Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
It's funny.  Laugh. Microsoft Security Operating Systems Software Windows

Buy Vista or Else 539

Posted by Zonk
from the make-you-an-offer dept.
theodp writes "Upgrade or keep crashing was the tagline when Windows XP was introduced. So how will Windows Vista be marketed? 'I'd hate to see something bad happen to your PC,' seems to be one pitch. Even if new features won't get you to upgrade to Vista, you should buy Vista for the security, urged Windows Chief Jim Allchin. Are commercials featuring Tony Soprano next? Bada Bing!"
This discussion has been archived. No new comments can be posted.

Buy Vista or Else

Comments Filter:
  • Secure? (Score:5, Informative)

    by SpasticWeasel (897004) on Saturday January 28, 2006 @01:21PM (#14588632)
    From TFA: "People Near Me" feature, which searches over a Wi-Fi connection for other Vista users nearby and then sets up a peer-to-peer network with them. Yeah, that sounds pretty secure. Same old Microsoft.
  • Re:Security (Score:5, Informative)

    by bender647 (705126) on Saturday January 28, 2006 @01:40PM (#14588730)

    TFA describes many ways in which Vista will be more secure by design than the security-patched XP. For example, more attention to user privileges, sandboxing IE, a firewall that looks at outgoing traffic, integrated spyware checking.

    I could pretty much care less about Vista until the games I want to play won't run on anything else, but you can't doubt that M$ will be paying more attention to security in the fundamental design of Vista than they did in XP.

  • Re:linux? OS X? (Score:5, Informative)

    by DaHat (247651) on Saturday January 28, 2006 @01:43PM (#14588745) Homepage
    Vista seems to be offering very little in terms of features

    Lemme guess... you are basing that solely on what you've read on /.?

    Allow me to list a few features coming in Vista that I am looking forward to:

    • Application level audio control
    • Application specific remoting
    • Vastly improved networking stack (apparently superior to any other OS's)
    • Support for user mode drivers
    • New printer technology (way beyond postscript)
    • Pluggable crypto system


    Take a look at this MSN Spaces post [msn.com] which has some links to some videos on some of these improvements and more on Channel 9 [msdn.com].
  • Re:linux? OS X? (Score:3, Informative)

    by jcr (53032) <jcr AT mac DOT com> on Saturday January 28, 2006 @01:50PM (#14588782) Journal
    I think Apple is already doing this

    Nope. When I worked there, it was made very clear to us that Apple doesn't talk about security as a reason to switch. We emphasized ease of use, etc.

    -jcr
  • Re:linux? OS X? (Score:3, Informative)

    by Anonymous Coward on Saturday January 28, 2006 @02:13PM (#14588873)
    While per-application audio control (I can't wait to be able to turn down my games and turn up teamspeak) and a new networking stack sound nice, remoting a single application has always been possible through netmeeting or with stuff like citrix. User mode drivers have been around for a while in other operating systems (libusb, libsane, various user mode filesystem drivers, etc). Not sure what a "pluggable crypto system" is but linux has had a good number of kernel crypto modules for a long time now for various purposes. As for Metro, the only thing it really brings to the table is XML. PDF already does everything Metro will, and will probably be much less encumbered than anything Microsoft releases as "open". (I also suspect that you could set per-application mixer levels in ALSA for any application not using OSS emulation, but it would be an undocumented hack and application dependent, rather than an OS feature)
  • by LocoMan (744414) on Saturday January 28, 2006 @02:15PM (#14588884) Homepage
    I was reading somewhere (I think on cnet too, I'll look for the URL later) that Vista will require the admin password to do admin stuff, and won't run on admin by default. They also said they were making a list of all the software that required administrative access, and dividing them in different categories. Those that actually needed admin. access will require the password be entered before opening (or before doing the specific section that needed it).

    Also it said that there are lots of apps out there that just check for admin access on startup but don't need it, just that the developers was lazy by not checking wether it ran on limited accounts. In those cases, Vista default will be to report to the program that it's running with admin priviledges, but actually run it with limited priviledges.

