Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Vista Security Discussions Get a Rocky Start

Posted by Zonk on Fri Oct 20, 2006 09:27 AM
from the get-it-together dept.
Microsoft Security Operating Systems Software Windows
narramissic writes "A technical glitch Thursday morning prevented many security vendors from participating in the first online discussion regarding Microsoft's plans for opening up the Vista kernel, ITworld reports. In a blog posting on the subject, Microsoft Senior Product Manager Stephen Toulouse wrote, 'We had a glitch where we sent out a messed up link. ... We're very sorry about that, it certainly was not intentional and we definitely see that was not a good thing for people to experience on such an important topic.'"
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Vista Security Discussions Get a Rocky Start 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • What a relief! (Score:5, Funny)

    by justinbach (1002761) on Friday October 20 2006, @09:29AM (#16515271) Homepage
    'We had a glitch where we sent out a messed up link. ... We're very sorry about that, it certainly was not intentional and we definitely see that was not a good thing for people to experience on such an important topic.'"


    Phew! It was just an accident!

    • Re:What a relief! (Score:4, Interesting)

      by zoobsolar (934527) on Friday October 20 2006, @10:33AM (#16515961)
      For a bunch of folks that make some of the largest saleries in the entire world's IT industry, they sure do screw up a lot {read very often; too much}. I say the world continues to petition Microsoft. Simply assure Microsoft that we [the public at large] have no plans on buying their new product until they can prove its stability and that it conforms to user demands. This would include the stability and accuracy of information they release regarding said product. Otherwise the public could easily ensure that MS does not continue to "make the big bucks".

  • So... (Score:5, Funny)

    by Anonymous Coward on Friday October 20 2006, @09:29AM (#16515279)
    Sending out messed up operating systems is also a glitch I take it?

  • Security experts biggest question... (Score:5, Funny)

    by creimer (824291) on Friday October 20 2006, @09:31AM (#16515293) Homepage
    'We had a glitch where we sent out a messed up link. ... We're very sorry about that, it certainly was not intentional and we definitely see that was not a good thing for people to experience on such an important topic.'

    Was it a glitch, a bug or a feature? Inquiring minds want to know...

  • Huh... (Score:5, Funny)

    by tygerstripes (832644) on Friday October 20 2006, @09:32AM (#16515299)
    Yeah, well, it was a link to an IIS server.

  • A Rocky Start For Vista? (Score:5, Funny)

    by Analein (1012793) on Friday October 20 2006, @09:33AM (#16515311)
    You mean like Steve Ballmer jogging along the beach, throwing sparring chairs at punching dolls while some 80s influenced background music accompanies his efforts to fucking kill everybody? Nice, really.

  • Extra! Extra! (Score:4, Insightful)

    by Anonymous Coward on Friday October 20 2006, @09:34AM (#16515327)
    Microsoft employee sends an email with an incorrect URL in it! Collapse of Micrsoft predicted! End of the world is nigh! Extra, Extra, read all about it!

    Slashdot has just sunk to a new low of pointlessness in their "articles". Urgh.

    • Re:Extra! Extra! (Score:5, Insightful)

      by PreacherTom (1000306) * on Friday October 20 2006, @09:35AM (#16515345)
      Oh, come on. This is the definition of amusing irony.

    • Re:Extra! Extra! (Score:5, Funny)

      by Dunbal (464142) on Friday October 20 2006, @10:14AM (#16515741) Homepage
      Slashdot has just sunk to a new low of pointlessness in their "articles". Urgh.

            You think that's bad - wait for the dupe.

    • Re:Extra! Extra! (Score:4, Insightful)

      by Overly Critical Guy (663429) on Friday October 20 2006, @12:25PM (#16517571)
      Slashdot has just sunk to a new low of pointlessness in their "articles". Urgh.

      No, they haven't, though it's amusing to see Microsoft employees posting anonymously now to defend the homeland.

      It's a big deal that Microsoft apparently doesn't vet its own URLs before sending them out to third-parties, especially for such an important set of interoperability discussions. The guy didn't even check the link before he sent it out? It's a competence thing (lack thereof). These things just seem to happen with Microsoft, don't they?
  • FTFA:
    Most of Symantec's team, for example, was unable to attend. "It turned out that everybody on our team was not able to make the first meeting but one guy," said Cris Paden, a Symantec spokesman.

    Symantec and Microsoft have a long history of a love/hate relationship and Microsoft has put more and more things into its operating system products that have closed entire markets for Symantec (and it's predecessors).

    • Re:Symantec was one of the vendors shut out (Score:4, Insightful)

      by Anonymous Coward on Friday October 20 2006, @09:58AM (#16515583)
      Symantec and Microsoft have a long history of a love/hate relationship and Microsoft has put more and more things into its operating system products that have closed entire markets for Symantec (and it's predecessors).

      What's your point? That's the nature of the "work around defects in the operating system" market. Eventually, even Microsoft fixes them, and you don't have a market anymore. I hate Microsoft, and I still can't blame them for this. It's not like they're the first vendor to include, say, a filesystem that doesn't require constant defragmentation, or a stateful firewall.

  • More eyes is a good thing (Score:5, Insightful)

    by BadAnalogyGuy (945258) <BadAnalogyGuy@gmail.com> on Friday October 20 2006, @09:37AM (#16515369)
    While it seems more a move to placate a rabid EU, this move is actually pretty good for all users.

    First, not all users will get the APIs. In fact, only a tiny fraction of users, all of whom work at security and anti-virus companies, will get to see these opened APIs. Why then is it good news?

    It's good because it brings into the fold those most able to spot security issues. Despite Microsoft's money and the experience of their top engineers, they all have tunnel-vision when it comes to Windows. And it's not hard to see why, after all, it's their baby. So even though they've got top security people working for them looking deeply into these issues, the very nature of those engineers' employment makes it difficult to see some of the problems that an outside observer would be able to spot easily.

