When i was still working at the redmond campus (as a blue), a few times a year we'd see a bunch of bozos walking around campus with "WashTech" signs / banners etc. A few people were trying to start a tech-workers union back then.
The sort of people Microsoft wants to hire (as FTEs) are not interested in unionization. Microsoft, more than anywhere else i've worked, is a meritocracy where people are vastly rewarded for excellent personal performance. We want to hire people that excel in that environment. People that know they are bright enough that they could walk and find other gainful employment, so don't put up with things they don't have to where they are. People that have a variety of options and beleive where they are at is the best available.
That's pretty much the opposite of the sort of people that are interested in unionization.
I don't see Microsoft putting up with any kind of unionization of contract workers. The last time contractors aggregately sued MS, we amended our policy by making them sit on the bench 100 days per year (to make it crystal clear that contractors/permatemps were temporary.. a- (agency-temp) workers have to take 100 days off every year now)
There are some distinctions at MS between blue and orange that probably need to remain, but others that could probably go away. The latter are mostly individual actions.. people with poor professional behavior that treat contractors unfairly or as if they're some kind of lesser person. There need to be some differences in the way you treat the non-blues for legal/other reasons, but that shouldn't spill into how you treat them as humans. Unfortuneately it is completely possible to work at MS and not really have any sense of how to interact with people effectively [unless you define "effective" as badgering people into submission].
I've worked with great contractors and not so great contractors. Hell, I know of at least one guy that moved from blue->orange so he could take 100 days of "vacation" every year to snowboard. Not a bad sounding idea, honestly:)
Note the careful wording of my original statement. It's not the absolute frequency, its the frequency of scoring divided by the frequency of desire. So long as desire goes down at the same rate as the scoring, its no big deal:)
No channel accurately captures what i want to see.
I want _shows_. Infact, i dont even want all the shows of a given series.
I haven't had any kind of TV service for a while now. What i've recently discovered is that i love anime. Not all of it, but a bunch of stuff i never expected to like.
To discover shows, i've done research at anidb, talked to friends, etc. I'll grab the first few episodes of a show and see how i like it. If i do, i end up getting all the episodes/OVAs/whatever from that series.
What i want is the ability to preview a show for free, and if i like it, get more episodes of it. I want these on my PC, with zero advertising, and in a format i can view on any of my home computers. I want it to play flawlessly inside of Windows media Center (or some other unified-media-shell like Myth or something..)
I am willing to pay for the right content on the right terms. I don't want a cable service - i want it to come into my home network via IP.
I was making this argument to someone the other day. Today, people are willing to pay $40-$130 for a DVD box set of a season of a show they like. DVD quality, zero playback hassles, no commercials - just the content they know they like, in a large batch.
Imagine if consumers could get the same experience (or better), but for the media provider, there are no physical manufacturing costs, on wholesale/retail middlemen, etc. You simply buy a season of "Monk" or wahtever and the transport is IP. If the terms of use were similar to a DVD (i.e. i can take my file and burn it in such a way that i can play it anywhere without too much hassle, and its not tied to my PC/OS/whatever) i'd be happy to pay 80-95% of the DVD price. But for the distributing company, its almost entirely profit, especially compared to DVDs..
Shows i'd pay to watch, based on the above terms/model:
- WRC coverage - F1 races - a bunch of Anime
fyi, a series i happen to like is "Inuyasha". The distribution model for these so far is kind of crazy.. in the US there are DVDs issued with 3 episodes on them.. for $19. Eventually, a whole-season set will come out at the $85 price point.. this is usually 26 episodes. The show had 167 episodes made before production abruptly stopped. You can see that getting the series on 3-ep discs would cost $1100.. where as getting the show as 1-season box sets would cost $550 or so. Even so, we're talking $3.20/ep which seems a bit high to me. Inuyasha is a star property and Viz can realistically charge whatever they want for it and it will probably still sell well. But I wonder, how much lower could that price-per-episode be if we remove the physical distribution alltogether? And how much more profitable for Viz at the same time ?
when i was a 13 year old kid, playing the original PC doom on my 486 for HOURS every day.....i spent a lot of time thinking "man, i wish there was some woman that had sex with me as much as i could possibly want it"
Now that i've been married a few years, i spend very little time thinking "man, i wish i had more time to play Doom 3"
There are a lot of people that are not Microsoft employees that have seen and have improved the Windows source code.
However, Microsoft is an Intellectual Property company. For better or worse, Microsoft considers its source code its crown jewels. Sharing that in a restriction-free manner is a risk that has been too great to consider thus far. What has instead happened is that MS has worked to get some of the benefits of peer review, but in a way that manages risk (selected audience, NDA, etc) of intellecetual property loss.
There are paid security consultants that review key portions of MS code; there are many Universities that have Windows source licenses.
It is always better to lose control of something to a corporation than to a government. If i don't feel like involving myself in how a company does business, i don't have to. They can control it all they want to - i can still choose to not use it, and unless they're buying laws (which they unfortuneately do), i can use it in a way that violates their wishes should I have the moral latitude to do so.
Contrastingly, nobody has the choice to opt-out of what the government says. If you dont like it, you go to jail, in civilized countries. In other places, you just get shot.
The UN, which is so fantastically corrupt so as to make the current US administration look downright saintly, and the EU, which is SO out of touch with the PEOPLE of Europe that the constitution cant get ratified, want control. The only two arguments we've heard are "we dont like America being in control, because America is unpopular right now", and the one we don't hear as much is "we want to censor and tax the internet and we need a legal foothold for how to do that"
Everyone will always do what they can to expand their control. This includes governments, companies, and individuals.
You are a FOOL if you want the government to EVER step in take control from a company. Once the government gains control of something, it never relinquishes it, and it always costs people more in the long run. And unlike corporations, there is no higher authority that can punish or unseat a government.
The RIAA/MPAA are not problems because they are companies. They are problems because they've convinced the government to make the wishes of the MPAA/RIAA the GOVERNMENTS problem. If the US government had properly told these bozos to sod off, then the RIAA/MPAA would have no teeth and nobody would care that they are in the business of abusing customers. It is precisely BECAUSE OF government interference (purchased laws, basically) that corporate interests are gaining effect in the US.
Today, neither the US govt or some malignant company controls DNS. The SiteFinder fiasco is the only (recent) attempt at doing something to DNS that wasn't in the best interest of "the net", as opposed to some companies potential benefit. The net, true to form, routed around that problem.
The loose anarchy of experts maintaining DNS now is far, far preferable to any government intervention or oversight.
Finally - "if it ain't broke - don't fix it" applies here in spades.
If you look at a typical X windows install, the overwhelming majority of fonts are NOT truetypes. There are a gazillion different X fonts on a normal installl, but only a small subset of them are truetype. Font handling in X has always been atrocious.
Regardind just "picking" KDE vs Gnome - great, we can take the already non-existant market and then cut it in half. And for the half that is supported, they'll be irate that they can ONLY drag and drop with other KDE apps, right?
Fonts are NOT "just fonts" - once upon a time, ghostscript was the only way to get quality printer output on *nix machines, and its fonts were entirely separate from X fonts.. and there was logic in gs to try and map non-embedded PS fonts to GS fonts, and the PS fonts themselves came from who-knows-where...
Undoubtedly, things are better now, but i have a hard time beleiving that the experience is as polished as you get on a Mac or a windows machine.
You haven't outright said it, but you're implying that the platform stack of Windows is more or less a straight across port to Linux. And my response is "bullshit". I've tried to pick a few things that will significantly different because the infrastructure to support them is either not there or very different (font handling, embedded HTML controls, and pervasive drag-n-drop being a few that i picked).
It's not like this is an entirely academic argument. I've used IE and Mediaplayer for solaris. Neither of them holds a candle to the windows counterpart.. and IE/Solaris was extremely crash-prone on my machine. Nevermind that the 3rd party stuff of course didn't exist (i.e. no AX, no plugins,.. which btw would apply to office as well unless you dragged over all of COM).
Someone earlier mentioned the "office already works in wine/codeweavers". Yeah, Office 2k, and they rate it "works, but very buggy".
I've done plenty of coding in both worlds. There is a LOT of platform infrastructure in windows that you can expect to be there and expect to more or less work as a windows app developer. There's almost NOTHING microsoft ships that isn't componentized and setup for anonymous runtime links (COM). People say that CORBA/bonobo is "the equivalent" but the last time i looked, that's not the underlying technology 100% of f/oss libraries were setup to work with.
