 
shawnbttu
join:2002-02-20
Arlington, TX
| omg quote:
the company admitted sending a copy of the Nimda worm to South Korean developers when it distributed Korean-language versions of Visual Studio .Net
lol..that is the single most hilarious thing of all. Microsoft with its billions of dollars and zombie like employees couldnt release a software without a worm in it? wait..isnt that what they always do anyway? 
--
Washington Post: A couple who was celebrating their 90th wedding anniversary died of shock today at the beginning of a surprise party. | |
| 
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
 ·AT&T Midwest
 ·Site5.com
 ·Comcast
| Before the *nix and mac users come out... As a network manager, I have to admit I am fed up with the holes that are discovered in Microsoft products. I run the automatic update in Windows XP and it seems there is a new patch every 2 weeks or so. Ballmer says Microsoft is going to work more on security, and I see a lot of improvements.
Patches are coming out quicker than in the past. When Windows 95 was released, trying to get patches was a pain in the ass. Microsoft drug their feet and released patches in a very untimely matter. After Windows 98 was released, Microsoft was a lot better. Today they are still improving, but just like any system it could be better than it is.
Now, before all the *nix and mac users come out to gloat, lets make something very clear here. Hackers are constantly looking at all kinds of systems. Obviously, the most used product is going to be the most examined. Most of these hackers want to find something that is going to make life miserable for the most amount of people in the quickest amount of time. Same thing with people who create viruses. They don't want to make a virus that is only going to affect one to five percent of the PC's out there. They want something that is going to spread quickly resulting in the "Look what I did!" syndrome (otherwise known as ego boost). Therefore, all Microsoft products are a viable target. Windows 9x, 2000, and XP are the software products on about 95% of the PCs right now.
It is no wonder you hear about all these exploits and potential problems. The media releases the news and people complain that Microsoft "should have seen it coming" and "should have had a patch out for it" already. Windows XP has millions of lines of code. The code is being written by humans. Therefore, you can expect mistakes, potential holes, and problems. There are holes lying dormant in ALL SOFTWARE, not just Microsoft products. This is where I believe Microsoft can improve. From the time a bug is found and they are notified, they should have their engineers working on it and have it finished within 1-3 days instead of the week or two it takes now. That would put them down in my book as "improving".
As I said above though, things are getting better but there is still improvement to be made.
--
Nightfall - »www.nightfall.net | |
|  | 
KoolMoe
Aw Man
Premium
join:2001-02-14
Annapolis, MD
clubs:
 ·Verizon FIOS
·Speakeasy
| Re: Before the *nix and mac users come out... IMO, it comes down to making more of an effort to release stable code before the desire to 'make money'. Of course, that's the company's overall goal, right? To make money! How could it not be when you're public in this society?
BUT it still needs to be tempered. If nothing else, perhaps this 'commitment to security' will give them a break when they keep pushing back release dates for their software. OR maybe they'll build an extra month or so for specific 'hole tests' into the schedule next time round...
Windows 98 was released with HOW many bugs? 23,000? And how many of these recent exploits are due to buffer overflows? Ya think they'd start being a little more focused on such holes at some point.
I agree overall, that MS is a huge target, but they're not blameless. Sloppy code is sloppy code.
KM
--
"The FCC has put in place a policy where crime, in fact, does pay. It's a good business plan." -Rep. Edward J. Markey | |
| | |
Nightfall
My Goal Is To Deny Yours
Premium,MVM
join:2001-08-03
Grand Rapids, MI
·AT&T Midwest
·Site5.com
·Comcast
| Re: Before the *nix and mac users come out... Ok, lets examine this.
Windows 95 was created half assed, I will agree to that. However, lets look at Windows 98. Win98 was released to 200,000 beta testers. Win2k was released to over a million. You give all these copies away and many people install the OS and report the bugs. However, what happens when it is released to 20x more people? You think all bugs are going to be found in a beta test? How many beta tests are needed?
I guess my question to you is, do you believe there is any software out there today that doesn't have holes or exploits in it? I can't think of a single one. Don't get me wrong here, I am not saying Microsoft should just release a product carelessly. What I am saying is you can beta test all you want, and with the hundreds of thousands of different hardware combinations you are still going to run into problems. That still doesn't count in the hacker and cracker community who constantly look for exploits and such.
Sorry, I don't buy the whole sloppy code arguement. Any popular OS would be nailed with similar problems...which is why you have patches.
--
Nightfall - »www.nightfall.net | |
| | 
SAM Hunter$
join:2001-05-11
USA
| said by Nightfall:
Ballmer says Microsoft is going to work more on security, and I see a lot of improvements.
Excellent post by every standard! Well done!
I just quoted the first part of your post to make sure we are on the same page. I take it you mean that includes a much more diligent and responsible effort and attitude by Microsoft in writing the code for their products? That would cover not only security issues but other bugs or glitches as well. Nobody is perfect but Microsoft should do a better job of trying to achieve it! | |
| | | | | 
jfcjrus
Premium
join:2001-12-09
New England
| Are they serious about this, or not... Several weeks (months) ago, there was a announcement by MS that 'security' was on the front burner. They seemed to acknowledge that some of their products had 'security' holes that they were going to fix, PRONTO!
