Linked by Neeraj Singh on Mon 23rd Apr 2007 19:02 UTC
Windows If you shout something loud enough and many people are saying it, does it become true? Some groups of people (include tech journalists and Linux advocates, such as Steven J. Vaughn-Nichols) have a psychological need to find Vista lacking. Mr. V-N has predicted that Vista will have all manner of problems, so his clear interest is to point out everything that is wrong with the OS. Who cares if he has to even make some stuff up?
Thread beginning with comment 233284
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Security
by PlatformAgnostic on Tue 24th Apr 2007 00:31 UTC in reply to "RE[2]: Security"
PlatformAgnostic
Member since:
2006-01-02

NT is a reasonably secure OS. Starting from scratch at this point really helps no one. You lose compatibility and have to go through the iterative security testing process all over again. Even the "secure-from-the-ground-up" UNIX had to go through the trial by fire until it has reached its current status as a secure OS.

At work, could you use "Software Restriction Policies" to only allow the people you support to run supported applications? If they can't execute anything that they don't need for their job, then you wouldn't have to worry so much about them getting taken over by questionable stuff.

Link here:
http://www.microsoft.com/technet/security/prodtech/windowsxp/secwin...

Reply Parent Score: 3

RE[4]: Security
by Sabon on Tue 24th Apr 2007 14:24 in reply to "RE[3]: Security"
Sabon Member since:
2005-07-06

"NT is a reasonably secure OS. Starting from scratch at this point really helps no one. You lose compatibility and have to go through the iterative security testing process all over again. Even the "secure-from-the-ground-up" UNIX had to go through the trial by fire until it has reached its current status as a secure OS."

Reasonbly is not good enough. You gain compatibility by having a box that old programs run in like using VMWARE to run the old OS inside the new one, each protected from each other. That's how you do it. XP has had plenty of time (if Microsoft cared) to secure their OS if they could. The foundation is cracked (think of cement with cracks) though so they can't.

"At work, could you use "Software Restriction Policies" to only allow the people you support to run supported applications? If they can't execute anything that they don't need for their job, then you wouldn't have to worry so much about them getting taken over by questionable stuff."

We do have those policies in place. But when have you ever seen those policies stop someone from going to a bad website. No one knows about ALL of them and while we do our best to detect SPAM and possibly bad links for them, some will always get through. So will the occasional e-mailed document that has a virus that the AV software didn't catch. Not to mention the documents/viruses brought in on USB memory cards. We of course run AV software on the desktop and update each night there is an update. But again, show me the tests that show that any AV software catches 100% of viruses.

Reply Parent Score: 1

RE[5]: Security
by PlatformAgnostic on Tue 24th Apr 2007 16:56 in reply to "RE[4]: Security"
PlatformAgnostic Member since:
2006-01-02

Software Restriction Policies are not some verbal thing. They're a feature of the OS. If you set it to "Default Deny" then the OS won't LET them run anything from those bad websites. There is some administrative overhead to this, because they can't install something they need without administrator approval.

Your users run as Limited Users anyway, though, right? If not, then nothing I'm saying applies and no OS can guarantee you security under those circumstances.

Reply Parent Score: 2