OSNews

I agree. This is a very bad sign.

And a look at the same results page reveals:

---
Would you trust Microsoft's Windows Vista security?
• Yes, absolutely - 40%
• No, I would still want to deploy third-party security technologies - 57%
• It is too early to tell yet - 2%
---

So it appears that it's not as cut and dried as you think.

And I think the results would have gone the other way if they asked:

No, I would still want to deploy third-party security technologies that hacks into the kernel.

Edited 2006-10-26 06:04

Oh, please, don't be such a moron. It's mostly because people like you that most non Linux users hate us.

While Vista has no chance of making it to my PC, this is really bad news, if someone can bypass the checks in that way with a security tool, someone else can make it with a virus, a spyware or any other malware.

Anyway, I'm pretty sure that MS will fix this before launch, so it's an non-issue.

It's mostly because people like you that most non Linux users hate us.

If non-Linux users don't think a breach like this is laughable at best, serious at worst, I don't think indications of my amusement are going to have any effect either way. And what does this have to do with users anyway? Most users probably can't code for **** (myself included), but when your OS vendor can't, it's BAD news.

While Vista has no chance of making it to my PC, this is really bad news, if someone can bypass the checks in that way with a security tool, someone else can make it with a virus, a spyware or any other malware.

Sounds like you think I'm gloating about how many people are going to be suckered by this. And you'd be wrong. I just find it funny that a company with such a high reputation and sense of self-worth is so clueless.

Anyway, I'm pretty sure that MS will fix this before launch, so it's an non-issue.

Maybe. It should never have finished this close to launch, though, (assuming Vista isn't going to be delayed again), so I'm not so sure.

Edited 2006-10-25 18:40

Hmm, I mean it should never have happened this close to launch.

Edited 2006-10-25 18:43

If non-Linux users don't think a breach like this is laughable at best, serious at worst, I don't think indications of my amusement are going to have any effect either way. And what does this have to do with users anyway? Most users probably can't code for **** (myself included), but when your OS vendor can't, it's BAD news.

I assume you struck Debian off you list of approved Linux distros when their servers were hacked.

This is completely different. Debian is known for high quality software and servers that got hacked once. Microsoft is known for undeservedly ubiquitous software and a long and continuing string of embarrassing failures covered up with cynically Stalinist revisionist propaganda.

it cannot be unfounded. which company would like the public to think they out and out lied to them ?

some compaines "exagerate", microsoft, sco, and pepsi come to mind....

but even they do not build a business model on outright lies

Raver31 said, ". . . they do not build a business model on outright lies." and earlier lumped SCO into that group of businesses.

Did you really mean to say that?

SCO's litigation business model is, in fact, based on lies.

>Would you trust Authentium with that sort of attitude? sorry, if I was running a business, I sure as hell wouldn't trust my business security on products that are hackware based.

So, you're advocating a blind trust of Redmond, instead?
Better hire Theo de Raadt.

So, you're advocating a blind trust of Redmond, instead?
Better hire Theo de Raadt.

How is TdR related to blind trust of Redmond?

I think a more accurate description is that he's advocating supporting software that doesn't use undocumented tricks in the system or straight out hackery to do a job when it's not necessary to do so. The only AV companies complaining about this change in the 64-bit version of Vista (Which is already present in the x64 Edition of XP) are the ones who are not willing to rewrite their software to work on the new platform.

This kind of attitude leads to software the compromises system stability and ultimately security itself since the two are so intertwined.

No, why should I trust my business to a company who relies on unstable, constantly changing, hacked up kernel level api's that could possibly cause unknown damage to my system integrity when I could rely my business on software developed using the publicly supported and maintaed API's so that when I do apply patches from Microsoft for Windows, I know that my security software will just keep on ticking withouy any problems.

Microsoft makes API's available to the public for a reason; they'll maintain it, support it; so if you write your application for them, you're pretty much assured that it'll work in the future.

This company in question, however, is basing their product on a set of API's which are undocumented, unmaintained and only for internal use; in otherwords; Microsoft has NO obligation to maintain those API's, so if they need to change something in a future update, you'll be in deep shit when you find that your hackware based application no longer works because the internal/hidden kernel api's it relies on to run, no longer exist, have been significantly change or simply their 'hack' no longer works because Microsoft has addressed the 'vulnerability'.

Like I keep saying, every time these companies do something stupid like opening their mouth and whine, it moves me closer to the idea of paying for Microsoft's security suite.

Are people suddenly going back to the old Windows 95 days where BSOD were so common? Hehe, this is really funny.

Yeah, until we see evidence that Authenium actually works, then these are really nothing more than marketing claims.