dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4530
share rss forum feed


Insight6

join:2012-08-25
reply to Mike

Re: [rant] Dont they get it - its not just the hardware

said by Mike:

You have to give MS some credit, they're slowly getting better.

Yes, the cure for cancer rate is improving a bit each year too and it is a good analogy to the claim MS is slowly getting better. MS being on par with Apple will occur likely about the same time a total cure for cancer will be found.

In the meantime poor cancer sufferers will continue their brave painful battle as will MS users.

Go the DSLR Security Forum. Its name is in a way sort of a joke. They could change the name to MS problems and not have to change many posts. The number or percentage of OS X security posts that comprise the very heavily posted and used forum?


Mike
Premium,Mod
join:2000-09-17
Pittsburgh, PA
kudos:1

I'm well aware at how shitty windows is.



JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to scross

said by scross:

The day that Microsoft releases an OS that doesn't NEED a constant stream of zero-day patches and such, for example, then maybe we can START to talk. Until then, no!

Well, by that definition, we can start to talk. Constant stream zero-day patches? Nope. Same stream as all other OSes, yep.
--
My place : »www.schettino.us

scross

join:2002-09-13
Cordova, TN

said by JohnInSJ:

Well, by that definition, we can start to talk. Constant stream zero-day patches? Nope. Same stream as all other OSes, yep.

Well, having worked with quite a few operating systems in my time (I've been in the IT business for over 30 years now), Windows is the only one so far that NEEDS a constant stream (monthly, biweekly, out-of-band, or whatever) of zero-day exploit and similar patches. Other operating systems might have produced a steady stream of bug fixes, enhancements, feature-adds, and so on, that's true, but you might generally only get around to installing those quarterly or even annually or maybe whenever you had a specific need. And very (VERY) few of these were anything like urgent security-related patches, simply because these systems generally didn't ship from the factory in piss-poor condition, and had fundamentally good security built-in from the ground up.

If you have never worked with an OS of such high quality, then I feel sorry for you - I really do!

scross

join:2002-09-13
Cordova, TN
reply to Thaler

said by Thaler:

So, since no software manufacturer could produce an OS to run on 90% of computers without zero-day patches...you'll never begin talking? I don't get it.

You don't "get" it, do you?

First off, your statement about 90% of computers isn't true. Windows may run on 90% of "PCs" today (down from close to 100% at one time, I might add), but PCs are all a variation on a theme of one specific computer platform - created by IBM in the 1980s and most recently driven by Microsoft reference designs starting in the late 1990s. The fact that so many people these days automatically equate "computer" with "PC" is just sad, because at any given moment you are literally surrounded by computers of various types, relatively few of which are PCs. The typical modern automobile, for example, is supposed to have up to 11 computers in it, none of which (thank God) usually run Windows or anything else from Microsoft!


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to dellsweig

said by scross:

said by JohnInSJ:

Well, by that definition, we can start to talk. Constant stream zero-day patches? Nope. Same stream as all other OSes, yep.

Well, having worked with quite a few operating systems in my time (I've been in the IT business for over 30 years now), Windows is the only one so far that NEEDS a constant stream (monthly, biweekly, out-of-band, or whatever) of zero-day exploit and similar patches.

Sigh... the old "having worked in IT for 30 years" story. Hey, me too. On OSes from Unix (you know, the real live Unix) to CP/M-80, and just about everything in-between. I have a masters degree in computer science, too. Do I get a cookie?

If you insist on holding to this bogus line of reasoning, then indeed I leave you in the capable hands of Apple. Enjoy.
--
My place : »www.schettino.us

scross

join:2002-09-13
Cordova, TN
reply to Thaler

said by Thaler:

Microsoft's Windows persistent desktop/laptop presence hasn't really changed much over the last few years. I don't know where you're getting this read of a mass exodus of users from the Windows camp, but actual numbers seem to really disagree with this statement.

I'm not talking as much about a mass exodus as I am about a change of platform.

scross

join:2002-09-13
Cordova, TN
reply to JohnInSJ

said by JohnInSJ:

Sigh... the old "having worked in IT for 30 years" story. Hey, me too. On OSes from Unix (you know, the real live Unix) to CP/M-80, and just about everything in-between. I have a masters degree in computer science, too. Do I get a cookie?

