[effgee]

It's not news to Microsoft that many, if not most, average Windows users have gripes about their PC experiences. In response, the software company is unveiling on Friday a new subscription-based computer fix-it service, aimed at automatically patching security holes, blocking viruses and spyware, and generally automating the chores of maintaining a computer's health. ... "We're trying to address a consumer need we see being unmet today," said Dennis Bonsall, group product manager for the company's technology care and safety group, ...

full article ...

Sell a defective product, then charge an additional fee for patching some of the defects. Sort of like buying a car and purchasing a subscription for a towing-service at the same time. Priceless.




And given enough time that'll most likely also mean "buh-bye" to quite a few of the smaller AV software development firms ... laters!

[xi_hyperon]

Their attitude is more or less that most of the issues (that customers have) are not from problems inherent in Windows, IE, etc. Wow.

[ManOfSteal]

Amusing.

[zizban]

Wow, simply astonishing!

[turtle777]

Why is it that Apple is NOT able to substantially break into this market that consists of people SO DUMB...

-t

[Thilo Ettelt]

Originally Posted by turtle777

Why is it that Apple is NOT able to substantially break into this market that consists of people SO DUMB...

-t

That's simple: They don't know they're dumb. They think they've made a great choice. They don't know that they had none.


- Thilo

[budster101]

I met a fellow the other day and he had problems with his laptop running Windows. I spent two hours with him trying to fix it, only to be told by him later that he may have a virus.... I remember asking if he has gone to any questionable web sites and he said no... I told him to do a clean install of his OS and he was like what is that?.... I then sent him to where he bought the computer. He called me and said I did something to wreck his laptop... WTF? I told him to go and sue Bill Gates.

His hole matra for owning a PC was that most people own them... I said uhm, ok... most people in Europe own Mercedes Benz and the like, and in the USA we mostly own GM, does that make GM the better product?

Oh, also, he had only 256megs of ram running XP on a 1.17 ghz box.... I wonder why it's slow.... idiot.

</end rant>

[olePigeon]

4 steps to get rich!

1) Get masses to depend on your product.
2) Brake your own product.
3) Charge people to fix it.
4) Profit!

[budster101]

I cannot express how much I despise Windows. But, I make an effort every day I see some shmuck fumbling with his internet connection on a laptop... it's just too sad and funny at the same time.

[ghporter]

I think it's disingenuous to consider Windows a "defective product," considering how many successful and trouble free Windows installations there are worldwide. The "defective" part is the market that encourages people who have a hard time tying their shoes to think that they can become computer scientists just by buying a cheap computer with a mainstream OS on it.

Well, I AM a computer scientist, and I find the people who have a hard time with ANY computer sad and depressing. Not because they are tremendously ignorant of anything resembling what they're trying to do when they simply turn on a computer, but that these particular individuals are SMUG about not knowing anything. The machine must be smart, because it can do so many things! Nope. It can count from zero to one, that's ALL. The rest is spackle and a good paint job.

The only thing that bugs me worse is Mac users being smug about how superior Apple products are over Intel/AMD/MS products, when they are at the same time just as smugly ignorant of the nuts and bolts of their own computers. Steve Jobs' biggest legacy may be that he has created a huge number of computer users who NEED their computers to "just work" and have no clue what they actually do. At least a novice Windows user knows that there are a lot of processes going on while waiting for their desktop to show up. How many times have all of you seen posts about "my Mac takes almost 30 seconds to start-what a rip off!" or similar subjects? Pathetic.

Microsoft's subscription support plan is actually an extension of what they offer to large corporate customers, and is usually used to solve particularly difficult problems. They are actually trying to help the customer out, and we should give them credit for that. Windows is horrendously complex, and it is quite likely that there is no group of people who understand more than a few of the modules that make up that OS. OS X is no different, but since it is really far more modular, and does not present itself as monolithic, it gets away with so much more.

[BoomStick]

That's like a Dr. belittlleing you for getting cancer.

[effgee]

Originally Posted by ghporter

... The "defective" part is the market that encourages people who have a hard time tying their shoes to think that they can become computer scientists just by buying a cheap computer with a mainstream OS on it. ...

Gee I wonder who gave consumers that impression? Wouldn't have been the marketing dept. at Microsoft by any chance, would it?

The way I understand it, you are basically telling us that someone who can't take apart/repair/put back together an engine shouldn't be allowed to drive a car, correct?

In essence - when my dad (who is in his 60s and doesn't know the first thing about computers in general) visits a certain German genealogy website (many other "legit" looking examples available upon request) that (without any user interaction) downloads a dialer program, automatically replaces his existing internet connection and henceforth (again without informing him of this change) dials an internet connection that costs 2.98 EUROS/minute instead of 0.07 EUROS/minute that his ISP charges, it is his fault and therefore his internet "license" should be revoked?



Or is the root cause for this maybe a certain software development company that, until very recently, decided not to plug well-known and blatant security holes in their product? To replace the term "security hole" in the previous sentence, you may insert any of the following items ...

• irreversible ActiveX integration
• media player that can't be uninstalled
• browser that can't be uninstalled
• messaging app that can't be uninstalled
• (for the average user) 100% useless open ports
• granting admin rights by default
• not requiring authentication when any kind of shiteware attempts to replace (sometimes) vital parts of the OS.

And these are only the items I can think of off the top of my head without asking uncle Google for more info ... and you're telling me all that is the consumer's fault? It isn't. And it also is not the same way other OSs are set up out "of the box". The only thing you could fault the consumer with is the fact that oftentimes they blindly follow the herd, purchasing a computer based on "what everybody else bought" - but this is also where the loop closes around the average Joe Schmoe and the power of marketing kicks in ... taken from the Windows XP home page 30 secs ago ...

"Familiar and easy, for your life."

And please don't tell me "Microsoft is trying to do the right thing" by charging consumers money in order to have holes plugged that should never have existed in the first place. That's just plain weird.

[Y3a]

<< I think it's disingenuous to consider Windows a "defective product," considering how many successful and trouble free Windows installations there are worldwide. >>

There ARE NO SUCH INSTALLATIONS!!! Jeez!

[effgee]

Originally Posted by Y3a

<< I think it's disingenuous to consider Windows a "defective product," considering how many successful and trouble free Windows installations there are worldwide. >>

There ARE NO SUCH INSTALLATIONS!!! Jeez!

Yes there are. Mine, for example.



But for the average Joe Schmoe it is very difficult to impossible to maintain his system in such a manner without investing a lot of time in learning how the guts of his machine are structured and how to to keep them healthy.

And yes, it is a preposterous notion that you should have to become a car mechanic before being able to drive a brand-new Chevrolet Cavalier (insert favorite mass-product here) without the damn thing breaking down every 6 weeks.

[xi_hyperon]

Just an anecdotal thought to the topic. Aside from the security issues, which in and of themselves are serious enough, strange stuff happens on a PC that I don't get. Case in point: I'm working overseas at the moment, and without a PC, I needed to test some things in Windows. A co-worker was kind enough to let me log in to his PC for a few minutes yesterday, during which time I tested some pages in IE 6. I logged back out, and his entire Office suite had *disappeared*. Keep in mind that the only thing that transpired between the time he used it and its disappearance was my logging in and using IE for a few moments.

A guy from the help desk reinstalled Office, and when asked why this could happen, shrugged, and replied, "We don't know, but it happens every now and then." What the hell? Perhaps this is more of an exception than the rule, but stuff like that makes me feel sorry for the poor shmoe who's on his own with a PC at home, and ends up paying a subscription to fix wacky sh*t like that.

[mhuie]

Effgee, Don't post flamebait.

It not about knowing the inner workings, its actually doing research BEFORE you buy something, and once you've bought it, knowing how to maintain and use it.

Go buy a car, leave the doors unlocked, never change the oil, never have it looked at when its acting up. People think that computers are magic, all you do it turn it on and off.

Lets say there is a manfacturer recall and they say you need to bring in your car because there is a bug in the locking mechanism and steering issues. What do you do? You get it fixed (aka update it).

It's not that hard to grasp...

[xi_hyperon]

Originally Posted by mhuie

Effgee, Don't post flamebait.
Lets say there is a manfacturer recall and they say you need to bring in your car because there is a bug in the locking mechanism and steering issues. What do you do? You get it fixed (aka update it).

It's not that hard to grasp...

It's not flamebait. And car manufacturers don't offer to fix a recall problem only if you've paid for a "subscription" service.

[effgee]

Originally Posted by mhuie

Effgee, Don't post flamebait.

It not about knowing the inner workings, its actually doing research BEFORE you buy something, and once you've bought it, knowing how to maintain and use it.

Go buy a car, leave the doors unlocked, never change the oil, never have it looked at when its acting up. People think that computers are magic, all you do it turn it on and off.

Lets say there is a manfacturer recall and they say you need to bring in your car because there is a bug in the locking mechanism and steering issues. What do you do? You get it fixed (aka update it).

It's not that hard to grasp...

Flamebait my hiney - viruses and spyware are not the computing equivalent to changing the oil in your car. It is also not the same as leaving your car unlocked - that would be more like knowing that your new car comes without locks in the first place, being told about it again when you pick it up and choosing not to buy locks thereafter.

