I really want to disagree with this, but I just can't.
If Microsoft took up another strategy than pure marketing; they could offer alot better of a product, at the same return.
Microsoft basically offers three things:
1.) A decent operating system. Ill get modded down for saying this, but it's an OK system. It isn't wicked l33t for people like us, but it's a decent system for the status quo.
2.) A excellent office suite (sans Outlook). Anyone want to argue that MS office hasn't been top of its class ever since it started dueling with wordperfect?
3.) Free (beer) apps with Windows. Two of which are HORRIBLY ABYSMAL. Most of the "windows security flaws" come from these two apps; and these alone are the cause of 99% of spyware, adware, phishing, and viruses.
MS needs to drop IE and Outlook. Just get rid of them. Let people download Firefox and Thunderbird or whatever.
MS would lose absolutely nothing by dropping IE and Outlook, gain alot of extra time for their coding and R&D teams, and gain a ton of security, by not having these two awfully designed programs ship with an OS that they claim to be trying to improve the security of.
Protected Stack hardware requirements?
on
Gates on Winsecurity
·
· Score: 5, Insightful
Why does a protected stack need hardware modification ? IANACE, but doesn't OpenBSD do this on standard hardware?
As much as I don't like substanceless MS criticism, and as much as I want the status quo's platform to be secure; I really think that actions speak louder than words, and while SP2 is a big step in the right direction, how about:
1. Ditching ActiveX, does anyone actually use this for anything other than malware anymore?
2. Disabling the (Outlook) preview pane by default
3. Higher SSL Verbosity with IE
4. IE URL-bar and statusbar should go into an "extra careful verbose mode" when it encounters hexadecimal encoding ( % ).
IMO, these are all obvious things that should have been changed LONG ago, why are they still defaults?
If they allowed homebrew code then there would be no need for the modchip argument anyway. Software "modchips" would be freely available.
Region free is a good bet. I think that mod chips will get away with the "legitimate backup" issue, be that a good thing or a bad thing.
The main beef that people have with Debian is the dated packages.
While most of the trolls from Gentoo Zealots (No attack vs Gentoo here, I'm a Gentoo user myself) and the like are unfounded because they speak vs packages in Woody; there are still a ton of packages in sarge and sid that are less than current.
The problem with this is not the fault of the Debian Developers, it's the fact that Debian supports a vast number of architectures as well as a vast number of packages, causing QUITE alot to update, even with a minor version number change on one package.
NetBSD is the only platform other than debian to successfully nearly this many architectures. The way that NetBSD does it is source packaging; I do not think that this is the way for debian to go.
What needs to happen is a project to support Debian for a few platforms: the x86, the PPC, the sparc, and maybe two or three others. Classic Debian would run parallel to this, and obscure archs would still be supported.
Two new package trees, called something like desktop-sarge and desktop-sid, would be mirrors of the sid and sarge trees, but only support the major archs. This way, a DD doesn't have to compile vs 37 or whatever archs before he updates his package; the new version would come out for the major archs early, and the obscure archs could wait until however long it took.
Slashdot Mirror
Why does teh blog theme look almost exactly like Groklaw????? Should Pam stop observing IP lawsuits and get involved?
Sorry about the IE 4 bit. My formatting somehow got broken; there were supposed to be carriage returns between my bullets.
Of course "4" was supposed to be the next bullet, and the text for 3 was "Higher SSL Verbosity with IE."
I really want to disagree with this, but I just can't.
If Microsoft took up another strategy than pure marketing; they could offer alot better of a product, at the same return.
Microsoft basically offers three things:
1.) A decent operating system. Ill get modded down for saying this, but it's an OK system. It isn't wicked l33t for people like us, but it's a decent system for the status quo.
2.) A excellent office suite (sans Outlook). Anyone want to argue that MS office hasn't been top of its class ever since it started dueling with wordperfect?
3.) Free (beer) apps with Windows. Two of which are HORRIBLY ABYSMAL. Most of the "windows security flaws" come from these two apps; and these alone are the cause of 99% of spyware, adware, phishing, and viruses.
MS needs to drop IE and Outlook. Just get rid of them. Let people download Firefox and Thunderbird or whatever.
MS would lose absolutely nothing by dropping IE and Outlook, gain alot of extra time for their coding and R&D teams, and gain a ton of security, by not having these two awfully designed programs ship with an OS that they claim to be trying to improve the security of.
Why does a protected stack need hardware modification ? IANACE, but doesn't OpenBSD do this on standard hardware? As much as I don't like substanceless MS criticism, and as much as I want the status quo's platform to be secure; I really think that actions speak louder than words, and while SP2 is a big step in the right direction, how about: 1. Ditching ActiveX, does anyone actually use this for anything other than malware anymore? 2. Disabling the (Outlook) preview pane by default 3. Higher SSL Verbosity with IE 4. IE URL-bar and statusbar should go into an "extra careful verbose mode" when it encounters hexadecimal encoding ( % ). IMO, these are all obvious things that should have been changed LONG ago, why are they still defaults?
If they allowed homebrew code then there would be no need for the modchip argument anyway. Software "modchips" would be freely available. Region free is a good bet. I think that mod chips will get away with the "legitimate backup" issue, be that a good thing or a bad thing.
The main beef that people have with Debian is the dated packages.
While most of the trolls from Gentoo Zealots (No attack vs Gentoo here, I'm a Gentoo user myself) and the like are unfounded because they speak vs packages in Woody; there are still a ton of packages in sarge and sid that are less than current.
The problem with this is not the fault of the Debian Developers, it's the fact that Debian supports a vast number of architectures as well as a vast number of packages, causing QUITE alot to update, even with a minor version number change on one package.
NetBSD is the only platform other than debian to successfully nearly this many architectures. The way that NetBSD does it is source packaging; I do not think that this is the way for debian to go.
What needs to happen is a project to support Debian for a few platforms: the x86, the PPC, the sparc, and maybe two or three others. Classic Debian would run parallel to this, and obscure archs would still be supported.
Two new package trees, called something like desktop-sarge and desktop-sid, would be mirrors of the sid and sarge trees, but only support the major archs. This way, a DD doesn't have to compile vs 37 or whatever archs before he updates his package; the new version would come out for the major archs early, and the obscure archs could wait until however long it took.
Instead of everyone waiting for months.
Nessusing their site right now is missing something that it definately should have reported.
Vulnerability to Slashdotting DDoS: High.
ESR is the obvious choice for Jar Jar here. He has great hopes, and the best of intentions, but he's just a nut.
Note that this is from the country run by the same guy that claims that hollywood ripped off all his movie ideas.