Announcement

Collapse
No announcement yet.

Microsoft, applications vs behavior - split from another topic

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #16
    Microsoft, applications vs behavior

    Originally posted by GreyGeek
    For the most part the problem isn't "people", it is Microsoft's policy regarding announcements of security holes in their software. Microsoft has bludgeoned security workers into silence, on pain of a lawsuit, if they publicize any security holes they discover. Microsoft sits on this information for days, months, weeks, years and sometimes forever. It's only when they finally fix a security hole, in their own good time and, apparently, to the least harm of their income stream, that they announce both the hole and the patch on the same day. Then they have the hubris to claim zero-day patches.
    As someone who works in IT (I build servers, mostly virtual these days) I don't think that's true. MS have vulnerability labs reporting to them all the time and sure, they don't tend to report a security hole until they have a fix but I'm not sure they should have to ... seems to me this is almost a closed source vs open source argument (your later comments confirm that) and personally I think both systems have merits.

    Ultimately I think all the various OS's have their strengths and their weaknesses, their proponents and detractors ... despite my problems with Win 7 aesthetics the OS works (for me) and within an hour of rebuilding I was up and running, data recovered, connecting to my NAS, and with my screens acting as an extended desktop yet for 3 days I was trying to do what to me seemed simple things without success. Yes part of that was because most of you guys appear to be in the US whilst I'm in the UK so there was a communications lag and I am absolutely (100%) sure that for most of you Linux would be just the same (you'd be up & running in the same kind of time frame).

    So yeah, I'm back on Windows but despite that I recognise some of its weaknesses (for a start, even if I did have to configure it each time I logged on, I loved the way I could give each screen a different background picture ... no idea how to do that in Windows and extending a JPG across two screens using active desktop is a really crap solution. What I don't accept is the superiority of Linux over Windows arguments (to be brutally honest I haven't heard a good one yet) but neither do I think Windows is a better OS than Linux ... it just happens to work for me and is easier to use.

    I will continue to muck about with Kubuntu virtually and am planning to install it on the Acer Aspire 3000 laptop(s) I have ...possibly also on my media centre PC (a DELL GX260 with 512Mb memory) because I can't get BBC iPlayer to install on it.

    Kyu

    Comment


      #17
      Microsoft, applications vs behavior

      Originally posted by Kyuuketsuki
      .....
      As someone who works in IT (I build servers, mostly virtual these days) I don't think that's true. MS have vulnerability labs reporting to them all the time and sure, they don't tend to report a security hole until they have a fix but I'm not sure they should have to ... seems to me this is almost a closed source vs open source argument (your later comments confirm that) and personally I think both systems have merits.
      ....
      Those "vulnerability labs" certainly reports to Microsoft, but, isn't THAT the problem? Wouldn't it be better for consumers (Windows users) if Microsoft made public information about new security holes, AND how to avoid them, within a day after they are discovered? I can't think of any justifiable reason to withhold security information from Windows users, especially if it will prevent them from having their bank account emptied, or, even worse, their identity stolen and then being told that they are responsible for paying off loans on automobiles and other items the hackers purchased with their credit card info. Some folks spend YEARS trying to recover their credit and reputation. Some never have. Certainly, Microsoft's profit margin isn't sufficient reason to keep security hole secret, wouldn't you agree?

      The difference between Microsoft's security by obscurity (no public access to source code) and the FOSS model of full source code exposure, combined with their respective policies regarding disclosure, has produced some remarkable differences. Only Microsoft employees can search VISTA or WIn7 source code looking for security holes. BUT, hackers spent nearly SIX MONTHS browsing Microsoft's Redmond Campus WLAN before they were discovered and locked out. It was too late. Logs revealed that one of the first things they did was to download ALL the source code for Win95 through XP SP3. That probably is one of several reasons why Wndows viruses, etc., have a growth rate of over 40% for almost a decade. I read yesterday that the Windows viral load increased 59% in 2009 alone, to 2.9 Million currently active viruses!

      Absolutely ANYONE can download and peruse the source code for any kernel or any FOSS application. How is that different than having a few thousand hackers pouring over FOSS code looking for holes, except for the fact that there are probably more good guys scouring FOSS source than bad buys exploring Windows for holes? The difference IS ONLY in the reporting policy. FOSS security holes are announced IMMEDIATELY upon discovery, along with a proof-of concept code so that users can test the putative fix to see if it works.
      "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
      – John F. Kennedy, February 26, 1962.

