Security holes that run deep

A fine little essay from Mark Burnett about the real problems with Windows security. Here's a teaser:

This obviously isn't just a Microsoft problem, we could all certainly learn from this lesson. But that doesn't mean Microsoft can't take the lead in tackling this problem. Whether you are talking about politics or programming, the concept is the same: follow best practices.

Best practices: making sure that "all i's are dotted and all t's are crossed" takes time and attention to detail. More importantly, it takes experience - especially by those doing peer reviews on their collegues code. I would hope that Microsoft's quality control processes include peer reviews, but one never knows.

This is a basic reason that open source is more secure: more peer reviews, or more "eyeballs" as the OSS community perfers to call it.

How a simple bug betrays Microsoft's disdain for basic best practice principles

(link) [The Register]

00:00 /Technology | 0 comments | permanent link


India to enjoy cut-price Windows

Let me see if I got this right: we ship our jobs overseas, and then we cut the price on our products in those overseas markets, while raising them here in the US!

What's wrong with this picture?

Microsoft has confirmed that it is to start selling its cut-down, wallet-friendly, version of Windows in India, Indonesia, Malaysia and Russia. The cut-down version of Windows XP is already available in Thailand for about half the price of the full featured edition.

(link) [The Register]

00:00 /Politics | 0 comments | permanent link


CA Court Strikes Blow Against Hidden EULAs

I always hated these things: you can't tell what you're agreeing to until you buy it, and once bought and opened, it can't be returned. Hopefully, that sorry state of affairs is now history.

Ed Foster's Gripelog has a story on California's ruling against some of our favorite software producers and software retailers. EULAs inside the shrinkwrap are no longer good enough. Retailers with rules against accepting returns of open software could be in for hefty fines or settlements. Finally, a break for the buyer. May this spread quickly to other states.

(link) [Slashdot]

00:00 /Technology | 0 comments | permanent link