During a telephone conference with reporters yesterday, outgoing Microsoft co-president Jim Allchin, while touting the new security features of Windows Vista, which was released to manufacturing yesterday, told a reporter that the system’s new lockdown features are so capable and thorough that he was comfortable with his own seven-year-old son using Vista without antivirus software installed. Elsewhere, bigg boss Bill Gates says that antitrust authorities did not make Microsoft remove any features from Vista, but he expressed anger with competitors who embarked on noisy public campaigns to ‘castrate’ the operating system.
“Look, I can shoot this Apple off of my son’s head – it’s perfectly safe! I’ve never missed yet!”
Edited 2006-11-09 23:34
yeah great, thanks man, you made me laugh that hard I sprayed coffee out of my nostrils all over the keyboard.
i need a new one now
New coffee, or a new keyboard? Or maybe even new nostrils?
Why don’t you buy a Microsoft spill resisitant keyboard? I hear Jim tested it when his son was 6.
This is difficult….two extremely stupid statements from two of the richest people around. Nice to see that those worth billions can still be as dumb as a box of rocks. (ahem, George Bush)
Anyway, let’s get to it…
#1 – Mr. Allchin….dude….I probably wouldn’t run AV either if my machine wasn’t connected to the internet. But unless your kid’s running linux, let’s see how long it takes for another slammer type worm to infect Vista boxes. Action, anyone?
#2 – And, Bill….my friend, I hate to break it to you, but no one can “castrate” any more of Vista even if they wanted to. Your company has already cut out everything they could. If you’d have managed to cut any other features, Vista would be a service pack.
Hey now, be nice! I’m sure the Vista skin will look great…
–bornagainpenguin
PS: Actually, given how easy it’s gotten for security firms to patch Windows code and provide necessary system updates these days, as well as much of the other independent work done by people seeking to extend their older MS systems, it wouldn’t surprise me much to discover some one has managed to reverse engineer a way to backport many of the features in Vista to Windows XP…. Remember how hot under the collar they got over the AeroXP skins?
That’s right..I forgot. They were out for blood on some of those skin developers. Some of the skins looked pretty accurate.
I’m still not too sure I’d install any security releases from 3rd party developers. I guess it would depend on who the developer is.
Phloptical:
Frankly to me it is you who look stupid. If you spit on moon, the spit will only fall on your face:)
What is your credibility, at least both Bill and Allchin are achivers…you are NOT. So shut your twat.
Edited 2006-11-10 07:39
And you are who? The Pope? (another loser BTW)
Were you born in antarctica…oh i forgot your mom is into beastality so she slept with a penguin…
Motherf–king OSS assholes screws every story…we don’t want you on this site so piss off you RMS whores and go jack off watching your linux screen savers….
or at least don’t come and repeat same old bullshit against Windows…No matter how much you whine…Linux is still what <1% market share…LOL But Vista will be on >90% desktops in couple of years where as your linux will be crawling at 1%
You’re not very good at admitting defeat, are you?
Now now, watch your language. You sound like a ten-year old.
“You sound like a ten-year old.”
Hey now, there’s absolutely no need to insult the children.
Wow, CuriosityKills thanks for the compliment…it means a lot coming from you.
By the way, you should really find someone for your anger management issues….maybe it’s pent up sexual frustration. You need to get laid and smoke a joint,or something, just to chill out. You’re not well, I’m worried about your psyche. Long hours waiting with baited breath about the release of mediocre OS’s makes for some serious mental issues.
And for your information, this is being written to you from XP. Unlike most trolls, I comment on things I actually use.
I guess when you think of a really good April fools joke, you just can’t wait.
who looks down the barrel to see if the gun is loaded.
“who looks down the barrel to see if the gun is loaded.”
That’s because the light at the end of the tunnel is a muzzle flash…
There isn’t a version of Windows I’d run without any antivirus software.
Someone out there will inevitably prove him wrong.
I’ll smile when a constant stream of malware atacks Vista 1 day after launch.
Why would that make you happy?
People on this site are so sickening.
Somebody already said why, above. It’s fun to see dumb people look down the gun barrel to see if it’s loaded. It’s comedy at its finest.
Claims that Vista will be very secure are for the moment just hilarious jokes, contradicted by about 10 years of history and all the previous Microsoft operating systems. Until there’s actual proof that Vista won’t let dumb people shoot themselves in the face, let us have our fun.
Why would that make you happy?
I didn’t say it would make me happy. I said I would smile. There’s no happiness in smiling. Haven’t you ever hear about something called sarcasm?
People on this site are so sickening.
I would say people that markets Windows as is, with all its failures and problems, asking for hundreds of dollars for something that doesn’t have that value and pushes that OS into everyone using FUD and other dirty techniques, that those are sickening. Not a simple person here in OSAlert os ./ commenting with a little sarcasm.
