A Microsoft developer and cryptographer responded in his blog to a news story by the BBC about the problems strong encryption built into Vista might cause for law enforcement. "Over my dead body," he said, regarding the possibilty of including a law-enforced backdoor in Vista.
Post a Comment
Member since:
2005-09-21
Member since:2005-07-06
You are gonna get modded down for that !
however, the whole thing confuses me...
the encryption built in will be able to stop police if they grab your PC for investigation.
They caught Gary Glitter with kiddie porn in this way.
So in this sense it is a good thing.
But, having the filesystem encrypted by default, will make things like this far harder to do....
Microsoft should not do this.. instead leave it to 3rd party programs.
So, if someone is under investigation, and their files are encrypted... then they have something to hide.
being left this way... everyone will be looked at as having something to hide.
Member since:2005-10-11
Member since:2005-07-06
So, if someone is under investigation, and their files are encrypted... then they have something to hide.
That's a silly assumption, I encrypt a lot of my stuff just so that if someone does get a hold off my pc (it might go in for maintenance or get stolen, whatever) they can't get at the data. It's common sense, like locking the door.
Also the best encryption software provides plausible deniability, like including a second encrypted volume inside the first with the data undistinguishable from random data. This protects you in countries where there is no equivalent of the US' fifth amendment (no self-incrimination).
Edit: s/stupid/silly/
Edited 2006-03-04 18:05
Member since:2005-07-06
US' fifth amendment (no self-incrimination).
Oh wonderful, the fifth ammendment, the 'get out of jail free' card for the Kenith Lays of the world; if the US did wish to use torture, wouldn't it be best to use it on economic terrorists like Kenith Lay than trying to get some unknown goat hurder in Iraq to confess to something he knows nothing about!
Member since:2005-07-06
The rights in the Constitution were not chosen arbitrarily. The fifth amendment derives from English common law, and like most such protections, has been included in the Constitution because it has proved useful over hundreds of years in protecting the rights of the people. Such protections are not something people should be willing to give up easily.
Member since:2005-12-31
> So, if someone is under investigation, and their files
> are encrypted... then they have something to hide.
Right, but having something to hide is not a crime. Most people have something to hide. It's called privacy. If privacy is ever criminalized in a country, I would advise everybody to either leave that country immediately, or start a revolution.
Member since:2005-06-29
If privacy is ever criminalized in a country, I would advise everybody to either leave that country immediately, or start a revolution.
Must... Resist... People who know me well will know what I mean 
.
Right, but having something to hide is not a crime. Most people have something to hide. It's called privacy.
Exactly. I really wouldn't give one bit if the law ever were to enforce this (because I really got nothing to hide), but I certainly do understand that a lot of people wouldn't like this.
Member since:2005-06-29
"I would advise everybody to either leave that country immediately, or start a revolution."
Ideally that would be the case, but have you had a look at the state of affairs recently. In the UK people have cameras all over, several can also see inside people's windows because of the direction they point. We have hundreds of companies playing legal lottery, from the recent blackberry case with pseudo-companies taking out rediculous patents and then taking advantage of a legal system comprised of incompotent ignorants, to the RIAA, MPAA and SCO, the list just goes on and on and on.... Then you have certain presidents (whom I won't name) who like to think themselves everyone's big brother, next thing you know you have illegal wire taps, car tracking, cell phone tracking, blackboxes in cars, internet traffic monitoring, illegal detainment and torture, every last detail about your life including a 3d nude shot in some government database, private records where people can write whatever they want about you and you don't know about it so you can't defend yourself. There's just no end to the disgusting farm animal treatment we get these days.
If there were people around I'm sure there'd have been a revolution long ago, unfortunately all I see around me are sheep.
Member since:2005-09-03
About those sheep...
http://www.aperfectcircle.com/bodies.html
Member since:2005-08-03
"They caught Gary Glitter with kiddie porn in this way"
Gary Glitter is a clueless twit, with AOL user level computer skills.
