LOL…

So here we have it. It isn’t Microshaft’s fault that all your PCs keep getting infected with nasty viruses. It’s YOURS.

Some M$ fanboy or paid spokesman called Michael Kleef really does take the biscuit here.

If I, despite all prompting and consent behaviour, choose to go to a (probably dodgy) website, accept the ActiveX control prompts to download (probably dodgy) code and I actually choose to execute that code then I’m hosed. I’m now at the mercy of whatever code I’ve chosen to run - and in many cases its running under your local shell integrity level. The anti-virus vendor is now the last line of defense and you need them to help get the malicious code off the PC.

Now, I’m sure that many of the people who complain of virus attacks will really resent being told they are stupid. And I for one am sure that they aren’t. Naive they maybe but to try and pass the blame for crappy software and a crappy architecture onto them is frankly pretty outrageous. Not only do M$ take your cash, give you rubbish products in return, but now they blame you for their failings too! Why does anyone continue to use their crap? Someone tell me please?

If only people would realise that if you use a decent Operating System, you don’t suffer from these problems. At all.

For pure amusement, I had to copy and share with you a bit more of Mr Kleef’s prose. If he only knew just how hilarious this stuff sounds to a non-windows user…

And its not like the application developer community didn’t know about writing for least privilege. We made it pretty clear over a number of years not to write to protected parts of the OS. Our logo certification reflects this!! UAC is designed to enforce least privilege and for the most part applications do work nicely and behave properly running under UAC without any prompting whatsoever. So far today I’ve run Office, run Camtasia, even Command and Conquer Generals….all without a single prompt.

He He He He He He He - Oh no -  I’ve got to stop before I…..

Too late.

Tell Someone Else!

I came across this article via slashdot.

If you are a sysadmin or have just fought to get Vista installed because of it’s much-vaunted security model based around UAC, read this and weep.

… Perhaps most importantly though, is the fact that Windows Vista’s newly-implemented security limitations are artificial at best, easy to code around, and only there to give the impression of security. Any program that UAC blocks from starting up “for good security reasons” can be coded to work around these limitations with (relative) ease. The “architectural redesign” of Vista’s security framework isn’t so much a rebuilt system as much as it is a makeover, intended to give the false impression of a more secure OS.

Oh dear.

Basically, it seems, by writing a two part application and an inter-process API - any hacker can circumvent UAC with relative ease.

It’s just as we always thought - Vista is just XP wearing an imitation fur coat.

Now where did I put that Ubuntu 8.04 CD?

Tell Someone Else!

Oh dear, it just keeps getting worse for our friends in Redmond according to Silicon.com…

Microsoft’s Windows Vista operating system is failing to win over silicon.com readers, with two-thirds (65 per cent) saying their organisation will never move onto XP’s successor.

“Never move…” That’s quite a big statement.

Just two per cent of more than 800 respondents to the poll said their company has already made the move to Vista.

So that’s 16 companies out of 800 have moved already.

But despite these concerns, Microsoft says the business uptake of Vista has met expectations and is following the same pattern as previous major OS releases.

Gosh - that’s pretty low expectations for their biggest ever product release. If their shareholders were told this a few years ago ["Yeah, this is going to be our biggest ever OS release. It will cost billions of dollars to build, take us years and years, be a couple late probably and we think - oh at least a few hundred companies will buy it - especially if we give it away - and oh yes, it will have a really pretty interface"] I reckon plenty would have walked away in disgust.

But the bit I liked the best was this:

In another recent silicon.com poll, XP was named by 42 per cent of respondents as their most preferred OS. Vista gained 14 per cent of the vote but was beaten by both Apple’s Mac OS X and Linux.

Goody…

Tell Someone Else!

LOL,

That bastion of corporate IT journalism, CIO.com has released their nominations for the best [worst] ten Technology failures for 2007.

And coming up the rear is - yes you guessed it - Vista.

One of the longest—five years!—and priciest development projects at Microsoft, the Vista OS has yet to penetrate enterprise computing in any major way. The corporate version shipped in late 2006, and 2007 was supposed to be Vista’s march into the enterprise. But many IT leaders have called it a costly resource hog that makes them love Windows XP. Even Vista’s much-touted security isn’t helping. Now, some companies who’ve been waiting for the first service pack before deploying may skip Vista altogether due to lingering performance concerns.

I have to say I whole heartedly agree with their findings

There are plenty of excellent, reliable, rock-solid, secure and free alternatives out there. Don’t waste your money any more guys and gals. Go and try some Open Source alternatives…

Tell Someone Else!

The Register has picked up news of yet another Microsoft Windows bug. The really scary thing about this one however is that it was originally recognised, and seemingly fixed, in 1999! According to the article this bug is apparently still real, and affects ALL versions of Windows. Including their very recent, and supposedly re-written from scratch, Vista line.

Microsoft bug squashers are investigating reports of a serious security vulnerability in Windows operating systems that could allow attackers to take control of vast numbers of machines, particularly those located off US shores.

…

Microsoft appears to have released a patch for the vulnerability in 1999. But the patch only protected domain names ending in .com, so WPAD servers using all other addresses have remained vulnerable.

That’s all right then. Although not if you are on a .co.uk or even perhaps a .gov.uk (oh no… NOT http://www.hmrc.gov.uk/ . Surely they wouldn’t be using Windows would they?) or any of the other TLDs out there that aren’t .com.

It makes me very glad to be Redmond Free…

I originally read about this story on Matt Assay’s blog.

Tell Someone Else!

I really can’t believe this story.