Just adding -lgtk to the makefiles isn't going to be sufficient:)
What drag and drop mechanism should Office for Linux use? Should it bring along it's own, that only works with Office? Should it support Motif DnD? Xt ? Gnome? KDE ? All of them ? Why cant they all just be the same?
When Office wants to launch HTML help, how should it embed a web browser into an office window do render the HTML? Which HTML renderer should it use? Are they porting IE to linux also, or are they getting a license for KHTML or something, in such a way that they can keep Office closed but statically link to GPL/other F/OSS licensed web content ?
Even stuff like font metrics, font browsers, and font descriptions are fundamentally different - you really have no guarantees about what fonts are available on a linux system, and the various fonts work in different ways depending on encoding and technology. Are you guaranteed to be able to get X fonts to look right on a printer? Only certain fonts? How do you communicate that to the user effectively?
And speaking of printing - there have been precisely two UNIXes that have had a realistic printing story - NeXT, where you bought their machine, their OS, their laser printer, AND- the whole freaking OS was Postscript. That was a printing story on unix that worked. THe other is Mac OS X - where you have mostly NeXT, and apple is happy to limit the # of supported printers to like 6 or whatever the number is. I realize that OS X uses CUPS now and you can probably get OS-X levels of niceness on any unix, but how much time will someone spend fighting getting their printing right from Office? It's kind of a crapshoot, and if someone has paid a bunch of money for office, they're going to expect real printing support that is bulletproof.
- 1) the facilities available on linux/X windows to make something like office are lacking. It's not an intractible problem, but you've got a lot more richness in the Windows platform that the Office team would need to get from _somewhere_
but, the much bigger issue is:
- 2) Nobody is going to pay for Office on Linux. People that run linux on the desktop are not interested in buying anything from Microsoft. They're usually not interested in buying anything at all, software wise.. but certainly not from Microsoft. I don't see Office for Linux driving linux adoption, so i don't see lots of new customers coming to the space either.
I might entertain the idea that Microsoft would work better split up. But most people that make this argument assume that a split-microsoft will produce Office for Linux. I don't think it will ever happen. To be honest, a large part of the comments on this story are about how google will win with server/web centric apps, etc. How would Microsoft investing heavily to make a thick-client app for a minority player primarily used by a market of people who hate paying for software and hate microsoft more than Stalin, be a good, moneymaking move ?
It is illustrative to look at the MS products for Macintosh. The availability of Office/Mac has not had some staggering effect on Mac penetration. One reason MS makes mac products is that lots of Mac people are more than willing to buy software.. they already paid too much for their computers, and 95% of stupid utilities for macs have been pay-ware (not as much with OS X inheriting a large unix base and unix attitudes about homebrew development.. but historically speaking), so the Mac user traditionally has been extremely willing to pay for software, thus making it a market worth considering.
When the # of people willing to pay for Office/Linux, times the selling price (call it $199 (ha ha)) is larger than the cost to develop it, Microsoft will make Office for Linux. I don't see that ever happening.
So, can anyone elaborate on how they "extract DNA" from people?
If it involves one of those short-skirted, maximum-visible-cleavage nurses that you see in old Van Halen videos, then I think this is a great idea and look forward to getting detained.. and towards my eventual "release".
Remember Lex Luthors plan to get rich ? Buy all the property on the east side of the san andreas fault, then set off nukes in the fault to sink the west half of the state. Lex would overnite own the majority of waterfront property in california.
According to the sinless triumverate of truth (moveon.org, indymedia, and dailykos), Karl Rove has almost completed his master plan of melting all global ice to raise the world sealevel by 23ft.. which in a single stroke would wipe out almost all democratic voters in the US, as well as place all socialist-european countries in state of total turmoil whilst they tried to rebuild their cities and save their tax base (their population).
Security problems in Win95 that got transferred to WinME and then WinXP.
Which problems would those be? XP is a completely different code base. 9x and XP aren't comparable from a features, security, or architectural standpoint (unless the comparison is to say "XP is superior in all ways")
When i say "people", i don't mean people that just hate Microsoft no matter what. I don't mean "security experts". I mean paying customers. NO _real paying customers_ gave a damn about security in any sense of the modern interpretation in win9x because the notion of a secure w9x in an oxymoron.
Nobody cared about Security in W95 because nobody was using broadband, and it was freaking DOS based. People cared a lot about running old DOS games but being able to use Netscape 3.x or whatever without having to install Trumpet Winsock. Integrated networking, 32 bit API and software, better memory management,etc. People wanted that.
One shitty release after another, with little improvement beyond enough unremovable eyecandy to force everyone to buy a new system to handle the bloat.
If you can't concede that XP is better than windows 95, irrespective of eye candy, im not sure we've got any common ground.
per-processor licensing to force the competition out of the market,
who have we forced out of the market with per processor licensing?
fwiw, Solaris works this way, Oracle works this way, etc. We have a variety of licensing models, but that per-processor is one of them for some of our products is neither unique nor particuarly insidious.
I never used DOS 4.0, i used 3.3 and 5.0, and later 6.x, and i didn't work for MS back then, so i can't say much about them or the business decisions behind them.
I tell people - it's fine to hate Microsoft. But please have reasons that make sense, that are justifiable and factual. If you're going to hate us, be rational, have a sense of perspective, etc.
Based on what i wrote, i'd come to the conclusino that Microsoft listens more to its customers than its employees!
We do what we think will make customers buy our stuff. That includes listening when they complain. In the case of security, that means "stopping the train" and making that top priority.
I don't think there's a built-in spell checker for the "Comment" box on slashdot, even when you use Firefox (as i am using currently for slashdot):)
In any case, i'll put aside my disgust at being accused of being a PR/Marketing "person" and try and explain what i was saying a bit better:)
"pragmatically positive effect" Ok, so this sounds kind of silly, but basically it would be awkward to say "our competitors kicking our butt is having a positive effect on us" I shoved pragmatic in there to suggest that even thought it seems counterintuitive, as a practical/pragmatic issue, our competitors are making us better, even while they're taking market/mindshare from us at times.
"corporate willpower" Guilty as charged. The point here being that you need some large percentage of "important" people at the company to really get something that sweeps across every aspect of the company going.. we got that with security. We dont have that yet with running as non-admin (that i can tell)
"threat models" This is primarily the reason i am responding to an A/C that is mostly trying to belittle me. If you're not using threat models, i can only hope its because you don't know what they are or how they help you. If you know how threat modelling works and why/how to use it, but have decided not to, i'd be curious to know why. Threat modelling and its output - the threat model documents, are pretty important in modern, hostile-world facing software development. If you do a google search on "threat modelling", (as of right now), the first link you get back is an MSDN article explaining what it is, etc. If you have anything to do with software development or procurement, (i.e. you make software or you choose what software to buy) its probably worth your time to understand what threat modelling is.
Finally - my jab against linux. I've had to make my living off of linux before. I'm not making pot shots from some ivory tower here:) If you haven't used linux enough to come across both security and reliability problems - that other UNIX's dont have.. you haven't done enough with linux, and/or you don't know enough about other unix variants. I'm not trying to suggest that linux is without merit, or that it's the worst thing ever.. its simply not the pinnacle of human acheivement.. or freeware operating systems:)
One problem for some of "us" is that we want to be quantitative about things. When someone says to us "you suck, linux is more secure", we demand to know how "more secure" is measured. This puts people in the counting vulnerabilities or security bulletins game. That naive method has flaws, so then we get into issues of "how _severe_ was a vulnerability" and the thing eventually gets reasonably subjective.
In any case, I am not prepared to give you specifics (i am doing this off the top of my head), but the surprising (to many) and positive (for us) news is that for some definition of "critial" and for some distribution(s) of linux, we've got less critial vulnerabilitiy bulletins in Server 2003 than those linux distributions. As far as i know, that's not because we have vulnerabilities we know about and just aren't issuing bulletins, so please brush that conspiracy theory aside:)
Turning off code at the factory and then declaring issues less severe because the code was shipped out disabled is unrealistic in the real world.
