Schneier on Security
A blog covering security and security technology.
« Triggering Bombs by Remote Key Entry Devices |
| Richard Clarke on the "Puppy Dog" Theory of Terrorism »
April 27, 2007
Commentary on Vista Security and the Microsoft Monopoly
This is right:
As Dan Geer has been saying for years, Microsoft has a bit of a problem. Either it stonewalls and pretends there is no security problem, which is what Vista does, by taking over your computer to force patches (and DRM) down its throat. Or you actually change the basic design and produce a secure operating system, which risks people wondering why they're sticking with Windows and Microsoft, then? It turns out the former course may also result in the latter result:
If you fit Microsoft's somewhat convoluted definition of poor, it still wants to lock you in, you might get rich enough to afford the full-priced stuff someday. It is at a dangerous crossroads, if its software bumps up the price of a computer by 100 per cent, people might look to alternatives.
That means no MeII DRM infection lock in, no mass migration to the newer Office obfuscated and patented file formats, and worse yet, people might utter the W word. Yes, you guessed it, 'why'. People might ask why they are sticking with the MS lock in, and at that point, it is in deep trouble.
Monopolies eventually overreach themselves and die. Maybe it's finally Microsoft's time to die. That would decrease the risk to the rest of us.
Posted on April 27, 2007 at 7:03 AM
• 72 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I've been reading articles about how Microsoft is dying for about the last five years.
Meanwhile, big corporations seem to use Microsoft exclusively on the desktop. The big multinational bank where I work recently started locking itself in to Microsoft by using .net, where previously it used (portable) Java. The article says Dell supplies Linux to its customers. Has the author actually tried to order a PC with Linux on Dell's website? Maybe it is possible; it sure isn't easy.
And just yesterday, Microsoft announced a 65% increase in quarterly profit. OK, it's an exceptional quarter because of Vista. But "Microsoft's time to die"?
Personally, I wish Microsoft would die, because I don't like obfuscated proprietary file formats and I really detest Microsoft's perpetual striving to sabotage interoperability. But I think I'm mature enough not to let wishful thinking cloud my judgement.
I doubt MS is going to die any time soon. So long as there are computer users like my friends and family (i.e. not computer professionals), they're going to stick with what they know - Windows.
They may slowly move over to Macs but since I can't guarantee that all their e-bling will work on Mac, they stick with Windows.
They ask me about Linux but they'll never switch because I tell them not to. (I have enough headaches dealing with their Windows questions, I'm not going to deal with their linux problems.)
And in the end, for right or wrong, when you tell them of all the "evil" drm software on Vista they'll just look at you and say, "So? I don't do that, it doesn't affect me."
And yes, you can get into the argument about how it affects us all, and degrades system performance, and yadda yadda yadda. In the end, most computer users are normal people who just want their expensive "box" to work. If it does, they're happy.
"Monopolies eventually overreach themselves and die. Maybe it's finally Microsoft's time to die."
That's 26 days late...
Microsoft *could* "die", it wouldn't be suprising if it "died" within the next 5-10 years, but it depends on several really big IFs -- if the 64-bit migration is volatile, if Linux can get itself preinstalled, etc. etc -- and also on your definition of "die".
I would say Microsoft is dead when (even if it still makes enormous profits) it can no longer dictate the state of the industry. The next generation of Windows might end up with 95% desktop coverage but if everyone installs stuff to crack their DRM and TC stuff etc. then they've failed and died.
Just a note to Nostromo, i doublt using .NET will lock you in. So far it seems you can acheive acceptable interoperability with Mono. You can possibly argue that microsoft will do its best to shut down such interoperability in the future, it remains to be seen.
The first step for everyone is to recommend their clients move to Macs. They can dual boot or virtualize for those enterprise clients with PC stuff. And as far as the regular joe goes I agree with mdp's comment :
"In the end, most computer users are normal people who just want their expensive "box" to work. If it does, they're happy."
However the way I see it, thats the strongest argument for a Mac. My girlfriend got one and I hardly ever have to help her! "it just works". Good job jobs ;)
One Word: Linux
Vi$ta has finally forced reasonable minds to seek alternatives, and if you haven't tried the new Ubuntu 7.04 "feisty fox", you are missing a sweet treat.
It installs painlessly and in a fraction of the time it takes to install Window$. The drivers are all there. It Just Works (their motto). You can even hook up all the eye candy that makes Vi$ta "unique". No DRM. It reads and writes .doc and .xls files in an NTFS partition, so you can install it right along side your copy of XP.
I have it running on an antique 800MHz AMD Duron box -- it even found the winmodem!
We should thank Micro$oft for releasing Vi$ta and ushering in The Year of Desktop Linux.
I'm a big fan of Ubuntu.
The latest release of Ubuntu (7.04)is very polished and has great 'out-of-the-box' hardware support. (Hardware is supported for all but the card you bought last week where the manufacture didn't release an open source version, or locked down with propriety 'Windows only' drivers). Ubuntu is quick and easy to install, easy to use and it is built with security in mind (based on SE Linux).
Linux cannot get 'worse' it can only get better. It is already out there and supported by so many - it's distributed support! If Canonical.inc stopped working on it today, someone - anyone, can pick it up and continue supporting it tomorrow.
Oh, and it is $$ FREE $$. It is very hard for Microsoft to compete with free. Microsoft can use its weight to 'force' users to pay, but it is only a matter of time.
And time is on our side.
This is the same old tired argument...yawn!!!! Their stock is up over 36% this past year. They are aggressively moving into the Web 2.0 space and they are becoming an enterprise player in something other than the desktop. BTW...I have done plenty of security assessments where the Linux environment is way more F****d up than the windows environment. So I am not really sure how we are going to be more secure with an alternative OS on the desktop.
Lol...Imagine your HR and Finance department working with Linux. Can you spell TCO?
Just nitpicking, but it's "feisty fawn", not "feisty fox".
Once upon a time, there was the evil giant computer company called Big Blue. It was IBM that was the evil company in the 70's. But look at them now?
I'm hoping that in 10-20 years (not so long in the bigger scheme of things) MS will be the OS hero within the corprates.
In the mean time, I can choose what i use. 100% *nix here at work. I also change a 50% surcharge on any MS contracts I do. Funny thing is, nobody complains!
TCO, yea I can. For huge amount of applications Windows *LOCKIN* is not included in the TCO.
Its something to think about.
I love Ubuntu, and Feisty works exceptionally well. Yet I wouldn't go as far as declaring Windows as dead in the near future. With all my hate to Microsoft, they've managed to lock the users to their proprietary files, to which with all due respect, Open Office still do not give a full answer, and many sites (especially in Israel for example, partly because Apple's distributer here is awful) cannot be used with any browser other than IE, making even Mac hardly an alternative.
Don't overreach. I would be happy if Microsoft died in my lifetime...
It is already happening. Who, but an utter idiot, uses Internet Explorer anymore. The world is switching to Firefox...except for Bruce Schneier and Alec Baldwin who use Opera.
Bill Gates left Microsoft to pursue other interests for a reason: he knows Microsoft is in decline. Good riddance I say, their products have always been junk.
Well, according to Paul Graham (http://www.paulgraham.com/microsoft.html), Microsoft *is* dead.
His definition of "dead" might be different from that of most people, though -- he has observed that startups aren't frightened of Microsoft anymore.
The Inquirer article, that Bruce linked to, mentions "newer Office obfuscated and patented file formats".
MS claims that the new file format(s) with Office 2007, "Open XML", are open and published. http://office.microsoft.com/en-us/products/...
OK, they're different, *new* (gasp) file formats. But if they're open and published, what's the problem?
Microsoft is more than IE and Windows. Much, much more. Unless you take that into account, you are going to be disappointed at how things play out.
Until recently, I worked for a company that has grossed between 30 and 40 billion USD over the last five years. They have very strong exclusive contracts with Microsoft, and are not going to change that in the next fifteen years at least.
Just about every open source advocate I've ever met is a religious zealot. People don't convert just by asking. There is no amount of yelling, "really, Vista sucks," as loud as you can that will make the market share of Linux appreciate significantly. Linux is still completely useless as a desktop operating system for an average person.
If you know something about operating systems, Linux may be better. If you know how to apply lots of patches, you have knowledge of security and you're willing to hack at things to make them work, go ahead, use Linux. Windows requires none of this. The open source community thinks that if I don't like it I should fix it myself. I don't want to do that. I just want to use it and I want it to work. Windows regularly does exactly that.
I maintain over a dozen servers and twice that many desktops of mixed pedigrees. The only ones that operate reliably with minimal intervention are the Windows machines, followed with open water by the Macs. It's a good day when all of my Linux machines make it through the day without some hitch. The uptime on my Windows servers also exceeds that of my Linux servers tenfold. None of my Windows machines has ever been compromised with many services running, while almost all of my stripped down and hardened Linux servers have been rooted. I may not be the best Linux sysadmin, but I have 5 years of direct experience. There's no way Jane Q Teenager will ever think of installing Linux on any machine in its current incarnation when Windows of any version, even Windows Me, is available.
Microsoft isn't doing anything significantly monopolistic. They're just doing things the correct way and providing a useful product. If Linux doesn't sell, it's because it's not something people want to buy. Everyone complained about Windows XP too, but that seems to have sold just fine in the long run.
I'd switch to a Mac but the price is too high. I can buy a 17" Windows laptop for $1,300.00 in Canada at Future Shop. A 17" Mac laptop with the same configuration will cost me $3,200. Is OS X really worth 1.5 times the price of a complete Windows computer? No wonder Apple has only about 3% market share.
Steve Jobs is too greedy. I'm looking at Linux.
"Microsoft is more than IE and Windows. Much, much more. Unless you take that into account, you are going to be disappointed at how things play out."
Microsoft got to be a monopoly by dominating key areas od computer software. It fought a costly war against Netscape to dominate the browser market. It now looks like they are losing that war to Firefox. Like I said, the evil empire is eroding.
Microsoft is not a 'natural monopoly'; it will fall.
Amen. I reinstalled my home server with Ubuntu 7.04 this weekend, and I'm an experienced Linux guy and still had some headaches getting it set up right. If it's not utterly painless for -me-, the average desktop joe is never going to manage. Linux is still a science project, the geeks think it's manageable, but until my mom could install it without asking for help, it's just not a viable alternative. (Hell, she can't even install windows without help.) Reinstalling OS X though... that was painless.
You get what you pay for. If you want a cheap computer, you'll continue to own crap. If you pony up the extra money for an Apple, you'll wonder how you survived without it.
I'm a converted Ubuntu user over a year now and will never go back to M$.
Next is to convert the wife, and then start on the rest of the family.
