"One critical fix (MS10-090) addresses five critical flaws in Internet Explorer"
They can only find five flaws in IE? Not looking hard enough...
Microsoft released a bumper total of 17 bulletins on Tuesday - collectively addressing a total of 40 software security vulnerabilities - as part of its largest ever Patch Tuesday update. Only two of the patch batch earn the dread rating of critical. One critical fix (MS10-090) addresses five critical flaws in Internet Explorer …
Except, that bug fixes tend to introduce even more bugs that need patching, so it does tend to kind of snowball after awhile. And then there's the workarounds to keep the fixes from bollixing up existing software, and then there's the new releases of software, all that tends to introduce new holes that need bug fixing too, so you end up with even more fixes introducing new bugs that need fixing, which...
(Here's a game; make note of the size of a fresh, unpatched Windows installation*. Then keep track of the running total of the size of all the patches, bug fixes, and updates. See how long it takes them to exceed the size of the original installation!)
*Just being snarky there, you can play this game with any distro of your choice, nobody writes bug free software, and since the internet allows them to patch after release, nobody seems to even care to try anymore.
Well, yes, there is a problem with the introduction of new bugs with the patches, but that is only a side effect of the fundamentally overly complex design of the software. The real problem here is that the fixed bugs only represent an essentially random sample of the total bug population. By studying the history of the origins of the repaired bugs, we can be quite confident that there are many other bugs that have not yet been found--at least not by anyone who wanted to say anything about them.
The root cause is still Microsoft's vision of software as a weapon, not a tool. If your goal is to destroy your competitors, then of course you make your weapons as massive and powerful as possible.
The result is we have little old grandmothers who just want to do some email and a bit of websurfing, but Microsoft insists they have an OS that does FAR more than that. It's like shopping for a small car, but the dealer insists on selling you a high-speed super-combat tank with a built-in restaurant. That's bad enough, but granny doesn't know enough to avoid giving the keys to the first blackhat hacker who can convince her to click on the wrong link...
All credit to MS for fixing the things.
They (MS) are in a difficult posistion and the squealing mac and penguin fanbois will no doubt be rubbing their hands with glee at this.
I use IE, i like IE and 99% of people i know use IE.
I will continue to use IE and am glad that MS dont just sit on their laurels and do actually provide a fix for the potentially nasty vulnrabilities that exist.
Just out of curiosity, wheres mozillas OS??? Oh they dont do one..
FFS even adobe and java are being targeted and neither of them come as part of a MS OS. Even linux comes in upteen variants, NONE of which work out of the box like windows does. Dont see many linux based systems for sale in Currys do you?
You can keep linux, i like my computer to turn on and work properly.
Whilst I agree that the knee-jerk MS flaming does get old, I disagree with the rest of your post. For any affadavit, I run WinXP SP3 on my desktop (FF rather than IE) and I'm quite happy with XP for the most part (although I had to manually turn off a LOT of unnecessary services running by default, as well close a port or two).
1. Mozilla isn't in the OS market - so what? There's a comment here missing some relevance. FWIW, I'm glad that Mozilla has decided to focus on it's product [browser] and I have a choice of browser. Bringing me neatly to ...
2. Choice. IE is embedded into the OS - so even if I uninstall, I *still* have to update the bloody thing because it isn't completely 100% removed.
3. Out of the box. You're wrong on two counts: (1) a Windows machine out-of-the-box and a Linux machine (choose your distro) out-of-the-box WILL work - precisely because 'out-of-the-box' implies that both have been pre-installed; hence are sold to work as such. (2) If you are comparing a machine with Windows pre-installed (out-of-the-box) with a machine where the user has to install a linux distro, then you are comparing apples and oranges.
Personal ancedote relating to recent Unbuntu 10.04 installations / Live CDs: my flatmate's Dell 1525 Inspiron running Vista (ugh) had serious issues - aside from Vista - due to lack of maintenace. So much so that she decided to reinstall. Her Vista recovery disk failed to install, so in the interim I gave her a Ubuntu 10.04 Live CD to allow her to back up her data. The only issue was I had to temporarily install drivers for her network card so that she could get 'net connection. That's it. When she backed everything up and wanted WinXP SP3 installed instead of Vista, not much worked out of the box because none of the standard Windows drivers worked. I had to use my desktop to download drivers from the Dell website for nearly everything on her laptop: display, video, sound, 'net, etc.
I also decided to wipe WinXP SP3 from my Samsung (NC10) netbook, and replace it with Ubuntu 10.04. Everything worked first-time i.e. display, sound, network card, yada yada yada.
I also like my computer to turn on and work properly. Ubuntu 10.04 does that on my Samsung NC10 netbook. YMMV.
That said, on days like today, it's the Sysadmins for whom I feel sympathy.
I *knew* there was a reason to avoid late-night posting (as well as late-night OS installations). I made a FUBAR in my previous post by erroneously stating that pre-installed is synonmous with out-of-the-box.
My error notwithstanding, I even more forcefully and respectfully disagree with your assertion that "NONE of which work out of the box like windows does"; primarily because even windows doesn't work out of the box 100% guaranteed (different hardware settings) - especially Win 7.
Whatever OS you use, if you go around poking in places, make sure it's wrapped [patched].
"Also, Microsoft has now released 106 security bulletins in 2010 – the first time topping the century mark since the Patch Tuesday program began. The next closest was 78 in 2006 and 2008."
I'm surprised that no one has pointed out that since XP (SP3) is still under active support, that MS now has THREE revisions of its OS platform to support. Normally, XP would have been fully retired by now (such as 95/98/2000 was in '06 and '07), thus with 3 OSes to support, I have no doubt the numbers would be higher. If you haven't noticed, many of the alerts regard the aging WinXP.
Don't have to worry about security in win7. MS fixed it. First they renamed all the folders and common locations to be other locations, then did that again two times for luck. Then they hid them so the bad guys won't know where the hell anything is. Oh and the 32bit stuff is under the title 64 and visa versa. (goes with those american backwards dates and 3am auto install setting I suppose).
So its totally brillant, most fantastic piece of software I've ever used. Every day I just get up and think wow yay for hiding all the useful stuff behind smokscreens, it is now super cool fantastic.
we get Windows 8 in 2012, and IE9 proper in 2011, then you WILL have to stop complaining about XP and Vista because you'll get "Wind" on the 64 bit version. How do I know, just look at the new nVidia drivers which include a mysterious new function in the .inf purely for Win8 64 bit.
See,planning ahead will surely eliminate any possible future security worries, we all know that absolutely no "blackhatter" is going to disassemble an nVidia driver to find out what it's all about for a as yet non existant OS. Anyone want to take bets on borked video cards on Win8's debut?
to connect my network card to a teleprinter to print out every packet it transmits. That way each packet can be checked and if it's okay then it can be keyed in to another terminal. If enough people are checking and keying in the packets then will I notice a reduction in speed? This would also work the same way for incoming packets.
Biting the hand that feeds IT © 1998–2021