Windows not secure until 2011?

[Phantasm66]

It seems like not one single month goes by in the IT world these days where we do not get some IE or Windows security warnings popping up. It seems like there is a war going on - hackers versus Microsoft - and its going to continue for some time to come. But how long?

Acutally, Microsoft reckons that Windows will not be secure until at least 2011. That's the latest word from MS, which you can read in Wired's recent interview with Stephen Toulouse, Microsoft's security program manager.

Apart from reveiling that he runs Firefox, Stephen says we have several years to go before we have a properly secure Windows available.

"We're two and a half years down a much longer road; it's more of a 10-year timeline."

 

[Per Hansson]

Wow, Kudos to Microsoft for making this statement, finally officially confirming what I and many others have been saying for years...

However there is one issue I have with MS, when it comes to a security fix they sometimes takes more than 1 year to fix them, even when they are critical, this is the main gripe I have with MS because that is what allows viruses etc to be able to spread in the first place, since there are so many users using windows you can bet on that when a security issue is found someone tries to take advantage of it, either via a new popup thingy even more invasive or by using your computer to send SPAM or just generally making a mess of things by creating a destructive virus...

I'm not saying other applications and OS'es doesent have problems, but generally they fix the problems much quicker, there have been a few not so cricical bugs in Opera latley and Opera released updated versions of it's browser within a week of the announcements... The same goes for Firefox...

Now I understand that MS has to do allot of quality testing before releasing a fix but so does Opera and Firefox, and since they are so much smaller companies surley MS should be able to suprass them.

 

[Phantasm66]

No one will ever make a secure OS. There is no such thing. For every effort on Microsoft's part to secure Windows, there is a counter effort elsewhere in the computing world to undo what they have done.

 

[TS | Thomas]

I think the main problem with regards to Microsoft's security.... "model" is that it placed to much reliance on the intelligence of the user. Even though a lot of stuff now is auto-executing, it still assumes too much intelligence on the part of the user.

After 4 hours of downtime today, the girl beside me asked me if I knew what was wrong with her PC (She'd raised a service requested almost 4 hours before this). Shortcuts weren't working, no network or internet access, nothing. So I jokingly said "Have you tried loggin in". So she did. I notice an icon in the bottom right of the screen "Network cable unplugged". Turn the PC a little, push the cable. Reboot - fixed. 4 hours of no work because she didn't see a "Network cable unplugged" icon/message. Microsoft have their work cut out for them Our IT guy didn't show up for another 2 hours after I did that either. Sigh. Describe exactly how you fixed it - "I pushed the cable back in".

Actually, we've delayed upgrading to new workstations (3.2 Ghz Xeon, CD-Writer.... - overkill to be perfectly honest) for a month as they want to update to XP Service Pack 2 for the initial roll out. Bob save us. I'm looking forward to seeing how many of the apps we use work "differently" with it. As it is our main one works bad with Windows 2000.

 

[Nodsu]

Originally posted by Phantasm66
No one will ever make a secure OS. There is no such thing.

Check the slogan in www.openbsd.com

Security doesn't have to be 100% but it should be more than 10

 

[Shnig]

Never say never phant, I mean humans were "never" supoosed to be able to travel faster then 30MPH without dieing....