Microsoft's Security Meeting Causes Unease 170
Tony Maclennan writes to tell us that there were many mixed feelings at this year's Microsoft Security Response and Safety Summit. Many who attended the conference felt that the presentations were sadly lacking in the technical details that were shared in previous years. With Microsoft entering the arena as a competitor to these anti-virus companies, one has to wonder about the effect on the free flow of information that ultimately benefits the consumer.
Ballmer needs a gift... (Score:5, Funny)
Be nice! (Score:2)
Re:Be nice! (Score:1)
Anti-trust? (Score:5, Insightful)
Anyone else feel this is the epitomy of anti-competative practices? Hell their OS is the REASON these other companies exist, and now Microsoft gets to profit from thier own security holes?
Someone else HAS to see the flaw in this idea... I can only pray the EU once again has more sense than the DOJ.
Re:Anti-trust? (Score:1)
Anti-trust? How about RICO? (Score:5, Insightful)
Re:Anti-trust? (Score:2)
Re:Anti-trust? (Score:2)
Of course a lot of the things comming out of the U.S. government boggle me lately.
At least the EU will back it's conviction, says more for them than I can say about Bushy boy.
Re:Anti-trust? (Score:2)
Says who? You? You are incorrect, sir. One way in which the governement established that Microsoft is a monopoly is in the fact that they can charge different people/companies different prices for Windows. Google it if you wish.
Re:Anti-trust? (Score:3, Informative)
There are a number of other criteria to being an effective monopoly.
Microsoft still controls enough of the market that they can bully companies like DEL into NOT shipping Linux to home users except under extreme duress, and NOT shipping a box without Windows (or shipping a box without windows for more than the same box with Windows), and making it impossible for you to return the OS if you don't accept the license agreement without also returnin
Re:Anti-trust? (Score:2)
Not defending their shoddy practices as they could do a MUCH better job with QC, but anything that has a few million lines of code is bound to have a few issues..
No need to pray (Score:5, Insightful)
MS were quite clever to get DOJ all hot under the collar about Netscape & IE. These are no longer competitive areas. What is more important is that DOJ monitors future manuipulations by MS. For example, how they are playing in mobile space, how they're playing in personal audio (will their new audio device kill iPod through fair means or foul?) and things like anti-virus products.
For MS's point of view, being able to lock up the anti-virus APIs makes more than just business sense. It also allows them to shut the door on (limited) review of their system by citing some lame excuses like "there is no valid reason for anyone to look at these interfaces, anywone doing so is probably a terrorist!". Loss of that (limited) review would be a bad thing for the industry.
It's called a protection racket. (Score:4, Insightful)
Re:It's called a protection racket. (Score:3, Insightful)
There is plenty of scope for MS to produce an antivirus product that doesnt have to rely on deliberate and planned insecurity.
Re:It's called a protection racket. (Score:2)
That's dumb and would never fly in a court of law. The danger to people comes from the freaking criminals who write the viruses - NOT from Windows! Given how trivial it is to install adware as root on a modern Linux box the words rocks" and "glass houses" come to mind.
(consider all the Firefox exploits that have been discovered, most users don't install updates themselves, kernel exploits come out all the time etc...)
Re:Anti-trust? (Score:2)
MS's software has security flaws.
These flaws are abused by malware solution providers.
Malware is combatted by anti-malware solution providers.
Conclusion: The whole business model is build on MS's security holes.
> Hell their OS is the REASON these other companies exist, and now Microsoft gets to profit from thier own security holes?
In fact it sounds fishy when the same company responsible for the holes provides solutions for anti-malware. It is like snakes in colonial India. It creates
Trade secrets? (Score:5, Interesting)
The security companies will be better off forming their own knowlege pool and inviting Microsoft representatives to learn from them.
Stupid is as stupid does. (Score:3, Insightful)
The security companies will be better off forming their own knowledge pool and inviting Microsoft representatives to learn from them.
What's ours is ours and what's yours is ours, right? What a flamebait assertion, that M$ should keep the details of how they do things to themselves but that others should go out of their way to share what they manage to claw from the void. Typical.
M$'s behavior and the results are entirely predictable by this point. They want to own the market so they are withholding
Re:Stupid? (Score:2)
You forgot the usual course of action. (Score:3, Interesting)
If Microsoft releases the buggy, hole-ridden mess that so many are afraid of along with functional, cheap, easily obtainable antivirus tools, they're out of a job. If Microsoft were to release an OS as secure as, say, Linux, they're still out of a job.
The second options is impossible for a closed source company.
The first option, less most of the bugs, is what M$ would like you to believe is going to happen.
