I wonder what the developers of MS forefront or Windows OneCare would have to say about that...

It's nice to know that when Vista is adopted we won't be troubled by any of those one million PC networks of zombie clients pumping out spam anymore...

Yeah, right.

Regarding Allchin's comment about ASLR...

"And I wanted to do this in Windows XP SP2, but we couldn't figure out how to do it. So then a smart guy here came up with a solution, so we put it in Windows Vista."

Interesting that a multi-billion dollar company couldn't figure it out...But someone else did!

WehnTrust (Its free for home user.)
=> http://www.wehnus.com/
This has been out for over a year now!

Another one is called "StackDefender".
=> http://www.ngsec.com/ngproducts/stackdefender/

Both use technology based on PaX. The open source project that came up with ASLR in the first place!

I agree with Dustwolf! It seems that all these companies want to do is prevent users from doing things they want to do. I wonder how many people will actually buy windows Vista and what the Future of Windows XP. I have run across DEP serveral times when I tried to run programs that are not damaging. Then it just locks up the computer. For end-users that are not techy, it makes it hard for them. I see the future of computers with a free of charge OS similar to linux. This is why I have heard a lot of people wanting to move to Apple. I would be concerned about not having Anti-virus software on any computer. Then you would be relying on Microsoft for upddates. I know they are better now, but what about their track record with updates? I am a IT guy too. :)

Another one of those magic "features" that impair computer usability so much that nobody is going to use it...

Take for example the "Content Advisor" in Internet Explorer or the "Data Execution Prevention" in Windows XP. The stuff might as well have a button saying "Click here to sell your soul".

When are those silly programmers at Symantec, Microsoft, etc going to realise that impairing the usability of the computers is not the right way to approach security? ...You know, honestly, what would you think most people would rather have... a free of charge antivirus package or an OS that doesn't allow them to use the computer for whatever it is they want?

YES...I WASNT USING ANY antivirus software from 2003 until now in windows xp!!..i will continue to use vista without antivirus..because i am an IT guy, i know when & how will virus come!...But all the thing is that you need to be SAFE & PRECAUTIONS!...Who said no one can live in windows without AV..i am here, i can prove,email me at guruparan@rediffmail.com

Is this a machine that stays offline permanently?

Stupid thing to say, this guy has just invited hackers to find an exploit in Vista, and I predict that withen the week they will find one now.

Goes back to the original argument about security: is Windows vulnerable because it is targeted or is it targeted because it is vulnerable? I think a little of both, personally, but due to Vista's over-touted security features and Window's popularity in general, it will be attacked just as much as XP was.

I do believe it will be much more secure than XP was, and those 'instant-exploits' that older XP versions had will finqally be non-existant, but Windows is still Windows and hackers are still hackers. I feel it will be much more secure, but this coming after a new report where symantec claims even MacOS needs virus protection--like Symantec or not, some end-users respect them still. This makes MS appear to be the idiots, and the statement made was definately stupid EVEN IF HE WAS RIGHT.

Mwahaha.
Turn back to Windows is complete insanity, dhjdhj if you are going to use anti-depression drugs, prepare and change to Vista.
Windows XP was secure to Bill Gates, now Vista is going to be so secure, well I can Imagine.

Misconception will stay forever in Windows book of story.Palladium and remote atestation will be your major source of nightmares, wait and see...
When you lost control of your life to your computer you will remember me...

Yeah Allchin, not much of a threat when your 7 year old kid is doing nothing but hanging out on Disney.com - what happens when a 15 year old obsessed with porn and warez and is infesting your hard drive with a plethora of software embedded with virus' and spyware.

You send him to military school because you have obviously failed miserably in your job as a parent.

Wow...that was easy.

When Allchin had blocked all sites for his son except a few which he knows wont infect his system, and prevents his son from installing any program, how would it get infected. This is like locking up a prostitute in a jail for 2 yrs and saying that she is no more a prostitute and had been a very decent lady for the last 2 yrs. Windows is still windows and had all security holes and would get infected once exposed. If u lock up all means of getting infected, how can u say that it is secure? Wake up microsoft and smell your a** to know how stinky it is!!

Because miltary schools welcome troubled teenagers, rather than positive, motivated individuals who actually want to be there?

