IE Holes Not Microsoft's Fault, Says Bill

thparker writes "As part of the Media Center release discussed previously, Bill Gates had an interview with USA Today. Best quote: 'Q: Speaking of security, Internet Explorer has had well-publicized holes... Gates: Understand those are cases where you are downloading third-party software.' Well now we know -- these problems have all been our own fault." Any counterexamples?

No thanks

[BWJones]

Gates: Understand those are cases where you are downloading third-party software.'

Hrmmmm. Downloading third party software on my Macintosh does not seem to get me into trouble in the same manner as it does on Windows........Why is that Mr. Gates? Furthermore, I have performed the experiment: Install Windows on a computer and hook it up to the Internet. Leave it hooked up without downloading one bit of software from anywhere! and the machine will be compromised. Why is that Mr. Gates?

Moving along: Q: Might you add anti-virus/spyware protection in Windows? Gates: It's not a thing you build in. You have to offer a service......Why is that Mr. Gates? I would have thought that you would offer a secure environment as part of your product out of the box? What does that tell us about the quality of your products? After all, does not my automobile come with airbags and antilock brakes and skid control and all wheel drive? Under your logic, those features would only work if I paid a monthly premium.

You know, I kept waiting for something better to happen with Windows, but I have work to do and things to create, so I'll stick with OS X and my Macintosh. Thanks anyway.

Easy to assign blame

[onyxruby]

If I did something, than it's my fault. If I didn't do something, and didn't apply a patch that was available, than it's my fault. If I didn't do something and it happens automatically with default settings, it's Microsoft's fault.

Sick and tired of fixing spyware infested machines.

Rubbish!

[Any Web Loco]

Those holes are what LETS third-party software install its freaking self.

Re:Uhhhh...

[Wizarth]

I was just about to say this.

And you don't even have to view a webpage. How many Win32 worms* are there now?

* I mean real worms, not "the media calls it a worm for some unknown reason" when its really a virus.

Re:No thanks

[etnoy]

Install Windows on a computer and hook it up to the Internet. Leave it hooked up without downloading one bit of software from anywhere! and the machine will be compromised. Why is that Mr. Gates?

[risk of being devil's advocate]
Just for clarification, is that computer hooked up directly on the internet without firewall, or is it running behind a NAT router? I am not sure if it is true, but most of the Linux distros' default installation aren't to good to hook up directly onto the net.
[/risk]

software, eh?

[crackshoe]

Q: Yes, but will people continue to do that with Media Center? Gates: You might well do it. We need to use approaches that block people from ever getting software onto the machine they don't want. Me: Great. Now let me get a PC from a major OEM without windows - oh, not that software?

What's that I hear dying?

[MoralHazard]

Sounds like Microsoft's Trusted Computing Initiative isn't getting as much executive support as it might've.

Remember that, Bill? When you said you were going to make all the Windows computers secure by focusing all your energies on securing your code?

Now, it's not your fault, and you won't do anything to fix it? Then why on earth did you tell everyone that you would?

I'm so sick of the lies

[gad_zuki!]

I hear them from the Bush administration almost daily and corporate america is getting a lot more brazen. No one fact checks, dissenting opinions are marginalized, and the corrections page doesn't have nearly the eyeballs the front page does. And that's assuming a correction is ever given.

This is the same mentality of shipping a crappy product and having tech support take care of the issues. Okay, fine, at least I have someone to complain to and I can return products, but with information you don't have that option. You complain to your peers, who are just an echo chamber. The fact that lying usually goes unchallenged in media makes for bigger more destructive lies.

The browser has holes, its a piece of software. This is way over the line. How did the information age become the disinformation age? Perhaps we officially entered the post-postman world [amazon.com] where everything is a soundbite that flies through the subconscious and sticks there. Long corrections don't have the same stickiness, so lying is now smart business.

Keep it up Bill, you're making my next Apple purchase all the sweeter.

Disclaimer for the mods: Yes, many politicians lie. Apple isnt perfect, etc. But there is a difference between small and big lies. Lies which are harmless and those which cause destruction.

Re:Easy to assign blame

[RTPMatt]

Unfortunatly if a webpage tryes to load something nore than once, IE gives me no way to say 'No to all.' They are happy to provide me with a 'Yes to all' checkbox, but if i have to sit there and click 'No' 50 times, after a while i get fed up and just click yes to all.

I use firefox at home, but my school only has IE, and it seems like i spend more time clicking the 'No' dont insall this crappy software button than actually reading webpages while browsing there!

Ones not made by Microsoft

[Anonymous Coward]

Especially the ones that you get while downloading the updates.

So the thing the users keep doing wrong is hook it up to the internet.

From TFA..

[mstefanus]

Q: What's your take on making Windows Media compatible with Apple?
Gates: We're big believers in interoperability.

BWWAAHAHHAHAHAHHAHAAAHHAAAA!!!!!!

Yes yes... ofcourse, interoperability within Microsoft products

Article is a troll

[ic3p1ck]

Mod article +5 Troll...

Wish there was a rating system for articles.

Technically, Bill Gates is correct

[Leykis101]

Q: Speaking of security, Internet Explorer has had well-publicized holes ...

Gates: Understand those are cases where you are downloading third-party software.

Here how it goes.
If you never download, let say a third party web-browser like Mozilla's Firefox or Opera, you'd never realize how problematic Internet Explorer is.

So it is us, the consumer, who are to blame for downloading those third party softwares. Especially the ones that make IE look so horribble.

Re:Blame Game

[ladybugfi]

See the quote: "More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change."

Money is no replacement for clue.

Re:No thanks

[Jugalator]

Hrmmmm. Downloading third party software on my Macintosh does not seem to get me into trouble in the same manner as it does on Windows........Why is that Mr. Gates?

Because you haven't been downloading spyware and such things?

I mean, it's no secret that downloaded software ran under admin privilegies can do basically whatever it wish to your system, regardless if it's a Mac or not.

A big problem to me is that MS doesn't even *try* to tell that working in admin mode all the time is very bad.

Re:No thanks

[drumist]

After all, does not my automobile come with airbags and antilock brakes and skid control and all wheel drive?

So you're saying the antilock brakes will work forever if you don't regularly service them? Cars need to be maintained, too, and that is part of the necessary "service". In fact, an improperly maintained ABS would be more dangerous than standard brakes.

Gibberish

[gruntled]

The purpose of Internet Explorer is to download third party files (by viewing Web pages). Mr Gates's claim that vulnerabilites exist because of such downloads is therefore nonsensical; it's like saying we could end deaths due to automobile accidents by banning automobiles. Yeah, there's a certain logic to that, but it sort of misses the point. To take a recent, ongoing example: A malevolent Web page can use an image file to compromise a Windows system. This vulnerability is not created by users who have somehow previously contaiminated the local environment; it's a part of the system's design. The OS was originally built to offer features over security, and maintaining backward compatability rather than fixing those issues would make it more difficult to coax existing users into upgrading (and would also make it easier for existing users to consider alternatives rather than upgrading). I lost two years of my life covering the antitrust trial, listening to this guy and his minions cheerfully perjure themselves, and he just can't seem to stop making it up.

