ability to send raw TCP packets. At least they won't be present on the average home user's machine, which will be enough to deter the zombies.
What new functionality is added to this feature in Windows XP Service Pack 2? Restricted traffic over raw sockets
Detailed description
A very small number of Windows applications make use of raw IP sockets, which provide an industry-standard way for applications to create TCP/IP packets with fewer integrity and security checks by the TCP/IP stack. The Windows implementation of TCP/IP still supports receiving traffic on raw IP sockets. However, the ability to send traffic over raw sockets has been restricted in two ways:
TCP data cannot be sent over raw sockets.
UDP datagrams with invalid source addresses cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped.
Why is this change important? What threats does it help mitigate?
This change limits the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets, which are TCP/IP packets with a forged source IP address.
I'm not sure that proving the existance of a "slack" gene is such a good idea. For example, the Church of the Subgenius teaches us that we can all be slackers; now, with the advent of a slack (or anti-slack) gene, there may be a genetic reason I will be rejected by their church.
Or, maybe, the members who don't have enough slack will have to undergo gene therapy in order to participate.
Sure, I can see it now: the High Priests of Slack will have a doping scandal.
And how can I, the gullible public, tell your beneficial kiosk from Tony Soprano's clone-a-card scheme?
I can't.
Of course, I can't tell if Tony Soprano is behind the cash register at the local pizza joint, either. So how do I know who is cloning my Visa card, and who is a legitimate merchant?
I can't.
But, I still wouldn't trust this simply for the purpose of viewing my data. And I would hope that the public wouldn't, either.
"Uh, gee, Fred, I don't think we should pedal any faster in this thing..."
"Just shut up and pedal, Barney, we'll be -- "
"FRED FLINTSTONE! YOU COME DOWN FROM THERE RIGHT THIS INSTANT!!"
"But Wilma, the slashdotters want to see our pictures."
"THIS INSTANT!"
"Yes, Wilma."
[ mechanical sproink sound ]
"Aww, gee, Fred, I told you this thing wouldn't last."
Re:Kinda gives a new meaning to '1337 hAx0r2'.
on
Ready, Aim, HACK!
·
· Score: 2, Insightful
At least in The United States of Ashcroft you'd only be charged with attempted murder for pointing a sniper-rifle-looking thing at someone.
If you were to point a camera at someone instead, you'd be arrested for "casing a national security threat" and held indefinitely without bail until they decided to execute you.
Athlon 3000+, 1GB DDR 3200 (dual channel 400mHz), 128MB Radeon 9800 Pro, 1280 x 1024 screen, with the game settings at high. The hardware is all running at stock speeds. It's very playable.
Make sure your monitor brightness is set to a decent level -- at first I had mine way too dark, and the game wasn't nearly as enjoyable. You should be able to see your environment without a flashlight.
I have to disagree with you; I've been playing with the gamma set to "normal" levels, so I can't see the baddies in the shadows unless I use the flashlight. In a darkened room, with the headphones up fairly loud, the game is overwhelmingly intense. The time it takes to switch the flashlight back to your weapon, shooting at vague shadows in the dark, realizing you've just run from a pack of imps into a pitch-black corridor, the whole lighting scheme (and/orlack thereof) is a huge part of the game.
I know some of my feelings for this game come from the excitement of playing the original, and seeing how well they've improved on it, but I think this game still calls for setting your own environment to "ultra-creepy" and immersing yourself.
No, my hands are quite normal (although a former coworker of mine with a medical condition has extrememly large fingers. I don't even know how he manages with a standard keyboard.)
The problem with the Nokias is that I want the buttons to be where I expect them to be. A phone should be a utility tool, one requiring the least amount of thought. For example, I don't need to focus on a hammer in order to pound a nail -- a quick glance tells me the head is pointing the right way, and the feel of the handle covers the rest. I also don't need to focus on the Sony Ericsson phone I just bought in order to dial a number -- the buttons are all layed out symmetrically about the '5' key, which has an extremely convenient raised bump. I can dial this brand-new phone without looking at it at all.