If you insist on holding to this bogus line of reasoning, then indeed I leave you in the capable hands of Apple. Enjoy.

I'm sure you have! But not only have I worked with everything from CP/M and DOS to several versions of "real live Unix", but I've also worked with platforms that blew Unix and Windows out of the water, and that were "beyond the state of the art" when they first came out ages ago - and still are in many respects. It's unfortunate that you have never had that privilege yourself.

And I never said I was going to Apple, now did I? I said that others in my family had or at least wanted to, and that I was even considering it myself, but it probably wouldn't be my first choice. Not because it's not a good choice, but because I don't necessarily want to get pigeon-holed into a single platform, like the general PC world has been.

Badonkadonk
Premium
join:2000-12-17
Naperville, IL
kudos:5

I think IT has passed you by. Your words indicate that you're too old to understand what is going on and why.



Insight6

join:2012-08-25

said by Badonkadonk:

I think IT has passed you by. Your words indicate that you're too old to understand what is going on and why.

Your response is rude, obnoxious, and an unprovoked personal insult or attack on a fellow member. It has no basis in reality.

All though I may not agree with all of the points scross makes or have his level of technical expertise, education, and skill I don't have to in order to reach the conclusion that he is polite, responsive and posts on topic and in good-faith.

You on the other hand "talk," write and reason as a stereotypical abrasive attorney.


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to scross

said by scross:

I'm sure you have! But not only have I worked with everything from CP/M and DOS to several versions of "real live Unix", but I've also worked with platforms that blew Unix and Windows out of the water, and that were "beyond the state of the art" when they first came out ages ago - and still are in many respects. It's unfortunate that you have never had that privilege yourself.

Please name one of these platforms.
--
My place : »www.schettino.us


Thaler
Premium
join:2004-02-02
Los Angeles, CA
kudos:3

Etch A Sketch.



skeechan
Ai Otsukaholic
Premium
join:2012-01-26
AA169|170
kudos:2
reply to JohnInSJ

OS-9 for the 6809 Still around after 30+ years. /thread


scross

join:2002-09-13
Cordova, TN
reply to JohnInSJ

said by JohnInSJ:

Please name one of these platforms.

The IBM midrange and mainframe platforms are still around and still going strong, in spite of what Microsoft might have you believe; I have a long history with what used to be called the iSeries myself, and it is probably the finest platform that I have ever worked on and will ever work on, despite it being a bit long-in-the-tooth now, at least according to some people. Their AIX platforms are still around, too, although they have consolidated a lot of this stuff on POWER hardware these days, so sometimes it's hard to tell what's what. Before I worked on AIX I worked with AT&T's UNIX System V, running on their 3B2 platform at the time, but that's been ages ago now. Somewhere around here I still have a book with a bootleg copy of the early UNIX source code in it, and I have a former colleague who used to work at Bell Labs itself, for the guys who invented the C language.

DEC is still around in some fashion, too, although I don't know what name it goes under now. There's a lot of supercomputer stuff out there that used to run under Unix but now runs under Linux, although the trend these days is to gang a bunch of high-end graphics cards together and call that a supercomputer, probably running Linux.

At any given moment you are literally surrounded with embedded computer hardware that you may not even realize exists. My MIL has an early HDTV that runs Linux. My newer HDTVs probably do, too, but I've never looked into it. I know my set-top boxes run WinCE, which no doubt explains some of their flakiness, but I expect that I would find my routers run Linux if I dug into it; I know some of my now retired ones did, plus I had a high-end one at one time which ran Cisco's IOS. Most of the rest of the embedded stuff runs some appropriate embedded OS, none of which is related to Windows. Heck, even the Z80 platform, which dates back to the 1970s, is still around and still going strong in the embedded world.

PC-centric people generally don't have a clue about any of this stuff, so it's always amusing to try to discuss it with them. Their world seems to begin and end with whatever Microsoft tells them, and I always find it hard to hold my tongue when they start going on about how great Microsoft is and how ubiquitous it is.