Re:Antivirus is not a thing you "build in"

[sinthetek]

it's hard to imagine that anyone with half a brain could unintentionally write code so buggy and insecure, especially if they're getting six figures & sponsered by a multi-billion dollar company. i admit that the popularity of windows makes it a bigger target, but that same popularity is what gives them the $$ to hire a half-decent staff & do good r&d and is the prime reason to design with security in mind. apparently they haven't done much of either. even their security patches have security flaws. when was the last time they distributed a patch that wasn't vulnerable to attack or buggy and didn't require another patch to fix it? i've never patched anything in linux with the same disasterous results. if the people who do it for free can do it faster, with better performance, better security and no capital, why can't m$?

Re:Ones not made by Microsoft

[sigaar]

Must be. Maybe Microsoft still doesn't believe in the internet. Remember how they said the Internet was going to blow over?

Bill

[cbdavis]

You need to see a shrink. You are SO in denial mode. Take it from your users, not your PR cronies, IE is broke, always has been broke, always will be broke. Firefox is great ( but there are still some problems with it) and it will get better. But I doubt if it will ever get a big following. Bill has us by the cojones. We know it, He knows it. Thats why he can lie, lie, and lie some more. Thats it, Bill, blame your users. Just once, I would like for M$ to admit fault. I can dream, right?

Re:Bill Gates lecturing about security...

[Whizzmo2]

"I'm John Kerry, and I approved this plagiarism [reference.com]".

Let's pretend you are Microsoft.

[Anonymous Coward]

First of all, you are a business, so you want to make money. Your target is average Joe NoClue. What is gonna get the attention of Joe NoClue? Features, a whole friggin lot of features. He's not a sysadmin. He's not a freaking security expert. And he certainly doesn't care about thing he doesn't see, like security. You might say that Joe NoClue doesn't like having his computer hijacked. Well he still doesn't have a clue about this. So this is not a problem. Problem arise when Joe NoClue loses some precious data. This is what's important as far as security goes.

So let's assume that your product will sell because of it's features, security isn't that much of an isue (Joe isn't going to know about those big gaping security holes, when the product will be at the middle of it's usefull life, then Joe might notice, but not before.)

If you consider this as your view of software and OS, I don't see what Microsoft has wrong. Of course thay have some version for sysadmin, but before being sysadmin, a lot of them have been user... on Windows system. If they didn't touch any other thing, they might try and use some version of Microsoft's server don't you think?

Anyway, the only thing i'm trying to say is that a lot of people, at some point in time, began thinking that Microsoft's main market is not common Joe Dumass. And then these people started expecting thing from Microsoft.

"Microsoft machines are poluting the Internet" ...
Well, yes, corporation don't care about polution, it cost way more to make something the clean way rather than pullution like a dumass.

Stop expecting secure systems from Microsoft. As long as Joe IDontCare doesn't know about security, he's still gonna be using Microsoft products. If you want to help make Microsoft systems more secure, start educating people around you about the need for secure system and the polution on the Internet.

You'll basically get the same response from people as if it where about nature and other kind of pollution.

People won't care until it's gonna be a problem.

Anyone if free not to share my opinion, but I beleive it's an environement problem. And Microsoft is only going with what people are freaking asking for.

Microsoft is in it for the money.
Features sell beter than security.

Is it that complicated?

Windows May Suck...

[Wingie]

But don't you realize that it's because MS being idiots about this that most of us here have jobs? (Or had, if you've moved beyond the hell of tech support.) Yes, crappy jobs that involve cleaning out crap from computers everyday. But imagine if there WAS a good built in virus/spyware scanner in Windows that automatically fixes systems--imagine if Windows had no holes/problems and fixed itself. Who would need tech support then?

Very rich

[thelibrarian]

So Windows Media Centre is going to allow you to navigat your media files in "a very rich way". And Longhorn and MSN search are going to provide a "very rich search" on the desktop. What exactly does this mean?

Are we going to all get gout from using Windows in the future?

Re:Easy to assign blame

[PurpleFloyd]

Well, first of all, Firefox probably does have some holes. However, since it's not dominant in the market like IE, there aren't legions of crackers, trojan authors and spyware pushers probing its vulnerabilities. Still, Firefox/Win32 has some major security advantages over IE:

• First, it's not integrated into the OS. IE is used in Windows for a lot of different tasks: web browser, file browser, help browser, anything that can be made to involve browsing. It needs to have deeper access to system internals than a simple web browser like Firefox. Thus, if IE is compromised, it's much easier to get malware into the system.
• Firefox is a lot stricter about installing plugins. IE's user interface is biased towards installing whatever plugins the site's designer wishes, including malware - it takes one click to install an IE plugin. Firefox's default configuration, on the other hand, requires you to add the site to a whitelist, then enforces a wait period before presenting the option to install a plugin; the UI is biased against installing plugins. It requires active thought to install a plugin; you can't just click "install" to make an annoying dialog box go away.
• Firefox is Open Source. While this certainly doesn't mean that it's magically better than a closed source product, it does mean that if a vulnerability is found, a large number of developers can move quickly to plug the hole. Also, it's more possible for the community as a whole to take the initiative regarding security; while a kludged security risk may be left in a commercial product to make a ship date, it is likely to be replaced fairly quickly in an Open Source environment by a volunteer. Open Source isn't a magical security enhancer, but it does tend to promote better security practice and allow quick response in the event of a security breach.

Re:Best quote from Bill...

[wan-fu]

It doesn't really help if you don't provide what site statistics those are from... if those are the figures for mozilla.org then I'd say IE is doing very well, but if that's something like msn.com then obviously it's a different story.

Re:No thanks

[Zork the Almighty]

I think he is referring to the viruses and worms.

Re:No thanks

[nsillik]

... digital bytes never get old or need to be routinely checked by some paid worker

Well, while I agree that Microsoft should bundle anti-virus/spam/spyware/any-bad-thin with their OS, I don't think that this statement is right. I'm sure that the people who work for Symantec and MacAffee would be very unhappy to hear that they are not paid workers. Both of these companies, and presumably MSFT if they were to bundle anti-whatever software, must be constantly updated to detect the changes in viruses and what-have-you.

Re:No thanks

[Tim C]

Downloading third party software on my Macintosh does not seem to get me into trouble in the same manner as it does on Windows

That'll be because no-one targets the Mac with spyware or viruses, because Windows is a soft enough target and has vastly more market share; it's not worth their while to yet.

