Steve calls out Microsoft...

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.

stinkweed

Gotta SpinRite!
Oct 4, 2020
1
0
77
Northern CA, USA
BRAVO STEVE! ...as a long time Spinrite user, and a faithful Security Now viewer, I loved your recent Security Now comments about Microsoft's ongoing negligent handling, and continued failures, to correct & promptly update software security issues affecting ALL users of their Microsoft Windows operating system(s). Computers, and the internet, have provided the world with amazing opportunities to benefit the world's population, and unfortunately, also greatly enabled opportunities for global crime, political surveillance & control, etc., etc. Microsoft Corporation, with it's Microsoft Windows operating system being a current dominant global computer operating system, needs to step up and use it's vast financial resources to continually provide, and maintain, a safe and secure computer operating system for the entire global computer community!
 
Last edited:

Lob

What could possibly go wrong?
Nov 7, 2020
99
20
While it might be possible to agree with @Steve in some ways, maybe the 25-year-old crap in some parts of Windows is actually very difficult to remediate without breaking something else. Clearly there were design decisions made many years ago when there was little Internet and mostly single-user mode that have lead to this situation.

There are always two sides to a coin and it might not be just a case of throwing money and resources at it.....
 

cyberzod

Member
Oct 7, 2020
6
3
Another thought, Microsoft Corporation as a whole does not have to be in bed with NSA/CIA/FBI/etc. There could be just a few well-placed developers or program managers in a company that size that are, perhaps, living lifestyles beyond their apparent means with ties to some handler that nudges rather than directs their activities. The type of neglect we are seeing could be a combination of old code developed before the advent of a focus on security and just a little influence near the ground level to rush or delay a project.
I think the best point made by Steve was that the incredible complexity of Windows makes it impossible for one person to fully comprehend. Sadly, it appears that the Linux community is re-implementing that level of complexity on what was once a pretty simple platform. (Yes, sssd, polkit, udevd, pulse-audio and systemd, I'm looking at you.) As we have all seen, complexity is the enemy of security.