Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Microsoft

Microsoft on Security: We'll Break Your Apps 609

Posted by michael from the windows-ain't-done-while-competing-apps-still-run dept.
jointm1k writes "Wired.com is running a story about how Microsoft is trying to act responsible and all by fixing (or trying to fix?) many (if not all) security holes in Windows. Not only new versions of Windows will be patched or improved, but as I understood they also plan to force security updates for older versions of Windows down peoples throats. Even if that means that some applications will mallfunction. Nice to see Microsoft taking reponsibility for their mistakes, but they really should have done so when they designed Windows."
This discussion has been archived. No new comments can be posted.

Microsoft on Security: We'll Break Your Apps More

Microsoft on Security: We'll Break Your Apps

Comments Filter:

  • What Mundie said, online (Score:5, Informative)

    by EnlightenmentFan ( 617608 ) on Thursday November 14, 2002 @10:53AM (#4668093) Homepage Journal
    I'm surprised Wired doesn't link to the online MS press release [microsoft.com]. In it, Craig Mundie, Senior Vice President (Advanced Strategies and Policy), flags two planned changes that will affect Microsoft TCO.

    First of all, one of the big selling points of Wintel is that you have a wide choice of software. In the future, however, Mundie says that you can expect your old apps to be broken.

    "We have decided that we will begrudgingly forsake certain app compatibility things when, in fact, they don't allow us to have a default configuration that opts for more security. In the past, the biggest thing that happened to us was IT managers would come to the company and say, hey, all those new features, they're great, all that new security stuff, that's great, but whatever you do don't break my app. So just turn it all off and trust me, we'll fix the apps and then we'll turn it all on. And the reality is that never happened.

    And so we're going to tell people that even if it means we're going to break some of your apps we're going to make these things more secure and you're just going to have to go back and pay the price."

    Notice that they're breaking your old apps not so they can sell you new ones, but purely in the interest of your security, and furthermore it's your fault they have to do this.

    The other point Mundie makes is that, even after they sell you the new OS and the new apps, any security needed will be your responsibility, at your expense.

    "And the other thing is that the customers, whether they're individuals or corporations, are going to have to make a decision about when and how much they spend to get these machines to be more secure. And to some extent you can do it by insulating them, to some extent you can do it by putting things around them or in front of them that protect them, you know, firewalls in some sense. And then in some cases, you can just replace them when you get new machines or new software or both that have intrinsically better capabilities."

    Thanks, Microsoft, I'm glad you're looking out for my interests.

  • Re:Microsoft and Linus (Score:5, Informative)

    by gmack ( 197796 ) <gmack@noSpAM.innerfire.net> on Thursday November 14, 2002 @11:01AM (#4668146) Homepage Journal
    He *never* says "screw the userland apps". Modules yes.. system utils yes.. general apps NO.

    In fact, you can still run your old a.out apps from 5 years ago provided you have the right libraries installed.

  • It's the Applications,NOT the OS,that needs fixing (Score:5, Informative)

    by NZheretic ( 23872 ) on Thursday November 14, 2002 @11:04AM (#4668179) Homepage Journal
    Changing the OS does not provide much more protection if the same applications are used.

    As of 1 November there are currently 31 unpatched vulnerabilities [pivx.com] in Microsoft's Internet Explorer, known and exploitable for MONTHS. Changing to XP, or in some cases even to MacOSX, will not provide the Users documents and data any more protection from exploitation of the above vulnerabilities.

    Anything the user has read or write access to, the attacking script also has access..

  • Re:Microsoft and Linus (Score:5, Informative)

    by oconnorcjo ( 242077 ) on Thursday November 14, 2002 @11:14AM (#4668267) Journal
    I guess the submitter has never read anything by Linus on the Linux mailing list. He is constantly making changes to the kernel and saying "screw stupid userland apps, this is the right way to do things". Even about non-security issues

    Actually I HAVE read Linus's post on LKML and that is far from true. In most cases he is willing to break the internals of the kernel but he loaths to break something in userland (but will do it if there is a really really good reason). That is why most programs written for 2.0 still work for 2.4.

  • Re:Life of Brian jumps to mind... (Score:5, Informative)

    by cscx ( 541332 ) on Thursday November 14, 2002 @11:55AM (#4668617) Homepage
    I think you can turn DRM off in Media player. I also think the whole purpose behind it is so if you wish, you can keep people from stealing your music.

  • Re:Life of Brian jumps to mind... (Score:2, Informative)

    by cblood ( 323189 ) on Thursday November 14, 2002 @12:17PM (#4668825) Homepage
    "It's an MS-owned technology, the specs to which aren't terribly open in terms of what's coming down the 'pike. "

    smb is an IBM protocol. It existed long before microsoft started mangling it.

  • Re:Life of Brian jumps to mind... (Score:1, Informative)

    by ScottKin ( 34718 ) on Thursday November 14, 2002 @12:51PM (#4669106) Homepage Journal
    Microsoft gained the right to use SMB when IBM and Microsoft were working together on OS/2, just before they split-up the project and IBM went on to develop OS/2 and Microsoft focused more effort on WindowsNT. Microsoft had the rights to develop SMB as they saw fit, and Samba was developed at a significantly later time so UNIX boxen could talk properly to SMB-based networks.

    It's amusing how the *NIX world likes to put the cart before the Ox in saying that Microsoft must keep SMB a certain way. It would do the Samba people right for Microsoft to change it in some small manner, just enough to cause minor headaches with the developers of Samba and to show the UNIX world that their "castle" is not as big as they thought it was.

    Let them whine!

    ScottKin

  • Re:Life of Brian jumps to mind... (Score:2, Informative)

    by loginx ( 586174 ) <xavier&wuug,org> on Thursday November 14, 2002 @01:03PM (#4669217) Homepage
    You seem to be forgetting that samba is _not_ used only for compatibility with existing microsoft network.
    I don't run windows on any of my boxes here but they all use samba for sharing files, partitions and printers.
    If microsoft wants to show me that my castle is not so big, I welcome them to make any change they want to their implementation of the protocol, while I'll just watch from my castle :)

  • Security Policy (Score:2, Informative)

    by SEWilco ( 27983 ) on Thursday November 14, 2002 @10:45PM (#4674358) Journal
    The difference is that Posix and many other systems have a security design philosophy that "user programs must not interfere with each other or the system".

    Any changes which stop an interference are acceptable because it's a basic part of the system design. Apps have to work within the system's design. Usually there is only one app affected because well-behaved programs avoid banging against all the walls of their cage. (Indeed, Unix changes which will affect several apps...or even only a few specialized users of unusual device drivers... get much discussion and adjustment so as to break as little as possible while not leaving any weaknesses)

Slashdot Top Deals

On the eighth day, God created FORTRAN.

Close