But the Nokia's asymetrical keyboards and nonstandard layouts require you to focus your attention on their device. You can't grab one and start dialing. You have to "learn" it, or "get used to it", or at the very least study it in order to dial it. It's crap design, and it pisses me off to see ignorant sycophants defend this crap. "Oooh, look at Nokia, they have classy design, they are incapable of making a mistake. I'll buy this phone because I know they are way smarter than I am when it comes to design, and I want to look like I'm smart, too."
It might make a marketer happy to have a swoopy look to sell, but it doesn't make a user happy to have a random keypad to dial. The fact that people are willing to exchange pretty form for crap usability tells me that these people are both shallow and stupid. The emperor is indeed naked. Laugh at him, but don't pander to him.
Is is just me, or does Nokia have the butt-ugliest damn-the-usability keyboards ever produced on the face of the earth, (and that includes the deliberate mistake that is QWERTY)?
What the hell is their problem with not putting four even rows with three even columns on the face of the machine? It's a damn phone, not a freakin' Salvadore Dali sculpture. I wish they would pull their designers' heads out of each others asses long enough to come up with a separate faceplate that would simply line up the buttons, making a piece of sh!t into something that resembles usable. Using a cell phone shouldn't become a freakin' study in modern contemptible art.
Of course, that's just my opinion. You could be wrong.
OK, I agree with you -- to a point. But please see this reply to a previous post for my explanation as to why I still consider MS to be at fault.
Summary: I'm wrong, you're right -- it's not be the fault of the architecture of the security model on the inside, but they've pointed and clicked our way to poor security practices.
However, I can still criticize XP for creating home user accounts as admin authority. The latest version of Mandrake I checked out brings up a nice little box explaining 'root' in a few high-level sentences, and then forced me to create a non-root user ID for my daily work.
Granted, given my background, the concept of 'root' was not foreign to me the way it might be to a new computer purchaser. But if it was presented as the "Installer" account they could have avoided the whole admin mess from the get go. They would have had a single point of installation for a computer, and isolated the users to boot.
Then, an installer run from a user account that thought it needed to be admin would cause Windows to pop up a message box saying something like, "This installation must be run under the Installer account. Click here to logoff, then click the Installer icon to continue. If it was not your intention to install software right now, you may be seeing this because of a virus attack." That would not only enforce the separation of authority but it would screamingly enforce vendors to produce installation packages that adhered to all the security rules. No vendor who wants to stay in business would ever want to be associated with a screen saying something about a "virus."
As it is, my home box is now thoroughly hosed as far as security settings go. Cross pollination of my account with my son's files, etc., ensures that I no longer have the option to make ANY accounts non-admin without causing severe runtime headaches. Some of the "Shared pictures" from our digital camera might have NTFS permissions that would allow only me to view them, thus causing my wife to hate me. It's a mess, and the default settings both created and encouraged the mess.
The security initiatives have been going on a lot longer than just their "global security mobilization" of October 2003. For example, this "Secure Platform" document was authored in December 2002. And since they seem to be able to put out the "hot fix of the week" to handle the "virus of the previous week," I should think they have had plenty of opportunities to get OS patches released, driver patches, or whatever is required to the computers that need it.
Given that, explain why "Microsoft Flight Simulator 2004 - Century of Flight" should still make the list? If software they've released years after they've been aware of these problems still demands bad security practices, who is to blame? The application programmers or the environment in which they must work?
You said, "if an application requires administrator access to run, it is not the fault of the Operating System." Explain how a train simulator could possibly require admin authority except in a poorly architected environment? Then answer, 'who provided that poor architecture?'
This is Microsoft -- author of both these applications as well as the OS. They've had the chance to address it, they've had the incentive to address it, but they have not done so. I stand by my comment.
A fault of Microsoft it may be...but a fault of windows it isn't...
No, this is a fault of Windows. We don't know how these games run or why they require admin authority. It might be to access the sound card, or the video drivers, or DirectX or something similar. But in all those cases it's a fault of Windows for not providing non-admin-level access to the required resources.
It may have something to do with backwards compatibility with Windows 9x. In that case, yes, the application probably could have littered itself with millions of 'if (WindowsVersion >= 4) SafeFunction() else UnsafeFunction() calls, each of which would have killed performance dead. They also could have shipped fat binaries or even two binaries, and had the installation program make the right choice up front. All those solutions add their own problems to an already complex product, though, and if those types of bad solutions are required, I'd say it's the fault of the OS for requiring them.
