Sure, but for whatever reason, it appears that Google isn't paying for it.
They are paying billions of dollars for everyone and their uncle to install the Google toolbar and Google desktop search, but apparently Google draws the line at paying to get Firefox on people's machines.
Somehow I doubt MSFT is doing that any more. The last time they tried it, a court decided that they were an illegal monopoly and MSFT is STILL dealing with the fallout of that decision.
I suspect the DoJ would have some serious words with MSFT if they were strong-arming their OEMs to prevent them from installing FF.
My suspicion is that the real issue is exactly what some of the other respondants have mentioned: Nobody is paying the computer manufacturers to install Firefox, so they're not bothering to install Firefox.
Every modern OS protect programs from each other, they can't see outside their own memory space without.
As to your 2nd suggestion... An application is sandboxed so it can only see it's own area for storing files. An interesting concept. Let's see how it plays out...
So if I create a web page in emacs it gets saved in emacs own area. So far so good.
What happens when I try to publish the page to my web server? My ftp client has it's own area and it can't see the emacs area.
Crud, I'm screwed.
How do you make it so that one application can use the output of another application and still isolate the applications from each other?
I'm not aware of any flaws in recent memory (except for the ARDAgent flaw mentioned above, which IS a fundamental flaw in all *nix based operating systems) that attacked the basic security infrastructure in the OS. The vast majority of the security fixes I've seen have been related to coding defects
So lets look at the idea that security vulnerabilities are related to OS popularity... What happens if how about you compare the reported vulns in OSX with the reported vulns in Linux? Admittedly reported vulnerabilities are a relatively weak metric, but given that OSX and Linux share security models and a great deal of code, it's likely that pretty close to an apples-to-apples model.
Let's go to Jeff Jones blog (he works for MSFT but he's been reporting his research on vuln counts for a couple of years) and see what we find.
Here's a recent example. In Q1 2008, Red Hat had 13 "High" severity vulns that they patched (he only counts announced vuln fixes, silent patches aren't counted). Ubuntu had 17 "High" vulns that they patched, which is a comparable number.
OSX Leopard patched 28 "High" vulnerabilities in the same time period. OSX Tiger patched 25 "High" vulnerabilities in the first quarter of this year.
Given that OSX is more popular than Linux, it appears that there is a good corrolation between the popularity of the OS and the number of fixed vulnerabilities in the OS.
On the other hand, what happens if you include Windows XP and Vista to the mix?
Hmm... Vista has had 9 "High" severity vulnerabilities patched in the first quarter. And Windows XP? 11.
This discrepancy means one of three things:
1) The premise that OS popularity is related to the number of reported vulnerabilities is false or
2) Windows is inherently more secure than OSX or Linux or
3) The premise is true and the low reported vuln count in Windows is because Windows popularity has forced Microsoft developers to learn how to secure their operating system against the hackers but the folks who write software for OSX and Linux haven't yet.
My bank doesn't call me either, they send letters. My point was just that phishing cons can be launched without HTML email.
I'm not aware of any email clients released in the past 4 years that automatically opened external links in email messages, and I wouldn't use one because of just that issue. The web bug problem is a huge issue not just for phishers but for spammers in general.
And if we banned HTML email, then the phishers would just switch to text-only email. People will still click on http://www.yourbank.com.evil.com/default.htm because they think it's the bank. It's not hard to obscure a URL such that people will click on it.
I totally agree with your second sentence. On the other hand, the problem wouldn't be a big deal without the con artists who run them - being gullible isn't a big deal if there's nobody trying to scam you.
That's just silly. HTML mail doesn't make phishing possible. Crooks make phishing possible.
Crooks have been running phishing scams since well before the internet first went online. All you need is a telephone and you can mount a phishing scam: "Hi, this is xyz from your bank. We're running a quality check on the vendor who produces our checks. Could you please repeat the 12 digit number located at the bottom of the check? Now can you read the little numbers near your address? Great, thanks a bunch!". The phisher just got all the information they need to completely drain your checking account.
