Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Microsoft

Microsoft: Trust and Antitrust 539

Posted by michael from the ironic-t-shirt-slogan dept.
Microsoft is in the news for two reasons today: the continuing saga of the antitrust cases, and Microsoft's public relations push for "trustworthy computing". A selection of links: Microsoft claims two months of code reviews and half-day seminars surpasses everything ever done by the open source community; Salon talks about the problems with a monoculture; SBC, an abusive telecom monopoly, complains about Microsoft's behavior, an abusive OS monopoly; and Microsoft responds, claiming that SBC is merely being self-serving.
This discussion has been archived. No new comments can be posted.

Microsoft: Trust and Antitrust More

Microsoft: Trust and Antitrust

Comments Filter:

  • NY Times username/password (Score:5, Informative)

    by AmigaAvenger ( 210519 ) on Tuesday April 09, 2002 @01:43PM (#3310817) Journal
    Username: dotslash2002 Password: dotslash2002 (had to, no one posted on yet, had to go through the trouble of getting another account registered...)

  • Re:Two months? Get real. (Score:2, Informative)

    by Dusty ( 10872 ) on Tuesday April 09, 2002 @01:48PM (#3310853) Homepage
    True, but in a very real way, Microsoft has a point. The Open Source community has never really taken time to say, "ok let's stop development and everyone will go check code extremely carefully."

    I may be wrong on this, but I thought OpenBSD counts as Open Source, and they're certainly doing a security audit [openbsd.org] of the source code.

  • Re:Two months? Get real. (Score:5, Informative)

    by ILikeRed ( 141848 ) on Tuesday April 09, 2002 @01:51PM (#3310877) Journal
    Derkec gushed:
    True, but in a very real way, Microsoft has a point. The Open Source community has never really taken time to say, "ok let's stop development and everyone will go check code extremely carefully."

    No, False. You (and MicroSoft) are completly ignoring Open Source projects that only audit code... i.e. the Kernel Janitors: [kerneljanitors.org]

  • Re:What code reviews? (Score:2, Informative)

    by kTag ( 24819 ) <pierren@[ ].com ['mac' in gap]> on Tuesday April 09, 2002 @01:53PM (#3310888)
    This is horse shit. I'm using Win2k and for the past two weeks I got patches every couple of days just for the OS. That about 10 patches since they decided to work on their security.

    I'm not saying they are delivering either, but they are doing stuff. Time will tell if it is actually real work or just smoke.

  • Re:Windows XP SP1 (Score:2, Informative)

    by GutBomb ( 541585 ) on Tuesday April 09, 2002 @02:01PM (#3310936) Homepage
    if you actually read the article you would see that it says the service pack will HIDE msn messenger, ie, and media player if you wish. it says nothing of REMOVING them.

  • Re:Key to user security... (Score:5, Informative)

    by rabtech ( 223758 ) on Tuesday April 09, 2002 @02:16PM (#3311057) Homepage
    Microsoft has gotten the message. If you were on the Windows.NET server beta, you'd have gotten the memo ;)

    Essentially, Windows.NET server ships with absolutely NOTHING enabled by default. This does present a problem to the typical Microsoft "its so easy just plug it in" sort of thing, but that is solved by an improved "configure your server wizard". The first time the server boots up, the user can explicity select what to install and/or turn on, and ONLY what they select gets installed/turned on.

    The individual components themselves have improved as well. IIS 6 by default will serve only static HTML files, and installs no sample files or other stuff. You have to manually run the IIS security wizard to turn on things like ASP, CGI, etc. If you install a new ISAPI filter or something of the like, you have to manually enable it. Nothing gets turned on unless YOU the admin turns it on.

    The other thing is that IIS 6 is a complete ground-up rewrite; no code from IIS 5 was used in its creation. Its gone through a complete code review to (hopefully) eliminate any buffer overflows or other bugs. There are other improvements as well... for example, the easy ability to run each website being hosted under a separate security account, typically with minimal access to anything.

    Microsoft isn't stupid; they see that their biggest PR problem right now is security and they are doing something about it. True, they should have jumped on this a long time ago, but late is better than never.

  • Re:NY Times username/password (Score:3, Informative)

    by Alsee ( 515537 ) on Tuesday April 09, 2002 @03:47PM (#3311708) Homepage
    gorwell1984 / gorwell1984

    P.S.
    You need to accept the second cookie for the article to appear, but that one is only a session cookie that dissapears when you close your browser.

    P.P.S.
    What's a gorwell? George Orwell author of 1984.

    -

  • Re:Two months? Get real. (Score:2, Informative)

    by caspper69 ( 548511 ) on Tuesday April 09, 2002 @04:13PM (#3311874)
    And then all the sudden they bring out this dog and pony show and you discard your lessons from the past and without any results or evidence in hand

    My computer has received 10+ security updates from MS since the beginning of February. Prior to that they came out few and far between (every few months). I would say that from an end-user's perspective, I can see a major difference. And I had noticed the increased updates without seeing any of their "Dog and Pony Show." It remains to be seen whether or not these updates prove useful, and also just how many more updates will come out (how many are needed?), but I can see that they're doing *SOMETHING*, which is more than I've seen in the past.

  • Bullshit, look at OE and file sharing defaults... (Score:3, Informative)

    by aquarian ( 134728 ) on Tuesday April 09, 2002 @04:15PM (#3311887)
    Outlook Express *still* ships with the preview pane turned on by default, and port 139 is still wide open by default too. These are the two biggest security flaws in Windows operating systems, allowing the spread of every virus in recent memory. Yet Microsoft has done nothing about this.

  • Re:Key to user security... (Score:1, Informative)

    by Anonymous Coward on Tuesday April 09, 2002 @04:24PM (#3311946)
    Redhat 6 typically lasts less than 72 hours [honeynet.org].

  • "two months of code reviews" ??? (Score:2, Informative)

    by yppupdurc ( 100218 ) on Tuesday April 09, 2002 @04:27PM (#3311966)
    I work at a software shop that developed an extensive amount of code compiling under Linux, Solaris, and Win2000. We constantly compile the same code under all three platforms and frequently have to deal with portability issues.

    Today, my next-cubicle neighbor asked me why we keep the warning-level at 3 in the MSVC++ environment. Being primarily a Linux/Solaris guy, I said I had no idea why and suggested he raise the level to 4 (the maximum) and see what happens. Ten minutes later, he got his answer: the compiler issued 1000+ warnings, most of which came from the standard library header files! Talk about a need for code reviews...

    But I guess I shouldn't worry, since Mr. Lipner will simply sic his Uruk-Hai legions on that code for a week, and they'll make it into a thing of such sparkling crystalline beauty that the gcc developers will weep with envy.

    yppupdurc

Slashdot Top Deals

"No matter where you go, there you are..." -- Buckaroo Banzai

Close