I would also think that if it were something they could easily fix at the application level, Microsoft's newest releases would not make this list. However, since it includes "Microsoft Flight Simulator 2004 - Century of Flight" I'd say that in these days of Microsoft waving the "Security First" flag, they have never actually addressed the root problem. And the root is Windows, not the application.
I specifically was looking for one of the biggest problems with Windows -- Administrator authority is too easily doled out (by default, every home user is also an administrator.) This is exacerbated by the fact that so many Windows applications require the user to have Administrator authority.
For example, the bottom of this page shows a list of games that require Administrator authority to play. Why should administrator authority need to be granted to play a game? And to suggest granting Administrator access to people just so they can play them?
I have found no more powerful example of Microsoft's lack of commitment to security than this. I think this philosophy more than anything else contributes to the proliferation of destructive worms and viruses.
Beware when copying and pasting links -- the scammers may set traps there too.
Doesn't matter if you click or copy this link: http://www.paypa1.com. Either way you'd end up at the site of the first widely publicized phishing scam. (Now, it's just some cheapo domain hawking advertising.)
But, if you're already on guard, you're probably not going to fall for something like that anyway.
I know the Russians used to use three high-inclination satellites in highly elliptical orbits to broadcast television signals to Siberian residents. I remember an article from 20 years ago in Popular Electronics by a ham who added a second motorized axis to his 8' dish and had a computer set up to track them as they appeared over his horizon. He tuned the picture in on a SECAM monitor. It's probably not a particularily challenging feat these days, but back then this was quite the major hack.
I wouldn't doubt that NASA could repurpose old commo satellites for Antarctic service. Once replaced by newer birds, their former owners are probably glad to donate them in order to be rid of the liability. Of course that would mean some pretty beat-up junk is left over to service the Antarctic, but hey -- it's free, right?
Thanks for the link. Topozone is a pretty nifty tool, but their topo maps are at least 20 years out of date for my quad.
Oh, there we go. I found the details of the map. It's dated 1967. Yowch. A lot can change in 37 years.
Strange, but the details on the map indicate it was produced in the early 1980's, even though the info says 1967. I guess I won't be subscribing to their pro service any time soon.
The whole Suzy Manager thing, true? Every word of it, more than once. She's actually a composite of several managers I've had the pleasure of knowing around here. The strange thing is these are actually not-unpleasant people. If they were your neighbor, you'd chat with them over the fence. But get them dressed up in a suit and stick a deadline in front of them (and a boot behind them) and look out -- the random decision making machine cranks into high gear, and hysteria replaces discussion.
As far as QA goes, I'm glad our development team doesn't have the attitude of "testers as enemies". I'm personally relieved at every bug they find of mine, because that's one less bug in front of the customers. And QA doesn't get the blame for new bugs, either -- it's not their job to discover every error. They are there to make sure that all the ordinary stuff still works, and that any other discovered bugs get fixed. They update their regression tests to make sure that new situations that lead to new bugs get covered by testing in future release cycles. But they aren't the ones who wrote the bad code.
Actually, our company (well, our team anyway) is usually pretty cool about bugs. We recognize honest errors happen, and as long as everyone who can help drops everything to help recover from the problem, life goes on. After the fact, we'll analyze the root cause to determine what process or procedure slipped up and figure out how to make sure that particular issue doesn't happen again.
We're an expensive team -- I can think of a couple of hundred thousand dollar errors we've had. But we also perform million dollar savings, and a lot more often. And we never, ever forget the lessons the expensive errors teach us. Ever.
Q: What's the difference between a used-car salesman and a computer salesman?
A: The used-car salesman knows when he's lying.
The problem Microsoft is trying to solve doesn't lie within nmap, or any particular tool. It's in the widespread distribution of this dangerous resource. To beat this tired gun analogy to death, nmap isn't the gun. nmap is a just one bullet, which requires a gun or it's pretty useless. To make nmap work, you are saying that they have to hand out the dangerous resource (guns) to everyone who may potentially want to run nmap (fire a bullet). And with zombie clients, that means unseen skript kiddeez or unscrupulous spammers (actually, I know of no scrupulous spammers) get to remotely control all those unwatched, unprotected guns.