I disagree. Secure by default is not something we decided to invent to see how it played out - OpenBSD ships a lot of things in the box - but all turned off, and they are turned on by the administrator as needed. I find it hard to argue with OpenBSD's track record on pragmatic security, don't you? Furthermore, if you look at the history of things that have just killed us security wise, it has often been the case of stuff turned on that nobody needed or didn't even know they were running. In the W2k/IIS5 timeframe we were killed by IP-Printing, index server, etc.. features of IIS that NOBODY used but everybody ran. In XP we had problems with the UPNP thing (when there were really no UPNP devices). When Slammer hit we scrambled because MSDE was out there in all kinds of places and nobody knew exactly where all you could expect to see it.. both with our products (shameful, but we've taken steps to address this internally) and with 3rd party software that redistributed MSDE..
At least with Microsoft, it has long been the case that we ship with too much crap turned on and that makes our attack surface larger than it needs to be. Turning off what we can seems like a valid thing to do. Even if the admin turns on 90% of what we shut off, their attack surface is still only 90% of what it would ahve been had we not done anything.
The Server Roles feature i think is pretty good - it lets us ship with lots of stuff turned off, but makes it trivial to turn on the stuff you need. I haven't done any kind of analysis on how much you open yourself back up by using the roles wizard (i.e. could a guru do a better job manually?) but i suspect its pretty close to optimal.
Shipping stuff turned off is just one aspect of a defense in depth strategy. The safest code is code that doesn't run. But if the code is going to run, lets have things firewalled off by default.. but if the administrator insists on opening up that port, lets have the binary compiled with/GS to block stack-based overruns.. but if the user is running their own service that is NOT compiled with/GS, lets have DEP/NX turned on so we get system-wide overrun detection..and so on..
Just as an aside - what services are you aware of that need to be running to run IE ? I can't think of any that you'd leave turned off except for needing to run IE. Also, IE for Server 2003 ships in "lockdown" mode which is pretty draconian w.r.t. what it can do. Finally, if you dont want to use IE at all, i think this is possible, since there are a variety of ways to get complete patches with no outside network access required (i.e. SUS, or just building a patch CD on a less vital host, and using sneaker net to get it to the production locked down boxes...)
A secure computing environment. That is, not just secure applications,
we compile all code now with/GS (which does stack canaries, basically) We examine every binary that leaves the building and can tell if the cookie_init() stuff is in there or not. There may be special exceptions, but this is a "requirement" to ship.
closed ports
The firewall is on by default in XP SP2. This caused a lot of people to be unhappy, but customers (and people like yourself, if you dont happen to be a customer of ours) are clearly asking for it.
stringent remote access requirements
I'm not sure exactly what you have in mind here, but i'd say i understand better how to control who can connect and in what ways on most unixes than i do on windows. That in and of itself is a problem - nothing should be easier to understand on unix that windows, because no part of unix was designed for casual ease of understanding (a lot of it is easy to understand once you get the right mindset, or if you're a developer/whatever.. but thats more by side effect of the simple design than any real effort at accessibility, IMO)
I'm not sure what is going on this space. There are lots of individual peices in this picture that are getting better but i dont think there's anything like a unified administrative console that controls or answers "who can access this computer, and how". I admit that when i try and connect my work laptop to my home network, CIFS is busted badly and after 5 minutes or so times out, and i get a security event on the home-machine i'm trying to access. There are a lot of things going on on my work laptop (wpa, ipsec, routed use of non-routable networks, and obvious domain membership) but it seems like this is a pretty fundamental scenario to have "just work" and for the life of me i cant get it working at home.. so that indicates that we've got more "opportunity" in this space:) I mean, i can get NIS/NIS+ and NFS working right on a variety of platforms. Seems like i ought to be able to troubleshoot home networking..:)
disabled unnecessary services
Well, it still seems like there's always more stuff than I want running, but in Server 2003 we've made some progress towards that via Server Roles. Out of box, the attack surface is pretty small, and you turn on stuff like "web server", "application server", "file server" etc.
privilege separation
This has been a peeve of mine since i started, since i came from the *nix world. When i started, i complained to the VB6 team that it was impossible to debug COM Dlls in VB6 without admin rights, and that debugging seems like a pretty reasonable thing to do. The response from a VB6 PM at the time was "the NT security model is too hard, so its not our problem". The response today is different - even if you still need elevated privs to do certain things with VS7, 7.1, and 8.0. There is a ton of work in Vista to try and enable more things to work as non-admin, but unfortuneately there isn't a huge non-admin religious movement inside the company yet - most people still run as admin on their development machines and laptops... although there are some people that are really religious about no-admin and are pushing everywhere they can across all products..
and in general the ability to let people run applications on your computer while restricting access to computer resources that they shouldn't access (listening on privileged ports, for example).
Yes, there's effort happening here. Some specific things in IE, i think, and the CAS / appdomain things you can do with managed code will help here. These are things that partially exist today, but aren't well used for reason #2..
A secure development environment. That is, providing the tools and documentation needed to allow third-party developers to write secure applications. I
I'm a microsoft employee that is thankful for the pragmatically positive effect that competitors have had on us.
When i started at MS, we were getting our lunch eaten in security/reliability issues compared to linux.. (which frnakly sucks at security and reliabilty compared to some other UNIX variants) We had customers tell us "you get your sh@#$ straight or we're jumping ship". They had heard, experienced, or both, that they could get better uptime and fewer successful attacks from other platforms.
That's what we needed - the execs heard that we had a competitive threat, so there was executive support to let the really brilliant guys push through huge expensive work on reliability, correctness, security, maintainability, etc. In the past, enough customers were willing to pay for something like Win95 that we only had to make something as good as Win95 (which i never used, btw, as i had given up PC's for Solaris/SPARC by that time..)
Today, nothing can leave Microsoft without the "security gurus" giving their stamp of approval. (i.e. the guys like Michael Howard). There's a formalized process, a list of stuff to check for, all threat models are reveiwed, we have a bunch of internal tools that look for known-uglies in code bases..
None of this existed 5 years ago and today it's mandatory for all shipping products.
Obviously there's more work to do on security and reliability, but today we have the corporate willpower to dump a lot of investment at these problems, and the results are encouraging - Server 2003 has very few issued critical udpates compared to past MS products, and even compared to some distributinos of linux.
The other thing we're finding is that for lots of things, F/OSS people can clone our stuff (UI, feature set) in less time than we can design, write, test, and ship it. Outlook's 11th version is what's out in the market place right now, but something like Evolution (which let's be honest, is about as blatant an outlook clone as you can make without the underlying technologies _also_ being Microsoft stuff) is only a few years old and is functional for a good number of scenarios.
Freeware clones/reimplementations benefit from the UI, the feature set, the "flow", the architecture, and most importantly, the MISTAKES that we've made, so that F/OSS teams can deliver a reasonably functional app that works reasonably well in a very short amount of time.
We definitely know about Eclipse and what it does. People on the inside ask "why would i use VS instead of Eclipse?" and its up to us to make sure there's a good answer.
So yes, i think most microsoft employees understand and even appreciate that competition makes us work better, and that alot of that competition today is Apple, F/OSS, and Google.
I was a long-time DirecTV subscriber, and when the Series2 DirecTivo (HDR2) came out i bought one immediately.
We loved Tivo and I had always liked DirecTV.
But a little over a year ago we cancelled our service, and put the HDR2 back in its box. (I have an odd habit of saving the original packaging for "expensive" electronics)
You see, as much as I liked the Tivo, i found that there really wasn't all that much on that I wanted to watch, and the more stuff it stored, the more i felt obligated to spend time watching TV. Then there was the issue of my wife and I having totally incompatible program preferences, but only one Tivo. DirecTV has been pretty good about NOT including any of the cool Tivo features (no home network, etc).
After living without TV for a while, when i visit someone with a TV on, i like watcing for a few minutes and then the commercial breaks come, and i ask myself "how the f@#$ does anyone put up with this? I feel myself getting dumber with each passing second..."
The other thing i dislike is the airing schedules/habits of the various channels. On the rare chance that i find something i like (like, Samauri Champloo or whatever), i dont want to wait multiple days to see if Tivo has recorded a new episode. If the story is good, i want to watch all the episodes back to back, to see how the story turns out. Theres no reason to wait a week to see "the new episode" - i want it all at once (and without commercials, and without stupid Americanizations, i.e. what happens to the BBC Top Gear episodes that make it stateside - cut down, and a year or more delayed from British Airing..)