In a particularly pointless and shameless security “exercise” by yet another UK Government Quango (seemingly sponsored by Microsoft) they show how easy it is to hack into a PC running Windows XP service pack 1 with no firewall, filtering or other security techniques employed… Big deal…

A Microsoft executive calls the ease with which two British e-crime specialists managed to hack into a Windows XP computer as both “enlightening and frightening.”

Oh good grief…

Nick McGrath, head of platform strategy for Microsoft U.K., was surprised by the incident.

“In the demonstration we saw, it was both enlightening and frightening to witness the seeming ease of the attack on the (Windows) computer,” said McGrath. “But the computer was new, not updated, and not patched.”

McGrath also said that Service Pack 2 for XP had a firewall and that Vista was not as “accessible to the average hacker” due to “operating system components.”

What complete bollocks. I’m sorry but this smacks of using FUD to try and get naive and scared companies to migrate from XP. Why would they want to otherwise?

Just go and get Ubuntu. It works, is very secure and its FREE.

Tell Someone Else!

I just came across this post and couldn’t resist a comment or two…

At first I thought it was just a bit funny and would give me a chance to take another “quick pop” at M$. But the more I read and thought about this article, the more serious I think it’s, very accurate, observations are:

Before I get going though, the source blog is entitled 4sysops and I am not knocking the author, Michael Pietroforte, in anyway, shape or form. He admits to using some Linux his University anyway I’m sure Michael is competent, knowledgeable and a great sys admin. And it isn’t his fault that Windows is so slow and crappy is it? [In fact, if you pick this up Michael, I would love to hear your opinions on Open Source alternatives, how they "fit" in your University, and I'd really welcome any comments you have on how Linux may be worse or more troublesome than Windows.]

Anyway the piece in question is called “Windows is so slow? 10.5 ways how to speed up Windows XP or Vista“. Lets take a look at a couple of the suggestions he makes.

Uninstall unused programs

I used to use Windows too. And the number of times I tried to remove stuff and it didn’t work or left stuff lying around or clogging up that beast, the registry. I found the only real solution was to buy some more software to clean the system regularly.

Defragment the hard drive

Yep, I had to do that too; before I discovered Linux. Yet another program you have to buy from somebody else because M$’s defrag is not too hot. If you are interested, try Google for “defrag linux” and see what you get

Locate malfunctioning programs
Sometimes a computer hangs even though there are no performance consuming tasks running…

Oh yes, I remember that happening too! Vaguely. Weird times when the thing would just stop. . . CTL-ALT-DEL didn’t do much either. The power button worked though. Funnily enough, this hasn’t happened to me at all since I started using Linux all the time.

Add system memory
If all the tips above didn’t help, you probably just need more memory.

Hmmmm, who was it who said no one would ever need more than 640K of memory? ‘If in doubt, add more RAM; that should fix it’ is the usual M$ response. Each release and update seems to consume more and more of the stuff. Maybe they hold shares in the ram chip makers???

Replace system files with their original version
Some applications replace Windows system files during the installation procedure…

How scary is this? One of the biggest problems with Windows , aside from the generally poor reliability & performance, is it’s lack of proper user based security. Under Linux, Unix, Solaris and even Macs (now they use a BSD core) this can’t happen unless you are stupid enough to run as root. A normal user just can’t do this. With Windows, any user can pretty much simply download, or slot in a disk/CD, and install what they want. The install routines can write over pretty much anything on the hard disk. Be afraid. Be very afraid…

Reinstall Windows

Yes. This was the only real solution I found too. About once every 12-18 months things got so bad that it was worth a day or so to rebuild everything. But, you have to be very diligent about backing up your data. Because Windows puts your stuff all over place: some of it in the Docs and Settings folders hierarchy, some in My Documents, some in the registry, and some just randomly dotted about that you will never find because you can’t “grep” for file contents that easily… Unix systems [by their design], and if they follow the FHS, will keep your data and all your personal settings in your /home/your_username directory. System and application configuration files will be in /etc. That’s it. Simple. Keep your home directory on a separate disk partition and you can run multiple operating systems but just have one place for your stuff. Irrespective of what OS you choose to run. Try and do this with Windows.

Michael’s final comment, a bit tongue in cheek I’m sure but:

Try Meditation
Meditation can help you to be much more relaxed next time when your compi doesn’t react for several minutes while you are working under time pressure.

Blimey; several minutes… I forgot just how bad Windows really is.

Go on; try Ubuntu, OpenSuse, Fedora, Gentoo, Debian, or any of the many other free and open source alternatives. I don’t think you’ll suffer from ANY of the above problems.

Tell Someone Else!

I have just read this article by Andrew Kantor. In it he describes some of the problems and bugs he uncovered after trying Windows Vista. Ouch…

The bit about not being able to make Firefox your default browser really made me sit up and think some more about what he had discovered…

If you are a business, and have just spent oodles of cash/time/resources getting your desktop hardware upgraded so you can support Vista. How pleased would you be when you find that:

• To get Firefox (the web browser that has captured around a 1/3rd of the global user base in a few years mainly for it’s inherently better security) working as the default you need to hack the registry?
• Or how about you want to run Paintshop and having to get users to login to the “hidden” administrator account to do so?
• Or even better that you are unable to backup users’ directories without having to use obscure and inherently dangerous hacking tools!

It’s completely mad… I can’t see THAT improving your company’s productivity, can you?

Go on. Go and download Ubuntu (it’s free), give it to some staff and see how they get on - when the support calls dwindle you’ll start to see that there is a real alternative.

His article on IE7 and Office 2007 also makes for interesting reading too.

Tell Someone Else!