Thaler
Premium
join:2004-02-02
Los Angeles, CA
kudos:3

1 recommendation

Alright...and so, how many of these embedded computer systems have to worry about an ever-changing internet presence threatening to compromise their security? Even if my in-dash car GPS had an exploit...how exactly would it ever get exploited?

Long story short, these systems could very well have similar security loopholes as Windows (or Mac, Linux, iOS, Android, pick your internet-connected flavor) but no accessible means for an attacker to even attempt to compromise them.



RiseAbove
Premium
join:2004-01-30
reply to Count Zero

said by Count Zero:

It's all preference. I find every version of android to be buggy and to feel as if it were a poorly done rip of of iOS. Its customizability is nice but if all the software is glitchy what is the point.

I'm sorry but until you have used 4.1.1 on a Galaxy Nexus phone you have ZERO room to talk. That OS is probably one of the best overall at this point in the mobile workspace. The improvements Google have added and the new functionality destroy iOS in all aspects. iOS has become boring and stale and outdated, just like RIM ran into with their OS on their Blackberry's.

I test, use, and manage phones in a large corporate environment daily, I use all types of android and Apple devices non stop so I consider myself to be always on the ball when it comes to what is going on the mobile side and pure Nexus devices running 4.1.1 right now are amazing weapons to use. Windows Mobile is also doing some really interesting things as well but pure Android 4.1.1 has a brillant notification system, its quick and smooth.

I have used the 5 since it came out to see if I could get interested in iOS again and so far I'm bored again. It's not inspiring like it once was, it's not growing or maturing, it's just sitting and aging. Apple needs to step it up and make iOS 7 a complete redesign.

scross

join:2002-09-13
Cordova, TN
reply to Thaler

I never claimed that embedded systems were particularly secure (not to the level of the other systems that I mentioned, anyway), I was only pointing out that they are numerous and ubiquitous - and in some ways, at least, still superior to Windows (in the way they manage resources, for example, which may be very limited) even if they are of an ancient pedigree. But to answer your question, many of these embedded systems are now connecting to the internet, too, and many are now leveraging wireless communications, both of which open them up to modes of attack that they didn't have to concern themselves with before. So they've had to go back and wrap themselves in layers of security which they haven't had before, but which many other computer systems have had from day one.

You might find this interesting reading, for example: »Dude Your Car is PWND !


Badonkadonk
Premium
join:2000-12-17
Naperville, IL
kudos:5
Reviews:
·Dish Network

1 edit
reply to Insight6

said by Insight6:

said by Badonkadonk:

I think IT has passed you by. Your words indicate that you're too old to understand what is going on and why.

Your response is rude, obnoxious, and an unprovoked personal insult or attack on a fellow member. It has no basis in reality.

All though I may not agree with all of the points scross makes or have his level of technical expertise, education, and skill I don't have to in order to reach the conclusion that he is polite, responsive and posts on topic and in good-faith.

You on the other hand "talk," write and reason as a stereotypical abrasive attorney.

What? The old semi-joke is that a parent needs to ask their kid for answers if a computer question comes up. At some point the younger and next generation (especially in fast moving technology) know more than the older generation. Especially if the older generation has constantly been training to keep up with technology.

Actually, I think your response is rude and obnoxious. I have over 30 years of experience with computers and got me EE back in '87, so I know exactly what I'm talking about when I say that times may have passed him by. It happens all the time.

--
"That wasn’t a debate so much as Mitt Romney just took Obama for a cross country drive strapped to the roof of his car." - Mark Hemingway, The Weekly Standard.

Badonkadonk
Premium
join:2000-12-17
Naperville, IL
kudos:5
Reviews:
·Dish Network
reply to Thaler

said by Thaler:

Alright...and so, how many of these embedded computer systems have to worry about an ever-changing internet presence threatening to compromise their security? Even if my in-dash car GPS had an exploit...how exactly would it ever get exploited?

Long story short, these systems could very well have similar security loopholes as Windows (or Mac, Linux, iOS, Android, pick your internet-connected flavor) but no accessible means for an attacker to even attempt to compromise them.

