About | Buy | Forum | Industry Watch | Learning Curve | Products | Search | Twitter | Xnews
Home » Learning Curve » Red Hat Diaries

Broken Promises

Waiting for the other one billion shoes to drop.


Buy It

Try It

Apple came out with a cute 'Get a Mac' ad the other day. As always with these half minute vignettes, there may not be a lot of information but there sure are a lot of reminders.

The same with this one. And the basic message seems to be 'why should we believe Microsoft now when they've let us down so many times in the past?'



Why indeed. Microsoft are not now, not ever, going to win many 'switchers' back. That's a foregone conclusion. As pointed out elsewhere, it's tantamount to a hooker telling you she's had AIDS but is today completely cured. Put another way: it's an abusive spouse who after ten years of torment wants you to believe things are now going be better.

Listen to the experts: things don't get better. There still is no cure for AIDS. And there are no fundamental changes in Windows or Microsoft thinking.

So will current Windows users finally decide they've had enough and run? Some will. Things might be at a trickle right now but sooner or later the trickle will turn into a flood. And everyone knows it. Will the flood happen now? Or are Microsoft going to be able to prolong the agony a few more years?

The other interesting question is for those who do not currently and never will run Windows. They have an interest too: the Internet is today a shambolic chaotic mess overrun with a multibillion dollar cybercrime industry totally dependent on the Microsoft system's fundamentally insecure architecture.

It's this industry - this situation - that continues to annoy, pull at Internet resources, and make life online less than ideal for all. Can Microsoft extricate the Internet from the mess they've created? That's an almost more important question.

Most articles on Windows 7 concentrate on the 'features'. And it's not a long list. The incredibly cringe-worthy television advertisements are even more superficial. It's alright for Apple and the FSF to stick to basics because they all have good track records; it's not alright for Microsoft to do the same because they don't have a good track record - they have a *terrible* track record.

But once you've seen the lacklustre user interface, gone pale over the lack of basic functionality, rolled your eyes over supposed features like 'shake' and 'snap' - what's left?

What should come at this point - at least in the technical articles - is a full admission that things have been inexcusably crap for fifteen years and are finally going to be better. But you won't see that. Instead you'll just get more hype.

Windows 7 has 'security enhancements', states the definitive Microsoft guide from 4 March. And they're all built on the 'security foundations of Windows Vista'.

http://technet.microsoft.com/en-us/library/dd548337(WS.10,printer).aspx

Using Vista in a sales pitch was probably not a good idea. Claiming it had 'security foundations' was if possible an even dumber idea - it's a lie. The media haven't been lacking for stories of major exploits of the system.

But Microsoft push on, unable to come to grips with that thing called 'honesty', and suggest Windows 7 is good for the following four reasons.

1. Fundamentally Secure Platform: Windows 7 builds upon the great security enhancements pioneered in Windows Vista and responds to customer feedback to make the system more usable and manageable.

'Fundamentally secure'? 'Pioneered'? Windows? Seriously: who's kidding who?

2. Helping Secure Anywhere Access: Windows 7 provides the appropriate security controls so that users can access the information they need to be productive, whenever they need it, whether they are in the office or not.

This isn't a bad idea - but if the system itself is still crap then it doesn't really change much, does it?

3. Protecting Users and Infrastructure: Windows 7 provides flexible security protection against malware and intrusions so that users can achieve their desired balance between security, control, and productivity.

Vomitacious. This is how it is: the 'desired balance between security, control, and productivity' is to not need antivirus at all, having a system that cannot be compromised whatsoever by silly script kiddie attacks, a system that doesn't give hackers great hideaway places - a system that's at once both simple, elegant, and secure. A system where security is simply not an issue *because insecurity simply doesn't exist*.

This isn't a system where you have to chase the bad guys who are already inside your system. This is not a system where you have to shut everything down one day every week to perform 'deep antivirus scanning'. This needs to be a system that doesn't get viruses/worms/trojans whatsoever. And that will never be Windows.

That's the balance users want - that's the balance they deserve. Especially for the outrageous sum of $319. The specific user security need is to not ever have to worry about security ever again - like the people not on Windows.

4. Protecting Data from Unauthorized Viewing: Windows 7 extends BitLocker™ Drive Encryption to help protect data stored on portable media (e.g., USB Flash Drives, USB Portable Hard Drives) such that only authorized users can read the data, even if the media is lost, stolen, or misused.

But there's nothing special about that! That's just basic file system security! What are they going to claim they've invented next?

Perhaps most revealing is the following screen dump - not for the depressing graphics but for what's being said there - for a 'user security setting' for fabulous Windows 7.



'Choose when to be notified about changes to your computer'? Whoa. How about people opting to never be notified? As in 'we don't want to even *allow* any changes'? How does that work?

Note the way it's phrased: 'to your computer'. For given the nonexistent security model of Windows, it's impossible to stop the bad guys from corrupting things - not just your own files (which can happen on any system) but your vital system files. Show off a system that can't even protect itself and you're branding yourself a fool.

And that slider - likened by one site to the knob that controls windshield wipers - has about as much accuracy and granularity and confidence as - yep, knobs that control windshield wipers! So if a user keeps getting clobbered by viruses and calls a friend, what's the friend to say? 'Raise the slider just above the third tick mark'? What kind of system is that? What kind of security is that?

Look to the bottom - this is evidently the 'default setting' and it's 'recommended if you use familiar programs and visit familiar websites'. But what happens if you don't? What happens to your system then?

Oops. Windows 7 is going to yelp and scream and tell you that you have to wipe and reinstall. That's not much of an enhancement and it certainly doesn't build on any 'security foundations' the industry won't laugh at. It's a joke - it's a *bad* joke.

And OK - this isn't supposed to be about icing. It's supposed to be about technical stuff. About security. But seriously: who designed that UI? It's absolutely ghastly!

Microsoft may have a lot of good ideas - certainly not de novo innovations but ideas borrowed from other companies more established in the field. But none of this helps if the basic architecture still lets in the worms, still volunteers to send out 97% of the world's email as spam, still enlists on the order of several hundred thousand machines every day to botnets, and still ruins the Internet landscape with its amateurishly shoddy system security.

There's really nothing at all to look at or discuss until Windows magically becomes so unbelievably secure that no malware attacks at all succeed, until the cybercrime industry falls apart for lack of targets, until SMTP traffic is reduced to one thirtieth of what it is today, until spam all but completely disappears.

Then there can be something to talk about. Such as cheap copycat UI design, troglodyte drive letter based file system architecture, ease of use factors, and so forth. But at the present impasse it's pointless. For 'then' isn't 'now' and Windows is never going to be secure. You'd know if it was - it'd be sensational news about a total about-face by Microsoft and there'd be headlines everywhere.

But that's not going to happen and you know it.

About | Buy | Forum | Industry Watch | Learning Curve | Products | Search | Twitter | Xnews
Copyright © Rixstep. All rights reserved.