Jump to content


Please note: You can easily log in to MPN using your Facebook account!

Microshaft after you again.


Recommended Posts

If you're one of about 200 million people using older versions of Windows and you want the latest security enhancements to Internet Explorer, get your credit card ready.

 

Microsoft this week reiterated that it would keep the new version of Microsoft's IE Web browser available only as part of the recently released Windows XP operating system, Service Pack 2. The upgrade to XP from any previous Windows versions is $99 when ordered from Microsoft. Starting from scratch, the operating system costs $199.

 

That, analysts say, is a steep price to pay to secure a browser that swept the market as a free, standalone product.

 

"It's a problem that people should have to pay for a whole OS upgrade to get a safe browser," said Michael Cherry, analyst with Directions on Microsoft in Redmond, Wash. "It does look like a certain amount of this is to encourage upgrade to XP."

 

Microsoft affirmed that its recent security improvements to IE would be made available only to XP users.

 

"We do not have plans to deliver Windows XP SP2 enhancements for Windows 2000 or other older versions of Windows," the company said in a statement. "The most secure version of Windows today is Windows XP with SP2. We recommend that customers upgrade to XP and SP2 as quickly as possible."

 

Our Joint

 

"When you come slam bang up against trouble, it never looks half as bad if you face up to it." The Duke...

Link to comment
Share on other sites



  • Replies 39
  • Created
  • Last Reply

I can't believe that anyone is still using a platform that is susceptible to jpeg image files- you know, the kind of images that, along with gifs, make up the world wide web.

 

Images Cause Security Problems For Microsoft

 

Get out while you still can! Do you expect Longhorn to suddenly defy Microsoft's track record?

----------------------------

Phil Mann

http://www.wideblacksky.com

Link to comment
Share on other sites

Originally posted by daklander:

"The most secure version of Windows today is Windows XP with SP2. We recommend that customers upgrade to XP and SP2 as quickly as possible."

I know this belongs in the SSS Political but...

 

Is anyone else reminded of Bush/Cheney when reading this?

 

/jim

"...it is the leaders of the country who determine policy, and it is always a simple matter to drag the people along, whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of the leaders. That is easy. All you have to do is to tell them they are being attacked, and denounce the pacifists for lacking patriotism and exposing the country to danger. It is the same in any country."

 

-Hermann Goering, second in command of the Third Reich

Link to comment
Share on other sites

I upgraded to XP quite awhile ago. I previously had 98, 98 SE and Windows ME. XP runs great and has been the most stable, trouble free OS out of the bunch for me. The only problem was upgrading my older software and hardware as many things were not compatibale with XP, but now that I've done so, I have a completely newer upgraded system, with which I am very happy with, and overall is a much better system than all my old stuff, and should be current and work well for a long, long time, so making the upgrades was a good thing for me. I would not want to go back to any of the older systems.

Living' in the shadow,

of someone else's dream....

Link to comment
Share on other sites

I would be more upset by this if Firefox didn't exist. But let's face it, I've got a browser that's safe if I'm really worried about it.

 

It is kind of a pain that this will still leave a huge number of people out there who can be exploited to send me spam and clog my network, but let's face it: those people weren't going to upgrade anyway, just because they don't know how or the idea scares them, and their OS is probably old enough that it won't do it for them.

 

There is no quick fix. I think Microsoft has just realized this. It's not like they could have worse PR than they already do. What's going to happen? People are going to decide that Windows isn't exactly a secure OS? It's a bit late for that.

Link to comment
Share on other sites

Originally posted by Thomas Wilburn:

I would be more upset by this if Firefox didn't exist. But let's face it, I've got a browser that's safe if I'm really worried about it.

 

Is Firefox actually safe? In fact, is any browser safe? My theory is this: A browser platform like Firefox is only safer than Microsoft because exposing Microsoft loopholes is a hobby for hackers. Let's face it. Most of us don't like companies that are too big and have too much power (can you say "monopoly"?). I contend that if Firefox was under the same amount of hack attacks, the hackers would find the flaws. In the meantime, I'm running both Firefox and XP SP2. SP2 seems to be extremely smooth and because of years and years of Windows familiarity, I prefer it. I guess at this time, due to the fact that there really is no OS out there that matches MS when it comes to software compatibility, I'll still fork out the $199 if I have to. I'm keeping my eyes open for alternatives, but I don't ever remember having much difficulty running any software on Windows, from 3.1 and on to xpsp2. Because of that, I'm not freeking out over a cost of 10 double saw bucks for an OS.

bbach

 

Beauty is in the eye of the beer holder.

Link to comment
Share on other sites

Originally posted by cwfno:

exposing Microsoft loopholes is a hobby for hackers.