I can only guess the smarter kiddie fiddlers and crime cartels don't use windows at all.
Kiddie fiddler catch cry has always been the copout knee jerk by governments to get the public on side to take away peoples rights, for their own agenda.
Even encryption won't save the Gary Glitter types of the world; Glitter was busted by tried and true police methods.
As for Microsoft's agenda, do you think Microsoft has just a little spite with US government over a certain little court case.
Maybe Microsoft should move from Redmond to Cuba.
Edited 2006-03-04 18:39
Member since:2005-11-02
As for Microsoft's agenda, do you think Microsoft has just a little spite with US government over a certain little court case.
Maybe Microsoft should move from Redmond to Cuba.
I doubt that MS would ever consider moving to Cuba. Bill Gates did at the height of the anti-trust case drop veiled hints that MS would, if its business model was imperilled, consider moving to Canada. After all British Columbia is only a drive away from Seattle. Not that I would like to see MS here in Canada, any more than I suspect Fidel would want to see them in Cuba. Still MS was able to buy off the entire US political, governmental and judicial system. Why move?
Member since:2006-01-11
"So, if someone is under investigation, and their files are encrypted... then they have something to hide.
being left this way... everyone will be looked at as having something to hide."
On the contrary, if everyone's Windows installation is encrypted by default, then an HD being encrypted will say absolutely nothing about its owner's intent 
Member since:2005-07-06
But, having the filesystem encrypted by default, will make things like this far harder to do....
Microsoft should not do this.. instead leave it to 3rd party programs.
The filesystem is not encrypted by default. The user has to set this up. I disagree that MS should not include this. Besides it being a requested feature for them to include, they have already included the ability to encrypt files in Windows since Windows 2000 with Encrypting File System (EFS).
BitLocker won't be a large hinderance for law enforceement, and no encryption technology should be artificially weakened just for them. We've seen how this screws up things before.
Also, there are plenty of other encryption tools available (including EFS) that criminals could use if they wanted, and if they were actually smart enough to use. Most criminals aren't that smart when it comes to computers. 7 years after EFS' introduction, law enforcement still recovers laptops from criminals and terrorists that are so clueless that they keep sensitive data in the clear. In many cases, they find the stuff in common folders like My Documents, My Pictures, etc., and many criminals don't even know that when you delete, the item goes to the Recycle Bin. MS didn't cave on EFS and is right not to do so here.
Member since:2005-07-30
Member since:2006-03-04
Clearly alot of people on this board cannot tollerate the truth.
http://www.osnews.com/permalink.php?news_id=13873&comment_id=101318
Member since:2005-07-06
Member since:2005-07-06
Clearly alot of people on this board cannot tollerate the truth.
http://www.osnews.com/permalink.php?news_id=13873&comment_id=10...<...
And some people aren't good at math.
The chance of being hit by a car is much greater in NY than in whichever desert in a remote area.
So what do these numbers say other than there are possibly more *nix based webservers.
Member since:2006-03-04
[i]And some people aren't good at math.
The chance of being hit by a car is much greater in NY than in whichever desert in a remote area.
So what do these numbers say other than there are possibly more *nix based webservers. [i]
What? i read that Linux and Unix experience three times as many reported security vulnerabilities than Windows. Doesnt have anyting to do with web servers.
- Vulnerabilities 2004-2005
Windows and Windows Applications: 812
Unix/Linux and Unix/Linux Applications: 2328
* http://www.us-cert.gov/cas/bulletins/SB2005.html
Member since:2005-07-06
Member since:2005-07-02
What? i read that Linux and Unix experience three times as many reported security vulnerabilities than Windows. Doesnt have anyting to do with web servers.
This has been debunked many, many times. Vulnerabilities are counted more than once for Linux/Unix (i.e. the same vulnerability on RedHat will also be counted for Debian if it happens on both distros).
Also the severity of bugs is usually higher for Windows/Windows applications bugs.
When you factor all of these in, it's clear that Linux/Unix has a much better security record than Windows.
Member since:2005-07-06
Definitely has a better security record.
However, it doesn't have a perfect record or even near a perfect record. There was a period in the Internet Era when distros being used on servers like Red Hat and the like were being exploited a lot. Websites were getting defaced or taken over a lot. Some of it was poorly written web code, and some of it was exploits like privilege escalation.
This isn't so much of a problem anymore. Linux has improved its own security track record and probably regained any trust it had lost during that period.
Microsoft has been much slower to address security properly, so some people are very reluctant to trust that they even care, or will ever actually improve security.
Even if they drastically improve security, there will still be problems because of (a) large userbase. users are the weakdest link (b) large marketshare, larger target. We will still definitely still more security problems with Windows than Linux for these reasons.
Now, if they had the same market share, it might be a different story. Don't get me wrong though, if they had the same market share this whole time, Windows would still have the worse security track record.
Member since:2005-08-27
It's sad that people can take the truth, yet the truth is ignored by so many people who are religious about their OS. It's really a shame.
A lot of people think that an Open source Operating system is more secure because people can fix things right away, but that opinion is really decieving in so many ways.
I am not against the idea of Open Source, but using it as an OS and even with passing the code around there are still huge possiblities for security issues.
Member since:2005-07-02
A lot of people think that an Open source Operating system is more secure because people can fix things right away, but that opinion is really decieving in so many ways.
Would you care to elaborate on that, or is this the extent of your FUD?
"Security through obscurity" has not helped Microsoft, whose security record is abysmal. Linux, an open source OS, is slightly more secure, while OpenBSD, another open source OS, is a LOT more secure.
You might have missed this in the other thread, but the Department of Homeland Security seems to disagree with you:
http://www.theregister.co.uk/2006/03/03/open_source_safety_report/
Member since:2005-07-06
Yes, there are possibilities for security issues, but at the end of the day, I'd much rather hook a Linux box directly to the internet than a Windows box. The last time my Windows machine strayed from behind a *NIX firewall, my computer was infected by MSBlaster in the space of two hours.
Security is not a bullet-point on a feature list, and trust is not a first-impression. People do not assume a product is secure just because the marketing material says so, and people do not trust a product until time has shown that product to be worthy of trust. Vista may very well be as secure as a *NIX, but it will be years before it can prove that security and earn peoples' trust.
Member since:
2005-09-17
Member since:2005-06-29
What kind of dumb person siad befor "windows need a backdoor"?
The law might enforce it. You see, file system encryption enables you to 'hide' your files. The law might demand that Microsoft put a 'backdoor' in the encryption, so that criminal investigators *always* have access to files on suspects' computers, even if its encrypted.
Member since:2005-07-06
The law might enforce it. You see, file system encryption enables you to 'hide' your files. The law might demand that Microsoft put a 'backdoor' in the encryption, so that criminal investigators *always* have access to files on suspects' computers, even if its encrypted.
This will not work. Criminals have a tendency of not following the law. Strong encryption software will always be available to criminals regardless if it is legal or not. Of course they could make it illegal to possess encrypted files, but then how do they prove that you have an encryted file and not just a set of random data, or that your nice desktop background is asteganograpic crypto.
The people that get hurt by such legislation are ordinary law obiding citizens with legitimate needs to protect their sensitive datea. If the police can get your data, sooner or later it will leak.
The more sensitive and valuable the information is the greater the risk. E.g. how much would would it take to bribe or coerce a low salery police officer to get information about the latest car model your company is designing.
Member since:
2005-07-02
Member since:
2005-07-06
this as an awesome move by microsoft, all personal information should be 100% secure by default, nobody needs to see that info except me and i like it that way, it's called freedom of privacy.
I might add that I don't use anything microsoft at home, only at work (and not much there), but i still think this is a good move, it should be the goal of every os to be 100% secure by default.
