You are not logged in.
Pages: 1
Hello:
Came across this article at The Regsiter this morning.
-------------------------------------------------------------
Windows: Insecure by design
Get your hands off my computer, Microsoft!
Steven Vaughan-Nichols - Fri 28 Jun 2024
-------------------------------------------------------------
https://www.theregister.com/2024/06/28/ … by_design/
Nothing new, of course.
Best,
A.
Offline
Old news.
MS's primary concern is to satisfy their stockholders, therefore, big splashy (mis)features that have lots of eye-candy and promises unicorns to customers will win over secure-by-design, properly-engineered products. I could go on all day with a list of such (mis)features. Root access by default (until recent versions of Windows(?)), ActiveX, ActiveDirectory, SMB, apps on the cloud, OneDrive, ... and now Recall. Secure by default means inconvenience, and inconvenience means unhappy customers, and unhappy customers means the bottom line is hurting. Therefore it ain't gonna happen. As long as money is the driving factor behind MS, you might as well erase "security" from your dictionary. It's a pipe dream.
Yeah there are things like SecureBoot and stuff, but honestly, those are just afterthoughts. You're not gonna see security becoming a real focus at MS. They will patch some holes in the cheese grater but there are plenty of others to keep them busy for the foreseeable future. And every new splashy feature will introduce whole new cheesegraters with tons more holes to plug. Don't expect the plug-to-hole ratio to decrease. If anything, pray that it's linear and not exponential, but I'm not even willing to bet on that.
//
Sadly, certain Linux companies like RH are also going that way. Systemd being a prime example of the kind of philosophy engendered by MS that inevitably results in monolithic, over-complex software riddled with security holes. This same philosophy is creeping into mainstream Linux, where convenience always trumps security, and eye-candy and flashy features trump common sense.
Here's to hoping that there will remain a minority who isn't buying into this crap, and who's willing to be the unknown underdog writing sensible software that isn't riddled with security holes. Alas, I'm rapidly losing hope even in this. The existence of the modern browser is overshadowing all of that. In another decade or so, it won't matter anymore whether your OS is 100% secure. As long as your browser is running, you have an open security hole. At present it's still possible to limit this somewhat, but in another decade or so, nobody will be able to live without horribly-misdesigned web features that will open huge glaring security holes that will by default bypass all local OS security measures. You won't be able to turn them off because the entire internet will require them, and you might as well burn your internet router and go back to live in a cave.
Except that the exploits will then come through your aiye-phone, so you'll have to chuck that too. But even that won't be enough, the exploits will come from AI-enabled clothes and furniture, the only kind that you'll be able to buy unless you're willing to make your own clothes by pleating grass. (And even then you won't be assured that the grass hasn't been genetically engineered with nanotech to transmit information to the ubiquitous global wireless network. The OS running the nanotech, of course, will be at least 20 years behind in security patches, so it's probably already hacked. Right in the DNA. And you won't be able to do anything about it.)
Offline
. . . you might as well burn your internet router and go back to live in a cave.
I kind of already did that a few decades ago.
Except that the exploits will then come through your aiye-phone . . .
Can't if you don't own one.
Online
Maybe that's why they are talking immutable systems....
Offline
quickfur wrote:. . . you might as well burn your internet router and go back to live in a cave.
I kind of already did that a few decades ago.
The fact that you're writing this online is ...
... ironic.
Offline
You are not wrong . . . but I go to very few places on the internet. Mostly the machine just sits here turned off or on and doing nothing. I do play solitaire but even that reflexive habit is fading. It is rather liberating to let go of useless habits. The joke thread still has a hook though . . .
Online
The joke thread still has a hook though
Oho! Admission! ...
... is free.
Offline
Yeah, as others have already pointed out, he said nothing new here. Everyone has known this for ages, And yet Wind'ohs continues to dominate the desktop. Partly it's sheer inertia. When people develop habits they can be very hard to change.
As far as the government is concerned, it's actually about (irony of ironies) security. Not from the network, as this is the whole problem, but from the users. Government likes Wind'ohs for the same reason that big business does, the control over the peon desktops that you can have with Group Policy. There really is nothing else like it. No competition at all. If you want to have thousands of workers on computer workstations that you control remotely, restricting users from doing various things and keeping them under surveillance, there are no other options. And that's why big business and government use Wind'ohs and will continue to use it for the foreseeable future.
The ordinary consumer, on the other hand, without the resources to pay the huge license fees that government and corporations can shoulder, will be getting more and more advertising on their 'personal' computers in their own homes. A Wind'ohs computer is now a kiosk that MS controls and just happens to allow you to use. And MS has given themselves the right to watch everything you do and sift through all of your data to figure out what ads to shove in your face.
https://tech.slashdot.org/story/24/06/2 … r-backlash
https://tech.slashdot.org/story/23/04/1 … even-worse
Offline
Pages: 1