While it seems more a move to placate a rabid EU, this move is actually pretty good for all users. First, not all users will get the APIs. In fact, only a tiny fraction of users, all of whom work at security and anti-virus companies, will get to see these opened APIs. Why then is it good news?
It's good because it brings into the fold those most able to spot security issues. Despite Microsoft's money and the experience of their top engineers, they all have tunnel-vision when it comes to Windows. And it's not
First, not all users will get the APIs. In fact, only a tiny fraction of users, all of whom work at security and anti-virus companies, will get to see these opened APIs. Why then is it good news?
It's good because it brings into the fold those most able to spot security issues.
Why do you think those who work at security and AV companies are those most able to spot security issues? I won't mention names, but some fairly well-known "security and AV companies" have made their business on buying up other companies products, redoing the interface every year so they can demand people pay for a new version, and dumbing the app down by removing functionality whenever something breaks, because they don't have people smart enough to fix things. Outsourced $10/hr drag-and-drop "programmers" will only get you so far, and expecting them to possess intuition, assembly language skills, or a love for discovering what a function can be pushed into doing is expecting far too much.
Also remember that security and AV companies don't want security -- if their products actually fixed security holes, they would put themselves out of business. They want their products to temporarily block attempts, nothing more. Gurus, on the other hand, work to get the problems fixed, permanently, and the people who made the mistakes aware of what they did, and just why it was bad, so they don't repeat it.
More eyes is a good thing (Score:5, Insightful)
First, not all users will get the APIs. In fact, only a tiny fraction of users, all of whom work at security and anti-virus companies, will get to see these opened APIs. Why then is it good news?
It's good because it brings into the fold those most able to spot security issues. Despite Microsoft's money and the experience of their top engineers, they all have tunnel-vision when it comes to Windows. And it's not
Re:More eyes is a good thing (Score:5, Insightful)
Why do you think those who work at security and AV companies are those most able to spot security issues?
I won't mention names, but some fairly well-known "security and AV companies" have made their business on buying up other companies products, redoing the interface every year so they can demand people pay for a new version, and dumbing the app down by removing functionality whenever something breaks, because they don't have people smart enough to fix things. Outsourced $10/hr drag-and-drop "programmers" will only get you so far, and expecting them to possess intuition, assembly language skills, or a love for discovering what a function can be pushed into doing is expecting far too much.
Also remember that security and AV companies don't want security -- if their products actually fixed security holes, they would put themselves out of business. They want their products to temporarily block attempts, nothing more.
Gurus, on the other hand, work to get the problems fixed, permanently, and the people who made the mistakes aware of what they did, and just why it was bad, so they don't repeat it.
Regards,
--
*Art