And that is the exact crux of the argument encapsulated in two succinct paragraphs.
--
"That wasn’t a debate so much as Mitt Romney just took Obama for a cross country drive strapped to the roof of his car." - Mark Hemingway, The Weekly Standard.


Darkfairy
Aeolus, your daughter flies.
Premium
join:2003-03-17
Tampa, FL
reply to RiseAbove

I myself have switched to a Galaxy Nexus with JB. It's smooth, fast, functional. Quite possibly the best mobile OS I've ever used, as I type this very message on an iPad 3 w/ iOS 6. For now I am an Android customer.
--
Fairy Blessings,
Stefanie


scross

join:2002-09-13
Cordova, TN
reply to Badonkadonk

said by Badonkadonk:

What? The old semi-joke is that a parent needs to ask their kid for answers if a computer question comes up. At some point the younger and next generation (especially in fast moving technology) know more than the older generation. Especially if the older generation has constantly been training to keep up with technology.

Actually, I think your response is rude and obnoxious. I have over 30 years of experience with computers and got me EE back in '87, so I know exactly what I'm talking about when I say that times may have passed him by. It happens all the time.

Just so you know, my very computer literate teenager asks me computer questions all the time - although she will on occasion surprise and delight me by having done considerable research and footwork on her own first. Lately she's been asking me a big one, too - "Daddy, when can I get a Mac like mom has?" But most of her questions center around "What the heck is wrong with this Windows computer anyway?", and this just gets exhausting after a while. A quick perusal of the event logs suggest problems with the registry (another fine Microsoft "innovation", that was), specifically the extended locking of same, but she won't let me have access to the machine long enough to really dig into it. Instead she just curses under her breath and reboots (or tries to), which is something of a way of life for Windows users, including myself.

Just so you know, she was initially delighted with Win7, which came installed on a new laptop that we bought for her. "Great", I thought, "maybe they've actually made some real improvements there!" Her happiness lasted about two weeks - or up to about the time I started having to put patches on it.


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to scross

said by scross:

said by JohnInSJ:

Please name one of these platforms.

The IBM midrange and mainframe platforms are still around and still going strong, in spite of what Microsoft might have you believe; I have a long history with what used to be called the iSeries myself, and it is probably the finest platform that I have ever worked on and will ever work on, despite it being a bit long-in-the-tooth now, at least according to some people. Their AIX platforms are still around, too, although they have consolidated a lot of this stuff on POWER hardware these days, so sometimes it's hard to tell what's what. Before I worked on AIX I worked with AT&T's UNIX System V, running on their 3B2 platform at the time, but that's been ages ago now. Somewhere around here I still have a book with a bootleg copy of the early UNIX source code in it, and I have a former colleague who used to work at Bell Labs itself, for the guys who invented the C language.

Oh, ok, I have ancient systems experiences too. AIX would just be Unix. Heck, HP's MPE on the HP 3000 minicomputer was awesome back when disk drives were the size of washing machines. Without a doubt, any platform that only had to defend against local attack would indeed be far more stable. I grew up on mainfraimes & mini computers in the late 70s/early 80s too, and those things are a far cry from anything intended to be a general purpose computer on the Internet run by a home user. Ditto with embedded - most of which are going linux these days, but of course there are may other embedded OSes, of which I developed on three. The last being VxWorks, which was used on a line of HP cameras that I did some firmware work on.

You really can't compare these types of systems (either that predate the modern connected world, or are firmware based and not fungible) to a modern always connected OS running untrusted applications by untrained users who have root/admin privileges. You can harden a system, but the weak link is always at the keyboard
--
My place : »www.schettino.us

scross

join:2002-09-13
Cordova, TN

said by JohnInSJ:

Oh, ok, I have ancient systems experiences too. AIX would just be Unix. Heck, HP's MPE on the HP 3000 minicomputer was awesome back when disk drives were the size of washing machines. Without a doubt, any platform that only had to defend against local attack would indeed be far more stable. I grew up on mainfraimes & mini computers in the late 70s/early 80s too, and those things are a far cry from anything intended to be a general purpose computer on the Internet run by a home user. Ditto with embedded - most of which are going linux these days, but of course there are may other embedded OSes, of which I developed on three. The last being VxWorks, which was used on a line of HP cameras that I did some firmware work on.