The solutions are just not that easy, otherwise problems like this wouldn't be an issue anymore.

Every harlot was a virgin once...

"It's my favorite feature within Windows Vista, it's called ASLR (Address Space [Layout] Randomization) .. a smart guy here came up with a solution, so we put it in Windows Vista."

A smart guy at MS never did come up with the solution it's been around on other systems at least five years before Vista and it isn't totally secure. Software can never provide total security. Such protections belong in hardware, in the memory management unit.

"in my opinion, it is the most secure system that's available"

You mean the most secure version of Windows, don't you.

"We have .. found .. buffer overflow, and those have been removed in Windows XP", Jim Allchin Feb 2002

http://www.gentoo.org/pr...ened/docs/pax-howto.xml
http://pax.grsecurity.net/
http://www.phrack.org/archives/59/p59-0x09.txt
http://www.eweek.com/art...1895%2C1657633%2C00.asp

Thank goodness - now I can get rid of my brand new Mac Pro and throw out all my Linux servers too.

(sigh)

As Bill Gates once said, "640k of RAM should be enough for anyone...." Famous last words.

Famous words, yes. Too bad he never actually said them.

He said for anyone... Not forever :-)))))

Why is it people always take this out of context?

If I said, right now, that 1TB ought to be enough for anyone, I'd be right, hell, I'd be overstating it by a wide margin.

...and ten years from now, people would be taking it out of context, in unbelief that I could have somehow thought 1TB could ever have been enough.

640 *was* enough for anyone. Back then, when the comment was made (yes, it was made). No timetable was ever given for how *long* it would be enough. In fact, Microsoft was already working on making it obsolete when that was said.

For anyone, not forever... No-one's stupid enough to think anything will last forever.

Microsoft always hypes its new OS and we all know that they do it. When XP was released it was also touted as being more secure:

In October 2001 it was announced on CNET that
"Microsoft on Wednesday launched a major security initiative intended to address concerns that its software is prone to security problems and virus attacks."
http://news.com.com/2100-1001-273885.html

It's five years later and XP is still prone to attack.

I feel Vista will be the same. It was ripped to shreds by Hackers at the convention they took it to. Sure, Microsoft fixed those holes, but if hackers can find flaws within such a short space what other holes are there?

Anyway, most security flaws exist between the keyboard and the chair. If somebody is dumb enough to use a Windows environment they're dumb enough to double click that attachment in their email.

Microsoft is notorious for overconfidence. Ignore them, maybe they'll go away.

... err... Really, really... say in 1 year, how many times you think we'll have to format our Vista running machines? I know I only did it once on my mac (that's the first time I got it - and that's cause I got it 2nd hand). On the other hand my PC have 2 partitions, one exclusively for the OS cause it is always prone to Formats.
:-P

That's because you don't know what you're doing. I haven't formatted a computer in 2 years. That might be out of around 1000 I've worked on.

Also, instead of complaining about Microsoft's security problems, I'm going to run Vista without antivirus and see how long it takes to get infected. If I were to venture a guess, I'd say it will take well over a year.

Bandy,
I'm sittin here absolutely legless (indeed if it weren't for the spell correction, I'd be stuttering), do not have to reach far to make a mistake, when I do is the fingers are not as quick as the intellect.
Am very much a noob, but have only ever been caught once and that was "vstub".
Typing this on an Alienware Aurora M9700, specked to the max.
Tried installing Fedora6 three times on the second partition, no go will work on it.
Should also point out using W'Doze silent intall I made this afternoon, incredible! No coasters!
I said I was legless, so before I miss the point, Bandy, as a noob can't wait until I can re-engineer Vista, 'cos at the moment it is 15GB of junk.
Cheers,

"That's because you don't know what you're doing. I haven't formatted a computer in 2 years. That might be out of around 1000 I've worked on."

Probably thats coz u use it as a dedicated server for playing minesweeper. Enjoy!

Yeah, that's what I did with those 1000 computers, used them for minesweeper servers. That's EXACTLY what I did.

It is must absurd comment. Track record of Microsoft on security is poor. Let's look at XP.
There was second service pack plus countless patches to plug security holes. Anyone who thinks
Antivirus software is useless is crazy.

While I understand everyones displeasure with Windows XP and microsoft in general. Lets take a step back and look at this from one other prospective, shall we.

