Vista security flaws - somethings starting to smell
-
Needing a 3D card to run an OS ... i think it's a little overboard.
Artificial Intelligence is no match for Natural Stupidity
No one can understand the truth until he drinks of coffee's frothy goodness. ~Sheik Abd-al-Kadir
I can't always be wrong ... or can I?3D cards have been around for a long time. MS have waited until pretty much everyone has one to make this move. And, anyhow, it's all about OSX at the end of the day, they have it, we need it.
Christian Graus - Microsoft MVP - C++ Metal Musings - Rex and my new metal blog
-
I *am* an old timer, by this industry's standards anyway. Is this not just the same old story, Microsoft comes out with something new, it of course needs a few months to settle down after launch, it has had its compromises along the way, a few delays, some name changes and more than a bit of spin. However when the dust settles it becomes an industry standard and everyone ends up wondering what all the fuss was about. This isn't a defense of Microsoft but I am definitely a FUD pattern at work here.
Regards Ray "Je Suis Mort De Rire" Blogging @ Keratoconus Watch
Ray Kinsella wrote:
a few delays,
:wtf:
Artificial Intelligence is no match for Natural Stupidity
No one can understand the truth until he drinks of coffee's frothy goodness. ~Sheik Abd-al-Kadir
I can't always be wrong ... or can I? -
Sure Microsoft's delays are the E.U.'s fault, that's pretty easy spin for Microsoft isn't it. Funny I am reading a book about MASSIVE delays to Windows NT 4 (Show Stopper[^]), before the E.U. ever took an interest in Microsoft's anti-competitive practices. I am sure Microsoft had another scapegoat back in those days, that naive commentators are prepared to buy into.
Regards Ray "Je Suis Mort De Rire" Blogging @ Keratoconus Watch
Ray Kinsella wrote:
Microsoft's delays are the E.U.'s fault
What delays? This article is talking about security.
-
I *am* an old timer, by this industry's standards anyway. Is this not just the same old story, Microsoft comes out with something new, it of course needs a few months to settle down after launch, it has had its compromises along the way, a few delays, some name changes and more than a bit of spin. However when the dust settles it becomes an industry standard and everyone ends up wondering what all the fuss was about. This isn't a defense of Microsoft but I am definitely a FUD pattern at work here.
Regards Ray "Je Suis Mort De Rire" Blogging @ Keratoconus Watch
Well technically I'm probably an older old timer than you are in this industry ;), but I don't think this is the same old story. Don't get me wrong, I utterly don't care one way or the other personally, I write the software for whatever OS my customers are using regardless, but from a purely technical standpoint the development of Vista has been nothing short of ugly if the posts on various blogs by insiders can be believed. Maybe it's the same old thing and just more publicized than ever before, but the difference right now is that Linux is a real option for a pretty significant segment of business computer users, Vista is behind and it's one major selling point that actually matters at all to business is security (perceived of course because any prior windows os is perfectly secure if installed, configured and maintained properly). There was already talk and actual examples of corporate computer users jumping ship to Linux, this just can't be a good thing no matter how you look at it. Personally I find the UAC in Vista to be laughably flawed from a social engineering perspective -- it's primary effect seems to be training users to quickly become weary of and ignore completely any security warning they see. I really see nothing compelling in it from a business perpsective. Home users are a different story entirely, but no I don't think this is FUD from anyone, it's just a series of bad missteps at a particulary bad time.
-
Needing a 3D card to run an OS ... i think it's a little overboard.
Artificial Intelligence is no match for Natural Stupidity
No one can understand the truth until he drinks of coffee's frothy goodness. ~Sheik Abd-al-Kadir
I can't always be wrong ... or can I? -
I *am* an old timer, by this industry's standards anyway. Is this not just the same old story, Microsoft comes out with something new, it of course needs a few months to settle down after launch, it has had its compromises along the way, a few delays, some name changes and more than a bit of spin. However when the dust settles it becomes an industry standard and everyone ends up wondering what all the fuss was about. This isn't a defense of Microsoft but I am definitely a FUD pattern at work here.