It is only flamebait if

1. I was making shite up - which I am not. The story about my dad's internet connection for example happened exactly that way. If you'd like to hear them, I have many more since I'm usually the poor schmuck who ends fixing Winboxes for my friends as well as my entire family.
2. you knew for sure that I would defend my "favorite" computer maker to the last breath if they put a similarly shitty product on the market. And in order for you to know that for a fact you would have had to ask me about it - did you do that?

I'm not mentioning Apple, or any other company for that matter, simply because the article I linked to doesn't refer to them - it refers to Microsoft.

And lastly, being annoyed with the usual "Apple-fanboy" BS is one thing (perfectly understandable, btw) - but automatically lumping everybody into that category without asking first is not only a prime example for flamebaiting, it is also quite impolite.

[mhuie]

It's flamebait when you are bringing up the SAME points over and over again and don't listen to what people are saying.

If anyone did a little research before buying a Windows box, they would know that they NEED spyware and antivirus software. You're basing your whole point on product marketing.

IE is integrated, so what?
Media player is integrated, so what?
Messenger is integrated, so what?

You're always free to install 3rd party browsers, media players or IM clients. Is there a real need to actually remove IE or any other built-in apps?

[mhuie]

Originally Posted by xi_hyperon

It's not flamebait. And car manufacturers don't offer to fix a recall problem only if you've paid for a "subscription" service.

Say that again? You post makes no sense to me.

[olePigeon]

Originally Posted by mhuie

Say that again? You post makes no sense to me.

In vehicles in California, anyway. If it's a serious problem the vendor has to fix it for free or offer a replacement. That doesn't apply to software, though.

[xi_hyperon]

Originally Posted by mhuie

If anyone did a little research before buying a Windows box, they would know that they NEED spyware and antivirus software. You're basing your whole point on product marketing.

Yep. When you're pushing 70 and don't know crap about computers, that's the first thing they tell you when you are at BestBuy.

[MilkmanDan]

Poor MS. First charge for fixing a defective product, then charge again for anti-virus software to patch its flawed system.

[effgee]

I really don't think I'm in the mood for retirement-home-style bickering tonight.

Therefore - yes, you are right and I was way out of line by intentionally posting flamebait and pulling examples out of my behind that aren't even remotely rooted in reality. I will also make certain I'll be taking marketing as well as CS classes at my local community college (as soon as my graphic design classes have ended this summer) so I can finally converse more successfully with real grown-ups.

My apologies.

[ghporter]

I still don't think it is the operating system that makes dumb people, ignorant people, and people withoug a chance of getting a clue buy more hardware than they need. It is the marketing-HARDWARE MARKETING-that does that. If somebody made a surfing computer that could print and edit pictures, and not much else, they could sell it for $500 and make a killing. But it wouldn't support Access and such, so the sales drone at BestBuy would convince the customer to buy a $1500 Compaq ( ) that has more crap than they could possibly use.

And effgee, the fact that your dad's surfing gets his computer screwed up has nothing to do with the OS as such; it's the browser he's using (that maybe isn't patched) and the fact that the scum out there target the largest player because they get more destruction that way.

I didn't intend to post a flame, but a lot of the posts on this thread were JUST what I was talking about: childish "I'm better than you because I use a Mac" stuff. It's a waste of bandwidth.

[olePigeon]

Originally Posted by ghporter

If somebody made a surfing computer that could print and edit pictures, and not much else, they could sell it for $500 and make a killing.

Like the Mac mini?

[effgee]

Originally Posted by ghporter

... And effgee, the fact that your dad's surfing gets his computer screwed up has nothing to do with the OS as such; it's the browser he's using (that maybe isn't patched) and the fact that the scum out there target the largest player because they get more destruction that way. ...

ghporter --

Actually, it has everything to do with the OS and its developer - it was Microsoft who, at one point in time, decided that it's a nifty idea to integrate their web browser so tightly with the OS that things like this (e.g., silently replacing an existing internet connection setup without the user's consent) could even happen.

They continued to force this integration upon users even though they were fully aware of the fact that they wouldn't be able to secure this "integration" sufficiently and despite the following facts, which they must have known would enable criminal behavior (to some degree) in the first place:

1. MS knows very well that >90% of average users will never download an alternative browser (which btw was one of the primary/initial motivations for the integration mentioned above - to win the "browser war")
2. MS knows that >95% of their non-corporate customers will never change a default installation because those users have no concept of "user permissions" and/or why logging into your computer as an "administrator" can be a terrible thing.
3. MS had resources aplenty to throw at making this integration possible - yet somehow, they weren't able to spare a small team of developers who would ensure that downloads triggered through ActiveX controls/JS exploits/etc. wouldn't be able to replace vital parts of the OS? And no matter how you look at it - dialup software and/or internet connection settings are a part of the networking infrastructure and thus a part of the OS itself.