Get a grip on reality, dude.
His comments are a little deeper than the summary att he top.
“His machine is locked down with parental controls, he can’t download things unless it’s to the places that I’ve said that he could do, and I’m feeling totally confident about that,”
“It’s my favorite feature within Windows Vista, it’s called ASLR (Address Space [Layout] Randomization). What it does is, each Windows Vista machine is slightly different than every other Windows Vista machine. So even if there is a remote exploit on one machine, and a worm tries to jump from one machine to another, the probability of that actually succeeding is very small. And I wanted to do this in Windows XP SP2, but we couldn’t figure out how to do it. So then a smart guy here came up with a solution, so we put it in Windows Vista.”
Very cool!!!
Edited 2006-11-10 00:34
“It’s my favorite feature within Windows Vista, it’s called ASLR (Address Space [Layout] Randomization)”
It is cool, it’s been included by default in the Linux kernel for a year and a half. (22-Jun-2005)
Edited 2006-11-10 01:09
[/i] It is cool, it’s been included be default in the Linux kernel for a year and a half. (22-Jun-2005) [/i]
Lol, good one.
so f*cking what?
no one uses linux, but with windows vista it will actually reach and affect in a good way many home users.
Of course nobody uses Linux. Sure. Just 4% of all Desktop users and approx. 26% of all servers.
Sure sure… Nobody uses Linux.
Of course nobody uses Linux. Sure. Just 4% of all Desktop users and approx. 26% of all servers.
Sure sure… Nobody uses Linux.
.4% of desktops. Less than 10% of servers.
Remember, as Gartner has said, Linux more often than not gets replaced by a pirated copy of Windows.
Less than 10% of servers.
Maybe, maybe not. But look at the internet, for an example:
OSAlert runs on linux. The security/reliability of OSAlert is based on Linux security features.
From netcraft.com: Five of the 10 most reliable hosters run their sites on Linux, while three use Solaris, two run on FreeBSD, and Windows hosts are shut out of the top 10 this month.
I’d say that the security features of Linux are important to most people, even if they don’t know it.
I think Netcraft also pointed out a few months ago that most of the domains on those hosters are “Parked Domains”. I conceded Linux is a good choice to host a domain that does nothing.
IIS6 has a fantastic security record. Apache 2.x not so good. 10 times the vulnerabities than IIS6.
The netcraft figures are for the reliability of the mainn website of the host. Not the host’s customers’ websites, These websites tend to take a lot of traffic.
Hosting providers such as Rackspace DO NOT mainly host ‘parked domains’ As their managed hosting solutions start at around lb200 per month.
IIS6 has a fantastic security record. Apache 2.x not so good. 10 times the vulnerabities than IIS6
IIS6 performance is identical to Apache 2.2 (Equivalent release), according so secunia.
According to the stats provided by you.
According to Gartner:
>4.0 % on the Desktop.
>26.0% on the Server. You have provided these numbers yourself. (Go read your own posts from a few weeks ago).
How can you replace Linux with a pirated copy when it’s you cannoy buy a PC with Linux preinstalled? You don’t replace Linux with Windows – you replace Windows with Linux.
Or… are you talking about the Wal-Mart Linux PC’s? That would explain your hilarious numbers of 0.4%.
But remember. Linux users are downloading it through a browser. How do you count these non-sales?
BTW: You do realize that Gartner isn’t eaxtly independent from Microsoft?
You might want to get your data from _reliable_ sources – that would mean independent from Linux as well as Windows connections. So no Redhat, and no Microsoft.
//Less than 10% of servers. //
http://blogs.zdnet.com/open-source/?p=837
I’d like to mod you up to 10, if that was possible.
well when you cant download anything or install anything, then I would hope that a virus couldn’t infect the system. This is a sad example of what a windows vista computer will be like. I bet half of the users that get vista will immediately demand admin/root rights. I mean just look at your average windows user, they dont know where the hell their programs are really stored(I mean in program files)
, when an error comes up they panic and think they just killed their system, and last they dont know when to stop installing those “click me! click me! I am a virus scanner, and you have a virus!” type crap, you would think they wouldnt install them but I deal with people who install that crap all the time. The only way they are going to fix this adware/virus problem is if they never give the user the premissions that are needed to write to any system folders.
he only way they are going to fix this adware/virus problem is if they never give the user the premissions that are needed to write to any system folders.
Actually, as long as the user has permission to send out mail, I gather your machine could still be used as a zombie for sending spam and who knows what else, even if you can’t write to system folders.
I mean, honestly … who gives a shit about system folders/files anyway? If they wreck my OS, I’ll just reinstall. But if my machine can be hijacked, that is much more serious.
from a guy who is leaving MS.