      Comment


        #18
        Microsoft, applications vs behavior

        Hi GreyGeek,

        I don't have an inherent problem with the way MS does things, nor do I thing the open source philosophy inherently superior to closed source (though I admire them for doing it that way) and, unfortunately, I think you and I will always see things differently because you do believe that open source is the better way. I think it's somewhat of a reach to lay the problems of identity theft and so on at MS's door so no, I guess that means I don't (agree) and again I then this is just down to your faith in open source and my lack of it. I mean don't get me wrong I think some OSS is great but in my personal experience closed source software tends to be slicker and better put together ... my primary example of that would be MS Office which is, in my not-so humble opinion far better than any other office package out there, Open Office is good but, whilst has a few features, Office doesn't it is hopelessly outclassed by its closed source rival (IMO OO is "clunky" and the spell checker doesn't work properly, seems to give up halfway down a document ... I prefer the KDE WP and there's another one, Gnome related I think, which is better still but MS Office still beats them all).

        As to viruses I think that is largely down to one thing and one thing alone ... being the biggest target, for the very same reason that all the really good non-console games (and all the really good applications) come out for Windows all the "really good viruses" (and more of them) come out for it too. Everything, all the "good" games, applications, utilities, drivers, hardware ... it is ALL targeted at Windows because there is a vast, huge market there for them to exploit. It's all about money or potential to gain a huge target market or whatever.

        Anyway ... I don't think we're going to agree so I guess I should leave it there (at least for now)

        Kyu

        Comment


          #19
          Microsoft, applications vs behavior

          Comments have gone off topic. Let's see if we can steer it back.
          Windows no longer obstructs my view.
          Using Kubuntu Linux since March 23, 2007.
          "It is a capital mistake to theorize before one has data." - Sherlock Holmes

          Comment


            #20
            Microsoft, applications vs behavior

            I don't have an inherent problem with the way MS does things, nor do I thing the open source philosophy inherently superior to closed source (though I admire them for doing it that way) and, unfortunately, I think you and I will always see things differently because you do believe that open source is the better way. I think it's somewhat of a reach to lay the problems of identity theft and so on at MS's door so no,
            Given enough time, Microsoft seems to always improve its applications (although not the security of them or its OS) but you are right... our two philosophies are based on different observations and their interpretation. I, too, used to be a Windows Fanboi. I have a T-Shirt hanging in my clothes closet. Printed on it is "Midnight Madness", and the date I downloaded IE from Microsoft's website. I got it because I was one of the first 10,000 to download IE. I was proud of that shirt. I started my computer consulting business in 1980 and for the next 15 years I supported myself writing niche accounting software, and other solutions, using dev tools running on Windows (Savvy, AREV, VB, PowerBuilder, FoxPro, VFP, Qt4 ...). I was doing my thing, oblivious that Microsoft was doing its thing, or exactly what its thing was.

            One of my clients was running Windows 3.x under OS/2, which was very impressive. I installed OS/2 and Windows 3.1 as a "guest" OS. That was when I FIRST became aware of how Microsoft "does things". Specifically, making successive releases of Win3.x sufficiently different that they wouldn't install under OS/2. Some of my clients had Windows installed on top of DRDOS. Suddenly, I couldn't install Win3.x on top of DRDOS because it was "incompatible" with Win3.x That forced me to tell my clients to use MSDOS instead. (How convenient for MS). MSDOS 6.0, the last major standalone upgrade, was and is an excellent DOS but, at the time, DRDOS was better. A little while later I found out, while reading a DR DOBBS Journal article, that Microsoft had added a test to their Win3.x code which specifically refused to install if it detected DRDOS. The Journal staff edited the binary, replacing that code segment with NOP instructions, and found that it installed and ran fine. That code was nothing more than unfair competition practices. The same kind of practices that were used to kill Netscape and Word Perfect. In addition to using their OS and software I started paying closer attention to what their corporate policy and actions were.

