lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1087946354.546.145.camel@localhost>
From: frank at knobbe.us (Frank Knobbe)
Subject: RE:  M$ - so what should they do?

On Tue, 2004-06-22 at 14:42, joe wrote:
> There are some very intelligent people on this list who have good
> understanding of things that are really wrong with Windows and the *nixs.

Yeah, and most of them have migrated from Windows to a Unix-like OS
because of that. :)     (Unless they already started out with it)

> Now back to the topic of security. I still haven't seen a post that actually
> points out why from a security standpoint, Windows needs a base level
> redesign.

Yeah, it was there. Someone already mentioned it: Complexity.

Microsoft would be well advised to start slimming down the system,
trimming fat, consolidating APIs, cleaning DDL-hell, making it less
complex. But instead they make it more complex! Look at the requirements
of Longhorn. That's just ridiculous.

Frankly (no pun intended), the reason I abandoned Windows a few years
ago was that a) I got fed up with all those security issues, mainly
patches breaking things instead of fixing things (IE was not quite as
bad at that time as it is today), and b) because of the blatant privacy
violations one has to endure when wanting to run the OS (2000 SP3 and
the new version of Media Player come to mind).

But the security issue is mainly due to complexity. Heck, I can have a
BSD install running in the same disk space that the DLLCACHE folder
alone takes away. The fact that Microsoft is bolting on instead of
reducing complexity is a sure indicator that "they don't get it".

Regards,
Frank

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040622/252780cd/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