If we banned HTML mail, the banks wouldn't be able to send HTML mail, and the phishers would simply copy the non-html mail that the banks send.
HTML mail has it's own set of issues, but enabling phishing isn't one of them.
It doesn't matter. Let's say that 200,000 people see the Neowin note and 1% of them call. That's 2,000 people calling support that wouldn't have previously called. And I'm being really conservative with these numbers, they might be higher.
That's going to stress most support lines, especially over the weekend.
Then I just wonder why Sun, IBM and Microsoft feel it's appropriate to issue a binding commitment not to sue people who use their specifiations, but Adobe doesn't.
How do you know that Adobe isn't going to sue you over violating their patents if you implement the specification?
I keep on hearing on/. that you can't trust closed source vendors not to sue over hidden patents, why does Adobe get a free pass here?
Yes you can download the spec for SWF, but nowhere in the spec did it discuss terms of use.
If I implement to their spec, are they going to sue me because of the patents that cover the SWF technology? They say it is available as an "open specification", but there's nothing that says if there are any restrictions on my use of the specification.
We're drifting WAY off topic, but the folks at Gitmo are NOT prisoners of war. If they were, they'd have a series of rights granted to them by the Geneva Convention. Similarly, if they were considered prisoners of the US government, they'd have a series of rights granted to them by the constitution.
Instead the US government has decided that they are "enemy combatants" and thus they live in a very gray area between "prisoner" and "prisoner of war".
Actually I thought your comment was 100% accurate.
If I write a service that allows any user to write to any location in the filesystem (entirely possible on any OS - for Windows, I install a LocalSystem service, for *nix, I install a daemon that runs as root) then that service has a security hole in it, and it can be used to elevate privileges from normal user to admin/root.
That's a flaw in the service/daemon, not a flaw in the OS.
Unless you were saying that you don't know if this app has a security flaw like the one I described above.
How does that help? You don't need admin privileges to read the content of the screen.
If you're worried about an application spoofing the elevation dialog, enable the option that requires the secure attention sequence (C-A-D). That will require you to enter C-A-D, which cannot be intercepted and/or spoofed.
If you're worried about this threat in your enterprise, deploy the change via group policy and every user will have to enter C-A-D before they can accept an elevation prompt.
On the other hand, if you're that worried about malware threats, why are you letting your users run as administrators in the first place? Just run them as standard users and don't let them elevate at all.
Actually rtb61 started with the assertion that MS-DOS could have been built as a proper multi-user operating system back in 1982. Others then claimed that there were operating systems that offered real multi-user capabilities on 8088 hardware.
I'm just challenging those assertions. MS-DOS and Windows were designed to run on systems that most *nix solutions would laugh at. The first PC *nix implementation (written, I believe by Microsoft (286 Xenix)) was for the 80286 (which shipped some time around 1984).
Actually there's a group policy that you can set that requires the SAS before you can enter a UAC prompt to mitigate that threat. It's not on by default because even Microsoft figured it would be too annoying. See here for more details.
But for those customers who are worried about that threat, there's a mitigation that's built in.
The backup and restore privileges are disabled in a UAC token (you can verify this trivially with process explorer). Which means that you need to elevate to enable them. And once you've elevated, there's no point in asking you again, since you're already an admin.
If VMWare is hosting malware that bypasses the SAS prompt, that's out-of-scope for UAC, because you essentially have installed a hardware rootkit.
But not with UAC. The normal integrity level application can't sniff anything about the UAC elevation. And the elevation password dialog runs on a separate secured desktop so the malware can't access it.
Windows is not *nix, the Windows developers learned from the mistakes of sudo.
Um... This was an OS designed for a machine with 8K of RAM (that's 8192 bytes of RAM), and with no memory protection hardware.
Even the very first Unix ran on a machine with 8 times that amount of memory. It's not surprising that MS-DOS left things like security on the cutting room floor.