My dad's "dialer software" example is by no means an isolated case, either. At one point in time, these dialers became such a pest here in Germany that special legislation had to be enacted to regulate those virtual pest boils (it is an entirely different discussion whether of not this legislation was/is successful).

And for the longest time - from releasing Windows 95, 98, 98SE, WinME to the intial releases of Windows XP - Microsoft did nothing to fix the underlying architecture of their OS that made these exploits possible to begin with. All they did, and still do to some degree (even though the looming threat of losing business has helped improve the way MS approaches security issues), was to put band-aids on a dam that was bursting at the seams.

Microsoft behaved the way it did as part of a business decision that was/is completely disconnected from any kind of corporate responsibility - in order to be able to maximize compatibility and to minimize the investments necessary for developing new versions of their OS, they continued to drag old and insecure code bases into new versions of Windows, not giving a second (or third) thought about the possible impact on the overall security of their OS.

Some PR putz came up with something along the lines of "Security is your responsibility, we only provide the OS" (full of holes and wide open for attack). And customers, dumb as they usually are, actually bought that line.

Now, and this is important, it is one thing for MS to make a business case out of system security (a lack thereof, respectively) and to exploit their market position to force an insecure product upon their customers. They are of course well within their rights to do so - and for as long as their customers don't "punish" them, more power to MS, I say. But simply because some PR putz successfully tricked the majority of consumers into thinking that whatever happens to their computer is their own damn fault does not mean I have to be a good lemming and swallow every line of BS fed to me.

And lastly - before the next braindead schmuck comes pouncing in here to accuse me of "flamebaiting" - this is of course not a problem that concerns MS only.

Apple for example seems to be following a similarly dangerous path lately with Safari (e.g., "open safe files after downloading") and the silent installation of downloaded dashboard widgets. Aspects like an entirely different system architecture, a much smaller user base and a (hopefully) more evolved sense of security on Apple's side will most likely not allow for things to escalate to a similar level as it happened/happens with Windows.

And no, I am not saying "more evolved sense of system security" because I believe that Apple is an inherently "better" company but because I believe that the folks at Apple saw just how closely MS was (and to some degree still is) tidering on the brink of a major PR desaster and decided that it's probably not a good idea to make the same mistakes. Plus, being able to tout the security of your own product over your competitor's makes for a nice marketing opportunity as well. (and if Apple's market share ever passes a certain "critical" threshold, these claims might actually be put to a "real-world" test and we'll find out whether or not they really are true)

Similarly, the folks at Mozilla/Firefox are just now, over the course of the past couple of months, beginning to learn about the security implications of an imperfect "live installation" feature combined with a growing user base and the resulting increase in interest from shiteware authors.

So no, no system is perfect - never has been, never will be. But that doesn't mean that users, especially advanced ones like some of the folks in here, should mindlessly regurgitate PR lines they're being fed by a (or several) company (companies) that, until very recently, didn't give the first shite about the security of their product(s).

Don't be a lemming. Or, at the very least, don't try to talk people into jumping off the proverbial cliff with you.

[goMac]

My aunts pc was infected with dialer software that made phone calls to South Africa, to a phone sex company which also billed them through my aunt's phone company.

[His Dudeness]

Well, I think Macs suck balls because you can't get Spyware Blaster and Ad Aware and SpyBot for OS X.

[Link]

Yeah, the auto-open files after download should be disabled by default, and should ONLY be to automatically unzip OR mount a disk image, NEVER for opening a program or installing something on your system.. ever... bad idea!!! That, and get rid of that stupid "You're downloading a program!! OMG!" message would be good.

[Person Man]

Originally Posted by effgee

And lastly - before the next braindead schmuck comes pouncing in here to accuse me of "flamebaiting" - this is of course not a problem that concerns MS only.

Apple for example seems to be following a similarly dangerous path lately with Safari (e.g., "open safe files after downloading") and the silent installation of downloaded dashboard widgets.

One other thing to point out about Apple's response to security flaws vs. Microsoft's. When XP SP2 came out Microsoft said it was the "most secure release ever." So secure, even, that when a few security groups pointed out that you could compromise the system by two flaws introduced as part of the new sceurity features, Microsoft initially told them, "No. That can't possibly happen. You're speaking theoretically, and in practice, there is no flaw." They refused to even look at it, until an exploit came out.

Apple, on the other hand, didn't say anything when the Dashboard flaw was discovered, but they sure took it seriously, because the upcoming 10.4.1 is going to fix it.

It's still not perfect... the fact that the flaw even exists proves that. But some people are using that to say that "well, if Apple is really serious about security they wouldn't have even had that flaw to begin with..." While you can argue that point in regards to this particular problem, it doesn't negate the fact that, in general, Apple (at least on the surface) appears to care more about security.