            In Dec of 1997 I purchased a new Sony VAIO desktop with Win95 installed and during the next four months I had to reinstall Win95 FIVE times because it kept crashing and corrupting the data. That's when I went looking for OS/2 again to replace Win95 and found RH 5.0 Linux in the back of a paper back called "Learn Linux in 24 Hours". Equally important, I came across an article by an Certified Public Account, Bill Parish, who discovered some of the financial activities that Microsoft had been engaged in. IF you have the courage to read it carefully you can learn about at least 12 documented ways Microsoft has damaged the economy and politics both here and around the world. This information was LONG BEFORE Microsoft's "Technical Evangelists" gang, lead by James Plamondon, was revealed to be what it was in the Combs vs MS trial, or the OOXML debacle which destroyed the credibility of the ISO standards committee, and the list goes on and on.

            Love their software if you can use it but realize that by doing so you are doing more than you realize to damage the computer industry, stiffle innovation AND, if you believe it or not, the fabric of our society. Lawrence Lessig explains how Microsoft and other giant multinational corporations are doing this.
            "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
            – John F. Kennedy, February 26, 1962.

            Comment


              #21
              Re: Microsoft, applications vs behavior - split from another topic

              Thanks GG. I was contemplating splitting out this from the OP.
              Windows no longer obstructs my view.
              Using Kubuntu Linux since March 23, 2007.
              "It is a capital mistake to theorize before one has data." - Sherlock Holmes

              Comment


                #22
                Re: Microsoft, applications vs behavior

                Originally posted by Kyuuketsuki
                ...
                IMO OO is "clunky" and the spell checker doesn't work properly, seems to give up halfway down a document ... I prefer the KDE WP and there's another one, Gnome related I think, which is better still but MS Office still beats them all
                ...
                Having used OOo since before it was StarOffice 5.0 I find the opposite true. MS Office is, to me, always getting in the way and trying to be too helpful for what I want to do, or it doesn't do what I want to do or allow me to do it in the way I want to do. For example, when I am writing a letter or other document and then decide I need to send it to more than one person I hit F4, which brings up a panel showing the databases I have installed. I drag the name, address and other fields I want entered into my document, click the mail merge against my T-bird address book (available on the version from the website, not the repository) and send each person a personal letter. I imagine that Office can do something similar but I am not experienced enough with it to know how to do it. Both apps are world class. It's just what we are used to that determines what we use. Those switching from Windows to Linux have to overcome their discomfort level when switching from Office to OOo. But, I suspect that in the future, Microsoft may release a proprietary Linux binary for Office, probably tied to 10 or so hardware signatures (like their GUID) so that illegal use would be more difficult for the average user.


                As to viruses I think that is largely down to one thing and one thing alone ... being the biggest target, for the very same reason that all the really good non-console games (and all the really good applications) come out for Windows all the "really good viruses" (and more of them) come out for it too.
                The "biggest target" argument has been put forth by lots of folks. It may have been a logical one when the Linux DE market share was between 2 and 4% (six or eight years ago), but it doesn't hold water now that the Linux DE market share has risen above 12% (according to Steve Ballmer in his Feb 12, 2008 graphic shown at a speech he gave), and is approaching 20% in some other countries. There are now more Linux users in china than there are folks using computers in America!

                But, as I mentioned before (was it in this thread ), one would expect, by now, that since the viral count for Windows is at 2.9 million, having risen over 40% just last year alone, that the number of Linux viruses would be plaguing Linux desktops would be around 350,000. Yet, no viral outbreak has been reported for Linux in several years, and there are reason why that is the case and will always be the case. One simply cannot infect Linux as easily as any version of Windows can be infected. Windows can get infected with the user doing nothing, just letting his box set passively with a web connection. It takes the active participation of a Linux user to infect their box.

                Everything, all the "good" games, applications, utilities, drivers, hardware ... it is ALL targeted at Windows because there is a vast, huge market there for them to exploit. It's all about money or potential to gain a huge target market or whatever.
                Can't argue against that as far as games go. For most games a good dual core desktop with a POWERFUL video card running XP is the best platform for running most games. As far as hardware and their drivers are concerned, why equipment makers originally targeted Windows when Windows wasn't the dominate OS is question for another discussion that leads to another set of dirty tricks and unethical competitive moves in the late 80's and early 90s that I had the misfortune of watching live as they occurred.