How many business systems are run on MAC OS or Linux systems? MAC, a small percentage, but they are there. Linux or Unix based, alot more but still not as many as Windows based OSs

How many government systems are run on MAC OS? Few to none. And the same for Unix/Linux, quite a few but mostly in server based or on LAN based systems.

To recap, over 60% of computers on the network are based on Windows OS and hackers are going to go after systems either with valuble info or to easiest to come by. That means Windows. In turn this means more people trying to find ways to get into them and then lets add in peoples overriding needs to be elitists.

All of this adds up to you linux/unix/MAC os elitist bashing on a system that may not be perfect but still runs my PC everyday. Has only been reformatted once in two years and plays ALL of the games I like. I CANT SAY THAT FOR LINUX/UNIX/OR MAC OSs.

SO put that in your pipe and smoke it. MY XP will RUN ALL of MY GAMES. YOUR OS WONT.

PMildren,

My *nix box will run all of my games and even some of yours. Unfortunately this isn't about games, it's about your data getting infected. When it comes to data Microsoft could prove to be a poor choice. In terms of government UNIX and Linux usage I think you must be wrong. Most public schools = MAC and most government data processing, DOD labs, design, and engineering = *nix. People who need to type up a Word or Excel document will use Windows or a Mac, or just use OpenOffice.org and be done with it. Thank you.

Don't forget the biggest part of the government, the people who need to type up a Word or Excel document, the bureaucracy. I'd bet most of those secretaries and department heads are using Windows. Not that I think PMildren's tone was necessarily appropriate for defending an OS with such a spotty security track record; but he did have a point, because windows is the largest target because it is the most homogeneous target.

His seven year old son without a anti-virus is probably reasonable. A business machine without a anti-virus would be a little scary. Although I think if I'm only using my machine for gaming purpose, Vista would be okay without anti-virus softwares. Well, those big anti-virus softwares REALLY slow down the computer afterall...

"So then a smart guy here came up with a solution, so we put it in Windows Vista."

Wow. That's all I can say.

"I would say that Windows XP SP2 did an amazing job, and I'm proud of what we did there."

Okay. So his standards are on the low side.

With statements like this from the MS co-president, does anyone wonder what is fundamentally and endemically wrong with MS?

People like you?

Headline:

Allchin is wrong!

...though I hope not.

"Security is a practice, not software."

It's both in equal measure. A car with no locks requires far too much more care to be plausible to secure than one with an alarm and immobiliser.

Newsflash: A computer is not a car. The analogy doesn't work.

Every time they use the car analogy, it fails miserably...

One would think they'd learn.

Installing anti-virus on a car would be closer to installing a boot. Sure, it's harder to jack, but the trade-off ain't worth it.

One would think they'd learn.

...and he goes and posts one of his own.

hrmm

vista home without areo=barebone civic
vista home with areo=same but now you have rims... they spinnin man they spinnin.

lol,
the car analogy DOES work!

Does anybody still listen to MS nowadays? Wait, why the heck did anyone even call him anyway?

It's going to take sometime before we can put Microsoft and security in a plausible way in a sentence without laughing or snickering...

LAUGHING OUT LOUD

Security is a practice, not software.

Most intelligent comment I've ever read on these forums, so much so I was compelled to reply.

Something I don't usually do.

well vista has a new admin system where it prompts you on every task before it runs so it might be prone to less viruses but everyone knows someone will find a way around this eventually.

XP doesn't need Anti-virus either. Run users as users, follow best practices guides, patch your box.

We run a network of 300 workstations, and the last "virus" was found 2 years ago, and was the result of javascript vulns, and it did nothing, because the user is a user.

AV is a reactive technology, slows down systems, causes instability on it's own (yes all of them also have had security issues themselves.)

It's pretty much a waste of computing resources.

Totally agree with you.

