I think a lot of people fail to realize that Microsoft is its own BIGGEST beta tester. Hell, even alpha. I believe most of their infrastructure runs on pre-production/beta/RC software and is has to hit, and maintain, certain thresholds in those environment as criteria for "release" sign-off.
So, it can be safe to say that beta software is relatively safe. It's just these one-off situations where Joe Blow Sys Admin, who can't find his ass with two hands, screws something up that always seem to make the press.
To say nothing of the irony of this statement..."security enhancements"?
Actually there is no irony with this statement. In Longhorn the permissions model is being drastically changed to least privileged to prevent at of lazy developers from requiring their app to run as admin. See http://www.pcworld.com/resource/article/0,aid,1203 14,pg,1,RSS,RSS,00.asp. This is HUGE for Windows security. This now eliminates the attack surface that these lazy developers create with their apps. Yea, yea, Unix and Linux have always done this..blah..blah..blah. Well, I'm glad that MS is starting to do it too. It's about time!
So to simply dismiss these "enhancements" due to MS's past track record with security would be a mistake. They know the track record was poor! THAT'S WHY THESE CHANGES ARE BEING MADE!
!
I wonder if the show will adopt Canada's colorful lingo as well?
Captain: "Hey you freak'n hoser! I told you to get to your battle stations! We're aboat to me attacked, eh!"
Crew: "That's messed up, eh! Can we play hockey afterwards?"
The problem, IMO, is that Linux has too many favors out there to really become a viable "platform". Each flavor, including web and DB servers, creates contention, in one form or another, not only amongst customers but Linux loyalists as well.
Alacritech "shows" MS this technology back in 98
MS breaks communication in 99 and starts to use the technology without license
4 years later Alacritch then "tries" to offer a license.
One year later they sue
Why did they wait 4 years if they knew MS was using it without a license? Sounds like a Phishing scheme at the corporate level to dig into some pockets.
As for the security part, I totally agree. It's clear to see that MS would rather take a hit now and invest the time to make their software more secure then to continue to string consumers along.
We all know that they have had their issues with security in the past. But over the last three years they have taken some great strides to improve it.
I applaud them for doing their own proactive penetration testing on their software, as well as enlisting the help third-party companies to do the same. This is far better than the "we'll see what happens" approach of years past. By doing this proactive approach it cuts down on zero-day exploits (granted their still will be a few), teaches them to learn from their mistakes and well as provide the education to the software dev community on those mistakes.
So, instead of ranting and complaining about these patches, I think people should take a moment to reflect and see the bigger picture of what's being accomplished here.
Slashdot Mirror
I think a lot of people fail to realize that Microsoft is its own BIGGEST beta tester. Hell, even alpha. I believe most of their infrastructure runs on pre-production/beta/RC software and is has to hit, and maintain, certain thresholds in those environment as criteria for "release" sign-off.
So, it can be safe to say that beta software is relatively safe. It's just these one-off situations where Joe Blow Sys Admin, who can't find his ass with two hands, screws something up that always seem to make the press.
domain.nope
:-)
Prof Tom: "Damn it Bob! Quit tying up the satellite phone! I need to get online!"
Prof Bob (on the Phone): "No, I love you more!...No, you hang up first.."
Prof Tom: "Damn it Bob! My "online" girlfriend goes to bed at 11! HURRY UP!"
Hmmm...XP SP2 has been out now how long? And, this problem was just "found"?
Peek into the Future:
Year 2025 - It's been reported that Microsoft's Windows XP SP2 has broken...THE SAN ANDRES FAULT. In-depth coverage at 11!
To say nothing of the irony of this statement..."security enhancements"?
3 14,pg,1,RSS,RSS,00.asp. This is HUGE for Windows security. This now eliminates the attack surface that these lazy developers create with their apps. Yea, yea, Unix and Linux have always done this..blah..blah..blah. Well, I'm glad that MS is starting to do it too. It's about time!
Actually there is no irony with this statement. In Longhorn the permissions model is being drastically changed to least privileged to prevent at of lazy developers from requiring their app to run as admin. See http://www.pcworld.com/resource/article/0,aid,120
So to simply dismiss these "enhancements" due to MS's past track record with security would be a mistake. They know the track record was poor! THAT'S WHY THESE CHANGES ARE BEING MADE! !
I wonder if the show will adopt Canada's colorful lingo as well?
Captain: "Hey you freak'n hoser! I told you to get to your battle stations! We're aboat to me attacked, eh!" Crew: "That's messed up, eh! Can we play hockey afterwards?"
The problem, IMO, is that Linux has too many favors out there to really become a viable "platform". Each flavor, including web and DB servers, creates contention, in one form or another, not only amongst customers but Linux loyalists as well.
Oh, Oh Take me, Take me! I am a pale, skinny nerd who has no muscle tone, bad vision and throws up on the kiddy rides!
But my mom always said that I'd make a great Astronaut!
...when you got mutated bacteria as a pet?
"I told you to fetch the stick not eat the neighbor! Bad mutated E. coli! In your cage!"
Ok, lemme get this straight...
Alacritech "shows" MS this technology back in 98
MS breaks communication in 99 and starts to use the technology without license
4 years later Alacritch then "tries" to offer a license.
One year later they sue
Why did they wait 4 years if they knew MS was using it without a license? Sounds like a Phishing scheme at the corporate level to dig into some pockets.
Just remember not to shake Laura's hand.
As for the security part, I totally agree. It's clear to see that MS would rather take a hit now and invest the time to make their software more secure then to continue to string consumers along.
We all know that they have had their issues with security in the past. But over the last three years they have taken some great strides to improve it.
I applaud them for doing their own proactive penetration testing on their software, as well as enlisting the help third-party companies to do the same. This is far better than the "we'll see what happens" approach of years past. By doing this proactive approach it cuts down on zero-day exploits (granted their still will be a few), teaches them to learn from their mistakes and well as provide the education to the software dev community on those mistakes.
So, instead of ranting and complaining about these patches, I think people should take a moment to reflect and see the bigger picture of what's being accomplished here.