You mentioned nmap is a tool that should command respect. Raw sockets are the real feature that deserve that respect, not just nmap. And believe me, there are precious few computer owners who have any idea what they've got installed, other than "hey, it's got Microsoft XP AND Doom 3! I am soo kewl!" They will never have respect for their tools, since they don't even recognize what they have. They will also never need nmap, and therefore they don't need raw sockets.
I still think Microsoft will come out with a "Network Admin SDK" which will contain replacement network drivers that will once again allow unfettered raw socket access. That way someone who needs the tools will have them available, while not distributing them to the hands of everyone who doesn't. They'd be useless to the skript kiddeez because the ordinary zombie victim won't have them installed, and the only reason these attacks are viable is because the worms can launch hundreds of thousands of simultaneous attacks. One or two clients isn't a big problem, and would much more easily be traceable to the perpetrator. (Of course anything installable could be distributable as well, so they may only offer "tagged and licensed" copies of these drivers, or even a complete cut of the OS: "Windows XP, Network Admin Edition", at the low, low price of $899 per seat.)
A gun in the hands of a peace officer is usually a good thing.
A gun in the hands of a lawful owner is usually a good thing, as well.
But, in the case of Windows and the umpteen thousands of clueless users all allowing their wide-open windows machines to run zombies that DOS everyone from Yahoo to Google to Microsoft, the ability to write to raw sockets is a bad thing.
To apply the gun analogy to this situation, I'd say giving raw socket access to the hordes of WINDOWS COMPUTAR USARS would be similar to leaving a box of loaded guns in the toybin of a daycare center.
Yes, it'd be nice to leave a way for the people who want it to still have access to raw socket writing, but how would you provide that access to some without making it accessable to all? Anything the user can install, a zombie or worm can download and install. By cutting off the main flow at the source, it's done. If you need raw sockets (nmap, SATAN, whatever) you can run a different OS. Microsoft wisely recognized there's no way to "sort-of" secure it, and decided their customer base would be just as well off without it.
- XP SP2 will not send TCP packets over raw sockets.
- XP SP2 will not send UDP packets unless their source address matches one of your network interfaces.
Microsoft did not say raw socket sending was disabled. As a matter of fact, they implied it's still allowed with this line: "the ability to send traffic over raw sockets has been restricted in two ways" [emphasis mine]. Not "disabled", but "restricted". They just said that now they won't allow you to send certain flavors of packets over a raw socket.As others have already pointed out, ping and tracert use ICMP, which are not on the "bad list." Both are stateless, and require nothing more than a reply from a host, so they don't require those hosts to allocate lots of expensive resources (a la SYN flooding.)
The only (semi-)legitimate use of raw TCP packets is for specialized networking tools, such as nmap. Apparently, Microsoft has ceded that business to the Unix world. Either that, or perhaps they'll offer a "Network Admin SDK" containing replacement drivers that will restore the ability to send raw TCP packets. At least they won't be present on the average home user's machine, which will be enough to deter the zombies.
From the Microsoft doc mentioned in the article:
What new functionality is added to this feature in Windows XP Service Pack 2?
Restricted traffic over raw sockets
Detailed description
A very small number of Windows applications make use of raw IP sockets, which provide an industry-standard way for applications to create TCP/IP packets with fewer integrity and security checks by the TCP/IP stack. The Windows implementation of TCP/IP still supports receiving traffic on raw IP sockets. However, the ability to send traffic over raw sockets has been restricted in two ways:
TCP data cannot be sent over raw sockets.
UDP datagrams with invalid source addresses cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped.
Why is this change important? What threats does it help mitigate?
This change limits the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets, which are TCP/IP packets with a forged source IP address.
Or, maybe, the members who don't have enough slack will have to undergo gene therapy in order to participate.
Sure, I can see it now: the High Priests of Slack will have a doping scandal.
I can't.
Of course, I can't tell if Tony Soprano is behind the cash register at the local pizza joint, either. So how do I know who is cloning my Visa card, and who is a legitimate merchant?
I can't.
But, I still wouldn't trust this simply for the purpose of viewing my data. And I would hope that the public wouldn't, either.
Why don't you just admit you have no sense of humor, change your settings to 'Funny -5', and quit whining.