Don't blame MSFT for the limitations of the hardware.
And I don't know that anyone at MSFT ever claimed that Win9x had any security, I'd love to see a reference.
I totally agree with everything you wrote there except the "high end" comment.
Unless "high end" has changed sometime recently, Vista runs quite well on machines that are decidedly less than "high end". My laptop cost less than $1000 and it runs Vista well (ultimate edition with all the bells and whistles (including glass)).
I just looked - today, you can go to the Dell web site and buy a $500 desktop computer with 2G of RAM, a dual core CPU, radeon 2400, and Vista Home Premium that will run all the cool features (again, including glass). To me a $500 computer is not a "high end" computer.
Was there a vaporware announcement from Microsoft?
I thought that Gates said "sometime in the next year or so". To me that means that there will be a new version of Windows in 2009 or 2010.
Microsoft has always said that The version after Vista would come about 3 years after Vista shipped. Which would be... Sometime in the next year or so (2009 or 2010).
But for your 2nd statement (that wow64 slows things down), there is essentially no slowdown for 32bit aps in WOW64 - WOW64 is basically a compatibility layer that allows 32bit applications to access 32bit DLLs (in windows\syswow64) and registry. But applications run at full speed, because the support for 32bit applications on a 64bit OS is built into the processor (otherwise OSX and Linux would have the same issue).
Slashdot Mirror
Sure, but for whatever reason, it appears that Google isn't paying for it.
They are paying billions of dollars for everyone and their uncle to install the Google toolbar and Google desktop search, but apparently Google draws the line at paying to get Firefox on people's machines.
Replying to an AC == bad, but...
Somehow I doubt MSFT is doing that any more. The last time they tried it, a court decided that they were an illegal monopoly and MSFT is STILL dealing with the fallout of that decision.
I suspect the DoJ would have some serious words with MSFT if they were strong-arming their OEMs to prevent them from installing FF.
My suspicion is that the real issue is exactly what some of the other respondants have mentioned:
Nobody is paying the computer manufacturers to install Firefox, so they're not bothering to install Firefox.
No conspiracy needed.
"Exchange is moving there"? Exchange has had threaded conversations since 1994.
Heh, I just came back from Pgh yesterday, and you're right, it's an awesome city (many years ago, I lived there for 4 years of college).
But Pgh drivers are not "half-decent" :). Have you forgotten about the Pittsburgh Left? And don't get me started on drivers who stop on the on-ramp.
Every modern OS protect programs from each other, they can't see outside their own memory space without.
As to your 2nd suggestion... An application is sandboxed so it can only see it's own area for storing files. An interesting concept. Let's see how it plays out...
So if I create a web page in emacs it gets saved in emacs own area. So far so good.
What happens when I try to publish the page to my web server? My ftp client has it's own area and it can't see the emacs area.
Crud, I'm screwed.
How do you make it so that one application can use the output of another application and still isolate the applications from each other?
I'm not aware of any flaws in recent memory (except for the ARDAgent flaw mentioned above, which IS a fundamental flaw in all *nix based operating systems) that attacked the basic security infrastructure in the OS. The vast majority of the security fixes I've seen have been related to coding defects
So lets look at the idea that security vulnerabilities are related to OS popularity... What happens if how about you compare the reported vulns in OSX with the reported vulns in Linux? Admittedly reported vulnerabilities are a relatively weak metric, but given that OSX and Linux share security models and a great deal of code, it's likely that pretty close to an apples-to-apples model.
Let's go to Jeff Jones blog (he works for MSFT but he's been reporting his research on vuln counts for a couple of years) and see what we find.
Here's a recent example. In Q1 2008, Red Hat had 13 "High" severity vulns that they patched (he only counts announced vuln fixes, silent patches aren't counted). Ubuntu had 17 "High" vulns that they patched, which is a comparable number.
OSX Leopard patched 28 "High" vulnerabilities in the same time period. OSX Tiger patched 25 "High" vulnerabilities in the first quarter of this year.
