This entry was posted on Tuesday, December 26th, 2006 at 14:28 and is filed under Security, Software. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.
Site Search:
Tuesday, December 26, 2006
Boy-oh-boy, Microsoft’s long awaited operating system upgrade to the aging Windows XP isn’t even out yet and security companies and hackers around the world are already announcing the exploits of Vista and proving the Redmond-based company to be more a swiss cheese maker than a secure software company. With security vendor Determina finding a major security flaw in the just released Internet Explorer 7 and a Russian programmer posting an exploit how to increase users privileges in Vista in the last week alone, Microsoft seems to be giving Apple more and more material for its next Get a Mac commercial. While Microsoft executives have been spouting off how Vista is the most secure Windows ever, it seems the reality of it is that it may be a tad better than XP…or maybe even worse! But don’t tell that to Microsoft, they’ve already got the PR campaign working within its boundaries:
“Currently we have not observed any public exploitation or attack activity regarding this issue,” wrote Mike Reavey, operations manager of the Microsoft Security Response Center. “While I know this is a vulnerability that impacts Windows Vista, I still have every confidence that Windows Vista is our most secure platform to date.”
Haven’t observed any public exploitations? Dude, do they read other Internet sites other than MSN? Heck, I’m sure even Live Search would show lots of links to those very public exploitations!
Determina’s vice president, Nand Mulchandani, offers this warning, “I don’t think people should become complacent. When vendors say a program has been completely rewritten, it doesn’t mean that it’s more secure from the get-go. My expectation is we will see a whole rash of Vista bugs show up in six months or a year.”
Wow, a whole rash of bugs. Sad from an operating system that came from over four years of development and looks to be nothing more than an eye candy upgrade to already sorry OS called XP. Enjoy the eXPerience, folks.
[Via New York Times]
December 27th, 2006 at 4:56
Vista sounds like bad news in a lot of ways.
Peter Guttmann of the University of Auckland – one of the foremost security researchers in the world – on some of the content-protection “features” that will be in Vista. It includes stuff like deliberate degradation of signal quality, drivers switching themselves off if voltages fluctuate, and increased hardware costs passed on to the consumer:
http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt
The worst of it is that Microsoft is in a position to demand that manufacturers produce hardware that will support its requirements for “protected content” – (which is to say that will enable its ambitions to become the sole conduit for content). This will affect anyone who uses x86 hardware – not just Windows users.
Gutmann comments: “Whether you use Windows Vista, Windows
XP, Windows 95, Linux, FreeBSD, OS X, Solaris (on x86), or almost any other OS, Windows content protection will make your hardware more expensive, less reliable, more difficult to program for, more difficult to support, more vulnerable to hostile code, and with more compatibility problems.”
Eric Raymond believes that, with the switch to 64-bit computing, there’s a coming struggle for which OS will be the standard for the next 50 years or so:
http://www.catb.org/~esr/writings/world-domination/world-domination-201.html
I can only say, I hope either OS X or Linux wins out. If Windows wins it’ll be both the least attractive solution in technological terms *and* the worst deal for the end-user.
December 27th, 2006 at 5:01
Vista sounds like really bad news. According to Peter Guttman, one of the world’s leading security researchers:
“Whether you use Windows Vista, Windows XP, Windows 95, Linux, FreeBSD, OS X, Solaris (on x86), or almost any other OS, Windows content protection will make your hardware more expensive, less reliable, more difficult to program for, more difficult to support, more vulnerable to hostile code, and with more compatibility problems.”
Eric Raymond sees a coming 3-way struggle for the 64-bit desktop. I can only say, I hope either OS X or Linux wins out. If Windows wins it will be the worst solution – both technologically speaking, and in terms of the deal the end-user gets:
http://www.catb.org/~esr/writings/world-domination/world-domination-201.html
December 27th, 2006 at 5:02
Oops, link to Gutmann’s analysis:
http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt