Team Murder No Brain No Headache.

8Sep/04Off

After Spending The Day Tossing Snowballs Into Hell

Note: I'm really tired and didn't invest a whole lot of time in this. Take with all the necessary grains of salt. I might finish this at some point but don't hold your breath.

I've been writing a lot lately about my job or at least what I do all day instead of doing things I enjoy like writing code or hanging out on the Gentoo IRC channel helping out where I can. With the ten gazillion pixels spilled debating the merits of whether or not Linux is ready for the desktop which is a very vague and strange way of evaluating nearly anything (You mean you have to put gas and oil and windshield wiper fluid in different places and figure out when each of them is empty?! You've got to be kidding. How is my blind grandmother going to use this car!) it never seems to occur to people that Windows in many senses is not ready for use on the corporate/academic desktop. Sure, it works out great on the home machine of gadget freaks with new toys that must be plugged in and must have an all singing all dancing user interface but I'm not sure that Microsoft really takes the idea of large scale deployments very seriously.

I spent all of my working hours today cleaning up after the newest batch of viruses. I don't necessarily have a problem with this aspect because it does follow at least in part the rule of large deployments correlating with a large number of malicious folks trying like hell to exploit every hole in the code base.When you have a lot of people using your software there is going to be a lot of people trying to break your software. I don't usually try to validate this line of argument because it is most often used as a silencing tactic from defensive Microsofties when the Windows security model is called into question. The widespread deployment doesn't excuse the inattention to security and Windows security is a fucking mess from the inclusion of the web browser as a core component of the desktop with hooks way deep into the OS innards down to the requirement by many pieces of software (can we safely assume that they're working from APIs instead of seeing real source code here or do you want to trot that dead ass Shared Source pony out for another couple laps around the track?) that a user needs administrative access in order to run the software. Faults like that need to worked out in beta, not on live machines that other people have the responsibility to fix when they eventually break. The design is simply bad and although there have been all sorts of meatless claims about commitments to tightening up security it's pretty hard to take seriously from a support perspective when you've got MS folk waffling on spyware:

But Stuart Okin, chief security officer at Microsoft UK, pointed out that one person's spyware is another's way of customising their internet experience.

"The trouble is that there is no clear definition of spyware," he told vnunet.com.

like closing some of the vulnerabilities that make the plague of it possible is an affront to the user. That attitude does not inspire confidence from me. Funnier still is that some spyware actually blocks the installation of the service pack touted in the aforementioned article. Again Microsoft's strategy involves someone like me manually cleaning the spyware from machines. Hey, it works fine for Aunt Tilly so it is therefor the correct action for everyone. This insistence on the imagined needs of the mythic all-thumbs Joe Sixpack is so ingrained in Microsoft culture that I have a hard time imagining MS ever taking the needs of businesses seriously.

Comments (1) Trackbacks (0)
  1. BLINK TAG! BLINK TAG!

    Now, I thought we talked about this. I thought we were getting somewhere. Obviously I misunderstood. Ah, well.

    That aside, your point is a good one. I hadn’t really thought of it from the point of view of whether Windows is suited for large scale corporate deployments. From a security standpoint, it certainly seems not, at least if you want to be kind the the admin folks who have to keep this stuff up. Of course, at this point, it’s a bit of a moot point. It’s the 800 pound gorilla, with 800 pound gorilla farts. The best you can do is try to control the diet and invest in a decent breathing apparatus. The metaphor is your friend. :^)


Trackbacks are disabled.