Q: Might you add anti-virus/spyware protection in Windows? Gates: It's not a thing you build in. You have to offer a service......Why is that Mr. Gates?

Because if he did, he'd have avs companies and MS-unfriendly tech sites screaming bloody murder about MS using their monopoly to enter new markets, just like they did when they first included a firewall. They can only weather so much of that before people start muttering "anti-trust" and starting court procedings. They're in the middle of getting slapped for that sort of thing here in the EU, I don't suppose they want another one just yet.

Re:I'm so sick of the lies

[killjoe]

The problem lies directly with the American people.

First of all they are utterly clueless and can't even discern between the truth and a lie. They are pretty much programmed to accept whatever somebody on the tee vee tells them.

Look at this (or any other election) for example. Is Kerry a flip flopper? Is he a coward? Did he get his metals from self inflicted wounds? Ask your typical american and they will say yes. Press them for details and you'll realiize they don't know shit, they are simply repeating what they saw on television commercials.

Same with Gates and Company. Ask yourself. Have you ever heard or read an interview with Ballmer or Gates in which they didn't tell at least one lie? Not a minor one either but a blatant out and out lie. They people are habitual and pathalogical liars. They will continue to tell lies until the press calls them on it. Since they buy lots of advertising don't hold your breath though.

Re:No thanks

[strider44]

Of course the simple solution is not to run under admin. I like the way that linux actually forces (well it doesn't but severly recommends) the user not to run something under admin. Then again usually for newbies spyware can be installed as easily as

Installation Instructions
1. Login as root
...

Re:Gibberish

[KamuSan]

It's more like banning traffic accidents by forbidding driving.

It just means that Bill Gates still doesn't get network connected computers. I remember he once thought that 'the Internet' would never be important. And now I think that, IE monopoly and all, Microsoft still, inherently, deeply, doesn't get network connected computers. Yes, they forced Netscape out of the market with IE, but for them IE is just another piece of software.

The user's fault? We can fix that!

[outanowhere]

Blame it on the user.

Again.

As usual.

As always.

Microsoft and especially Mr. Gates have both blamed the user for DOS and windows bugs, et cetera, ad nauseum, since the beginning.

It's one of the things that really encouraged me to dump windows. Being told personally, to one's face, by Microsoft and Mr. Gates that the problems with DOS and windows is my fault made it very easy to walk away from the huge investment in microsoft stuff.

Since the user is at fault, the user can fix it--like I did: dump microsoft.

Re:Antivirus is not a thing you "build in"

[npietraniec]

Seriously... It's impossible to have an OS without a browser built in, but it's also impossible to build in virus protection.

Or hey, here's a novel idea... maybe make your OS secure enough that you might actually have a choice whether or not you want to drop X amount of dollars on a 3rd party virus scanning app.

My god. The people at Microsoft can be so completely dense sometimes.

Re:No thanks

[asadsalm]

Q: Might you add anti-virus/spyware protection in Windows?

Gates: It's not a thing you build in.

Us: But a browser is a thing you can build in ... Right?

Re:No thanks

[Negatyfus]

To be fair, a Windows machine would be targeted sooner and more overwhelmingly than a *nix box. Age-old argument, but still true.

Re:No thanks

[EqualSlash]

I guess you are making a point but stating that even an unfirewalled 'nix box won't be compromised is farfetched.

Give them a Little, Take a Lot

[Exter-C]

This is a classic example of how humans are.. Microsoft give us alot (in vulnerabilities) that cant be exploited until the user downloads a file. So its not the browser thats at fault its the user...
This is just like the pinto.. the car wasnt going to blow up unless the other driver was crap.

Re:I'm so sick of the lies

[_xeno_]

The annoying thing with the media today is that they just report on what someone tells them to. What I mean is that they'll just rehash the talking points or press releases that are sent to them.

So you see things like "Bush said this, and Kerry said that." Which is 100% true. But there's no investigation into whether the quotes are actually, like, true.

So Microsoft will release a press release saying "We're improving security!" and then various media reports will say "Microsoft says it's improving security." But the media won't actually investigate whether or not Microsoft actually is improving security, they'll just report that Microsoft has said that they are.

About the only time you'll hear any discussions about the truth of any position anyone has is on various talk shows, where to "show both sides" you'll get two people who are representing "opposite sides" of a given debate. Directly opposite sides.

Since these people are soley debating for their side, we're ultimately left with no middle ground. Only two extreme views on a topic.

So while the two "sides" of the debate are represented, the media generally "let's the reader decide" which side they believe in. But since the veracity of the two sides has never been called into question (other than each side calling the other wrong), the average reader/listener/viewer has no way of judging complicated scenarios they don't really understand.

(For example, I don't really know what Kerry's position is on Iraq. I have no idea whether or not it's a good position, because I only hear polarized viewpoints on it. About all I know is that he intends to "do it differently" and "get international support." I have no idea about the details and don't know enough about international politics and warfare to judge it even if I did know.)

This is one of the main reasons I get all my news from the Daily Show with Jon Stewart. At least then I know it's all fake. :)

I'm currently up due to insomnia, so if any of that makes no sense, I'll try and post a correction tomorrow. It'll be in fine print and on the fifth page. :)

Re:No thanks

[mikkom]

Most of the servers are unix boxes that are connected to internat and many of them don't have firewall. Simply because there are no services that need to be firewalled.

Windows instead has many "default" services that you can't turn off.

Re:No thanks

[Sneeka2]

I recently installed a Win XP with SP2 slipstreamed, and the first thing I saw after the unit booted the first time was a warning "Your computer might be at risk, no AV protection installed". Asking XP for recommendations comes up with "Download and install (and cough up extra money for) an AV protection!".

I don't know about you, but I think that's kinda sick.

And yes, on my Mac I can start doing productive things right away without holding Mac OS' hand.

Re:No thanks

[NanoGator]

"Why is that Mr. Gates? I would have thought that you would offer a secure environment as part of your product out of the box?"

Offering anti-virus is not the same as making a more secure environment. Anti-Virus searches for specific types of attacks, as opposed to closing ports or limiting the damage an executable can do. Windows does not have built in virus protection, but Microsoft is actively closing security holes.

"After all, does not my automobile come with airbags and antilock brakes and skid control and all wheel drive? Under your logic, those features would only work if I paid a monthly premium."

This is a flawed analogy. Microsoft is already providing (err trying to provide) those equivalents. (Although, if Windows were a car, it'd be recalled. Bear with me.) Anti-Virus would be more like On-Star. It's a service for helping drivers with situations that building a car 'correctly' can't deal with. For example, if your car is stolen, On-Star can track it. However, that is a monthly service. Yes, you can make doorlocks tougher, that doesn't prevent On-Star from being an interesting service.