    I'll try to find the URL and post it later, I know I read it in the last couple of days or so.
  • Re:Security (Score:3, Informative)

    by acidblood (247709) <decio@decp[ ]et ['p.n' in gap]> on Saturday January 28, 2006 @02:33PM (#14589013) Homepage
    The .WMF vulnerability is, as I understand, the result of poor design, not an implementation problem like a buffer overflow. Given the same API, the Wine project wrote an independent implementation which was also vulnerable. So if Vista has the same vulnerability, that says nothing about whether they used the same code from XP.
  • Re:Security (Score:4, Informative)

    by CyricZ (887944) on Saturday January 28, 2006 @02:34PM (#14589017)
    The parent poster was saying that Mac OS X was based on BSD, which it is. Mach was derived from BSD, and Mac OS X builds upon Mach. Of course, it also integrates code from the other BSDs, which tend to use code from each other, too.

    At one point there was a BSD-derived networking stack included with Windows. However, it is reported these days that a new implementation was written.

  • Re:Secure? (Score:4, Informative)

    by PCM2 (4486) on Saturday January 28, 2006 @02:35PM (#14589033) Homepage
    If this is the Windows Collaboration feature they're talking about, then it doesn't automatically connect everybody. You can invite the people you choose. And it's not a peer to peer filesharing network or even a standard Windows network. It's a Groove-like system that allows you to share files and screen real estate among the connected peers. So if you're showing a presentation from your laptop, you can let me connect to your projector using your laptop over the network and show my presentation from my hard drive, using your screen in a sense. I can also push the same file to everybody in the ad hoc "network" so that they can view it. Optionally I can also send them a copy of the file, but I don't have to... that kind of thing. It's actually pretty neat.
  • by King_TJ (85913) on Saturday January 28, 2006 @02:57PM (#14589190) Journal
    Well, first off, the current market penetration of Macs is more like 5-6% right now, not 3-4%. But I realize that's basically splitting hairs. I get your point, and I tend to agree. But with Apple moving to Intel processors on new Macs, it seems like a lot of new possibilities may open up.

    Microsoft, for example, currently owns and sells "VirtualPC" - which is pretty much the only way a Mac user can install and run Windows on a Mac. But with new Macs being Intel-based, it seems logical Microsoft might update VirtualPC to be a product that simply allows simultaneous execution of Windows code in a window inside OS X, rather than emulating all the x86 instructions by translating them to PPC native code.

    If this happens, there's no reason Windows couldn't run well enough inside OS X on a new Mac to finally allow Windows games to run at near-native speeds. New Macs all have fairly respectable ATI or nVidia graphics cards - capable of the same features as their Windows counterparts for 3D gaming.

    The Mac may never really get lots of game developers interesting in writing or even porting Windows games to OS X native titles - but they might succeed in bringing Windows to it instead, while keeping everything under the umbrella of OS X.
  • Re:Security (Score:3, Informative)

    by Coryoth (254751) on Saturday January 28, 2006 @03:07PM (#14589254) Homepage Journal
    I think you could extend that to "if you want security you must never run any executable file that didn't come with your OS outside of a VM sandbox".

    Anything that can be executed is a security threat. Random executables received from mails with "3bl4rg3 yu0r p3n1s" more than others, but few softwares actually have a bug/issue count of 0.


    There are things that can be done that allow for significant improvement over the current situation. The only catch is that it requires significant change to the base system, and some changes to applications that wish to run on the system.

    Instead of forcing everything outside of core OS software into a VM sandbox that completely restricts access to everything, you can have the system itself mandatorily mediate all access to system resources - in a sense have everything (except the kernel) sandboxed, but each sandbox flexibly defined according to a policy declaring what the software running inside the sandbox requires access to. Doing such a thing, of course, would require you to build such a security system into the kernel itself, preferably with some separation of policy and enforcement. You would also have to build a robust policy for the core system services, restricting each to their least privilege, and fixing anything that has unnecessary demands for access to system resources. At step two you would need to encourage more general user software to minimise unnecessary access demands, and generally making use of this new access control system (which would replace and/or augment file permissions, groups, etc.); hopefully applications would also provide suggested policy requests as well.