Regards Ray "Je Suis Mort De Rire" Blogging @ Keratoconus Watch
Ray Kinsella wrote:
it of course needs a few months to settle down after launch
Why "of course"? After 5 years of design, architecting, programming, and testing, you mean to tell me it needs a few months to settle down after launch? How many keystrokes before I'm supposed to change the oil?
Ray Kinsella wrote:
a few delays
2 years, a fundamental rewrite, and major features that were promised but hacked out.
Ray Kinsella wrote:
it becomes an industry standard
Indeed. An industry standard--par for the course. Buggy, late, pruned, and unsecured. Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh Smith -
Well technically I'm probably an older old timer than you are in this industry ;), but I don't think this is the same old story. Don't get me wrong, I utterly don't care one way or the other personally, I write the software for whatever OS my customers are using regardless, but from a purely technical standpoint the development of Vista has been nothing short of ugly if the posts on various blogs by insiders can be believed. Maybe it's the same old thing and just more publicized than ever before, but the difference right now is that Linux is a real option for a pretty significant segment of business computer users, Vista is behind and it's one major selling point that actually matters at all to business is security (perceived of course because any prior windows os is perfectly secure if installed, configured and maintained properly). There was already talk and actual examples of corporate computer users jumping ship to Linux, this just can't be a good thing no matter how you look at it. Personally I find the UAC in Vista to be laughably flawed from a social engineering perspective -- it's primary effect seems to be training users to quickly become weary of and ignore completely any security warning they see. I really see nothing compelling in it from a business perpsective. Home users are a different story entirely, but no I don't think this is FUD from anyone, it's just a series of bad missteps at a particulary bad time.
John Cardinal wrote:
it's one major selling point that actually matters at all to business is security
I agree. Let's take a look at Linux vulnerabilities[^]
-
There is now the umistakeable whiff of Microsoft Windows M.E. starting to come off Vista (of course the old timers among us will appreciate this as being originally the funk of Windows for WorkGroups 3.11 which we used to affectionately refer to as "Windows for warehouses" because no one was buying it and it was left languishing in boxes on shelf at the suppliers warehouse). Going by all the delays and missing features and mis-steps we've all witnessed leading up to the Vista release I guess this should have been the inevitable result: http://www.nytimes.com/2006/12/25/technology/25vista.html?hp&ex=1167022800&en=67d067ceedf719aa&ei=5094&partner=homepage[^] The phrase "biting off more than they could chew" comes to mind. This is *very* serious for Microsoft if the press starts beating this around in any amount. There are already many who are questioning the point of upgrading in business circles. If it starts becoming a meme that Vista is no more secure than anything else it cuts away a pretty big pillar that it was meant to stand on in business circles. Does anyone out there still feel that Vista is a bright and shiny cool new thing or ...? I'm starting to feel like it's a big step in the wrong direction, but let's face it Microsoft isn't going to spend another 10 billion dollars to make a completely new OS again are they?
So I should stick with XP SP2 until Vista has it's own SP3??? I'm actually quite happy with XP as it is...not sure why I would want or have to upgrade...
It's frustrating being a genius and living the life of a moron!!!
-
John Cardinal wrote:
it's one major selling point that actually matters at all to business is security
I agree. Let's take a look at Linux vulnerabilities[^]
Vendor = Linux Title = kernel Version = 2.6.19, vulnerabilities = 1 Version = 2.6.19.1, vulnerabilities = 0 :confused:
-
Ray Kinsella wrote:
Microsoft's delays are the E.U.'s fault
What delays? This article is talking about security.
Indeed, what delays I have a dutch windows vista here, perfectly legal MSDN version. So there's no delay, that's for sure!
WM. What about weapons of mass-construction? "You can always try to smash it with a wrench to fix that. It might actually work" - WillemM
-
Needing a 3D card to run an OS ... i think it's a little overboard.