His 7 year old sons machine is locked down so that his son does not have permissions to download and run even legitimate software.
Under these circumstances, I’d say the machine is safer from attack than your average XP install running as admin with AV which have done little to stand in the way of newly release viruses.
In fact, some argue that AV software can do as much harm as good becasue people have this impression that they don’t need to be careful becasue they gave Norton $100 to protect them.
Lets not also forget, that in this example Vista is still pretty new and it isn’t that big of a target, yet.
Please people, leave the knee jerk stuff to /.
Edited 2006-11-10 00:54
I notice that almost none of the people who have responded to this have read more than the headline “Allchin Suggests Vista Won’t Need Antivirus” which is out of context to the point of being a lie.
IT is the read headed step child of the “while collar jobs” and is viewed by many as an easy way for “different” people to get high paying jobs.
Do other white collar professionals make decisions in such a knee-jerk childish manner?
The high number of “special”/”computer people” make me embarrassed to admit I work in the industry.
Could you picture a bunch of people from the medical industry on MedNews.com reacting so childishly?
I have been reading this site for ever and it wasn’t always this bad. What happened?
As much as I usually respect the opinions of Thom, I have to say he carries at lease some of the blame for selecting this article despite the obviously misleading title which is intended to create exactly the response it got.
It was like I woke up the other morning and suddenly the opinions of the people on Slashdot were more rational than the opinions on OSAlert.
The selection and tone of news postings sets the tone for the website. There are better ways to draw traffic Thom. Please don’t cheapen OSAlert just to increase page hits.
Eugenia was a realist, she called it how it was and she didn’t care who did or didn’t agree with her. Although sometimes her opinion was unpopular, she was usually right.
I used to see the same unbiased call-it-like-it-is attitude from Thom too, but sometimes I think that focus has been lost.
“As much as I usually respect the opinions of Thom, I have to say he carries at lease some of the blame”
What do you expect from a person who himself has no clue on the subject. I was under impression that people that work here are somewhat educated on the subject of operating systems, but I was wrong. His reply to a comment about 64 bit operating systems is so ignorant that makes me question if he has any formal education on the subject. His observations are more of a self taught person (an IT enthusiast if you wish), then of a trainned profesional. Even though I am going to repeat a very often expressed opinion on this board, here it goes:
MS has a lousy track on the security aspect, and we can not blame users for taking things with a grain of salt
The last year has seen a dramatic upswing in extremist attitudes in the open source community. The “Free or Not-Free” argument has been heating up for about 9 months, and the Novell/Microsoft agreement couldn’t have possibly come at a worse time.
So, the community is a bit… sensitive right now, and not really at it’s best.
> The last year has seen a dramatic upswing in extremist
> attitudes in the open source community. The “Free or
> Not-Free” argument has been heating up for about 9
> months, and the Novell/Microsoft agreement couldn’t
> have possibly come at a worse time.
What is strangest to me is that the free/nonfree discussion is so heated on OSAlert, which after all isn’t OSSNews. This is about operating systems, not politics.
OSAlert is about technology – especially related to computers – and not just Operating Systems.
And the licenses for Software is as important as the software itself when discussing the usefullness of the software.
If we’re only discussing a single detail in the OS, the license won’t matter. But if we’re discussing the entire OS the license is an important part. Whether or not you like it, copyright appears to be here to stay – also for software
True, licences at important, but at the same time, one must remember, they are not the over riding decision which people use when purchasing software; their main concern is whether the software will solve the problems they need solving, and do it in an efficient manner.
If licencing were and over riding issue; no one would be running Windows or MacOS X; we’d all be running Linux or *BSD, and we wouldn’t be running half of the proprietary software that we’ve come to ‘love and admire’.
The problem is, when there is an alternative, the alternative is so crap, it never actually addresses the problems of the end user; it only addresses the needs and tickles the fancy of the programmer(s) who are working on the project – and when anyone makes a constructive criticism or a suggestion, the programmer(s) react as if someone had punched their monther. This occurs both for opensource and closed sourced applications.
True true
<snip>
Edited 2006-11-11 07:01
I think the selection of the article, including its title, is fine. The problem isn’t the article, it’s the readers, most of which seem to be slashdot rejects. And yes, I’ve noticed slashdot discussions regarding MS have increased in quality while the ones here have degenerated to the type of garbage exhibited in this thread.
I don’t see how Vista is fundamentally less secure than Linux. Neither OS’s default user account has full admin/root rights (that used to be the main difference between the systems that gave Linux the edge). Both OSes have stack overflow protection. Both have ASLR (according to posts in this thread). (Oh, and Linux’s having had it since 2005 doesn’t mean that it doesn’t increase Vista’s security.) Both OSes have firewalls (depending on the particular distro) (and Vista’s firewall kicks in before it allows internet access (I’m just preempting any FUD regarding that)). And MS followed the example of most Linux distros in that they no longer ship with unnecessary services turned on.