"Pedal faster, Barney, we're getting slashdotted!"
"Uh, gee, Fred, I don't think we should pedal any faster in this thing..."
"Just shut up and pedal, Barney, we'll be -- "
"FRED FLINTSTONE! YOU COME DOWN FROM THERE RIGHT THIS INSTANT!!"
"But Wilma, the slashdotters want to see our pictures."
"THIS INSTANT!"
"Yes, Wilma."
[ mechanical sproink sound ]
"Aww, gee, Fred, I told you this thing wouldn't last."
If you were to point a camera at someone instead, you'd be arrested for "casing a national security threat" and held indefinitely without bail until they decided to execute you.
Athlon 3000+, 1GB DDR 3200 (dual channel 400mHz), 128MB Radeon 9800 Pro, 1280 x 1024 screen, with the game settings at high. The hardware is all running at stock speeds. It's very playable.
Well, I, for one, welcome the opportunity to blow away our new demonic overlords.
I have to disagree with you; I've been playing with the gamma set to "normal" levels, so I can't see the baddies in the shadows unless I use the flashlight. In a darkened room, with the headphones up fairly loud, the game is overwhelmingly intense. The time it takes to switch the flashlight back to your weapon, shooting at vague shadows in the dark, realizing you've just run from a pack of imps into a pitch-black corridor, the whole lighting scheme (and/orlack thereof) is a huge part of the game.
I know some of my feelings for this game come from the excitement of playing the original, and seeing how well they've improved on it, but I think this game still calls for setting your own environment to "ultra-creepy" and immersing yourself.
The problem with the Nokias is that I want the buttons to be where I expect them to be. A phone should be a utility tool, one requiring the least amount of thought. For example, I don't need to focus on a hammer in order to pound a nail -- a quick glance tells me the head is pointing the right way, and the feel of the handle covers the rest. I also don't need to focus on the Sony Ericsson phone I just bought in order to dial a number -- the buttons are all layed out symmetrically about the '5' key, which has an extremely convenient raised bump. I can dial this brand-new phone without looking at it at all.
But the Nokia's asymetrical keyboards and nonstandard layouts require you to focus your attention on their device. You can't grab one and start dialing. You have to "learn" it, or "get used to it", or at the very least study it in order to dial it. It's crap design, and it pisses me off to see ignorant sycophants defend this crap. "Oooh, look at Nokia, they have classy design, they are incapable of making a mistake. I'll buy this phone because I know they are way smarter than I am when it comes to design, and I want to look like I'm smart, too."
It might make a marketer happy to have a swoopy look to sell, but it doesn't make a user happy to have a random keypad to dial. The fact that people are willing to exchange pretty form for crap usability tells me that these people are both shallow and stupid. The emperor is indeed naked. Laugh at him, but don't pander to him.
Take a look at the books The Inmates are Running the Asylum by Alan Cooper, or the older The Design of Everyday Things by Don Norman. Bottom line: everyday things shouldn't "surprise" you.
What the hell is their problem with not putting four even rows with three even columns on the face of the machine? It's a damn phone, not a freakin' Salvadore Dali sculpture. I wish they would pull their designers' heads out of each others asses long enough to come up with a separate faceplate that would simply line up the buttons, making a piece of sh!t into something that resembles usable. Using a cell phone shouldn't become a freakin' study in modern contemptible art.
Of course, that's just my opinion. You could be wrong.
Summary: I'm wrong, you're right -- it's not be the fault of the architecture of the security model on the inside, but they've pointed and clicked our way to poor security practices.
However, I can still criticize XP for creating home user accounts as admin authority. The latest version of Mandrake I checked out brings up a nice little box explaining 'root' in a few high-level sentences, and then forced me to create a non-root user ID for my daily work.
Granted, given my background, the concept of 'root' was not foreign to me the way it might be to a new computer purchaser. But if it was presented as the "Installer" account they could have avoided the whole admin mess from the get go. They would have had a single point of installation for a computer, and isolated the users to boot.
Then, an installer run from a user account that thought it needed to be admin would cause Windows to pop up a message box saying something like, "This installation must be run under the Installer account. Click here to logoff, then click the Installer icon to continue. If it was not your intention to install software right now, you may be seeing this because of a virus attack." That would not only enforce the separation of authority but it would screamingly enforce vendors to produce installation packages that adhered to all the security rules. No vendor who wants to stay in business would ever want to be associated with a screen saying something about a "virus."