Which brings me to an idea. Apple should hire people who think like malware writers (read: "hire actual malware writers) to sit in on design meetings and the like to point out flaws like that before the product even ships. (Sort of like those shows where they have actual burglars go into a person's home to point out the mistakes they're making in securing their homes).

Engineer: "Let's make Dashboard widgets have access to the system. And let's make it possible for Safari to automatically install them."
Malware Writer: "No, you shouldn't do that, because that provides me with the perfect opportunity to install something without the user's knowledge..."

...and so on.

[Y3a]

<< Well, I think Macs suck balls because you can't get Spyware Blaster and Ad Aware and SpyBot for OS X. >>

Not Needed.


The REAL QUESTION IS:

HOW LONG can your "successful and trouble free Windows installations" stay that way with USE???

Sure don't ADD anything, or CONNECT IT to anything and it 'may' last a year or so before the usual BSOD, but with typical use, you've got about 10 months before a major re-load.

[budster101]

Originally Posted by His Dudeness

Well, I think Macs suck balls because you can't get Spyware Blaster and Ad Aware and SpyBot for OS X.

Maybe because there isn't any Adware, Spyware, Malware or other miscellaneous parasites for Macs?

Duh.


All other issues regarding the stability of MS Windows.


I have used PCs for quite a few years, when DOS came out... and I can assure all the PC Windows defenders that I have yet to come across an installation that was one month old that has had zero problems and less than an inane amount of crashes. The OS is a virus. It hogs memory, cannot sustain itself over a long period of time as it constantly fragments memory, and the third party developers are inaine to a disgusting degree. Programs constantly step on each other's memory causing crashes, the registry always, always becomes corrupt or clogged, and optimization is not possible.

Unless your sys admin rules the roost with an iron fist causing disdain from all his users, there will be nothing but rampant viruses, worms, trojans, adware, spyware, malware and other various system halting or resource diminishing problems.

The denial from end users is laughable. I was one of them so I know what it is like, and I consider myself now a better end user because I discovered the Mac. Not a snob, just better as I can worry less about my machine and the OS and concentrate on using the machine, unlike Windows Users, who constantly worry about restarting over and over again, soft and hard reboots, blah-blah-blah.

I can't tell you how many people I have helped that say they just "SHUT THE MACHINE OFF" because it froze.... which of course as many of you know causes many other problems on reboot.... it's a viscious cycle with no answer in site, except for incredible vigilance on the part of the end user to educate him/herself and be always aware of their OS's limitations and pitfalls which are too many to list here.

I hope for the demise of WIndows and the Propogation of another OS for the PC not because I hate MS, it is because I feel sorry for PC users.

<as the soap box is tugged from under my feet and I come crashing into the mosh pit>

[effgee]

Originally Posted by Person Man

... Which brings me to an idea. Apple should hire people who think like malware writers (read: "hire actual malware writers) to sit in on design meetings and the like to point out flaws like that before the product even ships. ...

Good points and a good idea, too Makes one (well, "me" at least) wonder if they (Apple) already have some kind of "system security group" and, in case they do, who it is comprised of. Anyone have any insight into this?

[Zimphire]

Originally Posted by mhuie

If anyone did a little research before buying a Windows box, they would know that they NEED spyware and antivirus software. You're basing your whole point on product marketing.

And our point is, they SHOULDN'T NEED spyware software.

[Zimphire]

Originally Posted by budster101

Maybe because there isn't any Adware, Spyware, Malware or other miscellaneous parasites for Macs?

Duh.

He was being sarcastic.

[Apple Pro Underwear]

Originally Posted by His Dudeness

Well, I think Macs suck balls because you can't get Spyware Blaster and Ad Aware and SpyBot for OS X.

THAT WAS SARCASM BY HIS DUDENESS.

PEOPLE STOP QUOTING THIS POST.

[budster101]

Oh. Didn't see any emoticon or <sarcasm> notation... I hate it when I do that...

[His Dudeness]

Sarcasm yes!

[analogika]

oh jeez

:slaps forehead:

[xi_hyperon]

^ ^

[ghporter]

I agree that you shouldn't need antivirus, anti-spyware, and anti-adware packages just to be able to surf. It's the #%&#% scum coopting OUR Internet that have made those things necessary.

Microsoft's fault in building their OS with the browser nuts and bolts deeply ingrained in it was NOT a marketing issue. It made the OS simpler to use ONE SUBSYSTEM to render the screen's information for all (actually almost all-games use something else) applications, particularly the OS's required file management structure. They took a lot of crap for doing that, but the judge determined that it was NOT to kill competition in browsers.