The answer, of course, is Bittorrent. If i get interested in a program, I'll just download the _entire season_, usually in its native language (if its Anime, it's been subbed for me by the time i download it). I get the original versions of the content, i get no commercials, i get instant gratification, and i can watch it on my computer - or any computer i own.
I'm actually thinking of building an HTPC with no tuner/capture card.. just to play DVDs and BT downloads on in my theater room, instead of on my main workstation.
My wife has also adjusted well to no TV. She gets a lot more done at home and when there's a show she discovers that she likes, she gets the entire season of it on DVD.. either by getting it from the library (free!), borrowing it from a friend, or just buying the set for $20-$50 for a season. If you figure there are 3 or fewer series of show you like in a given year, you can buy them outright with no commercials for less than a year of _any_ TV service will cost you. And you get the material on your own terms, with no hassles.
TV content is simply not good enough to accept it on terms you don't set yourself. If i have to put up with inconvenient terms, i just wont watch. That's why i got rid of DirecTV. That's why i see almost no movies, and its why i am looking to go to a software-only DVD player that lets me fastforward/skip anything i damn well please.
People who can't secure their computer shouldn't connect it to the internet
Consider yourself disconnected.
You run openBSD. OpenBSD has had security vulnerabilities. Ergo, you shouldn't connect your openBSD mchine to the internet.
If openBSD was perfect, it wouldn't matter what the rest of the internet was doing - why does oBSD care if someone is trying to DDoS it? Doesn't it have the "perfect-filter" technology that automatically hacks upstream routers (which are insecure since they dont run openBSD, and which by the way, ought to be disconnected from the internet) and null-route sources of DDoS traffic? I mean.. being victim to random internet traffic sounds pretty insecure to me..
I understand being frustrated that other people have insecure computers, and that the internet is a "community" resource. Hopefully, you realize that your statements/position are ridiculous and self-contradictory. Wanting them to suffer more doesn't make your life better - and certainly not theirs!
Which statement describes more machines connected to the public internet:
- computers belonging to home users or uninterested business users, with no training or expertise at securing and patching computers
- computers that are -- managed by security experts --- that, given a full disclosure statement, would know what to do to mitigate their protected assets against the vulnerability and could do so within 24 hrs, -- given the above, are running machines configured such that they were actually vulnerable to the issue
Responsible disclosure is better for more computers and more people. Adminsitrators smart enough to benefit from 0 day disclosure are smart enough to not need 0 day disclosure because of defense in depth. Everyone else suffers from 0-day disclosure.
Compare the # of incidents of clandestine, targeted attacks vs the # of incidents of machines compromised by today's worm-du-jour, written by someone based off of a vulnerability report, usually with working code.
How can you be happy when someone else is suffering? It's not your grandmothers fault she uses windows. OpenBSD is NOT appropriate for "home users", and it's not designed to be, and it cannot ever be as secure as it is yet as functional as required for non-power-users.
Every operating system in use on PC's has security issues, even openBSD. OpenBSD is where it is because it's entire focus is security/correctness.
Security and correctness are NOT the most important aspect of general software development - if they were the only requirements, then a lead box buried in the ground would easily be more secure than openBSD. The issue is functionality vs security and correctness.
When there is something that works as well as windows for what people that use windows need to do, but has fewer problems, people will change to it in droves. For some people, that is Mac OS - although it has its own severe security problems - do you laugh when people with macs have to reboot their machines because of SoftwareUpdates ?
In any case - 0 day full disclosure hurts the majority of computer users. No amount of pain will convince them to stop using windows. If you want people to stop using windows, develop a credible alternative. Don't sit and laugh at people that don't have better choices available to them, and then say things like "i support people making life harder for windows users".
The majority of worms,trojans, etc that do real damage are not written by security researchers.. they're written by thugs that use someone elses research and attach a payload to it.
The goal of responsible disclosure is to reduce the aggregate damage of a security incident.
We've seen that in the past, malware has been written by adopting the code/info/techniques in the bulletin, sometimes even the info-light ones released by MS!, and has caused considerable harm.
Yes, it is true that _somebody_ might secretly know a vulnerability exists, and might choose to exploit it for the purposes of a targeted attack.
OTOH, when you put code/pseudocode out there before a patch is ready, it is highly likely that _everyone_ will suffer from an undirected, general trouble-making type of attack.
Corporations that are the targets of precision intrusion are NOT living or dying based on 0-day disclosure. But the millions of home users and casual everyday users DO get _crushed_ when a worm/virus hits their machines.
The best thing for the internet, computer users at a whole, etc, is a disclosure policy that works to get the defects fixed in a timely manner and without making it trivially easy for malware authors to construct wide-spread destruction.
Full disclosure was the radical movement that finally caused companies to wake up, and for that, i appreciate its contributions. However, "idealist" is another way of saying "pretentious, insufferable, @#$head". The full disclosure movement, having finally gotten the attention it deserves, needs to shift pragmatically towards a reasonable approach that delivers the highest overall benefit, and that's what responsible disclosure is about.
You may argue about the details of how long it takes to get out a patch, but turst me, the idea that releasing full exploit code on day 0 is a good thing for todays internet is ridiculous. I'm curious to see an argument that suggests it is more appropriate and better than a responsible disclosure to the vendor.
a good manager understands that you are better at what you do than he or she would be at the same tasks. That's why you're employed, after all.
The good manager asks for your opinions and input on items which, in the managers ability to determine such, are relevant to you. the manager then looks for logical fallacies in your arguments, and also presents other arguments he or she has heard (probably by his or her other employees) for you to consider and rebuff.
This dialog makes both you and the manager better, and when the manager needs to present and justify a position, she is in a better position to do so. In certain cases, a good manager will ask you to tag along to meet "the big whigs" whom you are normally insulated from.
If someone is sufficiently intelligent, and they have intelligent employees, they can make wise decisions in areas for which they have no domain knowledge. It is up to the leaf-node employees to present the specifics, and up to the manager to make a weighted analysis of the factors identified by the subject matter experts (the employees).
A good manager loves having employees smarter than herself, because the entire team looks great as a result.
On the other hand, if your manager cannot make decisions when given multiple choices, and cannot ask the right questions, and cannot challenge you and your team members with precision questions, what value are they adding ?
A good manager will not make you smarter by showing you things you don't know. A good manager will make you smarter by making you remember the things you already know, by asking you questions you already know the answers to.
There is not consensus on the theory of evolution--certainly not on the way it is often taught in public schools. No one has demonstrated an ameoba mutating into a human being, infact, nobody has demonstrated anything else mutating into a homo sapiens.
Nobody has shown that, given a certain set of conditions, life spontaneously generates.
No. The aspects of biogenesis, macroevolution, synthesis of homo sapiens from other species - none of these things have been demonstrated (to my knowledge - im happy to be wrong).
It seems disingenuous for you to attack ID for being non-falsifiable when to "prove" Evolution you'd need to witness things on an immeasurably long scale of time such that it is "non provable". It's certainly harder to prove that something _cant_ happen than to prove that it did. Non-theological discussions of biogenesis rely on accepting that there is no supernatural explanation, which means that living matter must have been created from non-living matter (a tautology, right?.. as there was previously no living matter...) or "energy", of which we haven't yet discussed any notion of living vs non living... in any case, how is a tautological scenario falsifiable, and thus scientifically sound?
Fundamentally, science must suggest theories which fit the data in question. The best theories - the ones which seem to fit the data best - must bubble to the top. The claim of ID proponents is that an intelligent, omniscient designer having a hand/influence in the arrangement of matter to generate life is the most likely of the presented theories.
I, for instance, find that much more likely than NaCL turning into protozoa.
You'd suggest that ID is non-falsifiable because you cant conduct experiments to test it. Sure you can. Wait for the divine being to decide you're worth convincing that ID is correct about biogenesis. Then wait and observe.
That experiment is _no_ different than "create conditions similar to how we guess earth might have been $maxint years ago, stir occasionally, wait for miraculous process"
In any case, I'll do some more intelligent falling research. Thanks for the link:)
Slashdot Mirror
When i was still working at the redmond campus (as a blue), a few times a year we'd see a bunch of bozos walking around campus with "WashTech" signs / banners etc. A few people were trying to start a tech-workers union back then.