Ubuntu is where it's at.
I agree with most that MS is not going to die anytime soon, but the monopoly position of MS may be dying as we speak (well or maybe I am too optimistic). The point is that many strong foot holders that MS always had are getting less and less important, even the so called desktop computer may become obsolete soon.
Many people are starting to use devices (PDA, celular and others gadgets) to do things that they used to do with computers.
At the same time many governments and maybe even some enterprises are starting to use an open document format. This is at least a dent in the MSOffice upgrade cicle.
Many people are getting tired of virus and problems and are migrating to Macs and even some minority are moving to linux solutions.
Google trademark is far more valued then MS's one. Maybe we need to start worrying about google?
"Next is to convert the wife, and then start on the rest of the family."
Who are you going to convert the wife for? May I suggest playboy.com for some ideas.
Microsoft won't "die". However, they're showing signs of following in IBM's footsteps: still big and powerful, but no longer the universally feared be-all and end-all of their market sector.
They have an increasingly complicated product line, unwieldy internal process and an inability to act "nice" and be seen as sincere about it in a world where competing product has a faster release cycle, more people are becoming aware of the concept of open standards and document formats, and their corporate ethics and product security are under intense scrutiny and attack.
Their flagship OS release was delivered years late yet still rushed to market, with reports of hardware driver and application compatibility issues of the sort you'd normally expect to hear from people who tried Linux and "couldn't get it to work".
Their attempts to move into new market areas have seen less than total success, and in many cases are reported to be running at a loss.
Nobody, but nobody, trusts them, and outside of the PC market, they don't have enough influence to force others into "partnership" by default. That makes it harder to continue growing the way investors have been used to; their fortunes are closely tied to the PC market, and sooner or later predictions of market saturation will come true.
As for relative security merits of Windows vs Everything Else, no system is ever 100% secure, and in the hands of someone who doesn't know what they're doing, any system's security can be severely "F****d up". It just happens to take significantly less effort for an incompetent administrator to make Windows insecure ;-)
"Maybe we need to start worrying about google?"
Microsoft can only screw up your computer; Google can screw up your life. I never use Google for search and don't have a Gmail account. Google has robots/spiders that search the Internet. If you've ever posted anything, it will appear on a Google search. Given time, even comments posted here will likely become the results for a search. That makes Google evil. Avoid Google.
Claims that Windows or Microsoft is dead are premature. They aren't as hale and hearty as they once were, but considering them dead is a mistake. But then other technologies such as Linux and Mac OS X don't need Windows to die in order for them to be successful. The marketplace is large enough to easily support the diversity which makes for a healthier environment. All that is required for that, from Microsoft's point of view, is the death of the Windows monopoly. While I wouldn't say that's happened yet, I would say that the monopoly is mortally wounded. As Linux and Mac OS X continue to mature and gain acceptance their successes will foster more success ensuring the death of the Windows monopoly. Here's a couple of recent articles that indicate the trend:
Windows vs. Linux vs. OS X
Hi, I'm a Mac, and I'm Your Enterprise Computer
"Microsoft won't "die". However, they're showing signs of following in IBM's footsteps: still big and powerful, but no longer the universally feared be-all and end-all of their market sector."
In the world of personal computers, IBM is dead. It sold it's PC operation to the Chinese company Lenovo. If Microsoft had to exit the PC business what would be left of it?
>It now looks like they are losing that
>war to Firefox.
Firefox had an 8% market share in January '05.
Firefox had a 12% market share in January '07.
That's not exactly something you declare victory over (unless you work for the Bush Administration).
The market is changing. Computer hardware, operating systems and applications are becoming commodities.
The only reasons that Microsoft dominates are:
a. The desktop monopoly that IBM handed them.
b. The proprietary file formats that continue to drive the desktop monopoly.
c. They have GREAT development tools. Just about anyone can QUICKLY build an app that will run on Windows. It might suck. It might be insecure. But it will finished, quickly and it will run on 90%+ of the desktops out there.
Microsoft is vulnerable in the foreign government market. Why would a city in Germany want to send money to Redmond every year for something that is a commodity?
That's where Linux and the Open Document Format (ODF) come into play.
A German official can declare that they will abandon Microsoft, migrate to Linux and only use ODF compliant apps. The money they will NOT be sending to Redmond will be used to pay LOCAL programmers to add features and patch bugs in Linux and the apps that they use.
Once one city has managed it, other cities will base their migrations off of that. The new migrations will be faster than the first migration.
The more cities/countries that migrate, the larger the pool of programmers working on adding features and patching bugs.
The only things that Microsoft can do to slow this is to push for software patents in all those countries and dump software into those markets for $3 a copy.
Then Microsoft needs to lobby the US government to tie trading status to software patent enforcement.
Otherwise, Microsoft will die. Their cash cows will be marginalized by the Free software alternatives and the rest of the world will be focusing on getting jobs for their local programmers.
I wouldn't go so far as to say that Microsoft is dead, but it is certainly over the hill -- and I'm one of the indicators.
Remember Ballmer's chant, "developers, developers, developers"? Well, I'm one of those developers. I've been writing software exclusively for Microsoft platforms since 1984. I'm heavily invested in Windows and know it intimately. I've built my own business selling software for Windows. I've only occasionally played a bit with Macs and Unixes, so I don't know my way around them.
I've defended Windows against biased security critics and Linux zealots. Yes, it wasn't originally designed with security in mind, but that's been largely fixed. Yes, it has come with poor default security settings, but that has been largely fixed, too (and you can change the defaults in any case). I've never had spyware or rootkits, nor have my family members after I set them up properly and showed them how to keep their systems patched. People who say that Windows has to be reinstalled every 6 months to get rid of the rot don't know how to administer their systems properly. I'm typing this on a Windows 2000 desktop box that has had a ton of software installed on it over 5 years of daily use, and it still works just fine.
Vista is the last straw for me, however. I will not use Vista on my desktop, nor for anything other than software testing in a VM. I'm sick of Microsoft's efforts to intrude upon my systems through DRM and "Windows Genuine Advantage". I'm tired of increasingly onerous licensing terms that I'm forced to accept because I'm locked in. I'm tired of the constant churn in programming tools, methodologies, and APIs. I've had enough of Microsoft's ignorance or bastardization of open standards.
As of about 6 months ago, I've been working on a 5-year plan to wean myself off of Windows. I've been earnestly boning up on Unix and trying out various Linux distributions and BSDs. They're all still pretty rough for desktop use, but I think I can make do. I will write nothing but cross-platform software from now on.
I don't yet know what Unix system I will end up using. I'm not inclined to go with Macs because that's just being slave to a different master. My experience with Microsoft has taught me that my operating system (and my business) is too critical to trust to a publicly-traded corporation that's ulitimately driven by profits, profits, profits. I make my living off closed-source software, but I recognize that free open source ensures that I have ultimate control over my critical infrastructure.
I am by no means an average user, but what I do now foreshadows what will happen within the next few years. I am the canary in the coal mine. I am the writing on the wall.
"Maybe we need to start worrying about google?"
At least one knowledgeable observer believes Microsoft should be worrying about google, see Dave Berlind's comments on ZDnet:
obligatory security comment, if Berlind is correct it will have some major security implications!
Check out this article:
The standard may be 'published', but quite aside from the standard being some 6000 pages long, it includes tags which are documented as 'text bounded by this tag must emulate Word95 full-width character spacing', without actually documenting how that works. The only way to actually parse the full standard would be to reverse-engineer several different previous versions of Word, because they've explicitly kept a lot of backwards-compatibility cruft in the document format (as opposed to the cleaner way of doing it, which would be to have a simpler format and put the backwards compatibility into the document translator).
The biggest complaint about OpenXML is that nobody but Microsoft could actually write a parser that would be guaranteed to read all generated OpenXML documents because of all the badly-documented cruft. Anybody could write a conforming generator by ignoring all that, but writing a conforming reader requires at least having some idea what to do with each tag, and nobody but Microsoft knows how to implement some of them.
@Stephan Samuel "If you know how to apply lots of patches, you have knowledge of security and you're willing to hack at things to make them work, go ahead, use Linux. Windows requires none of this."
I'm stunned. I'm no OS bigot. I use Macs, FreeBSD, Linux and Windows. I have years of support experience and years of security experience.
*Every* OS requires that you patch regularly (non moreso that MS.) *Every* OS requires that you configure it securely.
But the idea that Microsoft patches "just work" doesn't stand up to scrutiny. Go read the WSUS list and the recent brouhaha over "svhost.exe consumes 100% of cpu". For the past several months, organizations all over the world have been fighting an ongoing battle against MS machines that are not working correctly because something is seriously broken in the update mechanism. They *say* WSUS 3.0 will fix it. We'll see.
And if your statement that "almost all of my stripped down and hardened Linux servers have been rooted" is true, then no offense, but you have no clue how to set up a Linux box.
Mind you, I really prefer FreeBSD, but keeping a Linux box from being hacked is very simple if you know what you're doing.
I've maintained a small hobby website for over six years now. I ran RedHat for two years and then switched to FreeBSD. I have never had a breakin. And there's no protection (like firewalls or IPSes) sitting in front of those boxes. They are live on the internet, exposed to all the crap that flies around constantly.
Criticizing the security of an OS because you don't know what you're doing is rather silly, don't you think?
I've seen market share numbers that show that Firefox with 40% penetration.
Anyways, using your numbers, Firefox grew in popularity by 50% in two years. So, using your numbers:
In 6 years Firefox will have 40% of the browser market.
In 8 years Firefox will have 60% of the browser market.
In 10 years Firefox will have 90% of the browser market.
My stats on my blog:
Firefox (all versions, all platforms) 34%
MSIE (all versions, all platforms) 58%
Anecdotal, for sure, but I doubt Firefox has 50% yet. The fact is, Firefox has made *serious* inroads on Microsoft's market share of the browser space and will probably continue to erode MS's market share. But I'm not sure they'll ever get to 90% as you assert.
You're exactly right. Even if you don't configure Linux or BSD securely, as long as you have a firewall, you're a lot safer than with Windows. The vast majority of the spyware and viruses out there just won't run on Linux or BSD. And by default most varieties of Linux and BSD, especially OpenBSD are very secure. It's hard to imagine an OpenBSD computer being anything but secure.
You'd really have to work hard at it to turn UNIX into a piece of crap like Windows.
I never asserted that Firefox would gain 90% market share. I was just using the numbers given to show it had been a failure. It's 50 growth over two years is not a sign of failure but of success. Project that 50% growth into the future and Firefox overtakes Internet Explorer.
"If you know how to apply lots of patches, you have knowledge of security
and you're willing to hack at things to make them work, go ahead, use Linux."
ROTFL. I thought you were going to say "use Windows".
The IBM analogy is better than you think.
Look at how they changed: their old incarnation "died", and a new one prevailed.
If MS can do that, then the old MS will have died. Whether the current MS can survive this rebirth remains to be seen. But a lot of companies are perenially seen as being on the verge of death, and few of the predictions about death or rebirth are ever accurate. My approach is just "wait and see".
@Bryan Feir: Ha. That puts MS' claim in perspective. Thanks
Looking at your resume, you have plenty of Windows experience (your site having the notice 'optimized for IE' says it all.
I dare say if you had even half the Linux experience as what you do M$ft, you'd sing a different tune.
Want to prove me wrong? Learn something new, expand your horizons and get to know Linux better. Don't fear what you don't understand.
"I maintain over a dozen servers and twice that many desktops of mixed pedigrees. The only ones that operate reliably with minimal intervention are the Windows machines, followed with open water by the Macs. It's a good day when all of my Linux machines make it through the day without some hitch. The uptime on my Windows servers also exceeds that of my Linux servers tenfold. None of my Windows machines has ever been compromised with many services running, while almost all of my stripped down and hardened Linux servers have been rooted. I may not be the best Linux sysadmin, but I have 5 years of direct experience."
I have over 10 years using and admining Windows (and DOS before that), and nearly 8 with Linux. In my current position, I work with both Windows and Linux desktops and servers. I spend entirely too much time fixing the damed Windows boxen, getting rid of user cruft, and trying to keep them secure.
My RHEL 3 and 4 boxen, including the desktop that I am typing this on, need attention maybe once a month, if that. The only reason I have to screw with them at all is because of poorly written 3rd party software that has memory leaks (coughEvolutionExchangecough) . Linux boxen have regular uptimes of 60 days or more, and that short only because of scheduled reboots for maintenance of drive arrays. Wherever Linux touches Windows, though, it seems to sprout problems (Exchange, Samba).
The Windows boxes, on the other hand, end up needing patching every night, rebooting daily, and I regularly have to un-scramble people's exchange/outlook mail interface. All due to Microsoft. If I have a day *without* some damned Windows problem (XP mind you), it's a really good day.
Most of my users only do Office, email and browsing on their Windows boxes. Yet I spend more time fixing Windows than I do fixing Linux development boxes where the users have sudo access (much greater potential for mayhem.)
We have some older, obsolete laptops that are just pig slow running XP. I put a Knoppix disk in them, boot them up, and they run like they were snappy and new.
The major ecommerce corporation where I work is *not* willing to support Vista, fortunately. The test installs are so problematic that it's painful. We still run XP, and will for at least another year.
Did I get lost and end up at /. ?
Vista will be accepted and people will move to it. It isn't like Windows Me (That people like to refer to it). It may take time, but the migration was slow to XP as well. 2000 was a great OS at the time.
As others in this thread have noted, people have been saying that Microsoft is dying for years now, and the only thing Microsoft has done is grow.
Also, a bunch of security professionals are in no way good predictors of how well a mass market OS is going to be received. We care about things that most people don't think twice about - which is why we have such difficult jobs at times (dealing with the end user).
Vista is pretty, Microsoft says its more secure, and its shipping with new computers. Thats all it takes for most people, for right or wrong.
When has Microsoft ever innovated? All they've tried to do is put up walls to create a monopoly. Creating proprietary standards is what Microsoft is all about and they have leveraged their desktop dominance to that end. Microsoft does not care about quality or engineering brilliance, they just want to be first to market with a product to set proprietary standards. Open-source will continue to erode its market share and what is left will be destroyed by pirates. Arrrrr!
>>As others in this thread have noted, people have been saying that Microsoft is dying for years now, and the only thing Microsoft has done is grow.
I guess you know, Microsoft has so far reported only 244 sales of Vista to China over a 2-week period. If that's growth, how many copies of Windows XP did it sell in China...122?
Read it and weep sucker...
I'm in precisely the same position and generally agree. I LOVED DevStudio, right up until .NET made it into VB, and wrote many hundreds of apps for customers and myself with it. Of course, since in general these apps were given away with hardware (stuff like telephone systems or digital recording studios), the customer always insisted that these apps work all the way back to win95, and be able to be remotely controlled, so we could rarely spend the time to do reliable opsys detection and so forth to use the newer features -- and we needed a ton of multi boot machines to test all the versions. So much for driving upgrades from MS, that would have hurt my customers business.
I disagree that windows security is anything but pure crap. It was never meant to be multi user with staged priveleges, or connected to some other machine that had a malicious user, and I bet any app can still broadcast things like WM_COPYDATA all over the place (or half their own "features" wouldn't work). Try it with a NULL for the destination...This means any running app can post shutdown messages too, and do in your firewall or pretend to be you typing and so forth. Heck, any app in win 3x could lock up the machine by just not returning from a message. It hasn't gotten a whole lot better, and in fact multitasking was smoother for realtime apps in 9x than it is now.
.NET was in my opinion a ploy to get all the MFC developers to run in place learning it while Microsofties themselves actually doesn't use it much.
I never found the MS file formats to be particularly obfuscated, just complex to support all the neato security-disaster "features". MSDN for example documents an "OLE storage" which is a filesystem in a file, and we just wrote a browser for that that gets "inside" word documents etc just fine, thanks -- and reveals all. We just had to find it in all that stuff in MSDN, a challenge due to its sheer size, but only that.