On top of that, IE7 on Vista runs in reduced rights mode, meaning that it can’t alter any files, directories, or registry settings except its own, so not only can it not muck with system directories, it can’t even muck with the user’s directories (unless OK’ed by a broker, which is a very small piece of code and is unlikely to have security flaws on its own (the broker is invoked for things like the user doing a File-SaveAs)). ActiveX problems, mostly gone away with XP SP2 IE’s infobar, which Firefox borrowed, is locked down even more since with its default “opt-in” mode (or whatever the correct terminology is). And even if the user jumps through hoops installing a malware ActiveX control or a legit ActiveX control that has a bug that can be exploited (like a buffer overflow), the limited rights of IE7 renders it harmless.
So can someone give reasons that Linux is fundamentally more secure? (I’m not referring to bugs, which can appear in either system, but I’m talking about whether one can prove that one system is more “secure by design”.)
That being said, Vista will be attacked more and will have more successful attacks. That will be due to userbase size rathe rather than design issues. According to web browsing statistics that have been cited multiple times on osnews threads, Windows has >90% of web surfing activity while Linux is ~0.5%. It doesn’t take a genious to figure out which will be more atacked regardless of which is more secure (if either).
Edited 2006-11-10 06:08
//So can someone give reasons that Linux is fundamentally more secure? (I’m not referring to bugs, which can appear in either system, but I’m talking about whether one can prove that one system is more “secure by design”.) //
Go here:
http://portableapps.com/
Download one of those apps, but don’t install it. Just unzip any files you may have been asked to, using only normal users rights under Vista. Unzip them anywhere you have got write access to as a normal user.
Better yet, unzip them to a USB memory key, and take that key to another Vista machine … one that you are not the admin for.
Now, without installing anything, and without being once asked if it is OK to install any application (especially on a “foreign” machine using a USB key) … double click on the .exe file.
Presto! It runs!
Vista has absolutely no idea where that exe came from (it could have come from a BlackHat on the net), and Vista has asked no local user if that app is OK (it has not been installed, and Vista did not prompt for execute permissions) … but it still runs!
Oh, BTW, running .exe files is a normal method to setup other applications on Vista.
I think this is deliberate that this has not been fixed. This characteristic means that an external agent (such as Microsoft themselves) can “push” new executable code onto a Vista system without the local user’s permission. Microsoft, after all, claim that they still own the software you bought and put on your own machine.
If Microsoft are able to “push” new software onto your machine, then quite possibly other parties are able to do so as well.
One cannot run a new file on Linux without being prompted for a password in order to grant execute permissions for that file, or setting the execute permissions explicitly.
Edited 2006-11-10 09:48
Now, without installing anything, and without being once asked if it is OK to install any application (especially on a “foreign” machine using a USB key) … double click on the .exe file.
Presto! It runs!
You aren’t installing an application. You are only running it. The application also has to be made so it doesn’t use any functionality not available under the account in which it is running. And the administrator of the computer can choose to restrict what applications will and will not run on the computer. All of this is controlled via permissions and policy. You could allow only applications you have signed or whitelisted to run, and you can also restrict access to removable storage.
Vista has absolutely no idea where that exe came from (it could have come from a BlackHat on the net), and Vista has asked no local user if that app is OK (it has not been installed, and Vista did not prompt for execute permissions) … but it still runs!
I think this is deliberate that this has not been fixed. This characteristic means that an external agent (such as Microsoft themselves) can “push” new executable code onto a Vista system without the local user’s permission. Microsoft, after all, claim that they still own the software you bought and put on your own machine. If Microsoft are able to “push” new software onto your machine, then quite possibly other parties are able to do so as well.
This is totally false and shows an ignorance of how Windows security works. Windows XP SP2 and Windows Vista keep track of several attributes, including where a file came from, to determine its trustworthiness. .NET goes further still. Microsoft can’t just push new code onto a Windows box. The user has to agree to run such code and have the necessary permissions to do so.
One cannot run a new file on Linux without being prompted for a password in order to grant execute permissions for that file, or setting the execute permissions explicitly.
Likewise on Windows there has always been an execute permission that can be controlled by the administrator. On Windows XP SP 2 and above, when you attempt to run a file originating from a non-local source (even if it has been copied to a local source), or that has some other trust issues (maybe it is not signed/has no manifest, etc.), you will be prompted about the trustworthiness of that file. Agreeing to this prompt is the equivalent of setting the execute permission, but it only applies for that one execution and must be agreed to with subsequent executions unless you choose to Unblock the file from its properties dialog or another management mechanism.
