Re: Microsoft Zero Day security holes being exploited

On Wed, 27 Sep 2006 22:58:44 -0400, imhotep
Dan wrote:
Smitty wrote:
I have to agree with Imhotep.

I have been thoroughly p****ed off this week as a result of a virus
Imagine allowing WinLogon to to load arbitrary DLLs into its address
space simply by adding entries into the registry.

It's just another point in the startup axis... what's really sick is
allowing such points (as well as screen saver, file associations etc.)
to load arbitrary code in "Safe" mode, and then insisting this mode is
an adequate substitute for an off-HD maintenance OS.

WinLogon is supposed to be my first line of defense against
security issues.

Huh?

What are they thinking ?

They were thinking that because Windows is now So Secure, there would
never be a need to reclaim it from malware that penetrated this
security and now own the system.

Or they just gave up even trying to reclaim the system, and assumed
we'd all be happy to "just" wipe and rebuild not only whenever our
systems were "owned" by malware, but every time the suspicion arose
that this *might* have happened.

If you think of how often systems do get malware'd - I can see a time
that a "cleab" PC will be as rare as a germ-free human - then you
might see this implication blindness as bordering on negligence.

Microsoft has drifted away from the golden rule. What do I mean with that
statement? Microsoft has used their marketshare as a stick to force people
into doing things Microsoft's way instead of making solutions that their
customer want. This is bad. Their is no reason that Microsoft could not
completely integrate with Apple, Linux or BSDs.

Actually, the general trend has been from wildly separatist tribes of
hardware that couldn't share any parts or software (Apple is the last
surviving dinosaur from that age), through the cloneable PC hardware
platform and DOS, towards a Windows-or-*NIX duality.

MS has flirted with *NIX in the past, from Zenix in the days of MS-DOS
to POSIX support in NT. At some point the decision was taken to build
around NT rather than *NIX as the way forward, and by now there's such
an investment in that, that I don't see a defection to *NIX now.

Anytime a company starts to play games with it's users instead of listening
to it's users is a cause for alarm.

Yup. If the hand that feeds is not the consumer of the value, then
the consumer WILL get shafted. Think about what motivates all of
those web sites you visit for free, and all the free software one
enjoys, and even the relative spend on MSware when you contrast
consumers whinging about 1 XP Home per PC vs. big business who spend
double that per seat due to the far costlier server software they use.

Also, consider what makes the US economy tick - media fluff, software,
and branding smoke-and-mirrors. Consider the power and spend of the
music and movie industries (hello Ronald, hi Arnie) and contrast with
your own power and spend as a reluctant buyer of one copy of XP Home.

As an example, I recently bought a new car. My car as a really nice
navigation system that can interface with my GSM phone. Now, what if my
car's manufacturer tried to force me into buying only *their* phone? By
doing this, they can supply the cheapest phone they can find yet charge me
a fortune for it.

That's *exactly* how the 1980's home computer market worked, and how
Apple's tin-pot dictatorship still operates today! If you had a
Commodore 64, you had to buy a *Comodore* diskette drive that cost
more than generic hard drives for PCs, etc.

Check out Apple's value equation on any replacement Apple parts, or
yesterday's old laptop hard drive with a logic board slapped on it and
peddled as iPod, with serious "brand tax" added.

Microsoft actually opened up NT beyond Intel's platform at one time,
mainly for the Alpha platform.

In contrast, Apple has *never* risen to the challenge of opening up
MacOS for anything other than their own hardware, nor do they allow
others to manufacture Apple-compatible systems.

Apple's migrating towards standard Intel hardware now, but they are
holding back until they are sure they can lock their OS to *their*
specially-maimed Intel systems. The pain goes on.

Apple's new OSs are *NIX-based, but I wonder how interoperable they
are with generic Linux etc.? If they wanted to really take on MS,
they could sell thier GUI as an add-on for Linux, if not actually
licensing the OS as a competing product for any generic PC.

Even worse, suppose their phone needs and expensive
upgrade every year! This is the sort of thing that Microsoft does everyday.

Actually no; so far, all repairs for software defects are free as part
of the value you paid for when you bought your software license. In
fact, even in today's age of WGA, you can still get updates and apply
them to known-warez XP installations.

If anything, the upgrade cycle of NT is more forgiving than Win9x,
which used to be justified by the extra cost of NT until XP Home
dropped NT to the same price as Win9x.

In the Win9x era, you'd expect a new minor pay-for upgrade every 1-2
years and a full replacement version upgrade every 2-3 years.

With NT, the full replacement upgrades are spaced about 5 years apart
(NT 4 to Win2000, then Win2000 to XP) and the periodic complete
overhauls that would have been new Win9x releases are free SP's.

That is why people like me (I am an X-Windows user going back to DOS 2.1)
have become dis-enchanted with them and their games. I want to design
systems that benefit my company NOT Microsoft's wallet (or any other
companies wallet). I want options as to what systems comprise my companies
infrastructure. I do not want artificial limitations. I want options!

IKWYM... we're breaking Einstein's rule that "things should be made as
simple as possible, but no simpler". Vista's shell and UI does to
"safe hex" what lossy compression would do to self-installing code.

Microsoft intentionally tries to take away options because they truly do
fear competition. Which is a shame.

I think a lot of it goes about reducing vendor costs - and that refers
to both MS and OEMs as vendors with costly support obligations.

That's why we have less and less control over our systems, and why the
maintenance tool kit gets worse and worse until it virtually
disappears completely. If you aren't pro IT, they're not
interested... in fact it's worse than that; they design purely for pro
IT and the rest of us just have to make do with a design that is
totally inappropriate to our needs.

Again, you do not have to agree with me, but at least try to understand
my point.

Much of the time, I think we're talking in parallel ;-)

The difference between *NIX and Windows is target market, more than
anything else - *NIX is great if you're a programmer or (at least) a
tech with near-developer skills. The fact that it doesn't reach as
far across to the end-user's level of abstraction is not just a
trivial matter of style; it takes a lot of additional design and
coding to bridge that gap, possibly as much as some of the guts.

So while I can see Linux continuing to do well in servers and embedded
kit such as routers and other single-application oddball-UI things
(why not handhelds and phones?) I can't see it swamping the desktop,
unless MS pushes the envelope so hard that we see an exodus akin to
walking the desert and Red Sea, just to get away.

MS is less likely to make that mistake, than Intel, for example. In
fact, intel is a boorish lout compared to MS's smooth operator;
they've often tried to do massive "RJ Ewing" market coersion, as
arrogant as IBM's PS/2, and got kicked in the nads for their trouble.
Remember the RAMbus fiasco? At least they've started making decent
processors again, that don't fry up as if you were overclocking...



------------ ----- --- -- - - - -
Drugs are usually safe. Inject? (Y/n)
------------ ----- --- -- - - - -
.