I'm rather perplexed at your reaction, Shimapan. I've posted accurate statements regarding motivations and actions with respect to the subject at hand, yet you seem unwilling to entertain ideas that don't align with your preconceptions. You make assertions without demonstrating that you possess the knowledge to do so (were you on the MS-DOS development team, and therefore knew their minds?). You attempt to bolster your argument with unrelated events but fail to grasp their history (the Longhorn reset was not the cause of Vista's delays, and occurred for reasons that you seem unaware of). You resort to childish name-calling to categorize a product whose very introduction was a serious risk to Microsoft's business partnerships (Defender had to launch with an initially narrow scope for a variety of complex business reasons) while continuing to present a factually inaccurate position (I still await your proof of the specific claim that Defender intentionally blocked Firefox).

Lest you think I'm simply shilling for the company, I call your attention to the several posts I've made here at KFN in which I criticize particular aspects of Microsoft's products or business practices. It is not a perfect institution -- no such thing exists. At the same time, certain of Microsoft's positions are sensible and entirely justified -- positions I will defend despite the termination of my job role during the 2009 layoffs. I would advise that you attempt to curb your disdain for a time and trade sweeping misinformed generalizations for a better understanding of the facts and of the scale at which a firm like Microsoft must operate. I'm happy to assist you with this at any time.

Shimapan there's a few things I'd like to highlight about your comments towards Microsoft and Windows OS.

At the time of Windows 3.1 in the early 90's, Linux was in its infancy. There was no real alternative to Windows 3.1 except DOS (MS-DOS; PC-DOS; DR-DOS etc.) Also, when OS/2 was developed and released I believe that it was developed in part by Microsoft themselves for IBM.

And another thing, accusing the coders at Microsoft as being not very good for producing such bad software is not right. I am sure Microsoft will employ only the best coders, what I believe is at fault at Microsoft is the management dictating what and how software should be developed, the coders will not have an executive say on where the software is heading.

Don't blame the workers for the decisions of the management.

You're arguments are very interesting, SteveRiley. I hated Windows Defender (or whatever it was called at that time) because it didn't work at all in the beginning. I used to clean up machines in that time. I didn't know there was a reason for working so bad in the beginning. (Don't know how it's working now, because I don't clean machines anymore.)
It's very interesting to read 'from the inside' about that kind of decisions. But if you're on a holy war against the devil called Microsoft, I guess it's not good for your heart to read your arguments, because you only want to read bad things. I absolutely don't like Microsoft as a company, but that doesn't mean of course everybody working there is a monster and a bad coder etc.
I don't like cars either. Living in Amsterdam, I would have a very hard time if I started to hate every driver.

Keep it up with the explanations, SR. Your insights on Microsoft's actions in the times you were there are quite valuable, even to a Windows (7) user like me, though I don't boot into it all that often. (only to do Windows Updates and such).

Here's another example that's rather illuminating. For some time now, Windows Live ID passwords have been limited to a maximum of 16 characters in length. No one ever seemed to notice this until the transition from Live ID to Microsoft Account, when the dialog box specifically mentioned the maximum. A sh*tstorm of armchair quarterbacking arose, with condemnations coming in like gangbusters. Yet no one ever stopped to think why.

Well, I'll tell you why. Remember that the Microsoft Account service is used by every online property Microsoft has -- not only Hotmail and the consumer stuff, but also Office 365 and Azure (Microsoft's cloud services). During any given one-second time period, the Account service typically processes 150,000 logins. At various points in the day this might burst up to 250,000 logins. Look at that again: between 150,000 and 250,000 authentication attempts per second, every second of every day of every year.

So how do you build a system that can sustain 540,000,000 authentication attempts per hour? When my friend who built the service, one of the smartest security dudes I know, assembled a team to find a solution, don't for a moment think they arbitrarily pulled 16 out of their collective asses. People basically demand that login be instantaneous, and this is one of those moments where security engineers are faced with making unpleasant tradeoffs. Each additional character added to a password increases the amount of time required to compute the hash. But slow logins will make customers bail.