Edited 2006-11-10 11:30
Your arguments are sound, but everybody with half a brain knows that the available security measures in Windows NT based systems have always been pretty strong.
The problem is that no typical home user has ever used any of them. They all run anti-malware software addons, yet they forget to run as restricted user and they never heard of the context menu option “run as”.
Technologically, Windows Vista may very well be the most hardened system in existence, but that won’t be of any help as the biggest compromisers of system security are most likely the end-users themselves.
The problem is that no typical home user has ever used any of them. They all run anti-malware software addons, yet they forget to run as restricted user and they never heard of the context menu option “run as”.
Technologically, Windows Vista may very well be the most hardened system in existence, but that won’t be of any help as the biggest compromisers of system security are most likely the end-users themselves.
Maybe. But the difference with Vista is that the users will have to actively act against their best interests to open themselves to compromise. The defaults are secure, limited in priviledge, and there are multiple layers of protection. The OS also nags you whenever you put yourself into a less secure state. I’m sure some users will still find ways to increase their vulnerability, but you can’t blame the OS for either total ignorance of the warnings or pure incompetance. If the user really wants to see the dancing bunnies, no OS will stop them from harming themselves to see them.
Edited 2006-11-10 21:53
“users will have to actively act against their best interests to open themselves to compromise”
..and they will. Believe me. I have seen many users blindly acknowlidging any message box they get without reading it. The typical sentence: “It was something reddish and asked something. I answered Yes”.
//On Windows XP SP 2 and above, when you attempt to run a file originating from a non-local source (even if it has been copied to a local source), or that has some other trust issues (maybe it is not signed/has no manifest, etc.), you will be prompted about the trustworthiness of that file. //
That is not correct.
On Windows XP SP 2 and above, when you attempt to run a file originating from a non-local source, you will not be prompted about the trustworthiness of that file. It will just run. Even worse, if the file is placed in a “startup” directory, or an entry can be made in the registry, it can be made to run on next boot (or scheduled to run at some point in time) without you even attempting to run it.
I know this because I have personally tested it many times, for many versions of Windows. It has been like this since Windows 95, which to be fair was a single-user non-networked OS. Windows is not designed with security in mind, and it is very difficult to add secure features on as an after-thought.
As the Sony rootkit demonstrated, it is only necessary to trigger some sort of “Auto run” provision and your Windows machine can become owned.
Edited 2006-11-10 22:51
“On Windows XP SP 2 and above, when you attempt to run a file originating from a non-local source, you will not be prompted about the trustworthiness of that file. It will just run. “
No.
If you download an executable and run it, or even copy it to another machine and run it, then the following happens:
If the executable is not digitally signed, you’re prompted thusly (I just tried this using Magellan Explorer 3.3’s installer (which I downloaded from download.com last year), which has no digital sig):
“OpenFile – Security Warning
The publisher could not be verified. Are you sure you want to run this software?
Name: { the executable file name }
Publisher: Unknown Publisher
Type: Application
From: { path of directory containing the executable }
[ Run ] [[ Cancel ]]
Always ask before opening this file {pre-checked checkbox}
———————————
{Red X Shield Security Icon}
This file does not have a valid digital signature that verifies its publisher. You should only run software from publishers you trust.
If the executable does have a valid digital signature, you’re prompted as follows (I use Paint.NET 2.72’s installer as the example):
Open File – Security Warning
Do you want to run this file?
Name: PaintDotNet_2_72.exe
Publisher: Eric Brewster
Type: Application
From: {path of directory containing PaintDotNet_2_72.exe}
[Run] [[Cancel]]
Always ask before opening this file {pre-checked checkbox}
———————————
{Yellow Shield Security Icon}
While files from the internet can be useful, this file type can potentially harm your computer. Only run software from publishers you trust.
Additionally, the “Name: PaintDotNet_2_72.exe” text that appears in the dialog is actually an underlined clickable link to http://www.getpaint.net/.
Also, the “Publisher: Eric Brewster” text of the dialog is a bold underlined clickable hyperlink that brings up the “Digital Signature Information” dialog that shows the digital sig info (to whom it was signed, the publisher’s email address, the timestamp, the signer, an Advanced tab that shows the fields of the sig (version, issuer, serial number, encryption algorithm, content, counter sign, etc), and a “View Certificate” button that brings up the “Certificate” dlg, which give even more info, including the Certification Path)).
The third scenario is downloading an executable that has a digital sig that isn’t valid (doesn’t match the executable) or isn’t trusted (the root cert isn’t installed on the machine), in which case you’ll be prompted accordingly as well.
As the Sony rootkit demonstrated, it is only necessary to trigger some sort of “Auto run” provision and your Windows machine can become owned.
I don’t think XP SP2 prompts you when running a program from a CD (it assumes you know what you’re doing, since you put the CD in yourself). Maybe it should.