You really can't compare these types of systems (either that predate the modern connected world, or are firmware based and not fungible) to a modern always connected OS running untrusted applications by untrained users who have root/admin privileges. You can harden a system, but the weak link is always at the keyboard

But indeed, no matter how old the pedigree of these systems (and they're not standing still by a long shot, but are constantly being updated in order to stay modern), all of them (including the embedded ones) are now routinely being connected to the internet - and you might recall that the internet was actually invented on some of these machines, so these predate any other internet connectivity. Yet these systems appear to have far smaller attack surfaces than anything that Microsoft produces, even if they didn't start off as hardened as they needed to be.

And before you go any further down the "you just can't compare them" road, remember that it is Microsoft that comes in and lies and says that their systems are just as good if not better than other enterprise-class systems, which is clearly not the case. And when push comes to shove, very often the only way they can get the business is by massively undercutting the initial cost of their presumed "competitors". This has become something of a running joke in the industry - Microsoft can't compete on quality so they have to compete on price - and indeed one of the easiest ways to squeeze a ton of bucks out of them is to let them know that you just aren't really that interested in their products.

The whole "end user problem" is one reason why things are today trending back to a more centralized model (browser-based, quite often), where those people who are better trained in security matters and who are more responsible than the typical end user can keep better control over things. Theoretically, that is - I'm not sure that I trust many of the folks these days who claim to be well-versed in these areas.

Badonkadonk
Premium
join:2000-12-17
Naperville, IL
kudos:5
Reviews:
·Dish Network
reply to scross

said by scross:

said by Badonkadonk:

What? The old semi-joke is that a parent needs to ask their kid for answers if a computer question comes up. At some point the younger and next generation (especially in fast moving technology) know more than the older generation. Especially if the older generation has constantly been training to keep up with technology.

Actually, I think your response is rude and obnoxious. I have over 30 years of experience with computers and got me EE back in '87, so I know exactly what I'm talking about when I say that times may have passed him by. It happens all the time.

Just so you know, my very computer literate teenager asks me computer questions all the time - although she will on occasion surprise and delight me by having done considerable research and footwork on her own first. Lately she's been asking me a big one, too - "Daddy, when can I get a Mac like mom has?" But most of her questions center around "What the heck is wrong with this Windows computer anyway?", and this just gets exhausting after a while. A quick perusal of the event logs suggest problems with the registry (another fine Microsoft "innovation", that was), specifically the extended locking of same, but she won't let me have access to the machine long enough to really dig into it. Instead she just curses under her breath and reboots (or tries to), which is something of a way of life for Windows users, including myself.

Just so you know, she was initially delighted with Win7, which came installed on a new laptop that we bought for her. "Great", I thought, "maybe they've actually made some real improvements there!" Her happiness lasted about two weeks - or up to about the time I started having to put patches on it.

Interesting. I have three kids ranging from 16 to 10 and all three of them have no problems with Windows 7. I draw my own conclusions from this . . .
--
"That wasn’t a debate so much as Mitt Romney just took Obama for a cross country drive strapped to the roof of his car." - Mark Hemingway, The Weekly Standard.

Badonkadonk
Premium
join:2000-12-17
Naperville, IL
kudos:5
Reviews:
·Dish Network
reply to scross

said by scross:

it is Microsoft that comes in and lies

This says it all. You're one of "those", so there really isn't any reasonable conversation that can be held with you.
--
"That wasn’t a debate so much as Mitt Romney just took Obama for a cross country drive strapped to the roof of his car." - Mark Hemingway, The Weekly Standard.

scross

join:2002-09-13
Cordova, TN
reply to Badonkadonk

said by Badonkadonk:

Interesting. I have three kids ranging from 16 to 10 and all three of them have no problems with Windows 7. I draw my own conclusions from this . . .

She (like me) really pushes the envelope sometimes, doing multiple things at once and sometimes switching rapidly between them, and she expects her computer to keep up with her - only it doesn't, much of the time. If your kids don't do this, well ... they are your kids, after all, so I don't know what I'd expect from them. You can draw your own conclusions from that, too.