Member since:2006-01-18
Member since:2005-07-06
To a degree, in the USA, yes we are entitled to a level of privacy:
"Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
While yes, one could argue a backdoor could be legal if the police required a warrant to 'use' this backdoor. I'd guess, though, that this has also been addressed by years of precedent etc.
Even the Supreme Court's decision to strike down i.e. sodomy laws held that people are entitled to privacy, period...
"Liberty protects the person from unwarranted govern-ment intrusions into a dwelling or other private places. In our tradition the State is not omnipresent in the home. And there are other spheres of our lives and existence, outside the home, where the State should not be a domi-nant presence. Freedom extends beyond spatial bounds. Liberty presumes an autonomy of self that includes free-dom of thought, belief, expression, and certain intimate conduct. The instant case involves liberty of the person both in its spatial and more transcendent dimensions." - Justice Kennedy, Supreme Court Lawrence V. Texas.
Yes, indeed, a backdoor would be viewed as highly illegal to the court. Yes, the highest interpreters of the US constitution DO in fact deem that citizens have a right to privacy.
Member since:
2005-12-31
So what is the user supposed to do if the worst happens and they can't access their data any more (say they forget their password for some reason or dare I say it: there's a bug)? I can see a lot of disgruntled users out there harassing MS for their baby pictures (etc) back.
Member since:
2006-02-21
Member since:
2005-08-07
Member since:
2005-08-29
I remember reading once that by law any and all software products that use encryption (like encryption programs) must give a key to the U.S government, especially when such information is to be transmitted to and fro the states.
Now if Microsoft introduces encryption on their operating system by default, will the U.S government enforce another law whereas MS will have to give a key to them in order to bypass the encryption at will?
Want any reasons for that law enforcement? Erm.. say... computers (laptops) nowadays travel from one country to another, and thus data is also being transfered in an encrypted manner..
Member since:2005-07-06
Member since:2005-08-18
"Wherever you read that was wrong."
Really?
Key escrow isn't a fantasy.
http://www.schneier.com/paper-key-escrow.html
Member since:2005-07-06
I'm sorry, where does does it say there that...
"I remember reading once that by law any and all software products that use encryption (like encryption programs) must give a key to the U.S government, especially when such information is to be transmitted to and fro the states. "
? Yeah. No where.
Member since:2005-08-29
Member since:2005-07-06
Member since:
2006-01-26
It's interesting that people understand encryption as meaning having something to hide. As was pointed out by one person above, it's really about privacy. More specifically, it's about control over access to private information. Under all of the legal systems in Europe and the USA this is currently a right of citizens and subjects.
If a person is known to break a law, it is possible to obtain a warrent to access their private information. At this juncture an individual is legally bound to give law enforcement services access to their data. There is no right for government agencies to access private information without this permission, except in exceptional situations like war (something the US President is currently using as a justification for snooping).
There are rumours that the CIA/MI5/MI6/GCHQ/[insert random agency] are always collection private data. Perhaps yes, perhaps no. It's outside of the remit of the legal sphere anyway, and cannot (or should not) be used in any legal matter. The fact that encryption would twart such snooping is not a bad thing. It's annoying for the agencies, but has nothing to do with breaking any laws.
Encryption is not about having something to hide. It's about having private in the digital sphere that you can already have in the physical sphere (think about your right to have a safe at home).
Member since:
2005-11-15
Member since:2005-07-06
Member since:2005-07-06
Just Google for "Windows NSA key".
Windows having backdoors for CIA and NSA is one of the main reason why EU and China (among others) are trying to leave Windows for Open Source.
My take is Windows is not very credible about this. They did in the past and we cannot be sure they won't do again. The Shared Source Initiative is aimed to wipe out such clouds but is not proving itself successfull.
There are fewer chances that they could win Govts trust again. And I'm a Windows user. ;-)
Member since:2005-07-06
Member since:2005-11-15
In September 1999, leading European investigative reporter Duncan Campbell revealed that NSA had arranged with Microsoft to insert special "keys" into Windows software, in all versions from 95-OSR2 onwards. An American computer scientist, Andrew Fernandez of Cryptonym in North Carolina, had disassembled parts of the Windows instruction code and found the smoking gun—Microsoft's developers had failed to remove the debugging symbols used to test this software before they released it. Inside the code were the labels for two keys. One was called "KEY". The other was called "NSAKEY". Fernandez presented his finding at a conference at which WIndows developers were also in attendance. The developers did not deny that the NSA key was built into their software, but refused to talk about what the key did, or why it had been put there without users knowledge.
http://www.techweb.com/wire/story/TWB19990903S0014
In February 2000, it was disclosed that the Strategic Affairs Delegation (DAS), the intelligence arm of the French Defense Ministry, had prepared a report in 1999 which also asserted that NSA had helped to install secret programs in Microsoft software. According to the DAS report, "it would seem that the creation of Microsoft was largely supported, not least financially, by the NSA, and that IBM was made to accept the MS-DOS operating system by the same administration." The report stated that there had been a "strong suspicion of a lack of security fed by insistent rumours about the existence of spy programmes on Microsoft, and by the presence of NSA personnel in Bill Gates' development teams." The Pentagon, said the report, was Microsoft's biggest client in the world. (Agence France Presse, February 18 and 21, 2000)
Member since:2005-07-06
Member since:2005-11-15
Member since:2005-07-06
No to both questions (unless you count beta testing).
As for the NSA key nonesense:
http://www.microsoft.com/technet/archive/security/news/backdoor.msp...
By the way, everyone should stay away from any Linux incorporating source from SELinux if they count any contact with NSA as being colusion.
http://www.nsa.gov/selinux/index.cfm
Edited 2006-03-04 21:17
Member since:2005-11-15
Member since:2005-07-06
Member since:2005-11-15
Member since:2005-07-06
You're not interested in facts. You're interested in being comfortable with your beliefs.
Funny how I see that as exactly your stance. Talk about projecting.
Oh no, more NSA collusion
http://www.nsa.gov/snac/downloads_macX.cfm?MenuID=scg10.3.1.1
Oh no, any OS vendor seeking Common Criteria Evaluation has to deal with NSA.
http://www.nsa.gov/ia/industry/cots.cfm?MenuID=10.2.7
Member since:2005-07-06
Member since:2005-07-07
By the way, everyone should stay away from any Linux incorporating source from SELinux if they count any contact with NSA as being colusion.
It's opensource. It doesn't matter what they NSA does with SELinux because we have the world to audit it and in fact the NSA does very little/nothing with SELinux anymore. It is developed outside the NSA now. It just happened to be started by the NSA.
Member since:2005-07-06
do you have any sort of clue ????
linux is OPEN... people can look for backdoors
people here say Microsoft is fine and can be trusted on their word that there is no backdoors....
but Windows is closed, people cannot check for themselves.
Your computer could be being logged right under your nose
Member since:2005-07-06
Member since:2005-07-06
Member since:2005-07-11
raver31: "linux is OPEN... people can look for backdoors ... but Windows is closed, people cannot check for themselves"
Actually an very large number of people have access to the windows source code.
Most of them specifically requested access (like the Chinese government, MVP's, and the entire EU) to make sure there their were no back-doors in the software.
China: http://english.people.com.cn/200303/17/eng20030317_113428.shtml
MVPs: http://www.eweek.com/article2/0,1759,1624933,00.asp
Member since:2005-08-27
>do you have any sort of clue ????
>linux is OPEN... people can look for backdoors
So if someone takes linux, adds a backdoor and sells it and doesn't give the full source away they can't add backdoors?
You are kidding right?
Open source software can have the same problems.
The main problem that I see is that trusting in open source just because it says open source is just stupid.
It's really a false security and that is the problem with it.