//If you download an executable and run it, or even copy it to another machine and run it, then the following happens: //
I have never seen this warning.
For each and every file I have ever download & tried to run on Windows … it just runs.
I have to agree entirely that the quality of discourse has fallen dramatically over the years. I think the ratings system has made things worse. To vote something down you have to justify it, and you’re not supposed to vote down something that you disagree with. Voting someone up requires no more than a click, and more often times than not it represents a “snarkiness factor” or “groupthink compliance” rather than any real insight. The result is that stupidity spam is encouraged.
As for the article, while it is true the concepts of file permissions and limited users have existed in Unix since the begining (or certainly by the time it was gaining momentum outside of Bell Labs), the same can be said about NT. What’s promising about Vista is that it is the first release of Windows that makes leveraging these concepts practical. User Account Control mitigates the need for most users to run with admin priviledges and Parental Controls make it feasible for average parents to apply additional constraints without having to comb through ACL entries or RWX bits. While a lot will depend on app compatibility, Vista may well make locking down a computer a task achievable by a normal human being. Well that doesn’t necessarily mean antivirus software will never be needed (threats evolve, after all), I do think this is a great step forward for Windows.
I agree with your assessment of the voting here. Not being able to vote down items that are clearly wrong is a major flaw.
There’s a big difference between disagreeing with something, and knowing that it is incorrect.
Wow! What a whiner!
I’m just giving you a hard time.
Actually, I have been reading OSAlert since its inception, and I think it has always been about the same.
Eugenia certainly had some opinions to blast around, and she didn’t mind deleting people’s posts if she didnt like them. I also seem to recall her tirade against Greek men. That certainly wasn’t popular at all (or even relevent; however, it did seem to be one of the most commented on pieces, so you have to give her credit for driving a boat load of people to the site that day).
As for your “childish” remark, I’d have to agree. I sit by many software engineers whose desks are cluttered with effigies of The Tick, Wallace and Gromit, and Batman. I personally have a bobble-head “Mini-Me” that a co-worker gave me as a going away present when I quit my last job.
Yeah, we’re childish, but that’s what makes this white collar job one worth doing. Most white collar workers are boring old farts whose biggest concern is making their golf-penis bigger.
boring old farts whose biggest concern is making their golf-penis bigger
And you’ll never want to be one of them, right ?
Don’t need to have a great, big, golf-penis to be a dick-head…
Kochise
In the immortal words of Mark Twain, golf is a good walk spoiled.
Lets not also forget, that in this example Vista is still pretty new and it isn’t that big of a target, yet.
You think crackers will wait untill Vista is official released?
My guess is they will have gotten themselves a MSDN subscription and are investigating Vistas guts from day one.
Why?Because it’s very likely going to be an attractive target.Lots of PC’s installed with Vista.
Needed a good laugh today
“I’ll give you an example: My son, seven years old, runs Windows Vista, and, honestly, he doesn’t have an antivirus system on his machine. His machine is locked down with parental controls, he can’t download things unless it’s to the places that I’ve said that he could do, and I’m feeling totally confident about that,”
Wow, amazing. Someone doesn’t have permissions to write anywhere on the system!
*nix’s have had that for what, last 30 years?
On most *nix systems the user can only write to his own home dirrectory. Anywhere else it’s “permission denied”.
So what the frack is he talking about?
I guess it is a new “innovation” from Microsoft for Windows users that are always admins on their systems.
Pathetic, and realy sad to see this from the largest software company in the world.
Edited 2006-11-10 01:06
You’ve always been able to set up restricted access in an NT system, always.
The technology never was the problem. The lack of computer savvy under the common computer owners is.
bornagainpenguin rolls on the floor laughing
…..
Wait. You mean he was SERIOUS???
–bornagainpenguin
All Os’s Linux, Windows, and OSX all lack features need for laptops. ATI is the biggest deal I see right now. The hell with viruses and trogens antivirus software installed.
Vista, but he expressed anger with competitors who embarked on noisy public campaigns to ‘castrate’ the operating system. This is all Bull-Shit!” System’s new lockdown features, “Man kiss my ass with that shit!”
What did this have to do with my comment?
–bornagainpenguin (who was laughing at the ridiculous headline and not commenting at all about laptops)
I haven’t run a Virus scanner on my Windows machine for a very long time.
But then again, I work with variety of OS’s every day, I know what not to open, what programs to use, what sites to stay away from.
Also keep systems fully up to date and patched.
I agree with Bill Gates’s statement about people like Symanetc trying to open back up the Kernel that they are trying to lock down, I think it’s ludicrous that they asked, and are only concerned in making money, regardless of whether it makes the user more secure or not.