:)
The sort of people Microsoft wants to hire (as FTEs) are not interested in unionization. Microsoft, more than anywhere else i've worked, is a meritocracy where people are vastly rewarded for excellent personal performance. We want to hire people that excel in that environment. People that know they are bright enough that they could walk and find other gainful employment, so don't put up with things they don't have to where they are. People that have a variety of options and beleive where they are at is the best available.
That's pretty much the opposite of the sort of people that are interested in unionization.
I don't see Microsoft putting up with any kind of unionization of contract workers. The last time contractors aggregately sued MS, we amended our policy by making them sit on the bench 100 days per year (to make it crystal clear that contractors/permatemps were temporary.. a- (agency-temp) workers have to take 100 days off every year now)
There are some distinctions at MS between blue and orange that probably need to remain, but others that could probably go away. The latter are mostly individual actions.. people with poor professional behavior that treat contractors unfairly or as if they're some kind of lesser person. There need to be some differences in the way you treat the non-blues for legal/other reasons, but that shouldn't spill into how you treat them as humans. Unfortuneately it is completely possible to work at MS and not really have any sense of how to interact with people effectively [unless you define "effective" as badgering people into submission].
I've worked with great contractors and not so great contractors. Hell, I know of at least one guy that moved from blue->orange so he could take 100 days of "vacation" every year to snowboard. Not a bad sounding idea, honestly
Yeah, that's what i've heard :)
:)
Note the careful wording of my original statement. It's not the absolute frequency, its the frequency of scoring divided by the frequency of desire. So long as desire goes down at the same rate as the scoring, its no big deal
No channel accurately captures what i want to see.
I want _shows_. Infact, i dont even want all the shows of a given series.
I haven't had any kind of TV service for a while now. What i've recently discovered is that i love anime. Not all of it, but a bunch of stuff i never expected to like.
To discover shows, i've done research at anidb, talked to friends, etc. I'll grab the first few episodes of a show and see how i like it. If i do, i end up getting all the episodes/OVAs/whatever from that series.
What i want is the ability to preview a show for free, and if i like it, get more episodes of it. I want these on my PC, with zero advertising, and in a format i can view on any of my home computers. I want it to play flawlessly inside of Windows media Center (or some other unified-media-shell like Myth or something..)
I am willing to pay for the right content on the right terms. I don't want a cable service - i want it to come into my home network via IP.
I was making this argument to someone the other day. Today, people are willing to pay $40-$130 for a DVD box set of a season of a show they like. DVD quality, zero playback hassles, no commercials - just the content they know they like, in a large batch.
Imagine if consumers could get the same experience (or better), but for the media provider, there are no physical manufacturing costs, on wholesale/retail middlemen, etc. You simply buy a season of "Monk" or wahtever and the transport is IP. If the terms of use were similar to a DVD (i.e. i can take my file and burn it in such a way that i can play it anywhere without too much hassle, and its not tied to my PC/OS/whatever) i'd be happy to pay 80-95% of the DVD price. But for the distributing company, its almost entirely profit, especially compared to DVDs..
Shows i'd pay to watch, based on the above terms/model:
- WRC coverage
- F1 races
- a bunch of Anime
fyi, a series i happen to like is "Inuyasha". The distribution model for these so far is kind of crazy.. in the US there are DVDs issued with 3 episodes on them.. for $19. Eventually, a whole-season set will come out at the $85 price point.. this is usually 26 episodes. The show had 167 episodes made before production abruptly stopped. You can see that getting the series on 3-ep discs would cost $1100.. where as getting the show as 1-season box sets would cost $550 or so. Even so, we're talking $3.20/ep which seems a bit high to me. Inuyasha is a star property and Viz can realistically charge whatever they want for it and it will probably still sell well. But I wonder, how much lower could that price-per-episode be if we remove the physical distribution alltogether? And how much more profitable for Viz at the same time ?
when i was a 13 year old kid, playing the original PC doom on my 486 for HOURS every day.. ...i spent a lot of time thinking "man, i wish there was some woman that had sex with me as much as i could possibly want it"
Now that i've been married a few years, i spend very little time thinking "man, i wish i had more time to play Doom 3"
but not in the way you expect.
There are a lot of people that are not Microsoft employees that have seen and have improved the Windows source code.
However, Microsoft is an Intellectual Property company. For better or worse, Microsoft considers its source code its crown jewels. Sharing that in a restriction-free manner is a risk that has been too great to consider thus far. What has instead happened is that MS has worked to get some of the benefits of peer review, but in a way that manages risk (selected audience, NDA, etc) of intellecetual property loss.
There are paid security consultants that review key portions of MS code; there are many Universities that have Windows source licenses.
I'd like one each of the following tapes..
...
"To each his own"
"Whispers in the wind"
"Put it where it doesn't belong"
"My pipes need cleaning"
Randall for CEO! Woooo!
It is always better to lose control of something to a corporation than to a government. If i don't feel like involving myself in how a company does business, i don't have to. They can control it all they want to - i can still choose to not use it, and unless they're buying laws (which they unfortuneately do), i can use it in a way that violates their wishes should I have the moral latitude to do so.
Contrastingly, nobody has the choice to opt-out of what the government says. If you dont like it, you go to jail, in civilized countries. In other places, you just get shot.
The UN, which is so fantastically corrupt so as to make the current US administration look downright saintly, and the EU, which is SO out of touch with the PEOPLE of Europe that the constitution cant get ratified, want control. The only two arguments we've heard are "we dont like America being in control, because America is unpopular right now", and the one we don't hear as much is "we want to censor and tax the internet and we need a legal foothold for how to do that"
Everyone will always do what they can to expand their control. This includes governments, companies, and individuals.
You are a FOOL if you want the government to EVER step in take control from a company. Once the government gains control of something, it never relinquishes it, and it always costs people more in the long run. And unlike corporations, there is no higher authority that can punish or unseat a government.
The RIAA/MPAA are not problems because they are companies. They are problems because they've convinced the government to make the wishes of the MPAA/RIAA the GOVERNMENTS problem. If the US government had properly told these bozos to sod off, then the RIAA/MPAA would have no teeth and nobody would care that they are in the business of abusing customers. It is precisely BECAUSE OF government interference (purchased laws, basically) that corporate interests are gaining effect in the US.
Today, neither the US govt or some malignant company controls DNS. The SiteFinder fiasco is the only (recent) attempt at doing something to DNS that wasn't in the best interest of "the net", as opposed to some companies potential benefit. The net, true to form, routed around that problem.
The loose anarchy of experts maintaining DNS now is far, far preferable to any government intervention or oversight.
Finally - "if it ain't broke - don't fix it" applies here in spades.
If you look at a typical X windows install, the overwhelming majority of fonts are NOT truetypes. There are a gazillion different X fonts on a normal installl, but only a small subset of them are truetype. Font handling in X has always been atrocious.
.. which btw would apply to office as well unless you dragged over all of COM).
:)
Regardind just "picking" KDE vs Gnome - great, we can take the already non-existant market and then cut it in half. And for the half that is supported, they'll be irate that they can ONLY drag and drop with other KDE apps, right?
Fonts are NOT "just fonts" - once upon a time, ghostscript was the only way to get quality printer output on *nix machines, and its fonts were entirely separate from X fonts.. and there was logic in gs to try and map non-embedded PS fonts to GS fonts, and the PS fonts themselves came from who-knows-where...
Undoubtedly, things are better now, but i have a hard time beleiving that the experience is as polished as you get on a Mac or a windows machine.
You haven't outright said it, but you're implying that the platform stack of Windows is more or less a straight across port to Linux. And my response is "bullshit". I've tried to pick a few things that will significantly different because the infrastructure to support them is either not there or very different (font handling, embedded HTML controls, and pervasive drag-n-drop being a few that i picked).
It's not like this is an entirely academic argument. I've used IE and Mediaplayer for solaris. Neither of them holds a candle to the windows counterpart.. and IE/Solaris was extremely crash-prone on my machine. Nevermind that the 3rd party stuff of course didn't exist (i.e. no AX, no plugins,
Someone earlier mentioned the "office already works in wine/codeweavers". Yeah, Office 2k, and they rate it "works, but very buggy".
I've done plenty of coding in both worlds. There is a LOT of platform infrastructure in windows that you can expect to be there and expect to more or less work as a windows app developer. There's almost NOTHING microsoft ships that isn't componentized and setup for anonymous runtime links (COM). People say that CORBA/bonobo is "the equivalent" but the last time i looked, that's not the underlying technology 100% of f/oss libraries were setup to work with.