I submit;
Saying they're going to do it is a whole lot different than ACTUALLY doing it.
Yea, we're getting snippit patches, but, are they addressing the total security issue?
I think that they're just doing enough to blunt the major issues (as they become evident), rather than make an effort to configure the product from a 'security' perspective.
(eg: take OUT all the add-on's that "make it internet friendly", but compromise security).
I really don't think they (MS), yet understands what us users are referring to when we talk about 'security'.
[Perhaps; we'll do the add-ons, if we desire - not you!]
Just a thought.
edit: spelling correction
[text was edited by author 2002-06-27 17:42:49] | |
| | 
SRFireside
join:2001-01-19
Houston, TX
| Re: Are they serious about this, or not... I read ya. I think there is something fundamentally wrong with the code to begin with. I'm not a developer or a systems administrator, but I have heard from a few of them that say many MS programs seem to be intentionally written to be easily exploitable. I'm not going to say that's part of some evil master plan of Bill Gates to take over our systems. It could just be the way MS keeps their software open for more features or whatever. Either way it's pretty obvious there is something not write with that way programming. I mean if a boat had to be patched this many times for holes nobody would even think about keeping the boat. MS needs to rethink Windows, IIS, Outlook, Office and just about every other piece of software they made.
--
Love Science Fiction? www.spacestationzoom.com | |
| | | MessianicJew
join:2002-05-06
Saint Louis, MO
| Re: Are they serious about this, or not... I don't know if this is true or not, but I had someone tell me once that most (all?) security holes in MS products were put there intentionally by the developers. I guess they don't get called to task on it.
I can understand leaving a hook into something for future features that might be added in with a service pack, though you'd be better off just adding that in initially and pushing the release date back. (Can't do that, though, can we?)
Sure, they've got whole hoards of people who work on any one application. Even if only half of them put in a small hole, that adds up fast (what's half of a hoard, anyways?). And if any of those holes compound each other, suddenly you've got a huge mess. Which, it seems, is exactly what we have. | |
| 
Blizzard0
join:2000-06-27
Beverly Hills, CA
| When your the top dog When your #1 they gun for you its strictly that they are #1 and are gonna come for you the 2 weeks gives them time to test it and see if they didnt open a bigger can of worms keep up the good work MS hope ya keep it up and maybe speed it up. 
--
I too was a attbi hater but now with this new service my connection is to slow to complain ... | |
| | Klins
join:2001-07-09
Ellensburg, WA
| Re: When your the top dog Seems to me that there will always be security holes that need to be filled. And Microsoft has set up a pretty easy way to get patches and they seem pretty responsive to the security issues that do (inevitably) pop up.
These 'experts' that are 'fed up' with these security holes are in la-la land! It's unrealistic to think you can build a perfect anything! Settle down and settle in. If total security is what you're after, then stay off the Internet. | |
| | | 
sporkme
drop the crantini and move it, sister
Premium,MVM
join:2000-07-01
Morristown, NJ
·Optimum Online
| Re: When your the top dog said by Klins:
Settle down and settle in. If total security is what you're after, then stay off the Internet.
And if you want at least marginal security, don't run Microsoft products. No one's looking for perfection, but MS is not going in the right direction. | |
| koveman
join:2002-01-23
Phoenix, AZ
| Unrealistic It may be unrealistic to expect a software product to be perfect upon initial release. What I find unbelievable is the quantity and severity of holes in MS software. Remember IIS 4? This was (and still is) the Swiss cheese of internet servers. How could a company like MS produce something so unstable, unreliable, unsecurable, well un-everything. Maybe they should get together with 7-up for a new ad.
Microsoft "The Un-Software" | |
| | ReadyForDSL
join:2000-12-18
Oak Harbor, WA
| Re: Unrealistic I think basically that Microsoft releases things before they are ready to be released and then patches it till it's ready hehe. This is a shame only when you look at the receipt for hundreds of dollars that you paid for the software. I dunno... most people haven't tried anything different so I suppose it will have to do, huh?
--
Ever wonder why you never seemouse-flavored cat food??? | |
| 
mattman
join:1999-10-25
Lafayette Hill, PA | So I downloaded the Patch for WMP... And what does it do after I install it. Right away it shuts down and restarts my computer. It didn't even notify me or ask me if I wanted to do it, what a bunch of shit! | |
| | | | |
mattman
join:1999-10-25
Lafayette Hill, PA | Re: So I downloaded the Patch for WMP... What os? I'm on 2k. | |
| | 
rangerlg9
join:2000-11-20
Houston, TX | Using XP Pro here on three machines. No restart here. | |
| |
SAM Hunter$
join:2001-05-11
USA
| said by mattman:
And what does it do after I install it. Right away it shuts down and restarts my computer. It didn't even notify me or ask me if I wanted to do it, what a bunch of shit!
Strange. I've downloaded what seems like a thousand updates and patches and I've always gotten after the download the MS window that essentially that says in order for the changes to take effect requires to you restart your computer. It then gives you a choice of clicking on restart or cancel and allowing you to continue on without rebooting which you can do later at your convenience.
I don't doubt your word, I've just never heard of what you described. Weird huh? | |
| 
RiceSan
join:2002-01-15
111 |  not me
| |
| | | |
|
|