Now effgee points out that there are serious problems with nefarious entities silently installing their own dialers when you surf to their web sites. I agree that this is a problem for the users-a SERIOUS problem. But the OS was NOT BUILT TO ALLOW THIS. It was built to be flexible, and this was an unintended consequence of that. Windows has a lot of these unintended consequences, which is actually the biggest problem with it. It's too interconnected and intertwined for anyone to be able to look at the code and determine whether a line of conde here will have an impact on code somewhere else.

There are no doubt many issues in the internals of OS X that could be exploited if someone decides to roll his sleeves up and dig into it. But the design philosophy of X is unlike that of Windows, so the impact of those issues would be more limited. There is of course the point that the bad guys go after the OS that has the deepest market penetration because that gets them the most havoc per bug. But on top of that, much of the virus writer population is simply idiots who don't know enough about software to be able to write a "hello world!" program in any language, but use virus authoring packages to script together their manure, and those packages are built to write Windows viruses. There are probably 5000 such script kiddies for each real virus writer, and they're getting their jollies by changing the rude language in a virus, or by releasing a virus that targets rival virus writing groups-it's kind of like gang warfare, but the turf is innocent people's computers.

If someone ever writes a malware scripting package that targets Mac OS, watch out! The idiots will hit us hard and fast, and we'll get a sample of what Windows users have to deal with daily.

Once more, it is not an intentional design objective for Windows to have security issues, rather it's an artifact of the OS's development process. User demand required compatibility with old software, particularly games (I'm sure there are still people using SuperCalc and Commander Keen out there, and they're ticked that XP makes it harder to do that), so they rolled old modules into newer versions. This made the customers' demands easier to acceed to, but also tied the code in knots that have not been untied yet. It would take a complete, from the ground up rewrite of the entire OS, litterally tens of millions of lines of code, to fix this problem, and it is simply not feasible to do that.

This makes MacOS a much better candidate for any user, but Apple still (at least until the Mini) wants a lot of money to get into a Mac to start with, so a lot of Windows users just have too much money invested in the hardware to give it up. I'd like to have more Macs than we do at home, but money is still an issue. Maybe I'll be able to get a Mini soon-I think the Mini is the mass-market turning point for Apple.

[effgee]

ghporter,

Aside from a few details, it's pretty safe to say that we are in violent agreement regarding most of the issues discussed throughout this thread. We don't necessarily draw the same conclusions - but that is perfectly fine, of course. This would be one boring (and much less interesting) place to visit if everybody agreed on everything all the time. In that sense, let me toss out a couple of questions/comments - not because I want you to agree with me but because I'm interested in your POV ...

Originally Posted by ghporter

... Microsoft's fault in building their OS with the browser nuts and bolts deeply ingrained in it was NOT a marketing issue. It made the OS simpler to use ONE SUBSYSTEM to render the screen's information for all (actually almost all-games use something else) applications, particularly the OS's required file management structure.(1) They took a lot of crap for doing that, but the judge determined that it was NOT to kill competition in browsers.(2)

Now effgee points out that there are serious problems with nefarious entities silently installing their own dialers when you surf to their web sites. I agree that this is a problem for the users-a SERIOUS problem. But the OS was NOT BUILT TO ALLOW THIS. It was built to be flexible, and this was an unintended consequence of that. Windows has a lot of these unintended consequences, which is actually the biggest problem with it. It's too interconnected and intertwined for anyone to be able to look at the code and determine whether a line of conde here will have an impact on code somewhere else. ... (3)

... Once more, it is not an intentional design objective for Windows to have security issues, rather it's an artifact of the OS's development process. User demand required compatibility with old software, particularly games (I'm sure there are still people using SuperCalc and Commander Keen out there, and they're ticked that XP makes it harder to do that), so they rolled old modules into newer versions. This made the customers' demands easier to acceed to, but also tied the code in knots that have not been untied yet. It would take a complete, from the ground up rewrite of the entire OS, litterally tens of millions of lines of code, to fix this problem, and it is simply not feasible to do that.(4) ...

1. Simpler for who? The end-user? Certainly not. As evidenced rather nicely by the good 'ole Finder used in Mac OS 9 (as well as OS X nowadays, of course), a file management app/system doesn't need to be integrated seamlessly with a web browser in order to be user-friendly. Mac OS 9 was a dog for many reasons - but a lack of usability was not one of them.
   