Given that OSX is more popular than Linux, it appears that there is a good corrolation between the popularity of the OS and the number of fixed vulnerabilities in the OS.
On the other hand, what happens if you include Windows XP and Vista to the mix?
Hmm... Vista has had 9 "High" severity vulnerabilities patched in the first quarter. And Windows XP? 11.
This discrepancy means one of three things:
1) The premise that OS popularity is related to the number of reported vulnerabilities is false or
2) Windows is inherently more secure than OSX or Linux or
3) The premise is true and the low reported vuln count in Windows is because Windows popularity has forced Microsoft developers to learn how to secure their operating system against the hackers but the folks who write software for OSX and Linux haven't yet.
Personally I suspect it's #3.
My bank doesn't call me either, they send letters. My point was just that phishing cons can be launched without HTML email.
I'm not aware of any email clients released in the past 4 years that automatically opened external links in email messages, and I wouldn't use one because of just that issue. The web bug problem is a huge issue not just for phishers but for spammers in general.
And if we banned HTML email, then the phishers would just switch to text-only email. People will still click on http://www.yourbank.com.evil.com/default.htm because they think it's the bank. It's not hard to obscure a URL such that people will click on it.
Banks don't make phone calls usually either.
I totally agree with your second sentence. On the other hand, the problem wouldn't be a big deal without the con artists who run them - being gullible isn't a big deal if there's nobody trying to scam you.
That's just silly. HTML mail doesn't make phishing possible. Crooks make phishing possible.
Crooks have been running phishing scams since well before the internet first went online. All you need is a telephone and you can mount a phishing scam: "Hi, this is xyz from your bank. We're running a quality check on the vendor who produces our checks. Could you please repeat the 12 digit number located at the bottom of the check? Now can you read the little numbers near your address? Great, thanks a bunch!". The phisher just got all the information they need to completely drain your checking account.
If we banned HTML mail, the banks wouldn't be able to send HTML mail, and the phishers would simply copy the non-html mail that the banks send.
HTML mail has it's own set of issues, but enabling phishing isn't one of them.
It doesn't matter. Let's say that 200,000 people see the Neowin note and 1% of them call. That's 2,000 people calling support that wouldn't have previously called. And I'm being really conservative with these numbers, they might be higher.
That's going to stress most support lines, especially over the weekend.
The big thing I found missing from the article is how the machine got infected.
If I download and install the cool icons for my IM client and malware comes along for the ride, is it Vista's fault that it allowed me to install it?
As far as I know, all MSFT has claimed is that Vista is more secure than XP, not that it is immune from malware.
There's nothing that an OS vendor can do to protect the user from their own actions.
Then I just wonder why Sun, IBM and Microsoft feel it's appropriate to issue a binding commitment not to sue people who use their specifiations, but Adobe doesn't.
/. that you can't trust closed source vendors not to sue over hidden patents, why does Adobe get a free pass here?
How do you know that Adobe isn't going to sue you over violating their patents if you implement the specification?
I keep on hearing on
Yes you can download the spec for SWF, but nowhere in the spec did it discuss terms of use.
If I implement to their spec, are they going to sue me because of the patents that cover the SWF technology? They say it is available as an "open specification", but there's nothing that says if there are any restrictions on my use of the specification.
Do they have a covenant not to sue like the one that Sun has, the one that IBM has or even the one that Microsoft has?
Heck, they could have used the journaling system built into Exchange and achieved what they wanted.
We're drifting WAY off topic, but the folks at Gitmo are NOT prisoners of war. If they were, they'd have a series of rights granted to them by the Geneva Convention. Similarly, if they were considered prisoners of the US government, they'd have a series of rights granted to them by the constitution.
Instead the US government has decided that they are "enemy combatants" and thus they live in a very gray area between "prisoner" and "prisoner of war".
Actually I thought your comment was 100% accurate.