Artificial Intelligence is no match for Natural Stupidity
No one can understand the truth until he drinks of coffee's frothy goodness. ~Sheik Abd-al-Kadir
I can't always be wrong ... or can I?you don't need a 3D card, but to use aero you do, just with linux the better graphics u have in your computer, the better experience you should have BUT i remeber Windows XP's Release when i was 12 and it was excatly the same hype and all the same security worries. The problem is Microsoft is a massive compant wiht alot of enemies, and they their products are better than linux, they introduce standards and a sense of reliablity, with linux you get a mix of kernels, software, and its a mess, theres sooo many different packages and standards at least with windows u install any version and you will find your way around, and yes there are updates and problems all software has problems, it is impossible to have 60 or 70 million lines of code working perfectly all the time, with billions of different types of configuration, hardware and software. Microsoft good, and its here to stay! i reckon most home users will be using vista by 2008, but for businesses i reckon they will stick with 2000 as many have
-
Vendor = Linux Title = kernel Version = 2.6.19, vulnerabilities = 1 Version = 2.6.19.1, vulnerabilities = 0 :confused:
There is no indication that any of the reported Vista problems are kernel problems. Try looking at the other componenets that make up the operating system.
Ðavid Wulff What kind of music should programmers listen to?
Join the Code Project Last.fm group | dwulff
I'm so gangsta I eat cereal without the milk -
Needing a 3D card to run an OS ... i think it's a little overboard.
Artificial Intelligence is no match for Natural Stupidity
No one can understand the truth until he drinks of coffee's frothy goodness. ~Sheik Abd-al-Kadir
I can't always be wrong ... or can I?You don't need a 3D card, the bog standard onbvoard video on most motherboards is fine for running Vista. You do need a 3D card to use the fancy 3D graphics though, which is different.
Ðavid Wulff What kind of music should programmers listen to?
Join the Code Project Last.fm group | dwulff
I'm so gangsta I eat cereal without the milk -
There is now the umistakeable whiff of Microsoft Windows M.E. starting to come off Vista (of course the old timers among us will appreciate this as being originally the funk of Windows for WorkGroups 3.11 which we used to affectionately refer to as "Windows for warehouses" because no one was buying it and it was left languishing in boxes on shelf at the suppliers warehouse). Going by all the delays and missing features and mis-steps we've all witnessed leading up to the Vista release I guess this should have been the inevitable result: http://www.nytimes.com/2006/12/25/technology/25vista.html?hp&ex=1167022800&en=67d067ceedf719aa&ei=5094&partner=homepage[^] The phrase "biting off more than they could chew" comes to mind. This is *very* serious for Microsoft if the press starts beating this around in any amount. There are already many who are questioning the point of upgrading in business circles. If it starts becoming a meme that Vista is no more secure than anything else it cuts away a pretty big pillar that it was meant to stand on in business circles. Does anyone out there still feel that Vista is a bright and shiny cool new thing or ...? I'm starting to feel like it's a big step in the wrong direction, but let's face it Microsoft isn't going to spend another 10 billion dollars to make a completely new OS again are they?
Interesting that you mention "Me" ... that's a bit how I felt about it. I have a laptop here at the office that isn't critical to getting work done right now so I installed Vista Ultimate it on there and tried to bring it up with all our development stuff. The hardware I have doesn't support the Aero interface but it does everything else so I wanted to give it a shot. I finally gave up on it after a couple of days and retooled the laptop back to XP Pro because, frankly, I was getting tired of running into compatibility issues with our development tools. Visual Studio 2005 itself was identified as incompatible and some of the scripts that our 3rd-party controls tried to run failed. As for the "feel" of the thing - it seemed to run OK but the added security features got to be annoying. Every time I tried to run anything I had to click through one or more "permission" dialog boxes allowing the application to run. I know that eventually the system would "learn" which applications I had "sanctified" for the system so I won't consider that too negatively. The GUI is, IMHO, a bit of an overkill. I tried using the Vista UI for awhile but eventually decided to set it back to Windows Classic for the folders, etc. Granted that maybe I'm just an old dog here but all the additional eye candy, while attractive, does nothing to enhance the usability of the O/S - at least not that I can see at the moment. I just bought a new Dell desktop for myself and made a point of NOT taking the "express upgrade" to Vista right now. XP has been so solid and reliable (and I'm sick of building systems) that I just don't care to go there right now. I'm sure glad I didn't trash any of my important or personal systems right now. I don't think Vista is quite ready. Generally I have always liked Microsoft - and still do; I use their tools and applications to make a living and they are generally excellent. Vista, however, just doesn't seem right yet. Since XP my upgrade decision is based on what it will fix - and right now there ain't nothing broken with XP. Offhand I think Microsoft may have an uphill battle coming with this one. -CB :) There are two things a pilot can't use: 1) Altitude above him. 2) Runway behind him.