Still not convinced? Okay, consider this: Recently Slashdot had a story about a Mac exploit. A 'beta' of Word 04 wsa supposedly released. A bunch of Mac users downloaded and executed it. They were all victims of an exploit. Basically, the executed file wiped out their home directory. (Note: My memory is fuzzy on this. Corrections or additional info appreciated.) Permissions can be set. Apple could release a patch, no problemo. But what do you do? Lock down the machine so that executables have really strict rules to follow? Do you run an anti-virus app to scan for known exploits like that? Well I'm not trying to answer that. All I'm saying is that they are two very different techniques, and yes forced anti-virus can cause unwanted results.

Catch 22

[The Real Nem]

It is kind of a catch 22. If Windows had built in anti-virus software no one would buy 3rd party anti-virus software and Microsoft would gain a monopoly in the market. They would get their asses sued and everyone would complain that they have a monopoly or they have created an unfair environment. We've seen it before. If Windows doesn't have built in anti-virus software everyone complains they don't.

And even if Windows did have built in anti-virus software, can you honestly tell me, given their track record, that you would feel secure with it? If everyone used Windows built in anti-virus software wouldn't it be just that much easier to exploit and cause even more damage.

Re:infomechanics

[arkanes]

There's no such thing as "bit rot" per se - things like fragmentation can cause a gradual decrease in performance, but not failure. The term is used in software development because of the way old parts of source code don't get looked at and updated and touched.

Simply put - the "maintenance" that we refer to with software, and that's being compared to cars above is in fact no such thing. Every patch and update that's issued is to correct a _mistake_ in the software - not something that gradually failed because of wear. Cars need regular maintaining because they're physical objects in a physical environment and the stresses and imperfections of that environment cause real physical damage that needs to be repaired. Software "maintenance" is actually incremental development - it's correct mistakes that are in the original.

All that said, software (at least most of it) is far, far more complex than your typical car, and has had far less time to mature. The physical limits that a car operates in are well defined and well understood, and the vehicles are designed with that in mind. There are well known and well understood physical requirements and those requirements are easily tested. Software lives in a very different environment with a very different level of contstraint and a very different level of user expectation.

Re:What's that I hear dying?

[ceeam]

Your fault is that you think of him as a sensible businessman doing sensible business. Your life would be easier when you think of him as moral-free greedy evil bastard, like the rest of us do. ;)

(Mod me troll)

Re:No thanks

[ajd1474]

If MS included Anti-virus, serious Firewall software and whatever else you feel they should include to make it "secure", you'd be the first person up in arms claiming it to be another example of MS using their monopoly to push out competitors.

Everyone wants MS to remove things like CD-burning, Media Player, IE etc because it is anti-competitive and now you WANT THEM to build MORE APPS IN??

Also, motor companies do NOT make Airbags, ABS and skid control... they are usually made by third party companies (Bosch for example). So are you suggesting that Windows comes bundled with Norton Antivirus/Firewall, that you shouldnt get a choice, and that we should add another $50 to the cost? Sounds anti-competitive to me. Sounds like you're another /. er who trips over their own arguments in an effort to be the first to bash MS.

Re:infomechanics

[Doc Ruby]

Software with modern complexity will always have defects. Accepting that fact, and designing for failure tolerance, is the kind of wisdom that has steadily improved automobile safety despite heavier use under less anticipated conditions by many more people. Software is no different, unless you have the magic to reduce software design and implementation errors to nothing.

Re:No thanks

[stephanruby]

"*sigh* I'm talking about viruses and malware, not remote exploits - don't worry though, I'm used to people mixing the two up. "

He wasn't criticizing what you said, he was criticizing your reasoning behind what you said. If what you said is true for "viruses" and "malware", why wouldn't it be also true for "remote exploits"?

It sounds to me like you came up with an overgeneralization and now you're trying to rationalize it in face of contradictory evidence. *sight* You can be as impatient with us as you want and you can patronize us all you want, but your backtracking rationalization about the technical proficiency of users doesn't hold much water. For me, the only reason I first installed Apache was because I had no clue about how I could install Microsoft's Personal Web Server. I suspect it's the same for most users. Apache simply worked out of the box, that's it magic and that's partly why it has the biggest marketshare.

Re:No thanks

[aichpvee]

You're obviously very confused. The *nix box "can" be compromised, but probably won't be. The windows box "WILL" be comprimised, and in a matter of minutes.

Whether things would be reversed along with the marketshare, it's impossible to say. But there's really no way anyone can do it worse than what microsoft is doing.

Why we put up with this madness...

[infonick]

I will never understand. If a grocery store so as much hires someone *unlikeable* to work the cash registers, they lose customers. likewise with vehicle manufacturers. If a bad car is designed, it is branded a lemon, and is treated as such by all consumer reporting websites/newsletters.

So why Bill Gates is still in buisness after making such a comment: "Understand those are cases where you are downloading third-party software" it makes my eys roll. Why is the customer always right? because only the customer knows what he or she wants. If the customer wants a good solid car, they are going to buy a good solid car from *insert favorite car manufacturer here*. So why people put up with this slander from the biggest man in Microsoft is beyond me.

Personally, i think i run a very tight ship. I dont need antivirus, and a nice firewall is all that stands between me and the next script-kiddie on the block. Problems i've ever had are related to IE and poor OS performance.

Because i will shortly be entering my era of University in 2005, my thoughs turn to my financial future. I will not be able to afford a new computer, much less new games/new MS OS. When the time comes when i can no longer play games on my current setup, windows will have no further place on my computer.

*Deep Breath* - Thank you for your time.

3rd party

[Tom]

Understand those are cases where you are downloading third-party software.

True, that. Now the point is that you're downloading this "third-party software", aka virus, trojan horse or spyware, even though you never wanted to.

Staying Alive.....

[earthstar]

When msoft has so many holes in so many of their products,seriously,how does www.microsoft.com manage to stay alive always, and let users download patches etc.....

Put differently,how does microsoft.com manage to be stable?

Re:No thanks

[thegrassyknowl]

It's not a thing you build in. You have to offer a service......

But we'll build in a browser, mail client, media player, etc to hold on to our monopoly.

I'm sorry, what!?

[rincebrain]

Last Q/A in the article:
Q: There is talk of a Google browser. Internet Explorer has had its security woes. How do you keep users?

Gates: More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change. That's the one over 90% of people are going to keep using.
[Italics and bolded sentence my own markup]

So let me get this straight, Mr. Gates. You have thousands of people working just on Internet Explorer, and yet...a thousand or two thousand people working on Mozilla have bested you?