    By turning the baby over to the wolves, so to speak, Microsoft is getting Vista tested by the best testing teams around. The OSS motto is "more eyes makes all bugs shallow", I look forward to that same principle working well here.

    • Re:More eyes is a good thing (Score:5, Insightful)

      by arth1 (260657) on Friday October 20 2006, @09:53AM (#16515533) Homepage Journal
      First, not all users will get the APIs. In fact, only a tiny fraction of users, all of whom work at security and anti-virus companies, will get to see these opened APIs. Why then is it good news?

      It's good because it brings into the fold those most able to spot security issues.

      Why do you think those who work at security and AV companies are those most able to spot security issues?
      I won't mention names, but some fairly well-known "security and AV companies" have made their business on buying up other companies products, redoing the interface every year so they can demand people pay for a new version, and dumbing the app down by removing functionality whenever something breaks, because they don't have people smart enough to fix things. Outsourced $10/hr drag-and-drop "programmers" will only get you so far, and expecting them to possess intuition, assembly language skills, or a love for discovering what a function can be pushed into doing is expecting far too much.

      Also remember that security and AV companies don't want security -- if their products actually fixed security holes, they would put themselves out of business. They want their products to temporarily block attempts, nothing more.
      Gurus, on the other hand, work to get the problems fixed, permanently, and the people who made the mistakes aware of what they did, and just why it was bad, so they don't repeat it.

      Regards,
      --
      *Art

  • Move along....nothing to see here. (Score:3, Insightful)

    by N8F8 (4562) on Friday October 20 2006, @09:37AM (#16515377)
    To err is human.

  • "...we sent out a messed up link..." (Score:5, Insightful)

    by Browzer (17971) on Friday October 20 2006, @09:39AM (#16515395)
    Like it never happened to anybody!

    This is beyond bashing, this is being anal.

  • The real question is.... (Score:5, Interesting)

    by Admin_Jason (1004461) on Friday October 20 2006, @09:55AM (#16515543) Homepage
    Who thought of this? MS wants to keep kernel secret, then capitulates, and schedules conference with security vendors, then admits it screwed up and schedules another one for people to attend. A net meeting?!?! To discuss security of an OS?!?!?! Does this not set off flags in the minds of the security sector? I am sorry but if I want to discuss such sensitive things as OS kernel and API programming and how to avoid, detect and remove malicious apps from infecting the OS, I do this face-to-face with people that are screened, background checked, and sign NDA's specifying to whom they can talk to and consequences if they reveal anything proprietary to anyone w/out express written consent.

    Perhaps I am anal that way, but come on, we're talking about an OS that will likely suceed the millions of Windows 98, 2000 and XP in the vast majority of homes and businesses across the planet!

  • This is a first! (Score:5, Funny)

    by giafly (926567) on Friday October 20 2006, @09:55AM (#16515549)
    Your search - "totally our fault" site:microsoft.com - did not match any documents.

    Suggestions:
    • Make sure all words are spelled correctly.
    • Try different keywords.
    • Try more general keywords.
    • Try fewer keywords
    Google [google.com]

  • Sure (Score:5, Funny)

    by Dunbal (464142) on Friday October 20 2006, @10:06AM (#16515663) Homepage
    'We had a glitch where we sent out a messed up link. ... We're very sorry about that,

          A source has informed up that the "messed up link" was in fact a link to tubgirl. Disciplinary action has been taken against the employee responsible. The project manager for Symantec was quoted as saying the experience was "educational", and he is likely never to click on that link again...

  • "Accidents" happen... all too frequently (Score:4, Insightful)

    by dpbsmith (263124) on Friday October 20 2006, @10:16AM (#16515763) Homepage
    I certainly don't think this is a case of "accidentally-on-purpose." But I do think it is a symptom of a endemic problem in the PC industry, which is lack of attention to usability because computer people are intolerant of human fallibility. Even though they exhibit just as much human fallibility as anyone else, when they encounter a technical glitch they are reluctant to blame the design of the system.

    Sure, "everyone has glitches from time to time," but when people at Microsoft can't get an important web meeting to work it suggests that there's something flawed about this "all-net-all-the-time" vision they've been touting for more than five years.

    Computer technology reached a peak of usability in the early 1990s, when PC vendors still felt that they had to make things easy to use (and supply real support) in order to secure adoption. Once everyone was locked in--not so much to Microsoft, but to PC technology in general--usability was allowed to deteriorate.

    The pretense that unreliable, hard-to-use unfinished technology is ready for release is so imbued into Microsoft's culture that Microsoft managers are evidently willing to use unreliable, hard-to-use, unfinished technology to conduct important Microsoft public business.

    Stepto should _not_ blame "us" for the "glitch" and apologize. Instead, they should take a long hard look at what it was about the technology they were using that made it easy to "send out a messed-up link."

  • messed up link .. (Score:5, Interesting)

    by rs232 (849320) on Friday October 20 2006, @10:45AM (#16516113)
    Doesn't sound like a messed up link. According to this dozens of users were kicked off the system. How does a messed up link cause them to login as 'presenters'?

    Microsoft finally called an online briefing .. Fifteen minutes into the much-anticipated briefing, dozens of the security companies were kicked off [crn.com] line and could not connect again

    "There were problems with the audio and video. We could not get back on."

    A Microsoft spokesman explained the crash was due to "technical problems" and an extra briefing would be set for Monday

    'Alex Eckelberry .. said .. participants signed [theinquirer.net] on as presenters. "Which, if you've ever used Live Meeting, is an invitation to chaos".'

    Did the users actually sign on as 'presenters' and how would this crash Live Meeting?

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.