| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Lead Windows developer bugged by security | |
|
||
| Time: 13:38 EST/18:38 GMT | News Source: InfoWorld | Posted By: Todd Richardson | ||
|
Thanks Tony. Brian Valentine says he's not proud. The senior vice president in charge of Microsoft's Windows development team has reason not to be. One of his most notable works, the Windows 2000 operating system, has a security record that is nothing to boast about. In fact, it's downright dismal, many experts say. Security bulletins warning of holes and vulnerabilities in Microsoft operating systems are a regular occurrence. Late Wednesday, the company released a bulletin warning of a flaw in its digital certificate technology that could allow attackers to steal a user's credit card information. It is the second security bulletin to be issued this month. In August, Microsoft warned in one of eight security bulletins issued that month, that many of its customers have experienced "an increased amount of hacking," in their various Windows systems. The Redmond, Wash., company has yet to identify the root of the problem, only saying that it has noticed some major similarities between the string of hack attacks. "As of August 2002, the PSS [Product Support Services] Security Team has not been able to determine the technique that is being used to gain access to the computer," the company wrote in its security bulletin posted on August 30. In short, Microsoft is stumped. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 306 Last | Next |
The time now is
9:44:55 AM
ET.
Any comment problems? E-mail us |
| #1 By 7797 (64.192.164.165) at 9/8/2002 2:37:17 PM |
|
"I'm not proud," Valentine said, as he spoke to a crowd of developers here at the company's Windows .Net Server developer conference. "We really haven't done everything we could to protect our customers ... Our products just aren't engineered for security."
He -admits- they haven't done everything they could have to protect the consumer. Instead we have pretty icons with nice color and alphablending etc. if you ask me security should have come first. I wouldnt be proud either. Too bad Activewin is about 3 days late with this story although i submitted it on Sept 5. http://www.linuxandmain.com/modules.php?name=News&file=article&sid=209 This post was edited by tgnb on Sunday, September 08, 2002 at 14:53. |
| #2 By 3465 (68.48.197.62) at 9/8/2002 3:12:38 PM |
|
#2-another day another whiner. Considering you posted it on another website, well, that's your problem, not Activewin. This post was edited by kirk26 on Sunday, September 08, 2002 at 15:16. |
| #3 By 135 (208.50.201.48) at 9/8/2002 4:56:31 PM |
|
It's funny, but on one of the roadfly.org forums people were bitching a few weeks ago about how easy it was to punch the lock out of a car with a screwdriver. The automobile industry has been around for 100 years, and they still can't make perfect cars. :)
|
| #4 By 1845 (12.254.162.111) at 9/8/2002 6:41:58 PM |
|
FYI, Mr. High and Mighty #2 this the HTML for the title on the page provided by your link.
<title>Linux and Main - <i>The week that was:</i> MSFT ''security'', Spam, Tennis, Humor</title> Just so you know, formatting tags such as <i></i> don't belong in a title tag. Another stylistic point, you would do well to differentiate better the differnt blurbs you have on the page. Perhaps using <h1></h1> or something for your first line. At a glance it looks like all one article, when that in fact is not the case. |
| #5 By 135 (208.50.201.48) at 9/8/2002 9:32:34 PM |
| BobSmith - But that page is 100% secure! Just goes to show you what you can achieve when you don't care about style and content and focus instead on security! :) |
| #6 By 1845 (12.254.162.111) at 9/9/2002 12:31:56 AM |
|
Thanks for the laugh sodablue!
It seems to me geekboy, that l33t people such as yourself are about 13. More adult people know how to spell. :-) Since he brought up style and such of Windows in his post and directed us to his site, a post commenting on his style seemed completely appropriate. The reason that I responded to him as I did had nothing to do with his comment on Windows, it was actually because I'm a rather critical person and I'm also a web developer. If he'd have posted his email address on this board, I'd have probably just emailed him. Anyway, there is only one article for today, so we might as well say something, right? At least that way ActiveWin gets more hits. |
| #7 By 1845 (12.254.162.111) at 9/9/2002 2:34:35 AM |
|
To some extent that makes sense XML, but in another sense it doesn't. Features of the operating system that don't require system priviledges such as the gui are far less vulnerable to attack than other more priviledged areas. When was the last time there was a security bulletin that said "Buffer overrun in GDI+ can allow malicious code to execute"? Everyone needs to be aware of what secure code is but it matters more in some areas than it does in others.
Also, there certainly are differing groups on the Windows development team. I imagine the folks who work on EFS, lsass, and the CryptoAPI are likely not the same folks that work on alpha blending. I might be wrong, but someone who is an expert in PKI should be doing PKI and not doing GDI. I thought Jagged's comments were very appropriate. It seems that, if indeed you are fully correct and I and jagged are incorrect, ignorant would be much more appropriate. Ignorant would indicate a lack of knowledge or teaching, where stupid would indicate a lack of ability to be taught (e.g. a slow learner). A more polite, and likely more accurate, term than either of those would be misinformed. It is obtuse comments like yours (the last sentence at least) that are not useful contributions. |
| #8 By 415 (68.54.10.120) at 9/9/2002 11:00:38 AM |
|
Oh, that's cute! A Penquin snuggling with an Apple... Ah, you OSX-types are so special! So special that our grammar schools have short yellow buses to cart you around in!
It's funny how Linux and MacOS's UI are more acceptable now... now that they look and behave like Windows! |
| #9 By 135 (209.180.28.6) at 9/9/2002 11:37:14 AM |
|
XMLSOAP - I think if you are going to disagree with my assertion, you should at least formulate a rational argument as to why.
You wrote... "cars and software are two separate things." It's called an analogy... Go look it up. "With software the more time and resources that I spend on architecture, on testing and quality assurance the less bugs a product is going to have." Same is definately true with automobiles. "You can't reduce all bugs, but the fact that Microsoft's security holes are equivalent to the number in competing products is pathetic when you look at the resources Microsoft has." Redhat: 66 Microsoft: 50 Looks like you were wrong. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 306 Last | Next |
The time now is
9:44:55 AM
ET.
Any comment problems? E-mail us |