If I write a service that allows any user to write to any location in the filesystem (entirely possible on any OS - for Windows, I install a LocalSystem service, for *nix, I install a daemon that runs as root) then that service has a security hole in it, and it can be used to elevate privileges from normal user to admin/root.
That's a flaw in the service/daemon, not a flaw in the OS.
Unless you were saying that you don't know if this app has a security flaw like the one I described above.
How does that help? You don't need admin privileges to read the content of the screen.
If you're worried about an application spoofing the elevation dialog, enable the option that requires the secure attention sequence (C-A-D). That will require you to enter C-A-D, which cannot be intercepted and/or spoofed.
If you're worried about this threat in your enterprise, deploy the change via group policy and every user will have to enter C-A-D before they can accept an elevation prompt.
On the other hand, if you're that worried about malware threats, why are you letting your users run as administrators in the first place? Just run them as standard users and don't let them elevate at all.
It's by far the safest option available.
Actually rtb61 started with the assertion that MS-DOS could have been built as a proper multi-user operating system back in 1982. Others then claimed that there were operating systems that offered real multi-user capabilities on 8088 hardware.
I'm just challenging those assertions. MS-DOS and Windows were designed to run on systems that most *nix solutions would laugh at. The first PC *nix implementation (written, I believe by Microsoft (286 Xenix)) was for the 80286 (which shipped some time around 1984).
Actually there's a group policy that you can set that requires the SAS before you can enter a UAC prompt to mitigate that threat. It's not on by default because even Microsoft figured it would be too annoying. See here for more details.
But for those customers who are worried about that threat, there's a mitigation that's built in.
The backup and restore privileges are disabled in a UAC token (you can verify this trivially with process explorer). Which means that you need to elevate to enable them. And once you've elevated, there's no point in asking you again, since you're already an admin.
If VMWare is hosting malware that bypasses the SAS prompt, that's out-of-scope for UAC, because you essentially have installed a hardware rootkit.
Sorry, 64K. And OS/9 was a secure OS running on an 8088 with no hardware memory protection and no paging ability? How'd they pull that off?
But not with UAC. The normal integrity level application can't sniff anything about the UAC elevation. And the elevation password dialog runs on a separate secured desktop so the malware can't access it.
Windows is not *nix, the Windows developers learned from the mistakes of sudo.
"Cheapest fashion they could"?
Um... This was an OS designed for a machine with 8K of RAM (that's 8192 bytes of RAM), and with no memory protection hardware.
Even the very first Unix ran on a machine with 8 times that amount of memory. It's not surprising that MS-DOS left things like security on the cutting room floor.
Don't blame MSFT for the limitations of the hardware.
And I don't know that anyone at MSFT ever claimed that Win9x had any security, I'd love to see a reference.
I totally agree with everything you wrote there except the "high end" comment.
Unless "high end" has changed sometime recently, Vista runs quite well on machines that are decidedly less than "high end". My laptop cost less than $1000 and it runs Vista well (ultimate edition with all the bells and whistles (including glass)).
I just looked - today, you can go to the Dell web site and buy a $500 desktop computer with 2G of RAM, a dual core CPU, radeon 2400, and Vista Home Premium that will run all the cool features (again, including glass). To me a $500 computer is not a "high end" computer.
Was there a vaporware announcement from Microsoft?
I thought that Gates said "sometime in the next year or so". To me that means that there will be a new version of Windows in 2009 or 2010.
Microsoft has always said that The version after Vista would come about 3 years after Vista shipped. Which would be... Sometime in the next year or so (2009 or 2010).
I was fine with your 1st statement.
But for your 2nd statement (that wow64 slows things down), there is essentially no slowdown for 32bit aps in WOW64 - WOW64 is basically a compatibility layer that allows 32bit applications to access 32bit DLLs (in windows\syswow64) and registry. But applications run at full speed, because the support for 32bit applications on a 64bit OS is built into the processor (otherwise OSX and Linux would have the same issue).