Nothing is going to change, indeed, Mr. Gates. You're going to keep spewing the same old story, ignoring obvious holes in your own logic (third-party software is to blame for all security problems, true...but that doesn't mean your software should allow third-party software to install itself without the user doing a thing), denying any obvious falsehoods in your own statements (" We feel like we are pioneering an experience that to us is a clear thing most households will want." - Gates, regarding Windows Media Center PCs...I'm sorry, I didn't know you pioneered multicasting from a set-top box...I presume Linksys is paying you licensing fees for their video broadcast device, to name one alternative?), and hoping people will be stupid enough to follow it.

The saddest part of the above discourse is, Gates is probably right. People are, until told otherwise, going to keep using bug-ridden products, until they are shown that there are alternatives...I know many users who have never clicked Windows Update in their lives, and not because they've never used Windows.

I could be wrong, but I'm sensing a downward spiral, when M$ can announce things such as they did in their article, and not get negative feedback from the interviewer. Just my $0.05.

Re:No thanks

[tuxlove]

You're not playing devil's advocate, your point is just irrelevant. The original poster's point is that there are plenty of security holes that have nothing to do with downloading third party software. You can get compromised by reading your email, visiting websites (there are dozens of known vulnerabilities) or even having your computer sitting idle on the Internet, all of which have nothing to do with downloading third party software. A firewall is moot for the first two, and irrelevant for the third, because as soon as you take away the firewall the machine's toast w/o downloading a thing. Putting a NAT router in front of Windows doesn't fix it, it just masks the problem Bill Gates says isn't there.

Re:No thanks

[ozmanjusri]

It's simple to get a *nix box which can not be compromised. Any of the Demolinux/Knoppix live distros which can boot from an inexpensive RO media are almost uncrackable, and even if the box were somehow compromised, all you'd need to do to clean it is reboot. That's not something MS will ever allow with Windows.

Critical assesment vs Belief

[quinkin]

It seems to me that social gullibilty has nothing to do with detection of a lie - instead it stems from the belief of an assertion with no critical evaluation. Critical analysis over unquestioning belief is a much maligned concept in most education systems.

Our children are being indoctrinated from a very early age to believe what authority figures (parents, teachers, the tv, etc.) tell them. Should we be surprised when a concept ingrained for 10+ years during the most formative childhood years translates to an easily misled populace?

Do not believe anyone. Do not believe politicians, scientists, priests, your parents, the police, and please don't believe the mass media.

Teach your children to think, not believe.

Q.

Re:I'm so sick of the lies

[njdj]

I hear them from the Bush administration almost daily and corporate america is getting a lot more brazen.

Politicians (especially the ones in power, regardless of party) always tend to lie. And salespeople have never been noted for truthfulness.

What has changed, gradually, over a couple of decades, is that the media no longer provide a check on politicians and corporate liars.

The purpose of the media used to be to provide information and critical comment. That's changed. A newspaper or a TV network makes more money if it's operated primarily as an entertainment. That means: nothing that requires the consumer to think, because a lot of people don't like to think. Not too many boring facts, either (unless they're sensational).

Don't be too hard on Gates. There will always be people whose goal in life is to make more money, by any means that works. The problem is that our society has lost the checks and balances that used to constrain people like him.

He's right, of course.

[Max Threshold]

Downloading third-party software is exactly what gets people into trouble with Windows... especially when IE holes cause them to do so unknowingly!

Re:No thanks

[Ilgaz]

"Moderators: Read posts twice before wasting your points modding up trolls."

It seems mods didn't care about your signature on this topic. Proof? Your posts score :)

I tell you one interesting thing. While it was working back in 2003, I updated a 68030 Mac Duo laptop 7.6's modem driver from Apple site. I even had support about how to add more ram. That machine is back from 1994 or something.

OS X updates aren't service packs, they are new OS'es. 10.3.0 is a new OS , 10.3.1 is a service pack.

About antivirus and anti adware? As its a BSD based real OS, its run by rights. As its a pain in the ass to code a spyware on linux, its much more harder on OS X. Guess why? OS X shows a user friendly window which is centralized by OS GUI whenever a program needs administrative access.

Oh there is a program on OS X, comes with it and has a unsolved security problem. Yes, it still exists. Guess what is it? INTERNET EXPLORER macintosh edition.

Re:Not to be behind Bill or anything ....

[Rattencremesuppe]

They have flaws in the first place because debugging an operating system is pretty difficult

IIRC, the article is about the problems in IE, which should be just a normal user-space application. I don't know how tightly they integrated their IE into the ring-0 kernel space, though ;)

Re:So let me get this straight

[CamTarn]

"What's this thing you wanted me to install, son? Uhm ... anti-virus, it said, I think? Is that safe? I mean, I heard Bill Gates on the TV the other night saying that the reason thing go wrong with peoples' computers... it's all because of third party software. Nice guy, that Gates. Good mind for business.

"What was I saying? Oh, yeah. Third party software. I dunno. My computer's running pretty slow at the moment, ever since you came over a few months ago and installed all that stuff for me. What was it, Thunderfox or something?

"I remember you tried to show me how to use it, but I prefer that Outlook program. Doesn't try and stop me doing what I want to do, make all the images in my emails broken and stuff like that.

"D'you think that that's why my computer's slow? After all, that Gates guy was saying that third party software's what makes 'em go bad. Are you sure that stuff you installed was safe? I mean, I've heard there are a lot of viruses going around on the World Wide Web...

"Maybe you better just keep this anti-virus software, and take that Thunderfox thing off my machine, and see if it speeds up any. I'll just stick to Microsoft stuff, that should be safe enough.

"Besides, I don't think I need anti-virus stuff, really. My doctor always tells me to get a flu jag, and I ignore him. Hate needles. But I've not been ill for twenty years and I'm not intending to be ill any time soon. I don't go out in the rain without a scarf on, I cover my mouth when I'm sitting on a train next to a guy who's coughing and sneezing away. Sensible, see?

"It's like that with the computer. I don't use the Internet Explorer much - mostly I just use the computer for email and typing up letters and stuff. And I've never been on this World Wide Web thing - I remember a guy at work saying that you could get a lot of viruses off this Web, so I stayed away from it. So I'm pretty safe, right?

"Anyway, I'll see you next week. Oh, and hey, while you're at it ... I have something I want you to check out when you're down at mine. There's this window that keeps popping up in the middle of my screen, telling me that my Internet is slow. It's been doing it for about a year and I keep closing it, but I got to wondering - d'you think it's right? I mean, when I use my Internet Explorer at work it's a lot faster. The little picture in the top right is different, too. Does that have anything to do with it?

"Yeah, anyway, see you next week. Sure, I'll say hi to your Mom for you. Alright, bye."

Re:No thanks

[fafaforza]

But isn't unix a server os? Isn't its main purpose to run network services and applications? I realize you can use it on the desktop, but Unix/Linux is a server OS.