-
There is now the umistakeable whiff of Microsoft Windows M.E. starting to come off Vista (of course the old timers among us will appreciate this as being originally the funk of Windows for WorkGroups 3.11 which we used to affectionately refer to as "Windows for warehouses" because no one was buying it and it was left languishing in boxes on shelf at the suppliers warehouse). Going by all the delays and missing features and mis-steps we've all witnessed leading up to the Vista release I guess this should have been the inevitable result: http://www.nytimes.com/2006/12/25/technology/25vista.html?hp&ex=1167022800&en=67d067ceedf719aa&ei=5094&partner=homepage[^] The phrase "biting off more than they could chew" comes to mind. This is *very* serious for Microsoft if the press starts beating this around in any amount. There are already many who are questioning the point of upgrading in business circles. If it starts becoming a meme that Vista is no more secure than anything else it cuts away a pretty big pillar that it was meant to stand on in business circles. Does anyone out there still feel that Vista is a bright and shiny cool new thing or ...? I'm starting to feel like it's a big step in the wrong direction, but let's face it Microsoft isn't going to spend another 10 billion dollars to make a completely new OS again are they?
I've been playing around with Vista Enterprise for the last week or so (testing whether to deploy it or not). I've not found anything that compels me to make it our new desktop/workstation standard. In fact, from an IT perspective, configuration items are hidden below even another layer of BS, or there are multiple paths, or configuration items that should belong together are now separated into multiple areas (windows firewall configuration items for one). My educated opinion -- wait for sp1 -- then reevaluate.
-Sean ---- Shag a Lizard
-
There is now the umistakeable whiff of Microsoft Windows M.E. starting to come off Vista (of course the old timers among us will appreciate this as being originally the funk of Windows for WorkGroups 3.11 which we used to affectionately refer to as "Windows for warehouses" because no one was buying it and it was left languishing in boxes on shelf at the suppliers warehouse). Going by all the delays and missing features and mis-steps we've all witnessed leading up to the Vista release I guess this should have been the inevitable result: http://www.nytimes.com/2006/12/25/technology/25vista.html?hp&ex=1167022800&en=67d067ceedf719aa&ei=5094&partner=homepage[^] The phrase "biting off more than they could chew" comes to mind. This is *very* serious for Microsoft if the press starts beating this around in any amount. There are already many who are questioning the point of upgrading in business circles. If it starts becoming a meme that Vista is no more secure than anything else it cuts away a pretty big pillar that it was meant to stand on in business circles. Does anyone out there still feel that Vista is a bright and shiny cool new thing or ...? I'm starting to feel like it's a big step in the wrong direction, but let's face it Microsoft isn't going to spend another 10 billion dollars to make a completely new OS again are they?