Just adding -lgtk to the makefiles isn't going to be sufficient
COM, GDI, GDI+...
What drag and drop mechanism should Office for Linux use? Should it bring along it's own, that only works with Office? Should it support Motif DnD? Xt ? Gnome? KDE ? All of them ? Why cant they all just be the same?
When Office wants to launch HTML help, how should it embed a web browser into an office window do render the HTML? Which HTML renderer should it use? Are they porting IE to linux also, or are they getting a license for KHTML or something, in such a way that they can keep Office closed but statically link to GPL/other F/OSS licensed web content ?
Even stuff like font metrics, font browsers, and font descriptions are fundamentally different - you really have no guarantees about what fonts are available on a linux system, and the various fonts work in different ways depending on encoding and technology. Are you guaranteed to be able to get X fonts to look right on a printer? Only certain fonts? How do you communicate that to the user effectively?
And speaking of printing - there have been precisely two UNIXes that have had a realistic printing story - NeXT, where you bought their machine, their OS, their laser printer, AND- the whole freaking OS was Postscript. That was a printing story on unix that worked. THe other is Mac OS X - where you have mostly NeXT, and apple is happy to limit the # of supported printers to like 6 or whatever the number is. I realize that OS X uses CUPS now and you can probably get OS-X levels of niceness on any unix, but how much time will someone spend fighting getting their printing right from Office? It's kind of a crapshoot, and if someone has paid a bunch of money for office, they're going to expect real printing support that is bulletproof.
Why do you suppose a Linux Office would do well ?
- 1) the facilities available on linux/X windows to make something like office are lacking. It's not an intractible problem, but you've got a lot more richness in the Windows platform that the Office team would need to get from _somewhere_
but, the much bigger issue is:
- 2) Nobody is going to pay for Office on Linux. People that run linux on the desktop are not interested in buying anything from Microsoft. They're usually not interested in buying anything at all, software wise.. but certainly not from Microsoft. I don't see Office for Linux driving linux adoption, so i don't see lots of new customers coming to the space either.
I might entertain the idea that Microsoft would work better split up. But most people that make this argument assume that a split-microsoft will produce Office for Linux. I don't think it will ever happen. To be honest, a large part of the comments on this story are about how google will win with server/web centric apps, etc. How would Microsoft investing heavily to make a thick-client app for a minority player primarily used by a market of people who hate paying for software and hate microsoft more than Stalin, be a good, moneymaking move ?
It is illustrative to look at the MS products for Macintosh. The availability of Office/Mac has not had some staggering effect on Mac penetration. One reason MS makes mac products is that lots of Mac people are more than willing to buy software.. they already paid too much for their computers, and 95% of stupid utilities for macs have been pay-ware (not as much with OS X inheriting a large unix base and unix attitudes about homebrew development.. but historically speaking), so the Mac user traditionally has been extremely willing to pay for software, thus making it a market worth considering.
When the # of people willing to pay for Office/Linux, times the selling price (call it $199 (ha ha)) is larger than the cost to develop it, Microsoft will make Office for Linux. I don't see that ever happening.
So, can anyone elaborate on how they "extract DNA" from people?
If it involves one of those short-skirted, maximum-visible-cleavage nurses that you see in old Van Halen videos, then I think this is a great idea and look forward to getting detained.. and towards my eventual "release".
Remember Lex Luthors plan to get rich ? Buy all the property on the east side of the san andreas fault, then set off nukes in the fault to sink the west half of the state. Lex would overnite own the majority of waterfront property in california.
According to the sinless triumverate of truth (moveon.org, indymedia, and dailykos), Karl Rove has almost completed his master plan of melting all global ice to raise the world sealevel by 23ft.. which in a single stroke would wipe out almost all democratic voters in the US, as well as place all socialist-european countries in state of total turmoil whilst they tried to rebuild their cities and save their tax base (their population).
The republicans would then RULE THE WORLD!
Security problems in Win95 that got transferred to WinME and then WinXP.
Which problems would those be? XP is a completely different code base. 9x and XP aren't comparable from a features, security, or architectural standpoint (unless the comparison is to say "XP is superior in all ways")
When i say "people", i don't mean people that just hate Microsoft no matter what. I don't mean "security experts". I mean paying customers. NO _real paying customers_ gave a damn about security in any sense of the modern interpretation in win9x because the notion of a secure w9x in an oxymoron.
Nobody cared about Security in W95 because nobody was using broadband, and it was freaking DOS based. People cared a lot about running old DOS games but being able to use Netscape 3.x or whatever without having to install Trumpet Winsock. Integrated networking, 32 bit API and software, better memory management,etc. People wanted that.
One shitty release after another, with little improvement beyond enough unremovable eyecandy to force everyone to buy a new system to handle the bloat.
If you can't concede that XP is better than windows 95, irrespective of eye candy, im not sure we've got any common ground.
per-processor licensing to force the competition out of the market,
who have we forced out of the market with per processor licensing?
fwiw, Solaris works this way, Oracle works this way, etc. We have a variety of licensing models, but that per-processor is one of them for some of our products is neither unique nor particuarly insidious.
I never used DOS 4.0, i used 3.3 and 5.0, and later 6.x, and i didn't work for MS back then, so i can't say much about them or the business decisions behind them.
I tell people - it's fine to hate Microsoft. But please have reasons that make sense, that are justifiable and factual. If you're going to hate us, be rational, have a sense of perspective, etc.
Based on what i wrote, i'd come to the conclusino that Microsoft listens more to its customers than its employees!
We do what we think will make customers buy our stuff. That includes listening when they complain. In the case of security, that means "stopping the train" and making that top priority.
I don't think there's a built-in spell checker for the "Comment" box on slashdot, even when you use Firefox (as i am using currently for slashdot) :)
:)
:) If you haven't used linux enough to come across both security and reliability problems - that other UNIX's dont have.. you haven't done enough with linux, and/or you don't know enough about other unix variants. I'm not trying to suggest that linux is without merit, or that it's the worst thing ever.. its simply not the pinnacle of human acheivement.. or freeware operating systems :)
In any case, i'll put aside my disgust at being accused of being a PR/Marketing "person" and try and explain what i was saying a bit better
"pragmatically positive effect"
Ok, so this sounds kind of silly, but basically it would be awkward to say "our competitors kicking our butt is having a positive effect on us" I shoved pragmatic in there to suggest that even thought it seems counterintuitive, as a practical/pragmatic issue, our competitors are making us better, even while they're taking market/mindshare from us at times.
"corporate willpower"
Guilty as charged. The point here being that you need some large percentage of "important" people at the company to really get something that sweeps across every aspect of the company going.. we got that with security. We dont have that yet with running as non-admin (that i can tell)
"threat models"
This is primarily the reason i am responding to an A/C that is mostly trying to belittle me. If you're not using threat models, i can only hope its because you don't know what they are or how they help you. If you know how threat modelling works and why/how to use it, but have decided not to, i'd be curious to know why. Threat modelling and its output - the threat model documents, are pretty important in modern, hostile-world facing software development. If you do a google search on "threat modelling", (as of right now), the first link you get back is an MSDN article explaining what it is, etc. If you have anything to do with software development or procurement, (i.e. you make software or you choose what software to buy) its probably worth your time to understand what threat modelling is.
Finally - my jab against linux. I've had to make my living off of linux before. I'm not making pot shots from some ivory tower here
One problem for some of "us" is that we want to be quantitative about things. When someone says to us "you suck, linux is more secure", we demand to know how "more secure" is measured. This puts people in the counting vulnerabilities or security bulletins game. That naive method has flaws, so then we get into issues of "how _severe_ was a vulnerability" and the thing eventually gets reasonably subjective.
:)
.. but if the administrator insists on opening up that port, lets have the binary compiled with /GS to block stack-based overruns.. but if the user is running their own service that is NOT compiled with /GS, lets have DEP/NX turned on so we get system-wide overrun detection..and so on..
In any case, I am not prepared to give you specifics (i am doing this off the top of my head), but the surprising (to many) and positive (for us) news is that for some definition of "critial" and for some distribution(s) of linux, we've got less critial vulnerabilitiy bulletins in Server 2003 than those linux distributions. As far as i know, that's not because we have vulnerabilities we know about and just aren't issuing bulletins, so please brush that conspiracy theory aside
Turning off code at the factory and then declaring issues less severe because the code was shipped out disabled is unrealistic in the real world.