That said, I wouldn’t let a 7 year old on a computer with no antivirus.
No matter how locked down the account is.
I don’t think it’s right to be making a article about that, because now the non-tech savvy users will potentially not put Virus scanners on because of Articles like that, regardless as to whether we no it’s not the best idea, people just believe what they see on the Internet and TV etc.
//That said, I wouldn’t let a 7 year old on a computer with no antivirus. //
I would.
That said, I wouldn’t recommend anyone to use a Windows computer with an Internet connection and no antivirus.
That said, I wouldn’t let a 7 year old on a computer with no antivirus.
Sorry, but if I had a 7 year old son or daughter; I sure as heck wouldn’t be allowing him or her to use the computer without me supervising him or her, as to ensure that the curisosity doesn’t get the better of them – regards to the interesting google results that may occur.
As for anti-virus; the record for them stuffing up more systems than actually protecting is demonstrated in the number of ISP callup’s relating to Norton or some other company buggering up their computer – yes, I worked on a ‘hell desk’ and having dealt with the *wonderful* products that are Norton and McAfee; if I were Peter Norton, I’d be filing a paper for a name change.
For example, run Norton Anti-Virus 2006, and it causes setup utilities and applications to run haywire – they cause more harm that good, and whats worse, they now want us to pay for the *privilage* of getting updates! the cheek of that! its almost like a mafia racket; hype the virus alerts and bring in the cash through scaring the crap out of the uneducated public.
Bwahahahaha. I apologize. That was extremely insensitive. Let me try this aga…hahahaha
First.,… I haven’t read the article… but I bet that within two years,… or two months.. or two days, he will be eating his own words.
As hard as this might be to believe, I’ve been running Win. XP now since it came out without ever having antivirus installed. Granted, I keep the thing fully patched…..I don’t go clicking things I shouldn’t (aka: unsolicited email attachments), I run periodic spyware scans, and yes, from time to time I run virus scans that almost always come up clean (every now and then some java class virus sneaks in, but that’s it).
And nope, I’m not sitting in some hardend network, I’m on a standard cable connection with a computer that’s almost always turned on. I leave the windows XP firewall running, and other than practicing safe computing and keeping XP patched, I don’t do much else in the way of security (I’m not willing to give up CPU cycles or memory for a resident antivirus program). And for some reason I seem to remain virus free.
Weird.
Prove it.
And for some reason I seem to remain virus free.
Weird.
That is not weird. That is just the result of responsible computer use.
The problem MS has to fight is PEBCAK. Problem Exists Between Keyboard and Chair.
You don’t click christinaaguileranude.bmp.exe, but lot’s of unknowledgeable computer users will.
it is great that microsoft not only made windows more easy to use but,also more secured by, adding ASLR to windows vista. I guess ASLR will test the attackers mathematics skills and the ability to guess the target addresses.
Edited 2006-11-10 07:26
//it is great that microsoft not only made windows more easy to use but,also more secured by, adding ASLR to windows vista. I guess ASLR will test the attackers mathematics skills and the ability to guess the target addresses. //
Microsoft are able to “push” certain software onto Windows machines (such as WGA).
If Microsoft can do it, then quite possibly so can other parties.
Not much of a test, really.
Lets just imagine a scenario off the top of my head. I’m a net nasty, and I have a nice-looking website with a link to a “cool” media file. When you click on the file … Vista doesn’t know the format, so it goes searching for a matching codec to install & run …
… there are heaps of ways like this that are typically enabled to get things to run on a Windows system from an external source. Some external sources are not to be trusted.
Microsoft are able to “push” certain software onto Windows machines (such as WGA).
Once again, not true. See previous post.
Lets just imagine a scenario off the top of my head. I’m a net nasty, and I have a nice-looking website with a link to a “cool” media file. When you click on the file … Vista doesn’t know the format, so it goes searching for a matching codec to install & run …
Windows Media doesn’t automatically install non-Microsoft codecs (not sure it it does those anymore either). If it can’t play a file, it will fail. It may then display a dialog allowing you to go find a codec manually. It does not automatically install one.
Please at least use Windows before spreading FUD about it.
Edited 2006-11-10 11:32
//Windows Media doesn’t automatically install non-Microsoft codecs//
Sigh. Then all I have to do (as a net nasty) is get Windows to think it wants a Windows codec, and spoof the machine as soon as it goes looking for it.
//Once again, not true.//
Yes, it is true. The fact that most times when Microsoft want to put some software on your machine they will get the software installer to put up a nice dialog asking permission does not mean that there cannot be some software pushed to your machine without your permission.
On Windows, AFAIK the asking of permission isn’t a feature of the OS, it is part of the installer code. As a “net nasty” you only have to write an installer which does not ask for permission … and there you go. You have “pushed” stuff on to the Windows box. You have got yourself one owned Windows box … to join the countless millions of compromised Windows machines already out there.