Maybe someone here could inform me, but I don't see any point in moving to Vista. So far the only things I've heard about that would be interesting are 1) the new UI, which I don't really care about, and 2) improved security, which doesn't seem to be working. Even if the security was working, why would soeone shell out a couple hundred bucks to save the $25 they spend for Norton every year? Windows is the standard at this point because of inertia (look how long the previous standard, IBM mainframes, lasted, even with all that horrible JCL Abend stuff? OK, yes, I'm an old programmer.) and because they cover the whole range from servers to desktop to mobile. A lot of folks I know who use Macs seem to experience a lot less downtime, but Apple didn't gear itself to business so it didn't take the market. I'm pretty happy with XP, I use VS2005 all the time and it works OK, why should I be forced (because of Microsoft's monopoly) to "upgrade" both my hardware and software for no apparent reason? I know at some point I'll have to, and that ticks me off. And why can't Microsoft just make sure their current OS is bulletproof? Because their profits come so much from Windows sales, that's why they push out new OSes, not because the new OS is really worthwhile.
-
There is now the umistakeable whiff of Microsoft Windows M.E. starting to come off Vista (of course the old timers among us will appreciate this as being originally the funk of Windows for WorkGroups 3.11 which we used to affectionately refer to as "Windows for warehouses" because no one was buying it and it was left languishing in boxes on shelf at the suppliers warehouse). Going by all the delays and missing features and mis-steps we've all witnessed leading up to the Vista release I guess this should have been the inevitable result: http://www.nytimes.com/2006/12/25/technology/25vista.html?hp&ex=1167022800&en=67d067ceedf719aa&ei=5094&partner=homepage[^] The phrase "biting off more than they could chew" comes to mind. This is *very* serious for Microsoft if the press starts beating this around in any amount. There are already many who are questioning the point of upgrading in business circles. If it starts becoming a meme that Vista is no more secure than anything else it cuts away a pretty big pillar that it was meant to stand on in business circles. Does anyone out there still feel that Vista is a bright and shiny cool new thing or ...? I'm starting to feel like it's a big step in the wrong direction, but let's face it Microsoft isn't going to spend another 10 billion dollars to make a completely new OS again are they?
Its all in the name V.I.S.T.A. Very Irritating System Try Alternatives! Probably one of the ugliest looking operating systems to date (both visually and the user experience) - Does Microsoft ever talk to people in the real world? They could do with reading the fable of the Boy who cried wolf - real warnings will be happily clicked away without users even thinking about it. For myself, have just upgraded back to XP!
-
Its all in the name V.I.S.T.A. Very Irritating System Try Alternatives! Probably one of the ugliest looking operating systems to date (both visually and the user experience) - Does Microsoft ever talk to people in the real world? They could do with reading the fable of the Boy who cried wolf - real warnings will be happily clicked away without users even thinking about it. For myself, have just upgraded back to XP!
Bob1000 wrote:
real warnings will be happily clicked away without users even thinking about it.
Exactly! That's the huge overwhelming flaw in the new UAC system in Vista. The very first second I saw that I thought to myself "this is a disaster" users are going to click on it so often that they will eventually get a "whack-a-mole" mindset and just click ok no matter when they see it. It's a very in-elegant solution at best.
-
Bob1000 wrote:
real warnings will be happily clicked away without users even thinking about it.
Exactly! That's the huge overwhelming flaw in the new UAC system in Vista. The very first second I saw that I thought to myself "this is a disaster" users are going to click on it so often that they will eventually get a "whack-a-mole" mindset and just click ok no matter when they see it. It's a very in-elegant solution at best.
John Cardinal wrote:
It's a very in-elegant solution at best.
It's more than that. It's a gigantic failure that Microsoft as a software company is unable to design a system that works transparently security-wise, but instead rely upon a system where you keep bugging the user constantly with stupid dialog boxes and desktop flicker; the result of which, as you mention, is that the user will end up happily clicking away ANY dialog box just to make it go away; this will make it quite easy for spyware writers etc. I know it's a difficult problem for the programmers to solve, but they chose the easy way out - they became lazy and ended up putting the burden on the users instead. I think it's a mayhem waiting to happen.
"When you have made evil the means of survival, do not expect men to remain good. Do not expect them to stay moral and lose their lives for the purpose of becoming the fodder of the immoral. Do not expect them to produce, when production is punished and looting rewarded. Do not ask, `Who is destroying the world?' You are."
-Atlas Shrugged, Ayn Rand