    That sounds like an awful lot of work, but thankfully we already have the kernel security structure and core sytem utility fixes [wikipedia.org]. That means that we are at step two - we need to start promoting this system as the new access control mechanism, and try and get application developers to play nice with, and use, the new system.

    Jedidiah.
  • Re:linux? OS X? (Score:1, Informative)

    by Anonymous Coward on Saturday January 28, 2006 @03:19PM (#14589323)
    I recently had a chance to play with the beta at cutc (canadian undergrad technical confrence) and to be frank, the tradeoffs for what you mention are not worth it for power users. That is to say, it is targeted at people who dont know much about computers and generally use them for mundane tasks (someone to whom application level audio control would be important).

    The perks I noticed were things like aeroglass (note: transparent windows are not as important if you have multiple desktops), vector based frame buffer (this is kinda cool, despite being done in direct x), "tabbed browsing" (which they attempted to claim as a new feature to ie, and were laughed at because the mozilla guy got a seminar in before the MS presentation), and a side pannel that had some web features (reminiscint of the highly unsuccessful active desktop). They also changed the start button to a windows logo and moved some colors around. It also seems that non superuser accounts are now not completely useless. If features like the improved network stack (i'm not exactly sure how you can significantly improve standard protocols, but sure), and new printer technology were mentioned, I either didnt notice when i used the beta, the MS guy didnt mention them in his presentation, or I wasnt paying atention (can you blame me?).

    That said, I did notice a few things that made me cringe. The first time I booted the beta I was prompted with "Error: Could not load operating system", so I moved to another machine. The first thing I did was disable the side bar, and turn off aeroglass. I then went into the system monitor and noticed a 550mb memory usage. Sure its a beta, and sure some of that memory is on the system page file, but half a gig without any apps? Is that reasonable? My system only has half a gig! One of the more embarasing moments for M$ during the presnetation occured when an audience member pointed out a potential bug. Vista has new parental controls that can be envoked between certain times, which require super user privilages to change. It seems however that changing the timezone is a non-su operation. The presenter didnt test the potential flaw during the presentation, and even if it was addressed, this raises an interesting question; they claim that their non-user accounts are finally usable, what did they have to expose to make them usable? OSes like linux are designed from the ground up, so if some feature early in the design phase require su privilages, then by necessity anything built on top of it will also require those privilages. Windows on the other hand is built from the top down, so its not always apparent what low level components should have su privilages...thats kinda scary...

    As a user there are two things that are important to me; my time and the things i produce on my time. If the system goes down for no apparent and unlogged reason, I'm pissed at it for wasting my time. If the system dies and looses all of my data I am even more pissed at it for wasting a lot of my time...that said, it seems that Windows Vista inherits the long honored M$ tradition of being a big waste of time, now with new features to help you waste even more time. Is your time worth flashy graphics and security in knowing that your just as screwed as everyone else who uses M$? If it is then by all means use Vista. Fortunately I have a little penguin that keeps me very productive and happy :)

    Note: To those concerned about GL support on Vista, 2.0+ support is still there provided you turn off aeroglass. Aeroglass supports 1.4-.
  • by CyricZ (887944) on Saturday January 28, 2006 @03:40PM (#14589432)
    You didn't read my post. While the game playing was indeed a social problem, the malware problem was an even more significant technical issue.

    It was indeed the higher security of OpenBSD, Konqueror, and the other software we used that helped improve the problem of malware. Blame it on the popularity of Windows all that you want; since the transition, we have not had to go back and clean up an infected system yet.

    You must not have worked in a real office of any significant size. Policy rules like you suggest don't always work. People will keep playing Solitare, for instance, until it is deleted from the system. A better solution is to use a system that doesn't include such distractions in the first place, and makes it even more difficult for the average user to install them if they are that desperate.

    That said, even from just a technical standpoint, OpenBSD was the right decision to make. It has saved the company time and money, offering a return far greater than the initial and ongoing investment.

