Microsoft's take on security [Linux vs Windows]

[Ned]

Now don't laugh too much when reading this:

http://www.microsoft.com/windowsserv...ulnerable.mspx

After reading the PDF document, I'm wondering which OS I will still be running next week - NOT!!!

Ned

[imdeemvp]

L...O....L .........

i couldn't help ............

[Ned]

Delusions of grandure spriing to mind

I guess they're worried, with linux attacking their stonghold - the desktop, the best way to defend is to attack linux's strong points, one of them being security.

This really is clutching at straws...

[Ned]

Quote of the Week also has to come from Microsoft.

When talking about the development of Service Pack 2 for WinXP and specifically the MSBlast fiasco last year, taken from this artical

"This time last year was a really exciting time," said Amy Carroll, director of product management in Microsoft's Security Business and Technology Unit. "There wasn't a lot of sleep involved."

Well, I wouldn't exactly call 10 million of your customers computers incapacitated by a security vunerability present in your software as "a really exciting time". I bet "there wasn't a lot of sleep involved" trying to sort out that mess.

[Picomp314]

the thing that bothers me about that article is that they talk about the seperate distros as completely seperate entities
obviously in linux the thing that makes it superior is the cooperation and teamwork even among seperate distros, unlike microsoft a very large percentage of code spans between the distros, therefore quantifying who fixed what security flaw, and for that matter in how much time or the thoroughness of vulnerabilities fixed becomes irrelevant, as it is fixed in one place, the fix spreads quickly among the distros

whoever wrote and/or researched the data used in producing this article apparently had little clue as to the true nature of open source

[imdeemvp]

they are just trying to do so bashing on LINUX.....becasue their OS is complete disaster

in case you guys did not know m$ bill gates makes $2000 every second so he's got to spend his money in some kind of campaing for his os....i just give him credit for helping people with aids which is a good dee.

[ghaefb]

Oh my god... I think I'm gonna throw up

Microsoft: % of flaws fixed: 100%
I can't belive they wrote this.

The sad thing is that a lot of people belive this crap.

[cavedweller]

If you install service crap 2 you will see that they control the security issues by basically eliminating network and internet connectivity.

I trided it on my satilite gateway acually had to reload the system as SC2 wouldn't even allow my sat software to work. So after two more failed attemps I ended up installing 2000 pro. Had no internet for 3 days.

Another thing you will notice is that you can't download anything without first clearing a security pop up bar at the top of IE, and there is even more crap popping up all over. They tell you if your firewalls are off, If automatic updating is off, if you gon't have virus protection...........

I am assumming MS is thinking if you spend all your time clicking on the annoying things popping up like corn, you won't realize the obvious, this is the biggest peace of s**t they have ever come out with.

I can't wait to here what tune they will be singing when the next round of viruses hit. Unless they meant they fixed all the problems in the original release and now they need to fix the 200 that are probably in SC2.

If you have to run an MS product as we do for our satallite(which by the way that is all it does. Controlled by VNC, doesn't even have a monitor hooked up to it.) Use one of the older verions like 2000 or 98 sec. edit. I figure that they are less likely to have MS patch another security hole into them anyways.

[Prometheus]

he he he, SP2 would have a field day detecting all the "errors." I turned EVERYTHING off. this site, it basically what you can turn off in XP, and i turned like everything off. SP2 is gonna have a milliion errors with my system. Oh well, all the more reason to use Fedora.

[imdeemvp]

Not only that when you do the so call HOT FIX's you end up getting software conflict....that is what i heard from the MSCE's at work......

Mentally Challange Slaves of the Empire.......that's what i call them at work and they just laugh

[Ned]

Debian, Mandrakesoft, Red Hat and SUSE have responded to this report:

http://lxer.com/module/newswire/view/9986/index.html

There is also a page on slashdot discussing the original artilce

http://slashdot.org/articles/04/04/0...id=163&tid=172

Ned

[zjimward]

Okay, if they really are so great at fixing 100% of their security bugs. When will they get around to fixing the 65,000 other bugs which exist in Windows. Oh wait, they're just going to release Longhorn and introduce all new sets of bugs.

[carlwill]

Quote:

Originally Posted by Microsoft

Relative Severity: Windows has the fewest vulnerabilities and the fewest "high severity" vulnerabilities of any platform measured..

That was just amazing

[kosmosik]

I personaly have nothing against MS products. but I dislike way they treat customers... few years ago here in Poland we have a pilotage program introducing new internet access service. it was a simple dumb modem on SDSL line. nothing fancy. as it was introduced in early 2000 I was a customer of this service... imagine Windows XP and 2K have a serious flaw in serial port stack. the flaw caused hard crashes (repeating like every 15 min. - !) when you plug that simple dumb modem device to Windows box. software has flaws and I am OK with this. I am just not OK with the fact that fixing that flaw took them 2,5 year!! I bought the goddamn system from them for quite a lot money and it was unstable for 2,5 year - jus guess that Linux worked good in the same setup. and this internet access was only option aviable for me (as we have little ISP monopoly here) excluding dialup...

this is a KB article about this issue:
http://support.microsoft.com/?kbid=319810

as I've said - service was introduced in early 2000 (so was Windows 2K and little later XP) and the flaw was fixed 2,5 year later (Release Date: June 1, 2002)... and that is because MS don't give a **** about few home users using this service (all they care is big commercial contracts like govs and companies, they don't realy earn so much on home users due to piracy) and fixing it... I bet it was like very easy to fix, and it would been fixed within hours if it was issue in Open Source software...

[kosmosik]

and a word about security. one thing that these guys are missing that no system has security build in and security isn't about any new funky uber-secure gizmo software/hardware... it is about competent, experienced staff and educated users...