Grim... wrote:(Off topic-ish)The bashing Microsoft gets for poor security really annoys me.
Then tell them to program better and be more responsible in handling security issues.
They've earned that criticism. When the CEO comes out and says that has not only been a problem, but that they need to invest 6 months doing nothing but security - you know there is a legitimate issue.
They admit it, and the people (like me!) that are tasked with trying to secure it are understandably tired of an insecure OS.
Grim... wrote:
If you brought a Mondeo from Ford, would you expect them to send a mechanic out every time they make better door locks? Hell no! And if someone smashes your window and steals your car, do you blame Ford? Hell no!
Why does no-one really blame the people who start the trouble?
You know what the difference is between cars and software?
Car manufacturers can be held liable for product defects, so they do it right the first time. Thats not true for software.
As a result, you won't see Microsoft support windows 2000, even though businesses pay MILLIONS a year to run it right now. As a result, you won't see Microsoft backport the firewall from XP to 2k, despite the underlying OS completely supporting it. Why should they? They can't be sued, unlike car manufacturers.
The day that I can sue Microsoft for making an insecure OS is the day you can fairly make this analogy. Until then, they are stuck with a fair criticism that even THEY agree is largely true.
Grim... wrote:
(Back on topic)
I'm still running a NT server, and keep it secure (I hope) with good (free) third-party applications. I agree with you that MS could do more to help out it's existing customers, but it already does far, far more than pretty much any other company around, especially considering that 80% of people stole their product in the first place.
Not at all true. They do far, far
less than pretty much any other company. Compare it with the legacy support for Suse Linux (years longer), or MacOS, or BeOS, when it was still around.
They are by far trailing the pack when it comes to support, and for good reason: They don't have to. They are a monopoly, they can't be sued for negligent programming, and
they make money by encouraging people to upgrade.
Grim... wrote:<edit>I'm not accusing you of bashing MS for poor security, just people in general, but it reads like I am - sorry</edit>
No problem at all. I absolutely do, and its 100% fair for me to do it. When you restructure your entire company to emphasize security,
clearly something wasn't being done right.
Grim... wrote:You dont have to upgrade to Vista, if you dont really need to. Fair and square.
"The average unpatched Windows PC lasts less than 20 minutes on the Internet before it's compromised" - I'd call that completely unacceptable.
You definitely need to keep patched to remain safe, and as soon as they stop offering patches, that means you must upgrade.
Grim... wrote:My point being, the times are changing and as technology evolves, so must our applications and support.
And I'm fine with that: For new applications. But the monopolist isn't simply doing that. Its also ensuring that you must upgrade to the latest version of the OS
by ending support and patching for older OS'es that they coded insecurely.
"Well, its fair if Ford only charges more for new cars.", and then find out that Ford uses weak steel in the engine bay to ensure that cars only last 5 years. Not very fair then, right?
Grim... wrote:Official policy for support used to be all versions outside of two major versions back lose support.
Mainstream support for Windows 2000 ended 6/30/2005. Mainstream support for Windows XP ends 12/31/2006.
The launch of Vista is expected in the third quarter of 2006.
This means that Vista will be the only desktop OS with Mainstream support after 12/31/2006. Get ready to upgrade if you want to keep doing the same thing you do today (securely).
Its not fair in any industry to require people to pay for a substantial upgrade just to keep doing the same thing securely. At least offer updates seperately, so we have the choice.