Windows (XP especially) is a consumer OS. It isn't supposed to be serving any networked services. Why are things like DCOM, NetBIOS, Messanger, etc running on XP, which is installed mostly on consumer computers. Anyone remember how blazingly fast that DCOM hole was exploited and spread, how many Windows boxes went down at once, and how much bandwidh was consumed?

If microsoft closed those services, there would be a dozen fewer eggs on its face. At least if you install Linux, you might have a few things running, like SSH, and RPC. RPC you close automatically, but exploits in SSH are not as easily and automatically exploited like DCOM.

Re:I'm so sick of the lies

[BenjyD]

The mantra of most of the media these days is basically "maximum sales, minimum effort". Researching the facts, using statistics correctly - these take effort and don't sell papers/advertising time.
So instead, grossly over-simplify the argument, chuck in some spurious statistics and come up with an inflammatory headline that completely misrepresents the story. Maximum sales, minimum effort.

windows install

[Anonymous Coward]

That is a obvious lie. If your are installing Windows and your computer is connected to internet (so you can download service packs etc.), it is not even possible to finish the installation without getting Sasser and various other security exploits. And this is while finishing Windows installation a lot sooner than any third-party software installation.

Re:No thanks

[Ice_Balrog]

A firewall and virus scanner are important to a Windows box running well (or at all). A media player, CD-burning app, and web browser are not. See the difference?

Re:No thanks

[thepoch]

Argh I'm beginning to sound like a broken CD lately, having to always repeat myself.

It isn't only that Microsoft doesn't even try to tell people that using Admin all the time is bad. It's also the stupid developers that never test their software with non-Admin accounts. And don't even start to talk about RunAs. That's broken as well for most apps.

The only way for all this nonsense to hopefully be worked out is if Microsoft forced developers by making the default account a "User" account. Not even a "Power User" as that's pretty lame as well. Then every app out there will be forced to store their settings in the user's respective "Documents and Settings" folder. At this time, a lot of apps still store settings in either C:\Program Files\ or in HKEY_LOCAL_MACHINE. I'd rather have it in my own C:\D & S\username\Application Data folder and in HKEY_CURRENT_USER. This makes it more similar to *nix where it stores all settings in my /home/username in .files or .directories.

Double Argh. Palm is one company that does this badly. Imagine everyone having to be an Administrator just because Palm Hotsync's data to C:\Program Files\Palm\$palmname. Sheesh.

FUD

[Anonymous Coward]

Q: Speaking of security, Internet Explorer has had well-publicized holes...

Gates: Understand those are cases where you are downloading third-party software.

What is implied by these comments:
Fear:
Trusting "third-party software" will get you rooted. Only use official Microsoft software.

Uncertainty:
Perhaps we have been being lied to by all the reports about how vulnerable IE is, nevermind that IE may not give you a choice or even let you know that your system has downloaded and installed third-party software (spyware/viruses). I think it is safe to say that IS an IE bug regardless of what your definition of "is" is.

Doubt:
According to Bill, you probably shouldn't trust those comments from CERT and the like about using, say Firefox or Opera, because it is all caused by other people's software.

*Bill waves hand*
Microsoft software is not vulnerable, only third-party viruses are.

Unfortunately...

[cnelzie]

...there are many applications for MS Windows that simple refuse to run unless they have either Admin Privileges or are provided some fairly strong access to the system with the 'Power User' group setting.

Yeah, you can get away with running some applications using the "RunAs" command, but that is nowhere near as powerful or as capable as the much older *nix version of that.

Seriously though, out of the millions of people that use computers running Windows, very few of those people are even aware different levels of access to the PC and a smaller number of those folk understand that there is a utility in MS Windows called "RunAs".

Fighting the last war.

[argent]

At least twice a year Microsoft comes out with another security patch to try and block the latest holes in IE, without changing the underlying design flaws that make the explouts possible. Shortly afterwards, another hole surfaces. Everyone with a passing understanding of the 20th Century knows the expression "generals are always prepared to fight the last war": assuming the lessons learned in the last war are all that is needed to prepare them for the next. The classic example is france preparing for trench warfare all over again, caught unprepared for the German Blitzkreig.

Microsoft doesn't do that well. They're forever preparing for the first war all over again, never learning the lesson they're faced with after every new exploit.

The problem is that Microsoft is trying to use discretionary access control to implement a design that requires mandatory access control. In an environment with mandatory access control, every object (document, program, web page, email message) in the OS has its security level bound to it in such a way that an application displaying that object can have no more rights than the least secure object it has accessed. The only way to raise the security level of an object is through a trusted component that has explicitly been granted the rights to do so.

Their "security zones" can't be depended on unless the whole operating system and all applications operate on this basis. If they're not going to create a compartmentalised Windows AND make it the default configuration (and wouldn't people scream at that!), the only place they can create these compartments, these internal layers of sandboxes, is by having the applications themselves handle their own sandboxing. Remove the responsibility for trust management and remote access from the HTML control and let it merely render HTML. If the document displayed wants to access an image or stylesheet or script, run a script or a plugin or embedded component, let it ask the application for it, and let the application decide if the request should go through. Internet Explorer would let it fetch remote documents, but not run scripts or applets that weren't sandboxed, nor pass URLs or files to applications that aren't prepared to enforce the same level of mistrust. Windows Explorer wouldn't display remote documents at all. Outlook would be even more restrictive. And IE wouldn't blithely pass files to arbitrary desktop applications to open.

You can't do this by having the HTML control guess, no matter how good a guess it can make, because it's not in a position where it can actually know what rights the document should have. Only the application does.

Split the HTML control down the middle like this, and restrict IE to only running fully sandboxed applets and scripts, and there would be very little change in the user's experience. About the only thing they'd notice is that Windows Update would have to become a separate program instead of an ActiveX plugin (and likely run faster), and a few applications would need updates because they were doing dangerous things. There would be an enormous improvement in security, though, and Microsoft could quit wasting time on fixing the unfixable and get around to working on the NEXT war instead.

The whole attitude makes me angry

[zerojoker]

Q: Speaking of security, Internet Explorer has had well-publicized holes ...
Gates: Understand those are cases where you are downloading third-party software.

This is just a lie. I wonder if he really belives this bullshit.

Q: Might you add anti-virus/spyware protection in Windows?
Gates: It's not a thing you build in. You have to offer a service. There are third parties who are doing a good job. We're always taking a hard look, but we don't have any concrete plans.