   Which leaves what? Simpler for Microsoft to develop/maintain? Probably. But I'll be damned if I ever accept laziness and/or greed (less resources = lower investment = increased revenue) as a valid excuse for delivering an insecure operating system. As stated in my previous post - that is perfectly fine from a perspective of business strategy (as long as your customers will swallow whatever excuse you throw them) but it is neither a responsible or an ethical way of doing business.
   .
2. A judge decided that MS's motivation was not to win the browser war? Uhm, I'm sorry but all this tells me is that one of the parties involved had more resources (lawyers, money) available to ensure an outcome favorable to them. Simply because MS (their lawyers, respectively) successfully argued that putting Netscape out of business wasn't their intention doesn't make it so.
   .
   And btw, not all judges thought so - but that's more or less besides the point.
   .
3. Of course was Windows not built to allow criminal elements access to a user's machine - but you said yourself: "It's too interconnected and intertwined for anyone to be able to look at the code and determine whether a line of conde here will have an impact on code somewhere else" - well, who built Windows that way if not Microsoft? The next logical question would then be - why did they do that in the first place? Solely out of concern for the end-user (backwards compatibility)? I seriously doubt that was the *only* reason.
   
   For example, maintaining backwards compatibility with older software has nothing to do with the fact that for years and years every fresh install of any version of Windows would create a default user with administration priviliges - any kind of software installation, be it intentional or not, was/is possible without the consent or further interaction from the user him-/herself. Even after more and more shiteware began to pop up online, MS never considered this inherently insecure behavior to be an urgent matter - all they did was to put band-aids on the holes through which this kind of software accessed the user's machine.
   
   During all this time, they had plenty of $$$ to spend on buying literally dozens of software companies but they couldn't spare what to them must be jump change to buy Kerio, Zonelabs, or any other development house creating a decent software firewall? If Kerio can manage to put a product on the market that warns me before a piece of software tries to sneak onto my HD, you're telling me that it is not MS's fault that they weren't able to do the same - even though they know the ins and outs of their own OS and have virtually unlimited funds at their disposal?
   
   And the same is true for many other holes being dragged through many versions of Windows - from open ports that nobody needed to be enabled by default to unnecessary integrations that served no one but Microsoft.
   .
4. There absolutely could/would have been a feasible solution - MS itself suddenly says so. Ever since they purchased Connectix, VMs have become the latest rage at MS. IE7 (due to appear on your PC this summer, or so they say) is supposed to run inside its own virtual environment, and they are now also considering/already implementing similar environments inside of Longhorn to maintain backwards compatibility with older software. If you listen to some of the MS folks babbling about VMs these days, you could easily walk away with the impression that as soon as you get your hands on Longhorn, VMs will not only run your software more safely and with unmatched backwards compatibility but that they will also be able to prepare your breakfast and do your laundry.
   
   And this is a new concept to MS? Puh-a-lease. The first version of Virtual PC I ever used myself was 2.0, which was released sometime in 1998, the first publicly released (desktop-) version Mac OS X, the public beta, was released sometime around Sept. of 2000 - each of which either are VMs or contain one or several VMs. And all of this happened well before the "major" shiteware storm ever hit the internet. Plus, these are only the implementations of VMs that I know of - I'm certain there's quite a few that were released well before 1998.
   
   And what did MS do during the last 5 to 7 years? Plug holes, continue to drag insecure code bases into the next version of Windows and leave the architecture (largely) unchanged as far as security was concerned.

In essence - I hope you'll excuse me while I personally consider MS's motivations for introducing their (paid) OneCare subscription service to be anything but altruistic. Making someone pay to fix problems with your own product, most of which you enabled/caused in the first place is just not my idea of "good" and/or "honest" business. For the time being, they seem to be sticking with keeping "manually installed" security fixes free - we'll see how long that will last. Let me lean out the window *real* far for a sec - in 200X, we'll see Windows XX for $99 and consumers will no longer be able to download updates for free - paid subscription only.

Doesn't mean you have to agree with me - but that goes both ways.




P.S. And yes - I would ramble about Apple in the exact same manner if they were the ones pulling a stunt like this.
P.P.S. You may have noticed that I haven't mentioned your assessment of OS X at all - that is because I agree with you 100%.

[analogika]

Originally Posted by ghporter

There are no doubt many issues in the internals of OS X that could be exploited if someone decides to roll his sleeves up and dig into it. But the design philosophy of X is unlike that of Windows, so the impact of those issues would be more limited.

There is also the open-source philosophy, and an actual security concept, which has so far pretty much ensured that any such issues were fixed before anybody had time to create an exploit and actually have it replicate in the wild.

Part of this is that tens of thousands of people worldwide HAVE rolled up their sleeves and ARE DIGGING into it, all the time.

These are usually the same people that also FIX issues as they discover them.

THAT is an absolutely fundamental difference to the way Microsoft handles "issues", and market penetration has absolutely nothing to do with it, except in the sense that higher market penetration also begets much closer scrutiny, so security of the underlying OS will likely IMPROVE or remain at the same level, rather than decrease with higher market share - simply because everybody who has a vested interest in improving security by discovering and fixing issues, CAN.