I disagree. Secure by default is not something we decided to invent to see how it played out - OpenBSD ships a lot of things in the box - but all turned off, and they are turned on by the administrator as needed. I find it hard to argue with OpenBSD's track record on pragmatic security, don't you? Furthermore, if you look at the history of things that have just killed us security wise, it has often been the case of stuff turned on that nobody needed or didn't even know they were running. In the W2k/IIS5 timeframe we were killed by IP-Printing, index server, etc.. features of IIS that NOBODY used but everybody ran. In XP we had problems with the UPNP thing (when there were really no UPNP devices). When Slammer hit we scrambled because MSDE was out there in all kinds of places and nobody knew exactly where all you could expect to see it.. both with our products (shameful, but we've taken steps to address this internally) and with 3rd party software that redistributed MSDE..
At least with Microsoft, it has long been the case that we ship with too much crap turned on and that makes our attack surface larger than it needs to be. Turning off what we can seems like a valid thing to do. Even if the admin turns on 90% of what we shut off, their attack surface is still only 90% of what it would ahve been had we not done anything.
The Server Roles feature i think is pretty good - it lets us ship with lots of stuff turned off, but makes it trivial to turn on the stuff you need. I haven't done any kind of analysis on how much you open yourself back up by using the roles wizard (i.e. could a guru do a better job manually?) but i suspect its pretty close to optimal.
Shipping stuff turned off is just one aspect of a defense in depth strategy. The safest code is code that doesn't run. But if the code is going to run, lets have things firewalled off by default
Just as an aside - what services are you aware of that need to be running to run IE ? I can't think of any that you'd leave turned off except for needing to run IE. Also, IE for Server 2003 ships in "lockdown" mode which is pretty draconian w.r.t. what it can do. Finally, if you dont want to use IE at all, i think this is possible, since there are a variety of ways to get complete patches with no outside network access required (i.e. SUS, or just building a patch CD on a less vital host, and using sneaker net to get it to the production locked down boxes...)
Thanks for asking :) I'll take a stab:
/GS (which does stack canaries, basically) We examine every binary that leaves the building and can tell if the cookie_init() stuff is in there or not. There may be special exceptions, but this is a "requirement" to ship.
:) I mean, i can get NIS/NIS+ and NFS working right on a variety of platforms. Seems like i ought to be able to troubleshoot home networking.. :)
A secure computing environment. That is, not just secure applications,
we compile all code now with
closed ports
The firewall is on by default in XP SP2. This caused a lot of people to be unhappy, but customers (and people like yourself, if you dont happen to be a customer of ours) are clearly asking for it.
stringent remote access requirements
I'm not sure exactly what you have in mind here, but i'd say i understand better how to control who can connect and in what ways on most unixes than i do on windows. That in and of itself is a problem - nothing should be easier to understand on unix that windows, because no part of unix was designed for casual ease of understanding (a lot of it is easy to understand once you get the right mindset, or if you're a developer/whatever.. but thats more by side effect of the simple design than any real effort at accessibility, IMO)
I'm not sure what is going on this space. There are lots of individual peices in this picture that are getting better but i dont think there's anything like a unified administrative console that controls or answers "who can access this computer, and how". I admit that when i try and connect my work laptop to my home network, CIFS is busted badly and after 5 minutes or so times out, and i get a security event on the home-machine i'm trying to access. There are a lot of things going on on my work laptop (wpa, ipsec, routed use of non-routable networks, and obvious domain membership) but it seems like this is a pretty fundamental scenario to have "just work" and for the life of me i cant get it working at home.. so that indicates that we've got more "opportunity" in this space
disabled unnecessary services
Well, it still seems like there's always more stuff than I want running, but in Server 2003 we've made some progress towards that via Server Roles. Out of box, the attack surface is pretty small, and you turn on stuff like "web server", "application server", "file server" etc.
privilege separation
This has been a peeve of mine since i started, since i came from the *nix world. When i started, i complained to the VB6 team that it was impossible to debug COM Dlls in VB6 without admin rights, and that debugging seems like a pretty reasonable thing to do. The response from a VB6 PM at the time was "the NT security model is too hard, so its not our problem". The response today is different - even if you still need elevated privs to do certain things with VS7, 7.1, and 8.0. There is a ton of work in Vista to try and enable more things to work as non-admin, but unfortuneately there isn't a huge non-admin religious movement inside the company yet - most people still run as admin on their development machines and laptops... although there are some people that are really religious about no-admin and are pushing everywhere they can across all products..
and in general the ability to let people run applications on your computer while restricting access to computer resources that they shouldn't access (listening on privileged ports, for example).
Yes, there's effort happening here. Some specific things in IE, i think, and the CAS / appdomain things you can do with managed code will help here. These are things that partially exist today, but aren't well used for reason #2..
A secure development environment. That is, providing the tools and documentation needed to allow third-party developers to write secure applications. I
I'm a microsoft employee that is thankful for the pragmatically positive effect that competitors have had on us.
When i started at MS, we were getting our lunch eaten in security/reliability issues compared to linux.. (which frnakly sucks at security and reliabilty compared to some other UNIX variants) We had customers tell us "you get your sh@#$ straight or we're jumping ship". They had heard, experienced, or both, that they could get better uptime and fewer successful attacks from other platforms.
That's what we needed - the execs heard that we had a competitive threat, so there was executive support to let the really brilliant guys push through huge expensive work on reliability, correctness, security, maintainability, etc. In the past, enough customers were willing to pay for something like Win95 that we only had to make something as good as Win95 (which i never used, btw, as i had given up PC's for Solaris/SPARC by that time..)
Today, nothing can leave Microsoft without the "security gurus" giving their stamp of approval. (i.e. the guys like Michael Howard). There's a formalized process, a list of stuff to check for, all threat models are reveiwed, we have a bunch of internal tools that look for known-uglies in code bases..
None of this existed 5 years ago and today it's mandatory for all shipping products.
Obviously there's more work to do on security and reliability, but today we have the corporate willpower to dump a lot of investment at these problems, and the results are encouraging - Server 2003 has very few issued critical udpates compared to past MS products, and even compared to some distributinos of linux.
The other thing we're finding is that for lots of things, F/OSS people can clone our stuff (UI, feature set) in less time than we can design, write, test, and ship it. Outlook's 11th version is what's out in the market place right now, but something like Evolution (which let's be honest, is about as blatant an outlook clone as you can make without the underlying technologies _also_ being Microsoft stuff) is only a few years old and is functional for a good number of scenarios.
Freeware clones/reimplementations benefit from the UI, the feature set, the "flow", the architecture, and most importantly, the MISTAKES that we've made, so that F/OSS teams can deliver a reasonably functional app that works reasonably well in a very short amount of time.
We definitely know about Eclipse and what it does. People on the inside ask "why would i use VS instead of Eclipse?" and its up to us to make sure there's a good answer.
So yes, i think most microsoft employees understand and even appreciate that competition makes us work better, and that alot of that competition today is Apple, F/OSS, and Google.
I was a long-time DirecTV subscriber, and when the Series2 DirecTivo (HDR2) came out i bought one immediately.
We loved Tivo and I had always liked DirecTV.
But a little over a year ago we cancelled our service, and put the HDR2 back in its box. (I have an odd habit of saving the original packaging for "expensive" electronics)
You see, as much as I liked the Tivo, i found that there really wasn't all that much on that I wanted to watch, and the more stuff it stored, the more i felt obligated to spend time watching TV. Then there was the issue of my wife and I having totally incompatible program preferences, but only one Tivo. DirecTV has been pretty good about NOT including any of the cool Tivo features (no home network, etc).
After living without TV for a while, when i visit someone with a TV on, i like watcing for a few minutes and then the commercial breaks come, and i ask myself "how the f@#$ does anyone put up with this? I feel myself getting dumber with each passing second..."
The other thing i dislike is the airing schedules/habits of the various channels. On the rare chance that i find something i like (like, Samauri Champloo or whatever), i dont want to wait multiple days to see if Tivo has recorded a new episode. If the story is good, i want to watch all the episodes back to back, to see how the story turns out. Theres no reason to wait a week to see "the new episode" - i want it all at once (and without commercials, and without stupid Americanizations, i.e. what happens to the BBC Top Gear episodes that make it stateside - cut down, and a year or more delayed from British Airing..)
