How sad and cynical do you have to be to seriously believe that all the time and money Gates has spent, especially post-Microsoft, is some sort of elaborate ploy to make people think better of him? I'm sure he's under no illusion that he can convince certain elements of the Slashdot community, but really, that's far more a reflection on those people than it is him.

Your comment has truly depressed me. Doubly so that it got modded anything other than flamebait.

Let me re-phrase on your behalf:
"What kind of company wouldn't exploit every loophole or legal avenue available to pay the absolute minimum amount of taxes in the country they do business in and reap the benefits of? Hey, provided it's not actually illegal, who cares if it's wholly unethical?"

At some level, it's a frankly depressing picture of humanity that we can so easily rationalise away doing pretty much anything in the name of material pursuit, so long as it doesn't outright violate national laws. What's worse, is that I hate the fact that governments are seemingly enacting ever more legislation, ever more restricting our rights, and yet, it seems that when it comes to things like tax law, the reason is because if they don't, people will abuse it unless it is absolutely watertight. Hell, people admit they are looking for and exploiting the system as if it's a badge of honour, as if they'd be somehow morally liable if they didn't abuse the system.

You can code multithreaded applications with Visual C++ Express, and you can develop 64-bit applications with Visual C++ Express. So, you're a troll, ignorant, or both. You are correct that profiling requires a (seriously expensive) Visual Studio edition, but profiling is an advanced compiler feature, not a "I need this to develop useful stuff" feature. I do think it would be nice if it weren't locked away in an expensive VS edition, but, it's hardly something you need to code your apps.

Um, Microsoft makes its C/C++ compiler available for free, along with the Windows SDK. You're probably thinking of Visual Studio, but Microsoft makes a basic version for C/C++ free as Visual C++ Express; effectively, a basic Visual Studio edition purely for C/C++ coding without the enterprise features. If you need those features, you're probably doing more than hobbyist development/basic development.

This does actually make some level of sense, the reason being, Microsoft has to pay to license the required codecs for playback of DVDs, Blu-rays, HD-DVDs, etc... when they bundle them with Windows (think H264, for example). This does result in a price increase to the cost of every Windows license. Media playback is one of the very few areas of the Windows operating system where Microsoft has to pay a per-license additional cost for the inclusion of this extra code (I can't think of any others, but I'm sure other Slashdotters may have insight here).

So, why should everyone have to pay the extra fee for these codecs if they have no interest in using them? I can't even remember the last time I watched a physical Blu-ray or DVD on a computer, and when I do watch media, I do it through VLC Media Player. And, after all, this isn't a DRM restriction, go and install VLC Media Player, or ffdshow, or whatever you please, and you can get many/all these codecs via 3rd-party for free. So, honestly, who gives a damn?

Can you please provide links?

Because FLAC is very poorly supported among both portable media devices and media center devices? Further, the difference in actual perceptible quality between a high quality mp3/ogg/wma/whatever encoding and a FLAC encoding is between negligible and non-existent, negating pretty much any benefit of FLAC. Media archival is one area where FLAC is an obvious choice for, but bit-for-bit storage is generally something only a subset of music enthusiasts care about, and so unless constantly transcoding FLAC into a format that your chosen non-PC device supports is your idea of a good time, then it's just not worth the effort...

So basically, your suggestion is to design an OS that ensures that it is secure by taking away API calls that could be misused in a way that compromises security? By your own admission, it is a documented specification, and it is behaving exactly as it is intended to do so. It isn't a "bug" in the API, it's misuse by various developers. However, Microsoft is at fault for how developers (its own or 3rd-party) misuse an API call that is fully documented and behaving exactly as intended? This makes absolute, perfect sense.

Yes, they are blaming applications that have incorrectly used the documented specification. And, they have provided the capability to control remote loading of DLLs through a patch that can be targetted at individual applications or the entire OS. What more can reasonably be done?

And this is factually wrong. Windows NT (as opposed to Windows) was designed from Day 1 to be secure. You can argue whether they succeeded in developing a secure OS, and that might be a far more interesting debate, but to argue that it was never designed to be secure is incorrect. This is a fact of historical record. I'd argue that earlier versions of Windows NT were significantly flawed from a security perspective while modern versions (Vista and newer) are significantly improved, but that's another debate.