And here you can see that the whole attitude towards the security is weird at M$. I mean I don't want Anti-Virus or Anti-Spyware Software from Microsoft. I want the structural problems of Windows solved.
If you start MacOS X the root user is disabled per default. That is why Spyware doesn't have a chance. Even the most stupid user will think twice if he has to enter his system-password if he installs Software. Same with Linux. The whole Spyware-thing would be much much less trouble if the default install of Windows would create a user account.
And Windows has these capabilities. But at the moment this feature ist pretty much unusable because most of the software vendors don't give a shit about multi-user install. And why do they do this? Because M$ creates a default Admin-Account anyway. If M$ would change that, the software-vendors would adapt very quickly, like they did with SP2.
Same with Firewall: First install zillions of services which most of the users don't need at all. And instead of swichting these services off per default, you create a Firewall to fix it.

It's the whole "If we have to decide between usability and security, we will always go for usability" approach that bothers me...

"Never Trust Microsfot" Re:No thanks

[lee n. field]

but I accidently checked the "Always Trust Microsoft" box during an install a few years ago. If only I could turn back time

Why isn't there a checkbox for "never trust Microsoft"?

Re:No thanks

[ConceptJunkie]

Everyone wants MS to remove things like CD-burning, Media Player, IE etc because it is anti-competitive and now you WANT THEM to build MORE APPS IN??

I don't. I just want them to build in stuff that doesn't suck.

I always thought this bundling issue was just an excuse for Netscape to whine because they couldn't write a good browser (or more specifically, that they had a good browser and MS'ed it up by bloating it beyond usability). No one complains that Windows comes with WordPad, which as far as I'm concerned is all the word processor I need.

Re:No thanks

[DMadCat]

So are you suggesting that Windows comes bundled with Norton Antivirus/Firewall, that you shouldnt get a choice, and that we should add another $50 to the cost?

Nope. I'm suggesting they scrap this train-wreck of an OS and rebuild from the Kernel up. With all they've learned about security patching maybe next time they can get it right.

Re:No thanks

[IamTheRealMike]

That'll be because no-one targets the Mac with spyware or viruses, because Windows is a soft enough target and has vastly more market share; it's not worth their while to yet.

Yes indeed. Given Apples history of remote code execution via web pages in Outlook stylie (look up the disk:// and help exploits), I think the only thing really "protecting" the Mac is statistical irrelevance. Same is true of Linux to some extent.

Re:No thanks

[ultranova]

Unfortunately, running as a normal user won't do any good in a single-user system. After all, you have the right to access your own folders, and thus are still vulnerable to malware which installs there - you just can't pollute other users with it.

Linux isn't immune to this problem either. It was designed to sandbox users from each other, but a single normal user will find it difficult to sandbox individual processes. Any process running at my privileges can access all my files, install cron jobs to be run automatically at machine boot, etc.

A real solution is a fine-grained permission control. For example, a Web browser should be able to read it's configuration files and plugins/extensions, connect to any Internet address, and write to the bookmark file(s) and download and cache directorie(s). It shouldn't be able to do anything else. If there was an easy way to do this, even if the browser was compromised by a web site, there wouldn't be much that site could do. Especially if you could set the bookmark and configuration files to be stored as a "journaled" file, which would record the changes to it and allow returning to any given point in time. Obviously, you'd also need to move any downloaded files away from the download folder and check them with MD5/SHA1 checksums to avoid tampering (but how do you get that checksum, if you suspect your browser has been compromised ?)

I'd imagine something like this could be done with relative ease with Hurd [gnu.org], since one of it's design goals is to allow each user to replace parts of the operating system (even the file systems) with new parts without disturbing others. So you could install a translator [gnu.org] to control access to your home directory or any subdirectories (but of course such translators can also be removed by programs runnign with your permissions - that's one permission that should be droppable).

An alternative way would be to allow users to build and set up "subusers" - simply add 32 bits to processes (and files) user id. The complete id would then be in the form of userid.subid. Userid.0 would have all the rights of the user, while userid.1 would be a "subuser" and have limited rights (the system would basically make userid.0 the root of his own home directory). This could also be generalized into a hierarchical authority tree, allowing individual programs to run parts of them as more restricted users (for example, a p2p-application could generate separate processes for managing file storage and network connectivity, allowing the part that touches the network to run without any access to filesystem and thus reducing the likelihood of a bug in it from causing damage).

To summarize: the traditional access controls are designed to protect users from each other. This is not enough. A single unprivileged user needs an easy way to make sandboxes for programs to run in. If the computer is a house divided with walls to different rooms for each user, then all those users need the ability to further subdivide their own rooms with more walls, and they must be able to make/remove those walls without help from the janitor (administrator).

Re:Check the history of the seatbelt in the car

[Anonymous Coward]

Until enough studies came out showing how dangerous cars were (things like the steering column being a spear aimed at your chest) and the public started to get aware and goverment was starting to take action ONLY then and very slowly did the car industry do something.

Why the hell would we want the government involved? It's not their job to make your PC protect itself. If consumers want those protections, they should use their buying power to initiate change. We all know that there are more operating systems out there that are more secure. If you want that security, fix it yourself. Take some responsibility.

Re:No thanks

[adamruck]

wtf... who ever modded this up was retarted, viruses and spyware are not "software", you dont knowingly download and install them, or use them for your own purpose. They are peices of bad code that spread due to holes in MS software.

Media Data

[nurb432]

And how do you propose several hundred million people get their news, and know its 'fact'?

Reember they have lives, and that they dont live anywhere near the records, which are often kept from the average citizen anyway. ( perhaps not techincally restricted, but the artifical barriers that have been erected serve the same net result )

And btw, the same goes for your totally OT statement about Senator Kerry, appears you dont know diddly either.. Start reading his public voting records and then compare them to what he says.

It should be easy, he tended not to show for work too often.

Or just listen to televised debates, and actually listen to what he says from sentence to sentence.

Where did you get your 'facts', from another biased news service i bet?

( and no, i dont claim his main opponent is any better.. before you go blame me of being biased )

Yeah right

[bitswapper]

Q: Might you add anti-virus/spyware protection in Windows?
Gates: It's not a thing you build in. You have to offer a service.

Imagine if automakers charged to offer seatbelts and brakes as a service.

Re:No thanks

[1u3hr]

nothing to do with downloading third party software

Bill is right, in the same way that Clinton was when he said he "never had sex" with Monica. I guess Bill is defining "download" in the quite correct sense of data arriiving on your PC via network. What most people think though is of software they choose to download and install, not stuff that exploits OS or browser holes or even user gullibility (clicking something with a deceptive label).

Re:I'm so sick of the lies

[Kpau]

One has to remember that originally, news departments were run as a public service so that the station could meet its mandate and justification for the BORROWING of the public airwaves. Somewhere in the wonderful "greed is good" 80s... someone decided that news departments should be profit centers. At that instant -- the news was fucked (as opposed to just biased or agenda-driven). I'd like to see the Fairness Doctrine reinstated and an FCC mandate that news departments be NON-PROFIT... not likely at the moment.