I am now slowly converting my development network (about 10 machines) to linux exclusively, and now have a job now writing a linux based version of an app that handles a mass spectrometer. We have just given up on the windows business, it isn't fun anymore. I'm using SlickEdit, which wasn't free, but is good, though not as slick as devstudio, however. Also am doing perl/tk in Gedit (free) which even syntax highlights perl correctly (!) as well as a bunch of other languages, and spell checks. Think notepad done right with an MDI and you'd have it. I'm on a learning curve for the "easy" graphics/code compositors for dialogs and such, but seems no biggie there, it wasn't like either of us became utterly familiar with windows in a day. Took me at least a week to learn how to build and install ring 0 drivers...that would work in either 9x or NT.
I have one old well loved cad PCB layout app that needed dos, which MS broke anyway on one of the win 2k service packs, but it runs fine on DosEmu under linux -- it can't tell it doesn't own all the hardware. For reference, I had about the same experience as that guy on CIO with Red Hat -- lots of fiddling to make it work, though usually easy to fix by editing about one word in some file in /etc after 4 hours of googling to find out *what* to edit.
Any good sysadmin would just make up a cheat sheat for that stuff. And with linux, it's easy to make these changes on other users machines if you're the sysadmin, and do it automatically too.
Very little fiddling with Ubuntu, of which I'm running about 3 versions right now, the older ones ain't broke, so why fix them? I'm having zero hardware troubles, on relatively simple desktop type machines. Power saving works. USB works, camera drivers are there, all that stuff "just works" and no whiney windows "you need to update right now" junk. When I want an update, I ask, and I get it, and nothing breaks. I've kept a couple of these machines up a couple of months directly on the inet with no firewall, and no troubles (but the sniffers tell me there are lots of attempts that bounce off).
Open office may not be word, but it's good enough, and who needs to be able to embed audio or security hell activeX junk in a document anyway? When I wrote my book on digital signal processing, they told me not to use any of the word features anyway. They wanted plain old text to make pretty on their Macs.
Dunno if MS is going to die in any real sense very soon, but they're dead here. Period.
What was and probably still is good about windows is that it gave us programmers and admins such great job security fixing all the things that annoyed customers. I don't need that anymore, so bye-bye BillG. And anyway, it won't be long before windows will refuse to install or run any code not signed by MS. They're already doing this for drivers, so no small company need be in the hardware business anymore. They can't afford the process.
Microsoft won't die anytime soon...
Microsoft is not as nearly important as it once was. It is a dinosaur and will eventually go the way of Digital Computer.
People who bash windows but use it are worse then people who like it and use it. If you dislike windows please help out and start using an alternative, or just stop complaining about it. Thanks
@antimedia, suomynona, Ravan, etc.,
Nice try in your attempt to say that all I know is Windows. Even reading my resume is a neat trick, but naive. The market I'm in right now pays more for MS developers so I've left out a lot of things to make it look like that's all I do.
I've professionally administered Linux, FreeBSD, Solaris and HP-UX. I've done it well and it's got its ups and downs. They require as much work as anything else. Windows patches itself for the most part, something that some Linux distributions have only very recently started doing. Sure, you can maintain anything well. Some things are easier to maintain than others.
Don't even begin to point me to web sites that point out Windows bugs. There are many others that point out *nix and MacOS bugs, of which there are many, although there seems to be less hatred towards those so they're not collected as comprehensively.
Ravan, thank you for being more mature. I have different experience than you. I know people with experience like yours and experience like mine. Computer systems are hard to maintain. I'm still hoping that someone will come along with one that works because it's not here yet.
Saying something like, "[you'd] really have to work hard at it to turn UNIX into a piece of crap like Windows," is a childish and petty opinion. That's analogous to me saying that Linus Torvalds is a loser geek. I don't think he is, but you folks still hate Bill Gates because he's a successful businessman, as successful as the best in history. Please, if you're going to be childish, petty, spiteful, jealous or filled with hatred, save your energy for people who care. Take the pettiness out of your posts and there's very little left that denies anything I've said.
For what it's worth, I just bought a no-OS laptop and installed Xandros 4 on it. X4 looks nearly completely like Windows and is very easy to navigate. The only problem I've had is occasional system freeze up, which requires an emergency reboot. Trying to get to the bottom of that with the help of the friendly folks at Xandros's forum. Maybe MS has something similar, but I've been very impressed with how helpful the forum folks have been.
I should add that one reason I chose Xandros is because it came with Crossweaver, which lets you run some Windows programs. So Xandros seems like a nice bridge to Linux if you don't want to give up Windows completely.
I'd have a very hard time buying into the idea that Microsoft will die, much like the idea of IBM dying in the 80s-90s was hard to buy. Sure IBM isn't the dominant force it once was, and Microsoft appears to be destined to that same fate. But not dead.
It also has nothing to do with open vs closed source software as some seem to want to think, but rather it is purely economics. I can hear you thinking "but open source is free" now, but stop. The average home user simply won't tolerate the state of usability and configurability of *nix variants, and MacOS is great but costs money too.
The economy of the problem lies in the ongoing commodity state of computing and OSes in general. Coupled with MS's tactics of leverage and threat with a net loss of visible edge, it is only time before they have to adapt their approach. They are losing the innovation war with Google (IMO) and losing the leverage with OEMs to force a windows OS on folks who might not want it.