The usual option is to realease anything they can and then put the others out of business. Pr
Re:Translation to twitterese $hit! That'$ funny a$ (Score:2)
Maybe there's nothing to report? (Score:5, Funny)
C'mon Peoples (Score:2)
My opinion is the Microsoft groupthink has the desktop war won.
To keep the desktop they have, they use "security" like Americans use "Terrist" or the label "communist" before that.
Nevermind that the system is not designed for operating securely. Just heighten the fear, deny your former security partners valuable information and the Monopoly money will keep coming.
12 tenets my a**.
Re:C'mon Peoples (Score:2)
Yeah, this one didn't last long, did it?
Couldn't resist (Score:2)
You mean, that monopoly money [arstechnica.com] ?
:
Sorry couldn't resist.
And while I'm at Ob. References
You forgot to add "Child-molesting Pornographer" and "Lyrics-stealing-and-copyrighted-music-whistling Pirate" !
Think of the children, you free-riding punk !
from TFA: visitors are those not saying anything (Score:5, Interesting)
You can imagine why everyone kept their mouth shut:
It's especially a concern that Microsoft requires attendees to sign a document that allows the company to use anything that anyone says at the event.
"Having been put into that situation, people will feel more inhibited to say things," said Jimmy Kuo, a McAfee fellow and a veteran of the Microsoft events. "They ask us to sign a nondisclosure agreement, and if we say anything in those meetings that Microsoft is able to use, they have the right to do so." The agreement was introduced in recent years, he said.
Really, what kind of conference organized by a competitor that already puts in a clause that they can steal the ideas presented would actually render useful information? Think of some big pharmaceutical firm letting its competitors come and show their ideas with a clause like the one above. It would be surprising if anyone would actually show up.
Re:from TFA: visitors are those not saying anythin (Score:5, Insightful)
Imagine Microsoft was busy working on feature X. Then, along comes someone from Symantec who talks about feature X at the conference. Later, Microsoft comes out with an update to their product incorporating feature X. Symantec cries fowl and starts complaining about how Microsoft stole their confidential information.
All the clause effectively says is that the information disclosed at the conference is not confidential. If it's not a trade secret, Microsoft can use it as it sees fit anyway. The same would hold true for anyone else at the conference. The agreement just puts it down in plain English for those not up on IP law.
Re:from TFA: visitors are those not saying anythin (Score:2)
MS demand that from all discourse (Score:2)
What is worse, many of their NDAs imply that if you suggest something to them, you give them the rights to use any of your IP (i.e evil softwre patents) in the process. Thus they care enough about software patent infringement to want to get the rights to other peoples intellectual property, while still pushing the EU campaign to make software patents legal.
When we talk to the great satan of the Pacific North West, we mustnt ever make s
I could be wrong, but ... (Score:5, Funny)
This new symbolic link technology sounds like serious stuff. I hope they hold back on the release date until they it's working correctly.
Re:I could be wrong, but ... (Score:3, Funny)
(*) or was it the other way around? Just confusing everybody here to make things worse ;)
Re:I could be wrong, but ... (Score:1)
yo man, have you ever removed a symbolic link to a directory in *nix and then forgot to not put the /-sign after it?(*) There goes your original directory!
Unless you're using rm -r (for some crazy reason) to remove a symbolic link you will only ever accidently remove an empty directory, which is easily re-created.
Re:I could be wrong, but ... (Score:2)
Re:I could be wrong, but ... (Score:2)
Only one A/V vendore currently in MS Vista Beta (Score:4, Interesting)
Microsoft causes viruses then paid to find them. (Score:1, Interesting)
Re:Microsoft causes viruses then paid to find them (Score:3, Insightful)
one has to wonder... really? (Score:3, Informative)
12 Rules? (Score:5, Interesting)
Re:12 Rules? (Score:2)
Re:12 Rules? (Score:2)
None. Actually, it reinforces one:
1. Installation of any software. Computer manufacturers and customers are free to add any software to PCs that run Windows. . .
As long as customers are free to add any software to PCs that run Windows, they can inadvertently install software that's a virus, trojan, or other malware. Faced with the option to either lock down Windows so you can't install anything that's not pre-approved (like many cell phones and other devices), which would go a long ways toward fixing t
Microsoft ignorance (Score:1)
Job security, for me (Score:5, Interesting)
Re:Job security, for me (Score:2)
Be careful what you wish for!
Re:Job security, for me (Score:3, Insightful)
Re:Job security, for me (Score:2)
fairness and microsoft (Score:3, Insightful)
I thought it wasn't useful (Score:1)
But I went to the Chicago one this year, and it was utterly useless. All it came across to me was an extended sales pitch for their products. Perhaps I should have expected more, but it really didn't get in to any real technical details. You just went to some room and some half-techie guy talked about a specific product. It would have been a lot more useful if they'd discussed real issues, etc.