Re:No thanks

[jadenyk]

Windows (XP especially) is a consumer OS. It isn't supposed to be serving any networked services.

Ah.. Now I understand why they call it "Windows 2000 SERVER" and "Windows 2003 SERVER"

But since IIS is an install option for 2000 Professional (and XP I believe) and PWS is an install option for 98, I can't see how Microsoft is saying "This is a consumer OS that isn't supposed to be serving any network services." In fact, since they are providing these applications, they are saying that this is ok.

The roof won't leak, unless it rains

[walterbyrd]

Isn't windows supposed to work with 3rd party party apps? If so, then msft can't excuse msie security flaws because users dared to use a 3rd party app.

Re:+1 FUNNY

[Anonymous Coward]

what is soo funny about this?
he's telling the truth!

they provide a common API for all viruses and worms to be compatible with.

Self-knowledge.

[master_p]

"More has been invested in making IE secure than any browser on the planet by a long shot. Nothing is going to change"

I am not surprised at all from the above statement. After all, IE has the biggest security problems, so it is natural that IE had the biggest expenses in making it secure.

Re:[Slaps forehead] Of course!

[dick johnson]

A better example would be of a home builder saying, there's nothing wrong with your roof, it's the rain causing the leak!

Re:Check the history of the seatbelt in the car

[orac2]

The plural of "anecdote" is not data!

Even though you acknowledge the overall statistics, you then rely on one person's experiences for choosing not to wear a seatbelt in many circumstances to overrule the statistics.

To see why this is crazy, imagine asking a 1000 people all across the country to toss (fair and balanced) coins. Ask the 500 or so people who get heads to toss again. Ask the 250 or so people who get heads that time to toss again. And so on, through 125, 62, 31, 15, 7, 3, till you're left with 1 person. Now this 1 person has tossed a coin 10 times and it's come up heads every time! [1]

Now if you didn't know much about coin tossing, except a statistic that said they come up tails about 50% of the time, and you only knew that one person, should you believe her if she says "Well, the statistics say tails comes up 50% of the time, but from what I've seen, it's heads all the way!"?

Unless you know of a broad survery of many accident investigators who detect a tendancy for low-speed or low-traffic density accident injuries to be increased in either number or severity because of seat belts, then you must take what you're hearing with a hefty grain of salt, even if what they are saying is 100% true[2]. (By the way, I fail to see the difference in between accidently wrapping oneself around a telephone pole on a busy road vs. a quiet road.)

Don't forget there's an obvious potentail for observer's bias here too: you're not seeing his formal reports, but just the stories he's choosing to share with you in an environment which encourages entertaining conversation, not neccessarily statistically accurate conversation.

In the absence of such of survey, perhaps the best thing is to consider the failure mode you're really concerened about: it's not that wearing a seat belt is bad during the accident, but that you may be trapped afterwards. Put a box cutter or similar within reach, say in the door drawer. If you can't operate the cutter because of unconsciousness or severe injury, well, in your condition, you weren't getting of that car anyway .

[1] There's actually a well known stock-market scam [investorhome.com] which operates in very much this fashion.

[2] The furor over silicone breast implants is another good example: a lot of women honestly reported problems after breast implants, but when all was said and done [emedicine.com], their problems were coincidental.

Somewhat incorrect.

[khasim]

My Linux box is "targetted" as frequently as any Windows box.

Of course, since most of those attempts are from compromised Windows boxes, looking for other unsecured Windows boxes, the attacks don't get very far.

It just that the overwhelming majority of compromised machines are Windows machines that are now looking for other Windows machines.

Re:Spin is just spin

[HTH NE1]

"It isn't pollution that's harming the environment. It's the impurities in our air and water that are doing it." -- Dan Quayle

Re:Ones not made by Microsoft

[stoborrobots]

There is _NOTHING_ in Canberra... :-)

Honestly though, Canberra is a very small town, so if you are expecting to see "Australia" while you're there, there's not much. Your best bet is to look here [canberratourism.com.au] or here [atn.com.au] for things to do there.

Otherwise bear in mind that it's about 200 miles to Sydney, 400 miles to Melbourne or 800 miles to Brisbane, where the real stuff happens...

What kind of things do you like to see when travelling?

Canberra LUG here [clug.org.au], Wollongong LUG seems offline [uow.edu.au] at the moment.

Re:Spin is just spin

[rikkards]

Is it MS fault that a 3rd party app needs admin to run? Install yes but run? I would say so if all applications needed that permission. Lay the blame where it is deserved. The application developer not Microsoft (for once).

Don't some USB drives have locks?

[SuperKendall]

I thought some USB drives had a "lock" switch that prevented writing. That seems infallible.

The basic idea is a really good one. It adds anothe rlayer of defense, as how many spyware and virii REALLY are going to try and write to mozilla.exe?

People should make more of a distinction between what is possible and the reality of what is around now. A number of people act like because you COULD write spyware for OS X or Linux, that there's no point in switching - when the reality is Windows is the only system you have to deal with that crap right now and it will probably be years before anything hits the other systems.

Re:No thanks

[mbbac]

And Apache would be targeted sooner than IIS due to its marketshare. But it's IIS with the most exploits.

Re:No thanks

[Buran]

You can use the root accout but it has to be enabled first (the default install has it disabled and you have to use NetInfo to enable it, which most people don't know how to do) and it does not come up in the list of available users, so you have to specifically type "root" and the root password into the appropriate boxes in the non-default login screen (which most people won't ever see) to login as root.

99% of the time, people are going to use sudo or have to type their password into a box that pops up, and if they don't know why something is asking for root privs, they deserve what they get if it's malware.

That said, I haven't heard of anything nasty that does that - yet.

Re:No thanks

[shotfeel]

viruses and spyware are not "software"

Well, they're sure not hardware...

They are peices of bad code

Bad or not, if its code, its software, and it is 3rd party.

Personally, I would have modded the grandparent "Funny" if anything. Its the same thing I thought. Technically, it is all 3rd party software that's being downloaded...

Re:From TFA..

[maximilln]

What do you propose to do when someone says

Tell them to quit micromanaging.

Are you supposed to turn down business

Only business from customers you don't really want anyways. Maybe if more people would grow a spine we could stuff these halfwits who think they're stellar managers (because they use MS-Project) back in their place serving us french fries.

Or do you keep the most popular OS on the planet around because you have to have it to run some of the most popular software packages?

Is that like kids saying they have to have Kazaa otherwise they won't be popular? Is that like kids whining for $200 tennis shoes? Maybe the world does revolve around spoiled, rich, underachiever brats who like to play manager with their nifty new MS-ProjectPlusSuperStellarEdition 2005 Ultra Pro XP.

I, however, will always have the brainpower while Mr. Yuppie over there goes berzerk when his HD crashes.