                Anyway ... I don't think we're going to agree so I guess I should leave it there (at least for now)

                Kyu
                That's true, but it has been nice exchanging views with you. Don't go away just because you use Windows. There are lots of Linux users who still use Windows and your expertise and view points would be valuable here. 8)
                "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                – John F. Kennedy, February 26, 1962.

                Comment


                  #23
                  Re: Microsoft, applications vs behavior

                  Originally posted by GreyGeek
                  Both apps are world class. It's just what we are used to that determines what we use. Those switching from Windows to Linux have to overcome their discomfort level when switching from Office to OOo. But, I suspect that in the future, Microsoft may release a proprietary Linux binary for Office, probably tied to 10 or so hardware signatures (like their GUID) so that illegal use would be more difficult for the average user.
                  Agreed and I have long thought that, closed source or not, MS should make Windows free and concentrate on Apps for all OS platforms.

                  I'm not at all convinced by the Linux superior security arguments and I think that the biggest target argument remains relevant. Another factor is that Linux remains (even now) an OS designed by techies, for techies (as evidenced by some of the hoops I have to jump thorough to get (for me) relatively ordinary things done ... sure there must be a community of non-techy Linux users but maybe they just use their systems and don't deviate in any significant fashion. A particular problem with Windows (and a strength) is it's flexibility, it's ability to get vast shed loads of programs, both current and legacy running on it and you have no choice but to trust the writers of those programs ... an example might be VMWare server which is great but causes startup to extend for the usual 20 seconds or so to over 2 minutes ... is that the OS's fault? Other examples are Norton Security and Apple iTunes both of which drag Windows system performance into the ground ... is that the OS's fault? I don't think so.

                  Ultimately claims of Linux superior security derive from the way in which Linux is used (a colleague of mine has had a non-AV protected Windows system connected to the net and up for 2 years with no issues) ... a decent password, NTFS filesystem, using a non admin user and so on (as I never do of course) and not visiting dodgy sites is really all that's required.

                  I do all kinds of terrible things and I don't get problems ... my AV is ClamWin, I occasionally run Ad-Aware and I use a renamed admin with a hefty password.

                  Originally posted by GreyGeek
                  Can't argue against that as far as games go. For most games a good dual core desktop with a POWERFUL video card running XP is the best platform for running most games. As far as hardware and their drivers are concerned, why equipment makers originally targeted Windows when Windows wasn't the dominate OS is question for another discussion that leads to another set of dirty tricks and unethical competitive moves in the late 80's and early 90s that I had the misfortune of watching live as they occurred.
                  Actually, ignoring consoles, Windows 7 appears to the gaming platform of choice and no, I don't believe there is any particularly "dirty tricks" campaign that goes anything beyond normal competitive business practices ... if Sun were the primary OS vendor I believe they absolutely would whatever they could to hold on to their market share.

                  Working in IT as I do, I'd actually take it way beyond games ... we use Linux and UNIX systems here but it's interesting (and cynically amusing) to note that whenever someone actually wants to do something (monitor systems or whatever, the kind of interface, usable functionality) the OS it will be implemented on will nearly always be Windows. My assumption is that that must be changing now because there is much more use of web based consoles but even that is seriously Windows oriented often only running on particular versions of IE or with some specific MS Java version (it's actually quite annoying as I vastly prefer Firefox).

                  That said, I think two things ...
                  • That alternate OS's to Windows is a good thing (competition improves all OS's)
                  • Gates was the heart and soul of Windows and now Gates is gone Windows days as primary OS vendor are numbered.


                  Originally posted by GreyGeek
                  That's true, but it has been nice exchanging views with you. Don't go away just because you use Windows. There are lots of Linux users who still use Windows and your expertise and view points would be valuable here.
                  Not planning to as I want to run Kubuntu virtually and I have a couple of Laptops (Acer Aspire 3000 17" ones ... I'm convinced it's because they are AMD based, if I ever have an issue with a system it ill have an MD chip at it's core, I can't explain that but it's true for me) that I want to configure with it ... if I can get them working wirelessly (probably difficult as the only way I'm told it works is by wrapping the Windows NDIS driver or some such) I may keep them or I may just put them up on eBay and buy a netbook. OpenSUSE doesn't recognise the wireless and (as I mentioned earlier) I can't get Windows running on them.