I'd concede that *nix was more of a factor if we saw Dell announcing that they weren't putting XP on boxes instead of Vista but rather a *nix variant.
Any company can fail. Case in point.
The AM Stereo idea in digital.
The Biggest Tech Flop of All Time
"It's official: For Computerworld readers, no other product or technology comes close to Microsoft Bob"
I regret to inform you all that Microsoft WILL survive regardless of what you comment.... Look at OS/2 Warp. It's still around.... Not used by many but still alive... http://www.theinquirer.net/default.aspx?...
But I agree with "converted" Linux-fans there are better alternatives to Microsoft. Please bare in mind that 95% of the computer-users in the world are "illiterate" and need simple GUI to handle a Mac or PC, the rest (5%) are skilled engineers who like to immerse themself into the wondeful world of "codes" and non-GUI programs...
But how will security people make a living when there is no Microsoft. Will we have to work?
@Rod - "until my mom could install it without asking for help, it's just not a viable alternative."
Try to keep perspective when mapping out software requirements. Can your mom really install Vista without asking for help?
Today's Cryptogram has a news item of the Federal Government security grades. It is interesting to me that the USDA just sent us CDs of computer security training required for all their "cooperators" (people with grants, etc., to do the actual work.) This training requires Microsoft Internet Explorer with Active X enabled!
Talk about lock in.
How long is it before there is a targeted attack on Windows a la the witty worm?
There are plenty of individiuals out there with the knowledge to create such a virus, and I daresay even more with a desire to do so. Microsoft's death will come from an attack that turns the masses away from it in fear, not based on cost, DRM or any other ridiculous factor.
The sad fact is that money doesn't make dummy users move away form a product, only sufficient fear of what might happen if they use it will do that.
Will Ubuntu or SuSE 10.2 play my DVD commercial movies as-is nowadays without my having to go out and install a probably illegal patch?
That...and running/being compatible with what I use at work determine my platform.
Nobody trusts MS...
In fact, I'm getting serious push back from the Defence Department on a project where they require us to run certain MS software, yet their own security guys don't want us to use Windows!
Microsoft is INDEED in trouble but will pretend just the opposite,natually. I was the most dedicated Microsoft user for years (and a developer too) but the security bugs, "your computer is at risk" icons and finally, my icons reaarranging themselves all by themselves (plus a great many other annoyances) finally got to me. After 2 or 3 abortive attempts to switch to Linux over the years, I finally succeeded in early 2007 with Ubuntu and then switched to Debian upon which Ubuntu was based. I choose the "Unstable" version of Debian but it has proven to be so stable that I now use it for production work.
No need for the expensive VISTA upgrade for encrypting my disk, I did it in 20 minutes with luks encryption and am VERY pleased with the speed of the transparent encryption. Once I shut the computer down it would be VERY difficult to extract data from it without the password.
BUT - It goes way deeper than this. Microsoft has become the symbol of all that is bad in business - monopolistic practices, patent violations, acting to sabotage, undermine or block software developments from other companies or areas,
lying about a hi-tech worker shortage and then screaming for unlimited H1b's - all of these things have alienated me and MANY others from using Microsoft and for us there will be no more lock in.
I am one of the growing number who have dumped Microsoft for something else and the very first thing I noticed was increased productivity and a whole new world of open source apps have opened up for me as each day I download and try out software which formerly I would have had to pay many thousands of dollars for.
Microsoft will, of course, pretend that all is well, but their recent attempt to force litigation over patents which supposedly Linux violates is a SURE SIGN that they are in trouble. They will, of course, get the same result as SCO - NOTHING - but will cause plenty of FUD, their trademark, in the meantime.
Luckily, after using these tricks for so long, a great many business and computer people are on to the tricks and will proceed forward confident that the open source and Linux movements are now strong enough to easily mount an active and ultimately invincible defense. Microsoft will gradually appear more and more the big bully unable to compete fairly and will lose even more public support.
James Pannozzi (former WIndows Application software developer)
Microsoft monopoly? Where? I don't see one.
The root of monopoly is 'mono' meaning one. For Microsoft to be a monopoly in any of the market areas it would have to be the only seller.
Browser: IE, Firefox, Netscape, Opera
Hardware: MS doesn't do PC hardware, the closest is the Xbox/Xbox 360.
OS: Windows, Linux, Mac OS
Office: MS Office, OpenOffice, Corel/WordPerfect
I don't see any market area where MS is the only provider, so how can it be a monopoly? Having the largest share doesn't equal being the ONLY share.
> I've been reading articles about how Microsoft is dying for about the last five years.
Corporations seldom "die". They fall into a downward spiral where their influence slowly evaporates. (eg IBM).
Once Microsoft was the only game in town. Now Dell is offering Ubuntu now and it does everything Windows does, except plays Windows games and now m any people have Wiis, Playstations and even XBOXes instead. Web technologies like AJAX mean even companies no longer need Windows on the desktop.
Microsoft will be around for a long time, but they've reached their peak. Agree with Bruce: Vista won't cement their hold. If anything, it'll hasten their decline.
> The root of monopoly is 'mono' meaning one.
This is a standard defense that holds no water. If that were true all Standard Oil, AT&T or anyone else would need to do is get a lone guy somewhere to open a shop front and declare 'We have competition, and are therefore not a monopoly'.