  • Re:Seamless switch? (Score:2, Informative)

    by cosminn (889926) on Saturday January 28, 2006 @04:12PM (#14589610) Homepage
    The problem in an office environment are apps needed. The people at the front desk here all use Windows. For the most part, the stuff they need could easily be handled by Linux. They'd even _like_ it, our lab is Linux and they would have no problem using KDE, for example. They already use Firefox, some Thunderbird, and the calendar is web-based.

    The problem that we have is that they need a couple of apps that will not run on anything _but_ Windows. We tried wine, cxoffice, they even have issues in VMWare.

    One of the apps even requires you to be on a specific Windows domain, since it's a University-wide software.

    It seems that it's getting to be more viable to switch them to OSX at the next upgrade, but I'm not convinced.

    So yea, most secretaries use a browser, and email client, but they need to use some apps that will not run on Linux, not to mention OpenBSD.

    And as much as I like OpenOffice, and I support them (I haven't used MS Office for a few years now, with the exception of helping some friends), companies can't afford to tell a client "err, this document looks really ugly when I open it with OO" or risk writing something in OO, saving it in .doc format and showing up all ugly for the company/person working with them. I'm not even going to get into .ppt...

    While for a browser, an email client, and an alternative OS it's pretty easy to get people to switch (OSX looks _nothing_ like Windows, and yet I know of nobody who has complained it's not like Windows...), training them to use _other_ programs, presuming they _do_ exist, is not as easy. If you use MS Money (or however it's called), try using GNUCash, and then notice the difference..and that's not even a major app...
  • vista audio changes (Score:1, Informative)

    by Anonymous Coward on Saturday January 28, 2006 @04:47PM (#14589784)
    Regarding Application level audio control. Your side comment is exactly right. The audio system is getting overhauled so each application's audio is treated as a separate stream. They are mixed together in a user-mode driver with seperate volume controls for each stream. No more problems with overly loud webpages disrupting you while listening to mp3's, just mute firefox. Mixer plugins for audio effects may also be possible.


    I haven't heard how DRM concerned apps will handle this. Perhaps they will use the new low level api (WASAPI) to avoid the central mixer. But I hope not.


    And I disagree about usermode drivers being insecure. Permission to access their address space will still be secured by the kernel and they won't have access to the hardware or kernel objects. The only difference is that bugs in them no longer BSOD the system. Better for users, better for developers.

  • Re:linux? OS X? (Score:3, Informative)

    by pherthyl (445706) on Saturday January 28, 2006 @05:07PM (#14589916)
    *sigh*
    Why does everyone continue to buy into this BS? Point sizes have absolutely nothing to do with your screen resolution if your display is set up correctly. An 8pt font should be the same size whether your res is 1024 or 1600x1200. If you're having trouble reading text on a high res screen, do this: on windows:
    display properties, settings, advanced, then choose custom setting and adjust the ruler until the distance displayed is correct. Reboot.
    On Linux, set the DisplaySize (or something like that, I forget) in xorg.conf
  • Re:linux? OS X? (Score:3, Informative)

    by spitzak (4019) on Saturday January 28, 2006 @05:26PM (#14590040) Homepage
    - A secondary LCD screen that offers limited, PDA-like functionality while the main OS is in Suspend. How would you do that with XP? Or Linux? It's not anything you can write in user mode.

    What the hell are you talking about. That LCD would be a *second screen*. Windows as-is already supports multiple screens, so add a driver for the LCD! I don't consider that a change to the OS. A slight change so that the user can make a program go to that screen without dragging it is, I guess, a change to the OS, but hardly a huge addition. Of course I think MS has gone and made yet another api, totally failing to realize that the existing one was just fine. That is why you seem confused into thinking supporting this new screen is some new OS feature. Sigh.

    A little circle appears, kind of like a radar screen, and it figures out which icon you meant to press. Current touchscreens can't do that.

    WTF? Last I looked current touchscreens can draw anything they want on it. So I guess they improved the driver, but I suspect they could have put this into XP just as easily.

    Power modes

    This I would say *is* a feature of Vista as it probably touches lots of different parts of it. It is not a driver like the above two.

    The LCD projector thing -- that's not OS?