Why do you think we have the US government monitoring open source software as well as closed source.
Member since:2005-07-02
Member since:2005-08-27
Member since:2006-03-07
the eff of course. heres a link for you. http://www.eff.org there are also a couple of millionares backing linux distributions, im pretty sure they'd love to sue microsoft on behalf of one of the many linux projects in the case that microsoft violates the gpl.
Edited 2006-03-07 06:34
Member since:
2006-02-27
"Actually an very large number of people have access to the windows source code. "
They may have access to source code, but do they have access to the source that matches the binaries that make up the OS they are using? They're not allowed to compile to check so the code is unverifiable making it a nonsense that they can truely check for backdoors or whatever they wish to check for.
Member since:2005-07-11
rtfa: "They're not allowed to compile to check so the code is unverifiable making it a nonsense that they can truely check for backdoors or whatever they wish to check for."
The ability to compile/or not compile source code is not as important as is the ability understand code and intentions. And by code I mean high-level (C/C++) and low-level languages (Assembly) - Machine Code.
Therefore anyone examining the source code would have to have deep understanding of assembler – actually it would be a prerequisite given those significant parts of windows is written in assembly.
To such a person, talented enough, the high-level language code is just good reference material - as a matter of fact anyone with a debugger and time can walk through the assembly code and figure out whats going on now
Member since:2005-08-28
Being able to compile the code IS important, though... if you can't compile the code yourself, how do you know the code you've been given is actually the code used to produce the binary you were given? I mean, outside of an ability to spot inconsistencies between the code and the binary itself...
Member since:2006-03-04
http://www.microsoft.com/resources/sharedsource/Licensing/OEM.mspx : The OEM shared shource license states: "Licensees may modify, assemble, compile or link the source code and execute the resulting derivative binary code on a temporary basis to assist in debugging its hardware for the Microsoft Windows operating system"
Member since:2005-12-21
"Licensees may modify, assemble, compile or link the source code and execute the resulting derivative binary code on a temporary basis to assist in debugging its hardware for the Microsoft Windows operating system"
Which means you can't use it for production, so you have to use MS provided binaries and if you weren't able to produce the bit-for-bit same binaries from source you still have no proof that you don't have a back door in your production system.
It's a bit sadening that people still don't understand this key advantage of OpenSource over proprietary software.
Member since:2005-07-06
1) The ability to compile the code (with a trusted compiler) is a requirement for being able to verify that the binaries you deploy match byte for byte the code produced by compiling the audited source code. It's the only way of assuring that the source code you have is actually the exact source to the binaries you have.
2) Actually, most of Windows NT is written in C, not assembler, including the "significant" portions. While the various NT ports have been eliminated over time, the code itself is still easily portable, as evidenced by the various NT versions that used to run on Alpha, MIPS, etc, and the fact that the PowerPC-based XBox360 runs a version of Windows NT as well.
Member since:2005-07-11
rayiner: "The ability to compile the code (with a trusted compiler) is a requirement for being able to verify that the binaries you deploy match byte for byte the code produced by compiling"
(1) Rayiner you obviously don't understand what you are talking about - two different compilers will invariably produce two different binaries - this is because different compilers use different compilation strategies - this is obvious to any software developer.
If you then use the same compiler(s) as microsoft how will you know that the compiler hasn't inserted bad code?
If both use GCC, then you won't be comparing against the original binary.
If you use GCC, you binaries will be different because the compilers are different and how do you know the compiler didn’t insert bad code anyway?
The GNU project servers were compromised for 4 months undetected.
http://uk.builder.com/manage/work/0,39026594,20277728,00.htm
Truly the only way to verify a binary is to decompile and debug.
(2) Quote: "The kernel code is written primarily in C, with assembly code reserved for those tasks that require the fastest possible code or that really heavily on the capabilities of the processor" - Inside NT Kernel Architecture
Edited 2006-03-05 09:54
Member since:2005-07-06
Member since:2005-07-06
The assumption is, of course, that the compiler itself is trusted. Otherwise, verifying the OS makes no sense --- an untrustworthy compiler could still compile applications with back doors.