The answer, of course, is Bittorrent. If i get interested in a program, I'll just download the _entire season_, usually in its native language (if its Anime, it's been subbed for me by the time i download it). I get the original versions of the content, i get no commercials, i get instant gratification, and i can watch it on my computer - or any computer i own.
I'm actually thinking of building an HTPC with no tuner/capture card.. just to play DVDs and BT downloads on in my theater room, instead of on my main workstation.
My wife has also adjusted well to no TV. She gets a lot more done at home and when there's a show she discovers that she likes, she gets the entire season of it on DVD.. either by getting it from the library (free!), borrowing it from a friend, or just buying the set for $20-$50 for a season. If you figure there are 3 or fewer series of show you like in a given year, you can buy them outright with no commercials for less than a year of _any_ TV service will cost you. And you get the material on your own terms, with no hassles.
TV content is simply not good enough to accept it on terms you don't set yourself. If i have to put up with inconvenient terms, i just wont watch. That's why i got rid of DirecTV. That's why i see almost no movies, and its why i am looking to go to a software-only DVD player that lets me fastforward/skip anything i damn well please.
People who can't secure their computer shouldn't connect it to the internet
Consider yourself disconnected.
You run openBSD. OpenBSD has had security vulnerabilities. Ergo, you shouldn't connect your openBSD mchine to the internet.
If openBSD was perfect, it wouldn't matter what the rest of the internet was doing - why does oBSD care if someone is trying to DDoS it? Doesn't it have the "perfect-filter" technology that automatically hacks upstream routers (which are insecure since they dont run openBSD, and which by the way, ought to be disconnected from the internet) and null-route sources of DDoS traffic? I mean.. being victim to random internet traffic sounds pretty insecure to me..
I understand being frustrated that other people have insecure computers, and that the internet is a "community" resource. Hopefully, you realize that your statements/position are ridiculous and self-contradictory. Wanting them to suffer more doesn't make your life better - and certainly not theirs!
Which statement describes more machines connected to the public internet:
- computers belonging to home users or uninterested business users, with no training or expertise at securing and patching computers
- computers that are
-- managed by security experts
--- that, given a full disclosure statement, would know what to do to mitigate their protected assets against the vulnerability and could do so within 24 hrs,
-- given the above, are running machines configured such that they were actually vulnerable to the issue
Responsible disclosure is better for more computers and more people. Adminsitrators smart enough to benefit from 0 day disclosure are smart enough to not need 0 day disclosure because of defense in depth. Everyone else suffers from 0-day disclosure.
Compare the # of incidents of clandestine, targeted attacks vs the # of incidents of machines compromised by today's worm-du-jour, written by someone based off of a vulnerability report, usually with working code.
I use OpenBSD too, so don't start with me.
How can you be happy when someone else is suffering? It's not your grandmothers fault she uses windows. OpenBSD is NOT appropriate for "home users", and it's not designed to be, and it cannot ever be as secure as it is yet as functional as required for non-power-users.
Every operating system in use on PC's has security issues, even openBSD. OpenBSD is where it is because it's entire focus is security/correctness.
Security and correctness are NOT the most important aspect of general software development - if they were the only requirements, then a lead box buried in the ground would easily be more secure than openBSD. The issue is functionality vs security and correctness.
When there is something that works as well as windows for what people that use windows need to do, but has fewer problems, people will change to it in droves. For some people, that is Mac OS - although it has its own severe security problems - do you laugh when people with macs have to reboot their machines because of SoftwareUpdates ?
In any case - 0 day full disclosure hurts the majority of computer users. No amount of pain will convince them to stop using windows. If you want people to stop using windows, develop a credible alternative. Don't sit and laugh at people that don't have better choices available to them, and then say things like "i support people making life harder for windows users".
The majority of worms,trojans, etc that do real damage are not written by security researchers.. they're written by thugs that use someone elses research and attach a payload to it.
The goal of responsible disclosure is to reduce the aggregate damage of a security incident.
We've seen that in the past, malware has been written by adopting the code/info/techniques in the bulletin, sometimes even the info-light ones released by MS!, and has caused considerable harm.
Yes, it is true that _somebody_ might secretly know a vulnerability exists, and might choose to exploit it for the purposes of a targeted attack.
OTOH, when you put code/pseudocode out there before a patch is ready, it is highly likely that _everyone_ will suffer from an undirected, general trouble-making type of attack.
Corporations that are the targets of precision intrusion are NOT living or dying based on 0-day disclosure. But the millions of home users and casual everyday users DO get _crushed_ when a worm/virus hits their machines.
The best thing for the internet, computer users at a whole, etc, is a disclosure policy that works to get the defects fixed in a timely manner and without making it trivially easy for malware authors to construct wide-spread destruction.
Full disclosure was the radical movement that finally caused companies to wake up, and for that, i appreciate its contributions. However, "idealist" is another way of saying "pretentious, insufferable, @#$head". The full disclosure movement, having finally gotten the attention it deserves, needs to shift pragmatically towards a reasonable approach that delivers the highest overall benefit, and that's what responsible disclosure is about.
You may argue about the details of how long it takes to get out a patch, but turst me, the idea that releasing full exploit code on day 0 is a good thing for todays internet is ridiculous. I'm curious to see an argument that suggests it is more appropriate and better than a responsible disclosure to the vendor.
a good manager understands that you are better at what you do than he or she would be at the same tasks. That's why you're employed, after all.
The good manager asks for your opinions and input on items which, in the managers ability to determine such, are relevant to you. the manager then looks for logical fallacies in your arguments, and also presents other arguments he or she has heard (probably by his or her other employees) for you to consider and rebuff.
This dialog makes both you and the manager better, and when the manager needs to present and justify a position, she is in a better position to do so. In certain cases, a good manager will ask you to tag along to meet "the big whigs" whom you are normally insulated from.
If someone is sufficiently intelligent, and they have intelligent employees, they can make wise decisions in areas for which they have no domain knowledge. It is up to the leaf-node employees to present the specifics, and up to the manager to make a weighted analysis of the factors identified by the subject matter experts (the employees).
A good manager loves having employees smarter than herself, because the entire team looks great as a result.
On the other hand, if your manager cannot make decisions when given multiple choices, and cannot ask the right questions, and cannot challenge you and your team members with precision questions, what value are they adding ?
A good manager will not make you smarter by showing you things you don't know. A good manager will make you smarter by making you remember the things you already know, by asking you questions you already know the answers to.
There is not consensus on the theory of evolution--certainly not on the way it is often taught in public schools. No one has demonstrated an ameoba mutating into a human being, infact, nobody has demonstrated anything else mutating into a homo sapiens.
:)
Nobody has shown that, given a certain set of conditions, life spontaneously generates.
No. The aspects of biogenesis, macroevolution, synthesis of homo sapiens from other species - none of these things have been demonstrated (to my knowledge - im happy to be wrong).
It seems disingenuous for you to attack ID for being non-falsifiable when to "prove" Evolution you'd need to witness things on an immeasurably long scale of time such that it is "non provable".
It's certainly harder to prove that something _cant_ happen than to prove that it did. Non-theological discussions of biogenesis rely on accepting that there is no supernatural explanation, which means that living matter must have been created from non-living matter (a tautology, right?.. as there was previously no living matter...) or "energy", of which we haven't yet discussed any notion of living vs non living... in any case, how is a tautological scenario falsifiable, and thus scientifically sound?
Fundamentally, science must suggest theories which fit the data in question. The best theories - the ones which seem to fit the data best - must bubble to the top. The claim of ID proponents is that an intelligent, omniscient designer having a hand/influence in the arrangement of matter to generate life is the most likely of the presented theories.
I, for instance, find that much more likely than NaCL turning into protozoa.
You'd suggest that ID is non-falsifiable because you cant conduct experiments to test it. Sure you can. Wait for the divine being to decide you're worth convincing that ID is correct about biogenesis. Then wait and observe.
That experiment is _no_ different than "create conditions similar to how we guess earth might have been $maxint years ago, stir occasionally, wait for miraculous process"
In any case, I'll do some more intelligent falling research. Thanks for the link