                  So yeah ... despite personally favouring Windows, I still believe Linux is a good OS (Mac OS too), I'm still interested in development s and in what it does

                  Kyu

                  Comment


                    #24
                    Re: Microsoft, applications vs behavior - split from another topic

                    I don't believe there is any particularly "dirty tricks" campaign that goes anything beyond normal competitive business practices
                    Although most of this discussion is over my head and I agree with a lot that has been said by both sides - I'm sorry Kyu but if you actually believe the quote above, you're simply naive. IMO, the only reason M$ hasn't been prosecuted in the USA like they have been in Europe and elsewhere is because they're too large a part of the economy and maybe some other political shenanigans.

                    a colleague of mine has had a non-AV protected Windows system connected to the net and up for 2 years with no issues
                    I seriously doubt this statement as well. It may be "up" in the sense he hasn't encountered a virus, but I've never heard of a windows system that could go that long without a reboot - even if you didn't use it. There are servers out there that have run this long - but these are not "out-of-the-box" windows installs and only survive because they were set up by "techies", not Joe User. I agree a linux system is more difficult to install, but if Joe User gets through that phase, he will be rewarded by a more stable and more secure platform.

                    I do all kinds of terrible things and I don't get problems ...
                    But aren't you a "techie?"

                    Ultimately claims of Linux superior security derive from the way in which Linux is used
                    I would like to know what data you use to support this claim. "Claims of linux superior security" that I am aware of derive from the way linux is designed to operate in conjunction with the open-source community. One windows system with "no-issues" does not a secure system make. Again, - as a "techie" user, I have used many OS's - Dos 3.1-3.2, Windows (3.1,98,XP,Vista,7), OS/2, OS/x, and dozens of linux distros. I have "used" my linux boxes in exactly the same way I have used my windows ones - internet, photo processing, music, games, email, etc. I have never had a virus, malware, or an installed piece of software damage any linux operating system to the point it could not be repaired easily or even lost a file due to any of these things while using linux. I have never had a windows system that did not eventually get a virus, malware or become unusable because of an errant installer or some other secret thing going on in the background that I did not permit. I can only conclude from my experience...

                    "Ultimately, claims of Linux superior security derive from the way in which Windows is programmed to function."

                    Otherwise, I agree with a lot you've said. Of course, being a "techie", which I guess means some who's willing to spend a few hours learning how to install and setup my OS, rather than allowing someone else to decide how it should be. I will not be using windows products unless I have too and I will be forced to - by unfair, uncompetitive and often illegal business practices of Microsoft.

                    To the bottom line, let's look at the average user. Of which there are more than a few on this forum; Snowhog, GreyGeek, Kyuuketsuki and myself do not qualify as average users.

                    My wife is a good example; absolutely no knowledge of how computers work or why and couldn't care less. She does email, internet shopping (a LOT of it) and other typical internet things, copies her photos from her camera and posts them on facebook and plays solitaire. That's about it. When we married, she had windows on her system and I had linux. Her system had deteriorated to the point of near un-usability because of spy-ware and virii and who nows what else. Apparently, back then simply having an email account was all it took to get your system in trouble. I installed linux for her and she was able to begin using it again. Down the road a ways - she needed a new computer. When we brought it home I asked her if she wanted to leave windows on it or should I change it to linux. She immediately asked for linux.

                    My point is: Windows is not the most used OS because it's the best. It's the most used because the marketing of Microsoft (sometimes illegal) and most users aren't aware there is a choice. It's too bad that desktop linux as a business model hasn't yet succeeded, at least at the Microsoft level.

                    It occurs to me that with the exceptions of hardware driver support and the occasional installer failure (and these are not little issues - they are in fact the largest issues), a linux based system is actually better for the non-techie user. Once up and running, in my experience a linux system is way more likely to be solid base than any windows system that I have used. I freely admit 7 is much better than Vista and may actually be somewhat less likely to get infected like XP was.

                    I only hope that Gates' departure will somehow result in the door opening wider for other OS's. I think the changing tides of computing - clouds, steam, internet based software rather than desktop based software - will diminish a lot of what we can argue about in OS's and could in fact push the OS to a bootloader type level of importance.

                    Please Read Me

                    Comment

                    Working...
                    X