I didn’t invent this terminology, BTW. http://en.wikipedia.org/wiki/Push_technology
“Push technology” is any means to get something on to another person’s computer, where you (rather than they) initiate the transfer (or you “push” the file onto them, in other words).
Edited 2006-11-10 23:16
“Look, I can shoot this Apple off of my son’s head – it’s perfectly safe! I’ve never missed yet!”
Would that be a single-core Apple or one of the new dual-cores?
So the system will not need an AV software.. until what? a month after release? i am pretty sure that there will be a need eventually. Does anyone have a list of “features” that have been completely cut out of Vista btw (besides the SQL file system)? For some reason I think there will be attacks on Vista just as there was on Windows 2000 and XP, both of which were heralded as the most secure Windows till that day.
I’d take this all with a bit of salt, its close to release day (for businesses), good marketing is needed.
-FR
http://blog.2blocksaway.com
1) The biggst software company in the world made it REALLY secure in over 5 years development.
Or:
2) Yes, it’s secure, in the first 2 weeks
or:
3) The man lost his sense for reallity
You forgot number 4, the most likely one:
It’s secure until we have to admit it’s not.
Overconfidence or extreme hubris often leads to defeat.
Oracle sells Linux
Microsoft endorses Linux
Distrowatch endorses Mandriva
Linux users turn against Novell
Democrats lick Republicans to take Congress
Macs reported as insecure
Windows reported as virus-free
What next? US oil companies set up no-drill zone in Alaskan oilfields? French congratulate US on conduct of war? Blair calls press-conference to brand Bush “incompetent extremist fsckwit”? Iran officially becomes 51st American State? Santorum marries same-sex partner of 51 years and sponsors bill to create American Health Service?
I’m taking bets!
“Windows [Vista] reported as virus-free”
…by a Microsoft employee who has been managing the Vista project and has a vested interest in it. So no, this is not surprising.
……Dogs and cats living together…..Mass Hysteria!
Why do everyone always bring Bush in a discussion about dumb people. He is smart enough to get elected to two terms. Its funny he is smart enough to control elections, change gas prices, be in some big conspiracy. Though he still stupid. Can someone explain that to me.
It’s ok if you don’t like him or don’t agree with him, but give him some credit please.
“Why do everyone always bring Bush in a discussion about dumb people.”
I dunno… why do people always bring up Bill Gates when talking about software innovation? I guess perception is often more important than we realize…
+5 Perceptive
“Technologically, Windows Vista may very well be the most hardened system in existence, but that won’t be of any help as the biggest compromisers of system security are most likely the end-users themselves.”
You mean the most hardened Windows system… but you’re right… I’ve seen it happen.
“Ooh, a cool video about Jennifer Lopez on this shady-looking website!”…
“What’s that, I have to download this video player software in order to be able to watch it? Sure, why not??”
… would be if someone with a very strong understanding of the Vista internal workings could explain whether the statement made about Vista’s security is sound or not, and also explain this to those of us who are not kernel/driver-level developers. I for one would be very interested in the technical aspects of this explanation, delivered in a non-partisan manner.
It’s sad but every discussion about Windows, Linux and OSX seems to degenerate into a slanging match between the respective flag-wavers. I started visiting this site several years ago to learn about operating systems, but it is becoming harder to actually hear any facts due to the constant background noise of vitriol being lobbed from/at the various OS camps.
When less popular (userbase-wise) OS articles are published, the quality of the discussion seems to be far greater. For example the OpenVMS article posted as part of the “alternative OS” season was very good, ditto the RISC OS one, as have some recent and not so recent discussion about Solaris, zones, ZFS, etc. Things that I don’t come into contact with daily, and which seem not to instill such anger. Solid technical discussions in fact.
I fear that this continued downwards slide into aggressivly adversarial commentary will only drive away the technical experts from whom many of us wish to learn.
Reminds me of statements like, “640k should be enough for anyone”
well to mod me down to zero … what a bunch of geeks
The most attacked OS line will now have a secure version.
“Bill Gates says that antitrust authorities did not make Microsoft remove any features from Vista, but he expressed anger with competitors who embarked on noisy public campaigns to ‘castrate’ the operating system.”
In other words, Bill Gates is saying that vista is “castrated”, but that it is not Microsoft’s fault but their competitors fault.
not so long ago, “they” ranted and raved at how insecure windows is, and how something should be done about it. And now that something has been done about it (to a degree much higher than previously) the loudest of the complainers from before are now flip-flopping and saying it’s too secure. That right there makes me just say f-‘m, I dont even like windows, I don’t use windows personally, but i would defend it on those terms, that’s just BS what the AV companies are trying to campaign for.