A moment without Microsoft (Score:1, Interesting)
Of course those would likely get blamed on "Evil Hackers and Coders" as opposed to the company(pluralize if necessary) putting out the OS.
Face it,
Re:A moment without Microsoft (Score:3, Insightful)
The fact is, the overwhelming majority of users don't have any anti-spyware protection, and Microsoft is tired of getting blamed for this (note that spyware doesn't generally rely on OS flaws, but on users explicitly installing malware). In order to clamp down on spyware, it's necessary for anti-spyware to be bundled, since most are not installing 3rd party anti-spy
a moment withtout viruses . A moment without Micro (Score:3, Insightful)
If it was true that you don't see such destructive security breeches on these other OSs because they are not popular, then why don't we see the same on servers running Linux/BsdUnix etc.
"Microsoft is at the top, and hence, is villified" No, Ms is villified because they produce crap product and plot the destruction of their competitors/partners.
"there is NOTHING wrong
Re:a moment without viruses . A moment without Mi (Score:2)
Then why don't we see an equal number of breechs in Linuxland as Windows.
"A virus can be written for any Operating System, or software for that matter, it's a matter of motive"
Can be written but can it be run by clicking on a web link or opening an attachment. That motive being financial so why aren't all those e-commerce sites being compromised.
"So Symantec lacks the expertise to build a good
Abuse of a monopoly (Score:2)
Microsoft can develop their products and recover their development costs by adding it onto the cost of the Windows operating system, which everyone is forced to pay anyway, whether or not they download the free product. Every other company has to market their product with their own money and there is no guarantee that they will get that money back.
Even if Microsoft's anti-spyware were made into a separate download, every Windows customer is paying for it
We Live Upon a Ship of Fools (Score:4, Insightful)
Re: We Live Upon a Ship of Fools (Score:3, Insightful)
Sorry, I've never heard of cognoscenti, charlatans, and ignorami.
Re: We Live Upon a Ship of Fools (Score:5, Funny)
Ignorami is a variant of the ancient Japanese art of paper folding. (Ignorami practitioners have been known to leave their creations on sidewalks creating serious public safety issues.)
Charlatans are a salamander-like creature that can originally be found on the Galapagos islands, but who are now becoming a problem in urban areas because of specimens escaping from zoos. (Hence society being infested with them.)
Cognoscenti just refers to employees of Cognos.
Yuo are wrong good sir (Score:2, Funny)
Cognoscenti are people who smell like employees of Cognos.
Re: We Live Upon a Ship of Fools (Score:2)
Re: We Live Upon a Ship of Fools (Score:2)
Re: We Live Upon a Ship of Fools (Score:2)
Re:We Live Upon a Ship of Fools (Score:3, Insightful)
You think that's bad? I just read a five hundred and thirty three word slashdot post by someone who's never heard of paragraphs.
Re:We Live Upon a Ship of Fools (Score:2)
Besides, it was a rant, one of the most intelligently-composed rants I've yet read on Slashdot, and I fully believe that one so obviously literate as RailGunSally could certainly have inserted appropriate paragraph breaks had she chose. However, not using paragraphs lends a certain intense stream-of-consciousness aspect to a good rant.
So, Sally
paras for RailGunSally .. Re:We Live Upon a ... (Score:2, Redundant)
That M$ can now,
Re:We Live Upon a Ship of Fools (Score:3, Insightful)
I have seen too much. I can cry no more. I want to know how to stop caring now.
Weed. Large quantities of weed.
Re:We Live Upon a Ship of Fools (Score:2)
Re:We Live Upon a Ship of Fools (Score:2)
Give'm time. They'll figure it out.. Wait, no.. give em HELL.
Wow, so propitious or timely: slash word image: "fervent"... that could describe you, my friend...
Re:We Live Upon a Ship of Fools (Score:2)
The problem as I see it, is the ones who want to get far in a company, are not the same people who should be making decisions. Part of the problem is smart people who want to keep doing what they enjoy doing - engineering, rather than making the transition to managers. This is nobodys fault per se, but this is were the problem lies.
Re:We Live Upon a Ship of Fools (Score:2)
Focus on what is within your power; dismiss everything everything else.
You'll be a lot more effective and a lot less miserable if you can master this technique.
Re:We Live Upon a Ship of Fools (Score:3, Insightful)
While never having heard of data-normalization is pretty bad, state-machines are hardly important (they're good for giving the students fun puzzles on t
Re:We Live Upon a Ship of Fools (Score:2)
That's because it's misspelt. Try http://en.wikipedia.org/wiki/Backus-Naur_form [wikipedia.org]
Re:We Live Upon a Ship of Fools (Score:2)
Remember it now; and yes, I should have in the first place :(
A sinking ship, no less. (Score:2)
I have seen too much. I can cry no more. I want to know how to stop caring now. How, for the love of God, do I join the endless ranks of these gibbering fools who never think one picometer beyond their golf handicaps?