As it is, my home box is now thoroughly hosed as far as security settings go. Cross pollination of my account with my son's files, etc., ensures that I no longer have the option to make ANY accounts non-admin without causing severe runtime headaches. Some of the "Shared pictures" from our digital camera might have NTFS permissions that would allow only me to view them, thus causing my wife to hate me. It's a mess, and the default settings both created and encouraged the mess.
Thanks for the info!
Given that, explain why "Microsoft Flight Simulator 2004 - Century of Flight" should still make the list? If software they've released years after they've been aware of these problems still demands bad security practices, who is to blame? The application programmers or the environment in which they must work?
You said, "if an application requires administrator access to run, it is not the fault of the Operating System." Explain how a train simulator could possibly require admin authority except in a poorly architected environment? Then answer, 'who provided that poor architecture?'
This is Microsoft -- author of both these applications as well as the OS. They've had the chance to address it, they've had the incentive to address it, but they have not done so. I stand by my comment.
No, this is a fault of Windows. We don't know how these games run or why they require admin authority. It might be to access the sound card, or the video drivers, or DirectX or something similar. But in all those cases it's a fault of Windows for not providing non-admin-level access to the required resources.
It may have something to do with backwards compatibility with Windows 9x. In that case, yes, the application probably could have littered itself with millions of 'if (WindowsVersion >= 4) SafeFunction() else UnsafeFunction() calls, each of which would have killed performance dead. They also could have shipped fat binaries or even two binaries, and had the installation program make the right choice up front. All those solutions add their own problems to an already complex product, though, and if those types of bad solutions are required, I'd say it's the fault of the OS for requiring them.
I would also think that if it were something they could easily fix at the application level, Microsoft's newest releases would not make this list. However, since it includes "Microsoft Flight Simulator 2004 - Century of Flight" I'd say that in these days of Microsoft waving the "Security First" flag, they have never actually addressed the root problem. And the root is Windows, not the application.
For example, the bottom of this page shows a list of games that require Administrator authority to play. Why should administrator authority need to be granted to play a game? And to suggest granting Administrator access to people just so they can play them?
I have found no more powerful example of Microsoft's lack of commitment to security than this. I think this philosophy more than anything else contributes to the proliferation of destructive worms and viruses.
Doesn't matter if you click or copy this link: http://www.paypa1.com. Either way you'd end up at the site of the first widely publicized phishing scam. (Now, it's just some cheapo domain hawking advertising.)
But, if you're already on guard, you're probably not going to fall for something like that anyway.
I wouldn't doubt that NASA could repurpose old commo satellites for Antarctic service. Once replaced by newer birds, their former owners are probably glad to donate them in order to be rid of the liability. Of course that would mean some pretty beat-up junk is left over to service the Antarctic, but hey -- it's free, right?
Oh, there we go. I found the details of the map. It's dated 1967. Yowch. A lot can change in 37 years.
Strange, but the details on the map indicate it was produced in the early 1980's, even though the info says 1967. I guess I won't be subscribing to their pro service any time soon.
How much wood would a stone mill mill if a stone mill could mill wood?
As far as QA goes, I'm glad our development team doesn't have the attitude of "testers as enemies". I'm personally relieved at every bug they find of mine, because that's one less bug in front of the customers. And QA doesn't get the blame for new bugs, either -- it's not their job to discover every error. They are there to make sure that all the ordinary stuff still works, and that any other discovered bugs get fixed. They update their regression tests to make sure that new situations that lead to new bugs get covered by testing in future release cycles. But they aren't the ones who wrote the bad code.
Actually, our company (well, our team anyway) is usually pretty cool about bugs. We recognize honest errors happen, and as long as everyone who can help drops everything to help recover from the problem, life goes on. After the fact, we'll analyze the root cause to determine what process or procedure slipped up and figure out how to make sure that particular issue doesn't happen again.
We're an expensive team -- I can think of a couple of hundred thousand dollar errors we've had. But we also perform million dollar savings, and a lot more often. And we never, ever forget the lessons the expensive errors teach us. Ever.