Originally Posted by ghporter

If someone ever writes a malware scripting package that targets Mac OS, watch out! The idiots will hit us hard and fast, and we'll get a sample of what Windows users have to deal with daily.

Considering that any vulnerability in the OS will be patched by the OSS community and incorporated by Apple via automatic software update far faster than scripting tools will spread across the 'net, I suspect you will be increasingly proven wrong.

An exception, of course, being trojans that can erase a user's home directory. But that is quite unattractive to script kiddies/professional scripters, whose primary interest is controlling as many machines as possible.

Originally Posted by ghporter

Once more, it is not an intentional design objective for Windows to have security issues...

The fact that nobody claimed it was *intentional* makes your post kind of moot.

It was, however, definitely a conscious arrangement of business priorities that led to the current state of affairs.

That amounts to tacit approval.

[ghporter]

My whole point is that, while Microsoft is certainly not making the strides they could or should in tightening up their OS, they have certainly not done anything intentional to make it insecure.

Quite the contrary, they have been working hard to make Windows more trustable and stable. Unfortunately, their design philosophy includes backward compatibility without (until recently anyway) resorting to virtual machines running encapsulated versions of their previous OSs. This by itself is a major problem for them (and their user base) because they simply cannot both secure the OS and let all the Win95 and DOS games do their thing without being isolated. When XP came out, it was supposed to address this backward compatibility, but I can tell you that there are still games that will not work on an XP machine that ran fine on 98. Of course we all know that there are many security issues that have been addressed since XP came out. Of all the Windows versions, XP is the best, but it still needs a lot of work to be more than just barely good enough.

The BEST thing Microsoft could do would be to write a new OS from the gound up, using no legacy code at all. It would provide for backward compatibility through virtual machines running in encapsulated threads with isolated and protected memory and disk space. And it would have a security mechanism that makes it hard to do anything other than create and destroy documents, surf, and run apps without explicit admin rights and approval. In other words, a LOT like OS X.

Effgee, I agree that a paid support subscription service from Microsoft is not really going to help too many people, and that it is certainly motivated at least in part in "image management," but it is a start. It is the first "nice thing" they've ever done for their users.

With proper security measures in place in a Windows installation, and with the appropriate level of paranoia when surfing, you can avoid just about any intrusion or hijacking effort. I've yet to see something try to install a dialer on my machine, nor to succeed in silently installing anything at all. I don't say it can't happen, but I think it would not be silent when they tried it.

[mitchell_pgh]

Regarding the car analogy... it's more like selling a car and saying "here is a towing service for $50 a tow... you'll need it"

[ghporter]

Originally Posted by mitchell_pgh

Regarding the car analogy... it's more like selling a car and saying "here is a towing service for $50 a tow... you'll need it"

That's a good one! I have I think 3 different towing services that came with various things (car insurance, a group membership, even my cell phone subscription), and I've never used them. That's the kind of support I like! It's there, if I ever need it, but I probably won't!

To take the car analogy further, if Apple made cars, they'd have very cool styling, perform very well, and have more safety features than can be imagined... but only one of their models would be affordable by the average joe, and the rest would be more expensive than their competition, but worth it. The steering would work the same way as in other cars, but would be controlled by a "directional circle," and the accelerator would be the "fuel-feed modulator." The "Think Different" bumper sticker would, of course, be free.

[Y3a]

The entire MCSE scam is pretty much the same thing : a bunch of poorly qualified PC dweebs who hang around to 'fix' the many bugs etc in the MS environments and apps. Thsi costs business a ton of bucks over the long haul, unlike the Mac OS and App's.

[ghporter]

Y3a, you are obviously not a MCSE, nor anything deeper in MS's certification scheme. I'm not either! No way! I don't have the time to invest in learning those particular nuts and bolts.

But a friend of mine has so many MS letters after his name that his business card is continued on the next card. It is NOT about fixing bugs in environments or apps. It's about taking control of the extremely large number of options and variables available within those environments and apps. Users are very good at finding and screwing up these options and variables, and so certified folks need to spend a lot of time fixing what the users do, but they don't do anything to the OS or the apps that would qualify as a "fix."

[mitchell_pgh]

Originally Posted by Y3a

The entire MCSE scam is pretty much the same thing : a bunch of poorly qualified PC dweebs who hang around to 'fix' the many bugs etc in the MS environments and apps. This costs business a ton of bucks over the long haul, unlike the Mac OS and App's.

The main problem with MCSE is that some people think that once they have a MCSE that you are done learning... when in reality, it's just the start. I've seen people with a MCSE that are pros and I've seen idiots.