The IBM Company motto is 'Think!'
> OK, they're different, *new* (gasp) file formats. But if they're open and published, what's the problem?
Dude, take a look at those specifications. Yes, they're in XML, but what they contain is the same obfuscated proprietary garbista. Take a look at the flags: They have flags like "do this the way a previous version of word did it (without specifying how)". Fortunately condemnation has been widespread outside of MCEs and Astroturfers. OXML isn't going to be the new "industry standard" that MS would have liked. Read about it here:
> In 6 years Firefox will have 40% of the browser market.
> In 8 years Firefox will have 60% of the browser market.
> In 10 years Firefox will have 90% of the browser market.
So in 12 years they'll have 130% of the browser market? :-)
>My stats on my blog:
>Firefox (all versions, all platforms) 34%
>MSIE (all versions, all platforms) 58%
Friend of mine who runs a popular commercial web site claims the split is Firefox ~10%, IE ~90%. Depends on your demographic I guess.
Another friend who runs IE got a virus. IE didn't block a 'System Popup' which told him he had to click to install some software. He spent the last two days recovering from a new virus, and hereon will run Firefox with Adblocker. ;-)
I am trying to make the switch to ubuntu after "upgrading" from XP to vista. so now I have xp on one hd and ubuntu on another and all I have to do is just reboot to switch. not perfect but neither is mac, linux, MS, etc. I was suprised by ubuntu after not looking at a linux distro for several years. and the funny thing was it installed faster than xp sp2 with drivers. I think the real focus, security wise is with players like google who have alot of information on users now, just think of the info they will have when they hit the mobile market.
The impending doom of Vista forced me to look elsewhere. I found Ubuntu v7.04. I installed it on my older Fujitsu P2120 Laptop, and all I can say is: WOW!
It was a *really* easy install (and yes, your mommy could do it too). It appears to be running about 200% faster than the same programs in WinXP ran. It also doesn't seem to slow down with use like WinXP. (I have no idea why).
This does everything I need-- Internet access with Firefox, word-processing and spread-sheet (with the OpenOffice tool suite), email (with Thunderbird), schematic capture and printed-circuit design (Eagle software from CADsoft), printing, wireless access in coffee shops and hotels (even WPA-PSK), etc. Software updates are 3 mouse-clicks away, and they work flawlessly. There are over 21,000 free applications that you can install using the Synaptic Package Manager (a GUI application). In fact, in the time that I have been using it, I have not found anything that I cannot do.
And it's !!! *FREE* !!!
Goodbye, Microsoft. It has been fun, but it hasn't always been real fun.
(Ubuntu Linux User)
And I suppose as all this security crap hits the fan, are we finally able to close port 445?
Does mister softie still lie about recent documents err, uh... recently changed items... no wait... favorite links ? (In perfect style of the original mail 1.1 on w95... just say yes and bloat the box: does ANYONE remember that it would send first, then retrieve? That got fixed LOL)
M$ has also been discreetly hesitating the allowance of certain free spyware tools and anti-active-X ctrl killers to be vista certified... I wonder Y?
Microsoft has gotten where it has by threatening others for their patents and with government backing. Bill Gates used his former partners, and IBM, Linux, Apple Macintosh, so forth, without sole rights and/or consent to use their software/hardware. Bill Gates manipulated the code to produce his own software/hardware which in all Reality is theft, and we would be punished to the hilt by manipulating Microsoft's and a variety of others' codes and used it as our own. Our beloved Country as well as Bill Gates stages Terrorism such as donations to an Islamic Organization that had taken up residency within our own HOME.
Microsoft has gone World Wide which should be a sure sign of SPYware AKA. "Patriots Act" just as 911 was staged by our own Government to have an excuse to claim WAR against neighboring nations to cover up its own WRONG doings. How much does our Government participate in Microsoft, Enron, etc.?
Many are believing every single bit of the Propaganda and it's reasonable to say why, because it's shoved down our throats every single minute of Every Day and Microsoft has been following suit of Big Brother. Does Martial Law/Police State come to mind? Restrictions on the freedom of Speech, Freedom of the Press, Free Open Source, etc. We all know why? but decide to do nothing about it for the same reasons and one of the reasons is due to the same as Microsoft is doing to Fellow Corps. Money talks and BS walks. The Greediest Nation in the World.
Quote"Google has robots/spiders that search the Internet."
Google is a search engine and like all search engines it uses robots and spiders to index the web, Yahoo is a directory and like all directories it has sites submitted to it.
To say Google is evil because it uses robots and spiders to crawl the net to index content is showing you do not understand how the internet works.
I dropped Windows that last time it blue screened, ran LInux because I had to, and found out my two DOS apps ran much better under DosBox than they ever did under windows. This was in 2003. Fast forward 2008, and I just dropped Ubuntu Hardy Heron (8.04?) on a brand spankin' new motherboard with new graphics driver, and I was totally blown away - it installed and EVERYTHING just worked. No drivers to install, it even figured out how to run my monitor.
I interface all day with people running Microsoft products, and I can say OpenOffice works just fine, and OpenProject handles the gant charts.
It is only a matter of time. People are tired of crap not working, and spending good money on repairing, and upgrading their systems because, as all of us know who have run Windows systems through the years, eventually Windows will die of some cause or another, and we'll get the blue screen we all hate and fear.
I'm glad Vista is here and Microsoft is pushing it down everyone's throats!
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.