Remember the good old days, working with those "ancient" systems, which had limited processing power and limited memory and so on, but they were still so stable and reliable and almost never rolled over on you? And today we have super-fast quad-core processors and such, with gigabytes of memory, yet I generally don't see anywhere near the stability and reliability that I saw back then. It is Windows which robs you of most of those advantages.

scross

join:2002-09-13
Cordova, TN
reply to Badonkadonk

said by Badonkadonk:

said by scross:

it is Microsoft that comes in and lies

This says it all. You're one of "those", so there really isn't any reasonable conversation that can be held with you.

I base this on first-hand experience, my friend. One of the companies I used to work for sued Microsoft over this and won. Then the CIO left for another job and his replacement eventually tried to buddy up to Microsoft again after they made him some new empty promises, despite being warned against it. He eventually got fired for this, but not before wasting a ton of the company's money.

And so it goes ...

Badonkadonk
Premium
join:2000-12-17
Naperville, IL
kudos:5
Reviews:
·Dish Network
reply to scross

said by scross:

said by Badonkadonk:

Interesting. I have three kids ranging from 16 to 10 and all three of them have no problems with Windows 7. I draw my own conclusions from this . . .

She (like me) really pushes the envelope sometimes, doing multiple things at once and sometimes switching rapidly between them, and she expects her computer to keep up with her - only it doesn't, much of the time. If your kids don't do this, well ... they are your kids, after all, so I don't know what I'd expect from them. You can draw your own conclusions from that, too.

Remember the good old days, working with those "ancient" systems, which had limited processing power and limited memory and so on, but they were still so stable and reliable and almost never rolled over on you? And today we have super-fast quad-core processors and such, with gigabytes of memory, yet I generally don't see anywhere near the stability and reliability that I saw back then. It is Windows which robs you of most of those advantages.

Maybe you need to work with her some more or get some additional training yourself. After all . . . she is your child.

Your anti-MS bias is so strong that you don't probably really understand the underlying issues. See, I did x86 chip design at the gate level, PC design at the motherboard level and software/firmware design. I understand how these things work. I don't blindly hate MS.
said by scross:

said by Badonkadonk:

said by scross:

it is Microsoft that comes in and lies

This says it all. You're one of "those", so there really isn't any reasonable conversation that can be held with you.

I base this on first-hand experience, my friend. One of the companies I used to work for sued Microsoft over this and won. Then the CIO left for another job and his replacement eventually tried to buddy up to Microsoft again after they made him some new empty promises, despite being warned against it. He eventually got fired for this, but not before wasting a ton of the company's money.

And so it goes ...

Case number and/or name?
--
"That wasn’t a debate so much as Mitt Romney just took Obama for a cross country drive strapped to the roof of his car." - Mark Hemingway, The Weekly Standard.


Count Zero
Obama-Biden 2012
Premium
join:2007-01-18
Winston Salem, NC
reply to RiseAbove

What would you change so drastically in iOS? The ONLY thing I could see myself adding that Android has is widgets on the desktop. Other than that I can't say I find any missing features. I like the notification center in iOS just fine. I might add some quick gestures to turn on/off wifi, bluetooth, Do Not Disturb - but again that's about all I can think off off the top of my head.


scross

join:2002-09-13
Cordova, TN

4 edits
reply to Badonkadonk

said by Badonkadonk:

Case number and/or name?

Dunno, that's probably been 10 or 15 years ago now, at least, and they may have settled out of court. I wasn't directly involved with it so I don't know all of the details, and what details I learned about it I heard second-hand, well after the fact. I do recall that part of it revolved around Microsoft trying to claim ownership of company code that they themselves didn't write, where the company had to step in and write code because the Microsoft products weren't up to snuff. Microsoft taking some company employees away with them may have played a role, too, but I don't really remember. I do know that Microsoft and those ex-employees were not highly thought of when I first got there, and it wasn't until we got a new CIO later (a PC guy who knew nothing else about computers - certainly nothing about the core systems we ran at the time) and several years went by before all of a sudden he wanted us to put Microsoft products everywhere (not that we didn't have enough already). He had made several expensive fumbles in the interim, and this was one of the last straws that broke the camel's back.