Essentially, your entire argument is that it is Microsoft's fault for providing a documented API that can be misused. I'll grant the defaults could have been chosen better, but competent programmers need to be aware of these issues. I'm mildly surprised it's getting the coverage it is, as this isn't some brand new attack; this issue has been known about for some time and not gotten a lot of coverage because it simply isn't that big a deal and is not a flaw in the underlying OS. For example, this blog post from early 2008 covers the issue (and was linked in some more recent blog posts): DLL Preloading Attacks

I always thought that WinSxS was quite an elegant fix to a difficult problem. Put it this way, I still have nightmares about DLL Hell from the bad old days, but have yet to encounter a problem due to WinSxS. The closest I've come is one or two applications making assumptions about dependencies (i.e. not bundling the required installers and not failing gracefully). Have you had issues with WinSxS?

The answer is:
Said "top scientists working in industry" are welcome to do all of the above, and should be encouraged to do so in fact, but the determining factor of whether their work is published should be one purely of merit; not payment for publicity or any other form of bribe that results in direct gain to the publisher.

Wait, what? No Windows Service Pack has ever forced an update of Internet Explorer; maybe NT 4.0 did as I can't remember that far back, but definitely nothing since Windows 2000 onwards. Windows XP SP3 will install fine with IE 6.0 (XP bundled version). They'd be breaking their own support policy by even doing so, as Microsoft commits to supporting the version of IE that is shipped with every Windows version for the lifetime of support for that OS release. Seriously, where do you trolls get your garbage? You're not picking exceptions, you're claiming shit that has never happened.

That's because XP x64 isn't actually XP (NT 5.1), it's Windows Server 2003 (NT 5.2). That is, it's really only XP in name as it is built off the Windows Server 2003 codebase. It has all the server functionality of its counterparts removed as well as some minor functionality present in XP but absent from the server releases included. Consequently, they share the same service packs and updates, with the latest service pack for Windows Server 2003 being SP2. Unless of course, you meant the original "XP" Itanium release, which really is built off of XP, but support for that was discontinued a long time ago.

Then they're not competent, or more likely, they did something catastrophic to the operating system that makes reinstalling the easier solution than hunting down the actual cause(s) and fixing it/them. For example, a seriously nasty virus infection that hoses operating system components, or disk corruption that takes out half the registry without a backup. Linux, while less susceptible to some of these problems for various reasons, isn't immune to them.

I have well over a decade of experience using MS operating systems and I've never had to reinstall a system because I absolutely couldn't fix it; I've chosen to reinstall systems that were compromised by an infection because, although I could remove it, I lack confidence that it is 100% removed and the system is back to a pristine state. I've done the same for Linux boxes that were hit by rootkits; I simply can't guarantee trust of that system anymore knowing that install has been thoroughly compromised. As far as configuration issues go, versus security or data destruction issues, I've never had to revert to a reinstall.

Typically, I also find it unproductive, as you don't learn anything. Even if it's a bastard to track down the issue, you learn a lot from the experience, and that will help you solve the same or similar problems in the future. Reinstalling any operating system is a very blunt approach. More to the point, for most systems I use as well as friends and family, reinstalling is more time consuming in the long run for sheer time and effort invested backing up data, reinstalling apps, restoring data, and getting the configuration back to a state that you like. Then there's the problem that sometimes the reinstall didn't fix the problem, and you've wasted a monumental amount of time. So I view reinstalls as a solution on any OS as a particularly poor solution; it's frustrating it is so common on Windows systems as to me it demonstrates a lack of technical proficiency by many who would claim competence with the system.

Security policy is just one aspect of Group Policy, and a small one at that relative to the total set of configurable options. In essence, if it is a configurable Windows setting, Group Policy can configure it; including settings that have no GUI front-end outside of the GPO configuration window (ie. typically registry settings without a Control Panel UI). The point being, of all the configurable settings in Windows (or any OS), security settings tend to be a minority considering everything else.

That aside, while deploying secure systems in the first place is unquestionably the smart thing to do, security tends to be dynamic, and security configurations change. When they do, even on Linux, a mechanism to quickly and easily update security settings company wide (e.g. for LDAP authentication or NFS/SMB authentication) is obviously incredibly useful, and pasting together scripts that modify the relevant files (hopefully at the individual settings level instead of just nuking the entire file with a new copy and potentially wiping out custom settings) is a clunky business at best, and definitely not elegant.

You're correct hands-down though that Linux is far superior for pushing out whole applications through an internal repo or other solution. There's some interesting stuff going on with using WSUS to deploy 3rd-party apps, and AD can do it with MSI packages, but it's still not even close to the power of rpm/deb and associated distribution technologies generally, and certainly not as easy to setup and manage.

Inexperienced Linux user:

Windows issues can be fixed.
Linux can be reinstalled. Probably. Or you can get a new distro and migrate your data. Perhaps.

Do you see the point I'm trying to hammer home?