Now, decompiling will allow you to verify a binary you haven't compiled yourself, but looking for security flaws in decompiled code is substantially harder than doing it in compiled code.
The implications of these facts, of course, are the following:
1) You cannot truely trust a binary you have not compiled yourself;
2) Programs with large code bases are hard to verify and thus bad for security.
Of course, these points reiterate the obvious --- small, simple programs with open source code are the most trusthworthy programs...
Member since:
2006-02-27
Member since:
2005-10-22
Member since:2005-07-11
Member since:
2005-08-28
Member since:
2005-09-08
Member since:
2006-03-05
Member since:2005-07-06
Member since:
2005-08-27
The government is also using Linux. There goes your freedom.
I think it's fine if you like linux, but you are not too bright if you don't think the government doesn't use linux as well as windows.
I guess its ignore anything that is negative about linux and only see the positive sunshine. Reality after all does not matter.
Member since:
2005-08-27
>This has been debunked many, many times.
>Vulnerabilities are counted more than once for >Linux/Unix (i.e. the same vulnerability on RedHat
>will also be counted for Debian if it happens on both distros).
Well fine, even if I divide by half it's still more than Windows. I think that is much more realistic.
Still gives 1,164 issues.
I think you also have to factor in that less people use Linux than Windows and thus there is less hype about security problems and thus it isn't as dangerous as more people are running by obscurity.
Also, its clear that just by having security by obscurity isn't the answer as we have seen on the Macintosh recently.
>When you factor all of these in, it's clear that
>Linux/Unix has a much better security record than
>Windows.
Well I gave Linux the benefit of the doubt from the data, but come on the FUD coming from the Linux community is just obscene, of course a lot of it is lies and false information just so that people don't trust Microsoft.
Can you honestly say to me that a lot of Linux folks don't have an agenda behind their so called facts?
I honestly don't believe anything that the Linux community says to be honest as most of it is just FUD and outright lies to get people to get against Microsoft because of their so called freedom. In my opinion it's like believing George W Bush or Bin Laden FUD.
However, even if this is true what is your answer towards the final release of Windows Vista this year? We have not seen a new Windows release since 2001 so that is 5 years of finding all the problems and security issues. Linux isn't attacked as much because they are religious folks.
Member since:2005-07-02
Well fine, even if I divide by half it's still more than Windows. I think that is much more realistic.
Still gives 1,164 issues.
If you want to be more realistic, divide by five, not two.
Also, measure the actual threat posed by the vulnerabilities.
I follow security news closely. Believe me, Windows has a long way to go to regain the confidence of users as far as security goes.
Well I gave Linux the benefit of the doubt from the data, but come on the FUD coming from the Linux community is just obscene, of course a lot of it is lies and false information just so that people don't trust Microsoft.
Microsoft doesn't need to blame anyone else but itself if people don't trust it. The Linux community didn't cause the multiple vulnerabilities in Windows software that cost more than 160 billion dollars in 2004.
You may think that there is FUD coming from the Linux community, but in reality it is dwarfed by the multi-million dollar FUD campaings coming out of Redmond. If you want to be honest in your criticism, begin by pointing the finger at Microsoft, not the Linux community.
Linux isn't attacked as much because they are religious folks.
How do you expect anyone to take you seriously when you say things like this?
Member since:2006-03-07
hi! i was wondering, do you post about something you know nothing about all the time or is this the exception?
if the same vulnerability is counted for each distro it appears on, and that vulnerability appeared on every linux distro, that would be at least 100 counts at once. there are more than 100 different distros, so there is most definitely going to be more vulnerabilities detected for linux systems as a whole compared to windows.
Member since:
2005-08-27
About 10 percent of the linux community is actively being productive and building code and is too busy trying to do something to improve it.
