computer clocks

In message , ":::Jerry::::" wrote

No - I followed the crowd and bought on price rather than quality. As with many items the market leader often doesn't have the best product, or even the best product for the price.

Why do Microsoft products need so many security updates? Surely after 10 years of development simple programs such as OE and IE should be shipped free of bugs?

On 15 Dec 2004 19:40:58 GMT, snipped-for-privacy@ukmisc.org.uk (Huge) strung together this:

Don't be so thick.

That was precisely my point. There is little point in having the best product if it does not sell.

Colin Bignell

History mostly. MS dis not "get" the internet until the late 90's, at which point the saw it as a threat (hence the browser wars etc). Their focus was on winning at any cost, and a way to do this was by cramming in "features", and effecting ever closer integration and linking between unrelated products to best exert their monopoly on the desktop OS. Security did not seem to get any consideration (and to be fair the net was a far safer place).

I'm sure every other product mentioned here has ten times as many security holes. But with so many fewer users, and those that do often have other security measures in place, it is not worth the idiots who write these viruses and so on handling them.

And talking of part P, which we weren't for once, I wonder when will writing software become part of the regs :-)

No this isn't the case at all. There are alternative OS's around that were designed from the ground up to be secure and consequently the programs written for them are so much more secure.

The latest versions of text based newsreaders for Unix/Linux are

Because MS's instinctive answer to the question "Wouldn't it be cool if" [e.g. any old program could grab your email address list] is Yes, whilst pragmatists would answer No

And the great flop that was MSN - as so often happens Microsoft took someone else's idea and tweaked it to make it proprietary, but in this case the embrace and extend strategy fell flat.

Microsoft negotiated a deal with the developers of the Mosaic web browser so they could use the code for Internet Explorer and would pay a royalty on its sales - of course they gave IE away, so the Mosaic developers got nothing. Since Netscape (which was also produced by some Mosaic developers) ceased to be a major force in the browser market, Microsoft has done very little innovative development on IE, and previous "enhancements" like ActiveX have proved to be something of a liability as far as security is concerned.

However, it is their relative obscurity that protects them much better than their relative security. If there were serious money to be made from breaking them, as there is with MS products, it is unlikely that they would fare a great deal better.

Colin Bignell

No unfortunately you are very wrong in your assumption. There have been attempts to write viruses for *nix sysytems previously and fortunately they come to nothing because they can carry no useful payload and more importantly they cannot propogate. Read this article for a fuller description of the differences

nightjar However, it is their relative obscurity that protects them much better than

Not sure that adds up... The large installed base of MS products will make them an attractive target, but I don't think you can cite that as the only reason for their apparent lack of security. MS has only recently jumped on the security bandwagon, prior to that they paid it little attention at all, preferring to concentrate on adding features.

Remember that MS do not dominate in the server space. One of the most common OSs about must be IOS from Cisco. As deployed in critical internet routers and gateways the world over. Highly attractive (and profitable) target for the black hat community, but in comparison relatively few compromises despite a massive installed user base.

There are far more internet servers out there running Solaris or Dead Rat with Apache, Tomcat, PHP etc, but the vast majority of the compromises affect the less common Windows / IIS setups.

In message , Rob Morley wrote

Have M$ ever done any innovative development? It appears that, in common with many large software companies, it finds something useful produced by a small firm and buys it out.

The original M$ product appears to have just been ripped off :)

That may well be...but I like the one I use very much...and I bet you've never seen it...!

A rather broken metaphor, since newsreaders are, at least in principle, all compatible with news.

Untrue. Windows has fundamental problems, both in design and implementation, with separation of user space from system space.

So far as I am aware, no. They either steal or buy everything.

different programmes out there for one virus to be a problem for everyone and that Linux does not do some of the things that have proved to cause problems with Windows. The first is consistent with my statement about their relative obscurity. The second simply means that the system is not vulnerable to problems that have been identified with an entirely different operating system in the past. Nothing in the article convinces me that, if a multi-billion pound industry, which probably motivates it programmers as much by fear of what happens if they fail as it does by the rewards if they succeed, would not find vulnerabilities to exploit, if it found the desire to do so. The relativly better security probably does protect it from the occasional destructive geek. However, I would need a lot more convincing that it could withstand the sort of highly organised, well funded attacks that MS products are subjected to.

Colin Bignell

Err, isn't that part of the point?

Be convinced. It will, it can, and it does.