Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Vista NOT More Secure Than Linux

____/ BearItAll on Thursday 28 June 2007 11:58 : \____

> Roy Schestowitz wrote:
> 
>> The trolls seem rather confused (still), so here is _another_ new rebuttal
>> and clarification (from Windows-oriented sources).
>> 
>> On the face of it, Microsoft continues to seek some form of replacement
>> for the insecure O/S that is no longer maintainbale. They have published a
>> new paper:
>> 
>>
>
http://research.microsoft.com/research/pubs/view.aspx?0rc=p&type=Publication&id=1726
>> 
> 
> This is the area where I thought that MS was onto a winner with Vista, it
> was obviously a limited win, depending on how clever they were with the
> stacking orders and padding, but should have bought them time to revise it
> later. It is a clever idea and from the notes that I read on it was a well
> implemented system.
> 
> I don't know where they went wrong with it, but I certainly think that they
> should persue it. It is probably the single most effective security
> addition they made to Vista over XP. But I would guess that for it to
> remain effective that it has to be a moving target. If your code does have
> access to this space then a pattern search may be all you need to find your
> target, but also there has to be a list somewhere that system code uses to
> find modules. Once that list can be found then the system is no more safe
> than the old top-down stack, so that list is the key, the part that needs
> to be protected through encryption, it wouldn't be wastefull of time
> resources because in the end it is just a jump address.
> 
>> 
>> Then you have the *hidden* patches:
>> 
> 
> I think this is highly dangerous. How on earth will IT folk know if their
> machines are up to date on security patches?
> 
> There is no point in MS being bashfull about fixes, all new OS's need fixes
> after release and everyone now knows that Vista is going to need a lot more
> fixes than any previous OS. They might as well come clean and keep
> everything in the public eye to protect their users as best they can.

I consider this dishonest and vain. Others think the same thing but Microsoft
says it's about 'enhancing security. That's also what they said about EULA and
virtualisation...

Microsoft insults our intelligence on Virtualization security

,----[ Quote ]
| Microsoft has once again pulled out the security argument for its 
| decision again and I must say that I find it rather insulting.  It’s 
| not that I think Microsoft doesn’t have a right as a private business 
| to set the terms of the EULA as they see fit, but don’t take us for f
| ools.  If they want to restrict Virtualization, just come out and 
| say it and don’t make up ridiculous excuses for it. 
| 
| [...]
| 
| Trying to stop a Hypervisor Rootkit with a EULA is like trying to 
| stop Malware with a EULA.
`----

http://blogs.zdnet.com/Ou/?p=549


Analysis: DRM may be why Microsoft flip-flopped on Vista virtualization

,----[ Quote ]
| Whether most users would call DRM a feature, however, is questionable. A 
| close cousin to DRM technology, known as Windows Rights Management Services 
| (which in turn is part of a larger category of technologies called Enterprise 
| Digital Rights Management, or ERM), can help business users password-protect 
| key documents and files, or assign the ability to open them only to trusted 
| co-workers. But DRM's main purpose seems to be to help the Warner Bros. and 
| Sony Musics of the world keep consumers from sharing movies and music. The 
| entertainment industry claims that almost all blocked sharing is illegal; 
| digital rights watchdogs argue that legitimate consumer uses are also blocked 
| by such technology.         
`----

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9025466&pageNumber=1


Is need for control behind Microsoft's flip-flop?

,----[ Quote ]
| Meanwhile, Gartner analyst Michael Silver took Microsoft to task 
| for its continued restrictions.
| 
| "Microsoft's policies...come off as a way to gouge customers," Silver 
| said in an e-mail, noting that customers are forced to pay for higher 
| priced editions, even though they don't get many of the benefits, like
|  the Aero user interface, which often won't work in a virtual machine.
| 
| Silver argues that Microsoft is likely leaving money on the table. 
| "Allowing use of lower priced (editions) could even be worth more 
| money to Microsoft as it would likely increase the number of people 
| that would legally run a Microsoft OS in a VM (like on a Mac)," 
| Silver wrote. "Eventually they will have no choice but to make their 
| peace with virtualization."
`----

http://news.com.com/8301-10784_3-9733433-7.html?part=rss&subj=news&tag=2547-1_3-0-20


Microsoft's anti-virtualization stance: forget DRM, think Apple

,----[ Quote ]
| Microsoft, I suspect, is terrified of a world in which standard, 
| Joe-Consumer Windows can be virtualized and made to play second fiddle 
| to Mac OS X, or even (say) Ubuntu Linux. No longer does Joe Consumer 
| view the computing world as Windows versus all. Instead it begins to 
| look like Windows versus Windows + alternative OSes.
`----

http://arstechnica.com/news.ars/post/20070624-microsofts-anti-virtualization-stance-forget-drm-think-apple.html
http://tinyurl.com/2e6tpu

Among many more. Some of these go to the time of the initial explanation months
ago). "It's about security", they argue, but they must be referring the
someone's /financial/ security (Hollywood or Microsoft). What happened to
producing a system that the /customer/ chooses and wants? They only build
their systems for themselves, for Media Gods, and for shareholders. Again...
it's all vanity. No choice, so you can get away with anything. Luckily, the
OEMs have begun defecting.

Anyhoo...

-- 
                ~~ Best of wishes

Roy S. Schestowitz      |    "These characters were randomly picked"
http://Schestowitz.com  |  RHAT GNU/Linux   |     PGP-Key: 0x74572E8E
 13:00:01 up 11 days, 18:28,  4 users,  load average: 1.84, 2.15, 2.37
      http://iuron.com - help build a non-profit search engine

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index