The other 90 percent of the linux community is arguing about stupid things like how bad Microsoft is and how much better linux is and is overly relgious about their OS. These people have more to prove and they might be smart people, but they lack common sense.
Not only do they argue against Microsoft they also argue on other dumb issues like KDE vs GNOME and other pointless stuff of this nature.
It is really sad when it's come down to this, instead of trying to convince people to switch you should not have to do that, the product should do that for you and I suppose the product is just not quality enough yet to make that happen.
Don't waste your time on stupid stuff, make sure your time is more productive. Don't get stuck with the small things in life that you can't change (like changing someone's mind). Life is simply too short for this kind of intollerance.
Member since:2005-07-02
About 10 percent of the linux community is actively being productive and building code and is too busy trying to do something to improve it.
The other 90 percent of the linux community is arguing about stupid things like how bad Microsoft is and how much better linux is and is overly relgious about their OS.
Please provide your sources for these numbers please, because from where I stand it really looks as if you just pulled them out thin air.
Again, if you're going to denounce FUD, begin with the champion of all FUD, whose BS outputs dwarfs anything the Linux community could ever achieve. Hint: they're based in Redmond, Washington...(and no, it's not Lycoris!!!)
Member since:2005-08-27
>Please provide your sources for these numbers
>please, because from where I stand it really looks
>as if you just pulled them out thin air.
>Again, if you're going to denounce FUD, begin with
>the champion of all FUD, whose BS outputs dwarfs
>anything the Linux community could ever achieve.
>Hint: they're based in Redmond, Washington...(and
>no, it's not Lycoris!!!)
There is no need for real numbers as you can clearly see this from the posts in many of the forums that I visit. Common sense will tell you this, you don't need to be a rocket scientist or have to use numbers to figure this out.
The Linux community is doing free research and development for Microsoft. All Microsoft has to do is tap sourceforge and other websites like it and call it a day.
Well that is kind of hard to do with a lot of people providing hacks and no code reviews or security reviews or programming standards for an OS that is largely hacked together as a community and is lesser quality than what vista will be when its released later this year. doh!
Member since:2005-07-02
There is no need for real numbers as you can clearly see this from the posts in many of the forums that I visit. Common sense will tell you this, you don't need to be a rocket scientist or have to use numbers to figure this out.
That's called sample bias, and it's something you'll see in Psychology 101. Basically, it means that you can't trust an incomplete sample to be representative of a population at large, and that your own bias will also taint the results. In this case, trying to figure out any kind of statistics based on your personal observation of posts here and elsewhere on the net.
In other words, you did pull the stats out of your ass, and as such they mean absolutely nothing. I could state that it's actually the contrary, that 90% of the Linux community is serious and contributes in a helpful manner, and only 10% indulge in advocacy on Internet forums, and it would be just as valid as your statement (i.e. not very).
Don't make these kind of claims if you want to be taken seriously.
Member since:2006-03-07
"The Linux community is doing free research and development for Microsoft. All Microsoft has to do is tap sourceforge and other websites like it and call it a day."
they can't, they would have to acknowledge the writers of the programs or they would be sued. they would also have to distribute the source code of some of the programs they made under some liscences, and they wont do that.
"Well that is kind of hard to do with a lot of people providing hacks and no code reviews or security reviews or programming standards for an OS that is largely hacked together as a community and is lesser quality than what vista will be when its released later this year. doh!"
have you even looked into linux before posting something like this? first of all, vista will be of near equal quality to linux when it releases, a bunch of its features have been in linux a long time. also by time it is released, KDE4 should be out, and linux users will have an enhanced desktop as well as 3d desktop thanks to Xgl(being developed by novell) and AiGLX. if you had any experience with linux you would know it is not some os that was thrown together by hobbyists with little in the way of programming skills. every day linux is getting new projects and software and it is at the moment able to meet the needs of a standard user.
Member since:
2006-01-19
