Linked by Thom Holwerda on Thu 12th Oct 2006 15:09 UTC, submitted by Dolphin
Windows 'The most secure Windows ever' may be very secure from hackers and malware - but what do you do when Longhorn Server let's you install the OS, set up Active Directory, and initialize the domain without once asking you to even create an administrator password? "What happened to Windows Server? Where did all of the stringent security checks and ultra-protection of Windows Server 2003 go? Windows Server 2000 was quite insecure, and Windows Server 2003 turned over a new leaf... But it seems Microsoft is more than willing to flip that page back - even Windows Server 2000 required an Administrator password at the very least."
Permalink for comment 171293
To read all comments associated with this story, please click here.
Bravo!
by ccchips on Fri 13th Oct 2006 02:25 UTC
ccchips
Member since:
2006-05-24

"Security is something that should be written from ground up, not as an aftermarket item that may be purchased separately."

As an unfortunate Windows administrator, I have to live this failure every day. Their notion of security is basically a slap in the face to the "worker" side of computer systems. Absolutely pathetic.

Windows 2003 was an improvement, but that doesn't matter, since there are literally millions of improperly-set-up Windows 2000 servers out there, running in production where changes are very dangerous to various companys' businesses.

You're also right that there's absolutely *no good reason* to let developers off the hook in this regard. Most of what runs on Microsoft platforms is applications, and my experience is that application developers couldn't care less about security unless they're forced to.

That is what Microsoft should have done in the first place, right from the start - forced application developers to operate in a secure environment.

Why, for example, did it take them until 2004 to develop an OS that formats hard drives with proper (or reasonably proper) permissions by default?

Reply Score: 1