Now, one can make all the noise one wants about length being more secure than complexity -- and indeed, I am guilty of this myself. But after weeks of design reviews and thousands of simulation runs of various mechanisms, 16 characters was chosen as the maximum length the service could support without slowing down logins to the point where a zillion calls would start pouring into the help desks. A reasonable balance has to be struck between security and usability.

So yeah, this is the kind of stuff that a lot of critics just don't grok. Security at scale is really hard.

I'm not an expert, but I think Microsoft made the wrong decision here. I see the problem you describe. But after years of helping people with computer problems, mainly caused by security problems, I really think Microsoft (and other companies) should let security prevail over other things.
That's one of the things I blame Microsoft (and a lot of other companies) for: they told people a computer and internet etc. are really easy. It's not only with passwords etc., but also with things like protecting against viruses, phishing, etc. If people was told from the beginning the internet is a 'dangerous' place, most people wouldn't mind if a login takes a few seconds instead of being lightning fast.
If you explain to people why the login takes a few seconds, that it's to protect their privacy, identity, bank accounts, etc., I think people would accept that.
I used to work for an organization that helped older people who just started with computers. You don't want to know how many did things like disabling updating antivirus programs, because they didn't understand it, or it took too long, or whatever reason. If I had explained why that was a very bad idea and they understood the dangers, almost everybody worked more secure. (There is a small bunch of idiots that shouldn't be allowed to even take the dust of a computer, but that's in every branch.)
If customers don't like that and in turn the selling department doesn't like it, I think security should always win.

I'm afraid there is still that kind of mentality. Many, many, probably a frighteningly high percentage of Users don't have a clue. It's the wild west out there.
I don't like the idea but I suspect that sometime things will get so bad that governments will step in with legislation. Similar to automobile legislation that make today's cars safer. I don't use and don't like Microsoft products, but they need to do a lot better job of security.

Bottom line reason for things like they are is simply greed. Even though it has been stated in less offensive terms here. Making a buck drives many choices. Microsoft engineers are some of the best in the world. But as noted, they don't run things.

In an ideal world, I'd agree with you. But the world isn't ideal; the majority of people are happy to trade security for speed. I'm a security engineer myself, and I see this happen all the time. I also understand the reality of the business situation. If the Account service allowed 32-character passwords, and 1/3 of users opted for that, the login time would increase dramatically. They have the simulation test results to prove it.

Yes, it's difficult to imagine some of these things. But you have to realize that the kinds of scale we're talking about here are very atypical for your average small business or even large enterprise. It was the same way at Amazon, where I also worked for a time. Amazon lights up the equivalent of a dozen new 42-U racks every single day. This kind of operational scale completely changes the way you think about everything, and forces a whole new set of tradeoffs and business decisions that just don't exist elsewhere.

That is too true. I remember my brother-in-law telling me about the volume of traffic Hertz (the car rental people) had. It was truly mind-boggling. And that was almost 20 years ago.
I guess we're stuck with things until sometime after the scientists get quantum computing up and running. Considering how long it took the computer to get where it is I'm never going to see it working. Much less on the Desktop.

If it's not possible to offer a service in a secure way (as far as that's possible), maybe they shouldn't offer that service in the first place. But I'm the first one to admit that's not only a Microsoft problem, but a consequence of the way our society works.
But I'm no high Microsoft official (and not important at all, not more than any human being). I've only seen the consequences of the lack of security. So from my point of view I still say: security should come in the first place, even if that means not offering certain services.

Who pays for the bandwidth to shove those ads down the device owners' throats?! Not to mention the CPU cycles and battery consumption, puh! Is that in the EULA or on the outside of the box when you buy it? Now you have to PAY to be spammed, gawd.

I repeat, those ads are not in the base operating system. They appear only in add-on applications that Microsoft "helpfully" includes in the ISO. It is not required that you use any of these, and indeed you can uninstall them if you wish (and get them back, at no charge, from the app store). And how is this different than Gmail putting ads in your browser? In both cases, you're paying for the bandwidth.

Reminds me of the children's book "The Little Red Hen"

Entities, whether individuals or companies/corporations, build what we like to use. Someone has to pay for their labors.