Have to agree with you. As the owner of a small computer shop where I have been fixin' for 18 years, I don't see how ANYONE can trust an MS product in a high-security function. The MS rush-to-market of new products is based on pure greed and speed, not quality. MS has NEVER produced a tight, high quality, secure product.

It is insane to be able to install an OS in 20 minutes and then have to spend 3 hours on broadband doing "upgrades" and "upgrades to the upgrades". Nothing but an attempt to put stacks of band-aids over the Grand Canyon.

Everyone is relying on the supposed security of software firewalls. They are forgetting that those firewall products must conform to MS code requirements and that the MS code is the problem in the first place!

Call MS with a detailed explanation of a problem and what do you get? "Yup we are aware of this . . . it's a 'Known Issue.'" Is there a fix? Maybe, sometimes. Are they going to fix it? Probably not. "Known Issue" is their bureaucratic do-nothing file. Some of the "known issues" in Windows 95 are still in XP Pro. Problems in the kernel of DOS 3.0 are still present in the XP kernel.

If General Motors, Ford, and Chrysler built vehicles like MS builds products, you would have to take your car in for a recall every other day. How long would the public and the government put up with that? If the public knew exactly what kind of trash products MS is pushing, they would quit buying the products, and force MS to do it right or die. No one is telling the HONEST story, and MS money is buying government and media blindness.

The largest department at MS SHOULD BE a large group of old timers who understand memory structure/allocation and machine architecture at its very base, and who do nothing but try and infiltrate code and identify any sort of existing or potential problems to be cured BEFORE release of a new product. These guys are a dying breed and companies won't hire them because they are "too old" and they will stand up to bureaucratic bullshit. Instead, you have a few recent college grads who are supposedly "Programmers", who work cheap, who are easily pushed around by corporate bureaucrats, who don't have any idea of assembly language, memory addressing, IRQ structures, basic hardware, or where holes really come from. All they know is how to plug in modules in C++ or Visual Basic with no regard for the potential holes created in linking those modules. One sorry mess.

Rely on an MS product in a Nuke facility? INSANITY!! But, on the plus side, MS product screw-ups have made me a nice living for years.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/6767/21734#21734