    Um, NO! The LCD projector thing is "hardware in the projector to pick up the wireless signal!" Are you claiming that this could not be done with existing Windows if a hardware manufacturer built such a device?

    user-mode drivers

    This certainly is a big improvement to the OS. However what I fail to realize is why you thought various drivers were improvements to the OS.

    Now where are the real innovations: get rid of text/binary mode in the files!! How about a unified file name space so that open() and readdir() can find everything, like Plan9 had twenty f**king years ago (Linux also sucks in this area, but not as bad as Windows, where you cannot even list the disks without a special api).

  • Re:Security (Score:0, Informative)

    by glitch23 (557124) on Saturday January 28, 2006 @06:39PM (#14590490)
    I agree VMware is really nice and you could even split the initial cost for the application with some friends and then take advantage of VMWare's vmplayer which plays back any pre-created virtual machine file. So once you buy VMvware and split it with 5 people ($40 a piece approx.), make a bare virtual machine file, give it to all 5 people, and they can use vmplayer to actually play it back. If anything happens to it just give them the original bare vm file. VMplayer by the way is free and it also reads VirtualPC files (but I believe it ends up creating a vmware file to coincide with it). VMware is also distributing a browser virutal machine that is about 900 megs uncompressed that is a linux distro (ubuntu I think) in the virtual machine and has firefox (or mozilla, i forget) installed so you can browse the net within the vm like you said you do already. By the way, with all the VMs you said you have I hope you have a lot of memory because each one probably requires a minimum of 200MB of RAM. I run at most 3 VMs at one time and they use up the majority of my gig of RAM.
  • Re:Security (Score:3, Informative)

    by arminw (717974) on Saturday January 28, 2006 @08:04PM (#14590898)
    ....websites from my school's macs that completely deny mac access.....

    Turn on the Safari debug menu and get Safari to lie to the offending website. It may display screwy, but it will get you in every time.
  • Re:Security (Score:3, Informative)

    by Overly Critical Guy (663429) on Saturday January 28, 2006 @10:27PM (#14591550)
    It's so frustrating sometimes that so many posters on Slashdot continue to be misinformed about things that are common knowledge in the tech world.

    Vista had the same flaw because it's got the same Win32 code. Vista is not a rewrite of Windows. It's based off the Windows 2003 code, which was based off XP. It's the same Windows as before but with some new rushed 1.0 APIs for hackers to crack. WinFX is just a layer on top of Win32. It's the same Win32 Windows we've known all along with some internal updates (i.e., a new networking stack).
  • Re:Security (Score:2, Informative)

    by carl0ski (838038) on Sunday January 29, 2006 @01:32AM (#14592103) Journal
    I did that got X64 to replace XP

    what a nightmare

    A motherboard box with the clear label 64bit compatible
    Access the CD bang absolutely NO windows X64 drivers included

    took 2 hours to install Audigy X64 Drivers (creative claims unsupported) you must have previous drivers installed to use this Installer.

    TV card didnt have X64 drivers
    The mainboard website had nothing much NIC and Sound

    my Canon Printer didnt have X64 drivers
    Battlefield was acting up ATI drivers were sub par
    and to top it the problem with Windows Failing to use more that 2GB ram still existed.

    X64 Fedora Suse10.0 and Mandriva 2006 all installed all the above hardware , and it used all resources far better than 32bit Linux Distros


    Windows has reset their position of,
    Best driver support available
    and Linux has taken the crown for now.

  • Re:Security (Score:3, Informative)

    by rtb61 (674572) on Sunday January 29, 2006 @03:42AM (#14592378) Homepage
    It's a trick when installing windows any version. You must install the drivers in the correct order, no matter what the instructions say, you must reboot between each and every software driver install. Other tricks are, add new hardware, do a complete re-install (clears up the build up of errors in the reigistry which can really stuff up new driver installs).

    The other thing don't install any other sofwtare until you have completed all the hardware driver installs and applied all the windows patches. Slipstreaming is they way to go becuase that avoids connecting to the net to downgrade the patches before configuring installing you non-microsoft firewall (anybody the uses a brondband modem instead of a router/firewall with windows needs their head read) and yes the microsoft firewall is really "soft" software and is only just barely better than nothing.

Happiness is a positive cash flow.

Working...