Try thinking positively [somethingpositive.net]?
The current IT industry is sick (Score:2, Insightful)
And they soon have a new OS to sell..
As usual this OS is incomplete and a mess:
The event mostly provided a primer on security in Windows Vista, which led to a discussion on how attendees' products might work with the Windows XP successor.
"Symbolic links can clutter up your machine with lots and lots of links that point nowhere" after th
Ok, it might be a monopolizing tactic... (Score:1, Interesting)
Re:Ok, it might be a monopolizing tactic... (Score:5, Insightful)
Re:Ok, it might be a monopolizing tactic... (Score:2)
Microsoft = Kronos (Score:4, Insightful)
Re: Microsoft = Kronos (Score:2)
Or that they would be eaten?
Save Symantec! (Score:2, Insightful)
Now that Microsoft is in the game, they threaten to destroy these other businesses that were covering-ass before, and screw the consumer even more with price hikes once they dominate the market, but it's not less-right
Have you ever used symantec? or Mcafee? (Score:2)
she was running Macafee, everything turned on, all these 'sign on to the internet' dialogs cropping up, etc. None of it worked; it just made the machine really slow to start up.
She asked whether she should renew her subscription. I asked her what was the point and sent her towards f-secure, that do at least view sony rootkits as evil.
The whole windows security business is a tax on people who believe that paying
Enough paranoia for one day. (Score:1)
If you think about it, Microsoft has good reason to keenly share the security details of Vista, etc. - with trusted industry people, of course. Not only do they want to crow about all the cool stuff they're building, but it can only help improve the imag
Surprise Surprise Surprise (Score:2)
what i don't understand... (Score:2, Insightful)
Re:what i don't understand... (Score:2)
BUT...let's be realistic. The odds that MS is going to be able to create a 109% (or close to it) operating system are very low. A lot of that is their fault, but some of it isn't. Windows is a huge target, and ANY holes will almost ALWAYS be found. That's just how it is. Nothing humans make is perfect, and every lock can be picked.
That being the case, why shouldn't they be allowed to include anti-virus and anti-malware functions with Windows? They're an extra layer of protection. And, honestly
Embrace and extend (Score:1)
Then there's the NDA... (Score:2)
But, of course, it's the GPL that's viral....
An MS AV kit is broken by design (Score:2)
You can see it at the MS Firewall kit. Now, it was maybe convenient to configure the firewall through the Registry, something anyone with Admin access (=The Average Windows User) can change with API calls, but exactly this flaw makes it useless. The VERY FIRST
Yes! (Score:2)
Re:Yes! (Score:2, Funny)
Re:Yes! (Score:5, Funny)
Evet (n.)[See Eft, n.]
(Zoöl.) The common newt or eft. In America often applied to several species of aquatic salamanders. [Written also evat.]
Terrist (n.)
A neologism referring to environmentalists who engage in actions considered by some to be terrorism, (eco-terrorism) including destruction of property as well as various types of nonviolent direct action. It is also a moniker used by individuals who concern themselves with the world (Terra) that is the home of the human species (Homo sapiens).
Re: (Score:1, Offtopic)
Re:Yes! (Score:3, Informative)
--
$1/mo unlimited RoR, PHP, MySQL, Python webhosting [poromenos.org].
Re: (Score:2)
Re:Yes! (Score:3, Informative)
And if you are logged in, you can turn off sigs in your preferences. I have no clue what this thread is about as a result...
(Security By Obscurity) Naw... (Score:3, Funny)
If they gave technical details they might be used by h4x0rz or evet terrists!
More like Financial or Market Security Through Obscurity. Like every other market, Microsoft wants a cut of it and to assert their will upon the rules by which it runs. It's utter madness, however, because if Microsoft did their work right the first time this market would be considerably smaller and segements wouldn't exist at all!
That Microsoft seeks to profit from protecting customers from the holes in their software is l
Re:(Security By Obscurity) Naw... (Score:2)
Re:security by obscurity (Score:3, Funny)
RFC 666: Notice of proposed definition-making
terrist - n.
1. A person who is an advocate of or expert in the planet Earth.
2. Informal. An eco-terrorist.
3. Slang. A person who does not bathe.
See also: open source developer.
:-D
Re:security by obscurity (Score:1)
Re:Wasn't there a microsoft antivirus (Score:2, Informative)
Yep (Score:2)