Which is exactly why the latest from Microsoft will always be the most vulnerable,not the other way around.I use IE 5 on my Win 2K net machine relativley problem free,as is FireFox on my Win ME partition.I have no interest in XP or LongHorn.
"A Robot Playing Trumpet Blows"
Link to comment
Share on other sites

Originally posted by Philter:

I can't believe that anyone is still using a platform that is susceptible to jpeg image files- you know, the kind of images that, along with gifs, make up the world wide web.

 

Images Cause Security Problems For Microsoft

 

Get out while you still can! Do you expect Longhorn to suddenly defy Microsoft's track record?

This concept fascinates me. OK so let's just say that everyone migrates away from IE and Windows and onto Mozilla / OSX or what have you. Guess what? Hackers are going to pick the next biggest target and start f'ing with it. Then a couple of years later people will be saying "I can't believe that you are using ____ browser?!?!? Get out while you still can." And so on infinitely. Perhaps the key is to drive development of IE so that eventually none of the browsers have significant issues if easy to follow steps are taken.

Basically what I'm saying is that simply migrating to a new browser is tantamount to simply moving away from the lighting rod a little. It does not change the fact that you are still in the storm with a set of golf clubs. It means you are in the rain with a set of golf clubs just like everyone else and you are simply hoping that the tallest guy on the hill takes the strike.

Link to comment
Share on other sites

Originally posted by DJDM:

Originally posted by Philter:

I can't believe that anyone is still using a platform that is susceptible to jpeg image files- you know, the kind of images that, along with gifs, make up the world wide web.

 

Images Cause Security Problems For Microsoft

 

Get out while you still can! Do you expect Longhorn to suddenly defy Microsoft's track record?

This concept fascinates me. OK so let's just say that everyone migrates away from IE and Windows and onto Mozilla / OSX or what have you. Guess what? Hackers are going to pick the next biggest target and start f'ing with it. Then a couple of years later people will be saying "I can't believe that you are using ____ browser?!?!? Get out while you still can." And so on infinitely. Perhaps the key is to drive development of IE so that eventually none of the browsers have significant issues if easy to follow steps are taken.

Basically what I'm saying is that simply migrating to a new browser is tantamount to simply moving away from the lighting rod a little. It does not change the fact that you are still in the storm with a set of golf clubs. It means you are in the rain with a set of golf clubs just like everyone else and you are simply hoping that the tallest guy on the hill takes the strike.

I wholeheartedly agree.

"Meat is the only thing you need beside beer! Big hunks of meat and BEER!!...Lots of freakin' BEER."

"Hey, I'm not Jesus Christ, I can't turn water into wine. The best I can do is turn beer into urine." Zakk Wylde

 

http://www.hepcnet.net/bbssmilies/super.gif

http://smileys.smileycentral.com/cat/15_1_109.gif

Link to comment
Share on other sites

Originally posted by DJDM:

OK so let's just say that everyone migrates away from IE and Windows and onto Mozilla / OSX or what have you. Guess what? Hackers are going to pick the next biggest target and start f'ing with it.

Sure, but there are already hackers messing with Mozilla who are GOOD GUYS. That is, because Mozilla is open source, hackers can mess with it, expose vulnerabilities AND FIX THEM before the bad hackers get a chance to exploit them. This has already happened on several occasions. Mozilla has no profit motive for hiding security flaws, thus they are forthright about them and because any programmer can fix them, they get found and fixed right away.

 

Plus Mozilla is inherently more secure because it's been programmed that way from the ground up, just like Linux has been designed to be a secure networking OS from the ground up. Windows has always been designed with "features" in mind over security and stability because their top priority is grabbing markets. But because it's open source, Mozilla's code is open to scrutiny by any programmer so if there's anything inherently screwy in it, that gets addressed. And no waiting around until somebody at Microsoft feels like it, or wondering whether the problem has "really" been fixed.

 

So it's really not true that IE gets hacked more often ONLY because they're the biggest. And holding browser users hostage for security updates unless they upgrade their OS is totally reprehensible, although typical of where Microsoft's head is at. When I run Windows I'm still on 2K and have no intention of upgrading anytime soon, but I don't use IE or Outlook either. The privacy issues in XP are just too much for me to stomach.

Link to comment
Share on other sites

Originally posted by Lee Flier:

Originally posted by DJDM:

OK so let's just say that everyone migrates away from IE and Windows and onto Mozilla / OSX or what have you. Guess what? Hackers are going to pick the next biggest target and start f'ing with it.

Sure, but there are already hackers messing with Mozilla who are GOOD GUYS. That is, because Mozilla is open source, hackers can mess with it, expose vulnerabilities AND FIX THEM before the bad hackers get a chance to exploit them. This has already happened on several occasions. Mozilla has no profit motive for hiding security flaws, thus they are forthright about them and because any programmer can fix them, they get found and fixed right away.

 

Plus Mozilla is inherently more secure because it's been programmed that way from the ground up, just like Linux has been designed to be a secure networking OS from the ground up. Windows has always been designed with "features" in mind over security and stability because their top priority is grabbing markets. But because it's open source, Mozilla's code is open to scrutiny by any programmer so if there's anything inherently screwy in it, that gets addressed.

 

So, we are assuming that the world's 'programmers' will protect us?

 

And no waiting around until somebody at Microsoft feels like it, or wondering whether the problem has "really" been fixed.

 

So it's really not true that IE gets hacked more often ONLY because they're the biggest.

 

But that is one of the reasons.

 

And holding browser users hostage for security updates unless they upgrade their OS is totally reprehensible, although typical of where Microsoft's head is at. When I run Windows I'm still on 2K and have no intention of upgrading anytime soon, but I don't use IE or Outlook either. The privacy issues in XP are just too much for me to stomach.

I keep wondering about the privacy issues everyone speaks of. Does everyone keep such incredibly personal things on their computer that they have to worry about privacy issues? Frankly, if you hack through my firewall, you will be quite bored. There are no credit card numbers, no saved passwords, no bank account numbers. I often wonder why I care enough to have a firewall. If you wish to follow my web serfing habits, you will again be quite bored. What privacy issues are there to worry about? I feel that when we hook up our computers to a world wide network, we potentially open up what we have on our computers. I don't hold a software company liable for the contents of my computer or my choice to expose my contents to outside hackers. It's not a browser developers responsibility to keep me safe, it's mine. (although, I appreciate any help). There is one way to be totally secure - disconnect from the internet.

bbach

 

Beauty is in the eye of the beer holder.

Link to comment
Share on other sites

cwfno,

 

The privacy issues in Win XP that I was referring to are that 1) You can't install anything new in your computer without have to "re-authenticate" XP, and 2) the XP license states basically that Microsoft itself can snoop on your hard drive via the Internet any time they want to. If you don't have a problem with that, I don't know what to say. It's supposed to be to combat piracy, but so far as I'm concerned it falls under "unreasonable search and seizure" which is illegal under our Constitution. It's like allowing police to enter your home any time they feel like it and saying "What's the big deal? I'm not doing anything illegal."

 

Maybe you personally don't have any information on your computer that you wouldn't want others seeing, but many many people do have confidential business documents, personal letters, do their banking and other finances on the computer, etc. Normally there are ways to protect oneself from being seen by the outside world, but when the biggest software vendor in the world forces you to compromise all of that in order to use their products, that's a problem.

Link to comment
Share on other sites

I certainly do understand the issues we deal with, I just have a different outlook on who is responsible. In continuing my play as the devils advocate, Microsoft cannot scan any hard drive that is protected behind a decent firewall. The most they end up with is the IP address and some basic computer stats such as the os in use. The other part of the privacy issue is this: We have all decided to connect our computers to a world wide web. We all know that the connections allow for a transfer of data both ways. Pre-written software (browsers) give us an easy interphase to display and project that data. For some reason, we have decided that the developers of this software are responsible for our privacy. My feelings are that they are not. We are. Therefore, don't expose information you do not wish others to see. Don't even have it on the machine you are accessing the internet with. The local phone directory will tell where you live and what your names and phone numbers are. The local city directory will give out your place of employment and even the job position and title you hold. The only way to stop that is to not put that information out there. I feel the same way about information via our internet connections.

bbach

 

Beauty is in the eye of the beer holder.

Link to comment
Share on other sites

I don't know, I've recently decided to do a nice fresh install of my 2 machines here in the studio... Had some down time and man was it ever a sweet install to go from Xp first version to SP2 in about an hour.. I left all my most recent drivers on my D drive and wham... Right up to date everything opens lickity split, yada yada... It's been about 3 weesk now since I did, usually now I find the system gets bogged down with crap... But she seems to be clean all around... I decided to give mozillia a try and she seems nice accept I find some websites don't show all the graphic's in Mozillia and I'm too lazy to figure it out... Go with what works for you... But the way they advertise it seems like they think something aweful is going to happen if you don't update!!!!!
Smile if you're not wearin panties.
Link to comment
Share on other sites

Originally posted by cwfno:

I certainly do understand the issues we deal with, I just have a different outlook on who is responsible. In continuing my play as the devils advocate, Microsoft cannot scan any hard drive that is protected behind a decent firewall. The most they end up with is the IP address and some basic computer stats such as the os in use. The other part of the privacy issue is this: We have all decided to connect our computers to a world wide web. We all know that the connections allow for a transfer of data both ways. Pre-written software (browsers) give us an easy interphase to display and project that data. For some reason, we have decided that the developers of this software are responsible for our privacy. My feelings are that they are not. We are. Therefore, don't expose information you do not wish others to see. Don't even have it on the machine you are accessing the internet with. The local phone directory will tell where you live and what your names and phone numbers are. The local city directory will give out your place of employment and even the job position and title you hold. The only way to stop that is to not put that information out there. I feel the same way about information via our internet connections.

I agree with this--for the most part.

 

But on the other hand, I also think that it wouldn't hurt Microsoft to play a little nicer with its customers. It's not like they have to worry about market share.

 

On the gripping hand (any other Larry Niven readers out there?), the reason that MS has put most of those anti-piracy measures into effect is not to have anything to do with domestic crime. I doubt that's even more than a bonus to them, and I don't think they're using it to snoop on me. They're really worried about piracy outside the US, like in China where almost every computer runs a stolen copy of Windows. That's a lot of computers, and a lot of theft.

 

It's also a lot of security holes being used to attack people like me who have paid for (some of) their software, and would do so again. I think the worst decision is not Microsoft's choice to only offer security upgrades to XP users, but they way they've gradually locked illegal users out of the security update centers. I understand that those people didn't pay for the privilege, but we all pay in security when they can't patch.

 

To sum up:

Security--still mostly my problem.

Ethics and foresight--still not something we can credit Microsoft with.

Dominion Root Beer--still dangerously delicious.

Link to comment
Share on other sites

Originally posted by Thomas Wilburn:

...I also think that it wouldn't hurt Microsoft to play a little nicer with its customers. It's not like they have to worry about market share.

Well, they WILL have to worry about market share if they don't START being nicer to their customers.

 

And that's really the issue. It has nothing to do with who's "reponsible" for our online privacy and security. It's not as if I don't lock my door and keep my valuables in places where it's difficult for would-be burglars to see or break in. And I'm a dumbass if I don't - I'm asking for trouble. But the point is it's still illegal for someone to break into my house, and it's still illegal for the police to go rooting through my house without a search warrant and a good reason to think I've done something illegal. Yet it is apparently legal for Microsoft to spy on its users at any time. Longhorn is going to make this an even bigger problem. If you don't see this as a problem, I really don't know what to say to you.

 

Well, there ARE alternatives to using Microsoft products and those alternatives are getting better every day. It can't happen fast enough as far as I'm concerned.

Link to comment
Share on other sites

One thing I'd like to point out...

 

Commerce drives the WWW - it's what pays for the infrastructure & upkeep. In order to do that, people (consumers & businesses alike) demanded security for transactions. This is supposed to be a major component of online business: it is predicated on the software providers providing reasonably secure software. So to simply say, "well, you shouldn't have anything personal on your computer..." is unrealistic. You would still be on dial-up to Usenet news groups otherwise.

 

And as for MS...IE is a major part of the problem. Sure, if everyone suddenly switched to Opera, then it would become a major target. But consider two things: First, for better or worse, MS put itself in a monopoly position. By eliminating diversity, then every fool that wants to be a l33t h4x0r is going to aim at MS. So if they want to be the only game in town, their software had damn well better be up to the task.

 

Second, IE is flawed from the bottom up; because it has been bestowed with powers far beyond what is necessary for browsing the Web, with hooks into the operating subsystem itself, it is unsecurable. Hell - there are flaws being exposed every week that allow someone to take control of your computer. Some of them are IE-related holes that do not even require you to be using IE! (So much for alternate browser security...)

 

By the way - MS did not say that they were going to stop security updates. They are not releasing any 'enhancements', i.e. features (get it? IE? ) for systems older than XP. Personally, I couldn't care less - I already use Firefox, with my own favorite enhancements anyway.

Link to comment
Share on other sites

Originally posted by Christopher Kemp:

Commerce drives the WWW - it's what pays for the infrastructure & upkeep. In order to do that, people (consumers & businesses alike) demanded security for transactions. This is supposed to be a major component of online business: it is predicated on the software providers providing reasonably secure software. So to simply say, "well, you shouldn't have anything personal on your computer..." is unrealistic.

Totally agree.
Link to comment
Share on other sites

Fair enough.

 

I was writing a nice little set of paragraphs trying to explain, but then I went back and read, and realized that what I wrote above made no sense. Microsoft should be more benevolent because they don't have to worry about losing customers? What?

 

Maybe I'd better go proofread that article I just wrote.

Link to comment
Share on other sites

Originally posted by Lee Flier:

Originally posted by Thomas Wilburn:

...I also think that it wouldn't hurt Microsoft to play a little nicer with its customers. It's not like they have to worry about market share.

Well, they WILL have to worry about market share if they don't START being nicer to their customers.

 

And that's really the issue. It has nothing to do with who's "reponsible" for our online privacy and security. It's not as if I don't lock my door and keep my valuables in places where it's difficult for would-be burglars to see or break in. And I'm a dumbass if I don't - I'm asking for trouble. But the point is it's still illegal for someone to break into my house, and it's still illegal for the police to go rooting through my house without a search warrant and a good reason to think I've done something illegal. Yet it is apparently legal for Microsoft to spy on its users at any time. Longhorn is going to make this an even bigger problem. If you don't see this as a problem, I really don't know what to say to you.

 

Well, there ARE alternatives to using Microsoft products and those alternatives are getting better every day. It can't happen fast enough as far as I'm concerned.

I do bow to your point Lee. Like you, I'm quite fond of my privacy and do not like unwanted infringement on that privacy. However, you cannot get a good debate going by taking the same side as everyone. The 'MS is evil' topic is excellent debate material. I enjoyed the conversation.

I don't know a whole lot about Windows Longhorn yet. It does distress me that a new Windows version is due out just shortly after xpsp2, but Bill Gates does have to eat right? :D

bbach

 

Beauty is in the eye of the beer holder.

Link to comment
Share on other sites

The real reason why the latest enhancements are only going to be available to XP customers is purely coding and cost (of that coding). XP SP2 is practically a new OS release. The amount of code changes that were done to update security and other features of XP is staggering. Time will simply not be devoted to re-writing older versions of the OS to include all the new code. Does that suck? Yes, it does. It's also a cold hard truth. If you don't like MS products, don't use them. I hear Apple makes some stuff. I hear there is this thing called Linux that is all the rave. No one forced you to use MS products. Stop complaining.
Link to comment
Share on other sites

Bumpcity,

 

I have no problem with Microsoft charging money for the upgrade to XPSP2. I do have a problem with them requiring you to upgrade in order to supposedly make their supposedly free browser secure. Like Chris pointed out, the browser is integrated too tightly with the OS and that makes for not only inherent security problems, but problems like this one as well.

 

As for not using Microsoft products if I don't like them - well, for the most part, I don't. However not everyone is aware of their draconian licensing tactics or their inherent security issues, so no, I'm not going to "stop complaining." If it helps somebody else get off the Microsoft teat, making for a more inexpensive, secure and hassle free Internet experience, why shouldn't we tell others about it?

Link to comment
Share on other sites

Originally posted by Bumpcity:

The real reason why the latest enhancements are only going to be available to XP customers is purely coding and cost (of that coding). XP SP2 is practically a new OS release. The amount of code changes that were done to update security and other features of XP is staggering. Time will simply not be devoted to re-writing older versions of the OS to include all the new code. Does that suck? Yes, it does. It's also a cold hard truth. If you don't like MS products, don't use them. I hear Apple makes some stuff. I hear there is this thing called Linux that is all the rave. No one forced you to use MS products. Stop complaining.

Woaa big fella. We were having a nice debate and frankly, an educational one. We shall not stoop to being mean. We all have the right to complain, and in fact, the obligation to do so. (I prefer to think of it as bitching, as in bitchin bob). Lee has brought up some very valid points. I had to concede the debate. She clearly won.

bbach

 

Beauty is in the eye of the beer holder.

Link to comment
Share on other sites

Originally posted by Bumpcity:

Where was it said that MS is charging for XPSP2?

It wasn't (and I didn't mean to imply that, apologies if I did) - but if you are running an older OS you do have to pay to upgrade to XP, which basically means you are having to pay just to upgrade IE, a supposed standalone browser. Not to mention, by going to XP you're agreeing to the MS licensing scheme and user "agreement" which I find very invasive as I was pointing out. Besides, If they can't fix IE security issues without "fixing" the whole OS, that's kind of a problem don't you think?

 

Let's face it, MS's plan all along was to integrate the browser and OS so tightly that they would effectively force people to adopt their "standards" for the Internet. It's backfiring on them and now we're supposed to feel sorry for them that it's costing them so much to "remedy" it? I don't think so. As mentioned, there are other alternatives.

 

The privacy issues in Win XP that I was referring to are that 1) You can't install anything new in your computer without have to "re-authenticate" XP
That statement is false.
How so?
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...