You are completely wrong! Allchin is the one that should get praise for trying to do something ABOUT security. Just ask the core security team within Microsoft who was their best executive advocate for security! You seem to assume that Bill Gates didn’t control a lot more than he did.

You don’t even spell his name right.

Well Jon,
You’ve hit the nail squarely on the head.

We were pretty safe on win2k, and then along came XPs wrecking ball.
Although, to be fair, Microsoft did tighten up the security on system services.

But I’ll never get the hatred of XP Home out of my system. Brrrr.

MS are still at it. The “access your desktop” functionality of Live Mesh (ok it’s still in beta) only works if you’re running Vista as an Administrator. If you’re running as a user then it just flat out doesn’t work and the official advice on the Live Mesh help pages is to switch to Administrator.

Given that there’s been discussion on the podcast about retrieving documents from your network over Live Mesh during the recent snows, can I assume that at least some PCs in your office are left running overnight & all weekend, in an Admin profile, whilst connected both to your internal network and the internet?

Many thanks for a really good rant. The comment is also spot on, simply because all of this nonsense was allowed nay, encouraged to happen.

VMware server 1.08 still has an unsigned driver within it for the virtual NICs. If they can’t be bothered then there is something wrong.

Even with signed drivers though my Nvidia SMBus repeatedly crashes my PC, so perhaps not signed enough? There must be distinct circles of privilege within the OS where absolutely nothing writes outside of it’s own circle. If anything attempts to do so then it is caught and refused outright. The vendor must not be allowed to foist rubbish on to people any longer.

Sadly, Microsoft don’t have the courage to do this. Windows 7 is Vista with a new name, the same problems, same hassles, same silliness is all there.

We must have real user account control which is invisible to the user – if they run an EXE then that cannot write to the system account. it can only communicate through set APIs.

Games especially must not be able to write to the system – they must talk to drivers only, and those drivers to the API and the API to the core, so if a game crashes then it crashes. Nothing else is affected.

In all, this won’t happen. Microsoft are too scared and won’t do the necessary. What would be good is one version of Windows 7 and in six months another of windows NG. the one with proper account controls in place.

Windows 7, BTW should cost £85, with a family pack for £120. At that price I would buy it, and upgrade from XP.

From what i’ve read MS issued a patch for Conficker back in October. So the real people who are to blame are the users who haven’t kept their installations updated. Which illustrates my next point, a lot of users just don’t get security. Sure most people understand they should be running an AV package but beyond that they’re blissfully unaware of the dangers until they get bitten that is. Its all very well saying MS should have made XP Home super secure but can you imagine the stick they would of got from all those Win9x users whose applications no longer worked. There would have been endless rants about how evil MS was forcing them to shell out for upgraded versions etc etc. So they were damned if they did, damned if they didn’t. And its not just MS, Apple give the impression the Mac OS is so much more secure, leading many users to be complacent and into thinking that they don’t need to worry about security, that’s a Windows problem. At some point, I reckon that a hacker will decide they are a really soft juicy target and mayhem will ensue.

Jon,
if you still have any sway with *influential* microsoft bods.

Please direct your energy in their direction, as we really need the IT journos to join forces, and get Internet Exploder components removed from the inner workings of the UI and management tools, that’s including the compiled html files.

It’s one small step for man. One giant leap…

But I fear you have burnt some bridges into the Microsoft universe.

oh and lest that sound fantastically arrogant, i am sometimes wrong too. and have fessed up happily in my column. You cant be right 100% of the time.Not even me

The Microsoft locked-down platform is the XBox 360, not Windows anything… if they did a Homeland Security version that worked, they wouldn’t be allowed to export it!

If you have the gumption to sit through the St*rg*te *tl*ntis thread here, you will find someone who believes that because they paid a fee to download a torrent, it must be a legitimate source and their fee has gone back to the content creators. To say that “users don’t understand security” is an understatement of gargantuan proportions: Users barely understand *drive letters* – getting to “security” is pretty unlikely, to say the least. Us Nerds have a hard enough time making ourselves understood when face to face with one person: gettinbg through to an audience of millions, predisposed to consider what we say to be inherently obtuse… well, it should make us a bit less ready to blame them, and as Jon says, a bit more ready to blame the desigers.

The XBOX 360.
Is it really locked down, or just taking advantage of the fact that it isn’t using Intel’s x86 code?

I think it’s latter. Just like OS-X was untouchable before they switched to Intel.

So.. Not taking the bait about IE’s removal?

BTW
Get jon under sedation. He’s starting to sound like a crazee bond villain. (is it the windows lurgy?)

(strokes white cat….) no, mr Windows API, I expect you to DIE…

Hey, its good to have a kickabout argument.

RE: Steve Cassidy’s comments about end-users not understanding security etc, etc.

Shouldn’t PCPro perhaps introduce a *special features* magazine supplement for the n00bs?

OK Steve, point taken.

How to reach n00bs? Definitely an interesting problem for a magazine targeting pros and enthusiasts. (don’t for one second believe I’d like the mag to be dumbed down. Eeeek!)

Perhaps an online section, at least that way you’ll get indexed by the search engines.

The main problem I have with windows is that everything seems to feel the need to plug in to the Windows registry, this is by no means essential to the operation of the application as there are many apps that are completely self contained.

However, too many applications plug themselves in deeply to the OS, if someone can explain to me why photoshop has to be embedded deep in the registry, i’d be grateful of an explanation. Adobe are not the worst offenders of this, but they are very prominent in my mind.

I completely agree with the argument that in 2009 we should not need to be installing AV software as a matter of necessity. On OS X and Linux, it is largely irrelevant despite a couple of viruses making it into the wild. In these cases it actually required the user to install the virus themselves (and anyone who does that should not be let anywhere near a computer).

Windows should have been locked down a long long time ago, as it stands there is too much scope for sloppy code by developers. If the system was locked down and applications were kept modular a la *nix then surely the need for AV software would be massively reduced, and there would be less scope for hackers to “backdoor” into the system.

Sir needs VMWare server and the “snapshot/rollback” feature.

I’m a bit late commenting here- took a while to get the solar powered laptop working.

I was reading Davey Winder’s latest missive on the Conficker worm, PC Pro issue 175, when he suggests several possible payloads. It struck me however, that there may be an alternative payload that has not been considered so far.

Given that one of the properties of Conficker is the ability to open over 16 million simultaneous connections from an infected machine, could the payload be the creation of a hugely massive neural network in order to open the door for the evolution of an A.I. on the Internet?

This begs the question, is a team of people actively working towards this or is the A.I. already there, preparing the way for its next evolutionary leap??

Keep up the good work and please excuse the paranoia.

http://cccp.eecs.umich.edu/papers/jblome-war05.pdf

+

$%&$%&.c

=

?

*laugh*

Found your site on google today and really liked it… I bookmarked it and will be back to check it out some more later…