I have to agree also. As an experiment I've had a machine running with all users in 'limited/user' mode of XP SP2 and to date after a good year and a 1/2, no viruses, no malware - nada....it doesnt have an AV installed, the only thing I have enabled on there is a FW, and I do login in admin mode to install patches and install all software on the machine (since some software packages won't install as a 'user'). Anyone who sets foot into my home is allowed on this machine. And though my wife has her own machine, she tends to use it alot, since it's in our living area (an she is a computers' worst enemy, believe me).
I check for viruses monthly using the sarc scanner (Symantec AV online). Every month that I don't find a virus, I'm in shock all over again. I'm not saying XP is perfect by any means, but I think that if the majority of people ran it the way it was supposed to be run, viruses wouldn't be as prolific on windows machines. People are lazy however, and logging into another user to install software doesnt appeal to many. I suppose the blame still rests with MS in that it's just not 'easy/friendly' to install software unless you're in admin mode.

In any case - one of the big reasons MS gets so much bad press is because the top dogs love to make statements that beg to be proven wrong. This guy will eat his words soon enough, unfortunately.

I think you hit it on the head. Vista is not bad but its way too bloated. Looking at the hardware requirement, it's just overkill.

It's going to take 75% resources at stand still.

Why can't they just go back to the drawing board, bite the bullet and rebuild a well conceived OS? And please, don't start me up with the backward compatibility mess.

I suppose the blame still rests with MS in that it's just not 'easy/friendly' to install software unless you're in admin mode.
Actually, no properly programmed application should require you to be in admin mode unless you are trying to install it for more than one user account.

same here...

3 years without AV installed, and it's working great. Yes, I need to d/l patches once a month, but that's it. I'm quite happy with my XP installation.

If you use your brain, you won't get a virus. If you won't, not even Norton 2010 or SP400 will help you...

example: Quickbooks. If there was a security layer higher than admin, Intuit would utilize it.

I lay a lot, and I mean a lot, of blame on the software industry. We run student labs and have no choice but to lock down the pcs. We spend an enormous amount of time granting permissions down in the registry as well as the file system so that "user" class accounts can run the crappy application! Most "users", aka computer owners, cannot get those poorly written applications to work in a "user" class account, so they just continue to use the admin class account.

Now, after reading my own comments above, I appear to be defending MS... which actually scares the daylights out of me! I dislike the stranglehold they have as much or more than most. We continue to run NetWare, Solaris, and Linux servers because they just work... 'nuf said!

I could not agree with anything more then this statement. Start from the ground up. And get new "REAL Programers", adn tell them that they need to make the OS run on a 286 with 64MB of ram. Write some tight code. enough of this bloatware. Write it in machine code(assembely) like Steve Gibson does.
I will get down for the next person to step up to the soap box.

Anyone think his comments might just be a way to lure XP users to upgrade?

Come on in..the water is fine...grab a cup of our koolaid while you're at it....don't worry about the bitter aftertaste ;-)

LOL. True that.

286 with 64MB of RAM? No. Try 286 with 2MB of RAM and a 20MB hard drive, dude. Might be able to run at 12MHz with the turbo button pressed in.

BS.

Memory add-in card.

You can get a 286 up to 256MB easily. (or at least, you could back then....parts are probably not available now.)

I had a 286 with a 14.4 modem, 400MB hard drive(connected to an IDE add-in card that fooled the BIOS into thinking it was a 40MB while allowing me to use the entire 400MB) and 256MB of RAM (on a daughterboard). Ran my BBS off of a RAM drive, door-games and all. That computer kicked ass...for it's time.

Almost wish I still had it.

So if we use Vista, we will die. Wellsir, before now, nobody has made any convincing arguements to sway me from upgrading. Now that I know the use of Vista may kill me, I think I will wait.

Vista like "Dancing In A BodyCast"

I'd pay to see that.

It doesn't use 75% - it uses 56%... ;-)

We have Vista RC1 running on a computer for demo & testing purposes, with 1GB RAM, 128MB video card. It uses around 600MB of RAM when doing nothing.

But its not bloated code, and they *did* bite the bullet and rebuilt it. Thats what took so long! Its a resource hog because of what they are *doing* with all that code. Vista is fully rendered in 3D, instead of the 2D pixel mapping of previous OSes. Also, it is fully indexing the entire hard drive at all times, so that when you search, your results are instant (like Google Desktop). Oh, also, they made it "pretty" with a resource-intensive GUI.

I'm not a huge fan of Microsoft, but Vista *is* what will dominate the PC world before too long. Might as well get used to it.

"Also, it is fully indexing the entire hard drive at all times..."

If you disable indexing, will that free up much in the way of resources??