h2g2 The Hitchhiker's Guide to the Galaxy: Earth Edition

I noticed a quote in an article which caused me to crack up. Brad Abrams, the program manager for .NET frameworks, had said, "...Microsoft is embracing Internet standards and practices."

When I told my father about it, his reaction was, "When you're strangling someone, it's possible to describe it as an embrace."

I found it amusing reading a Microsoft article on Point-of-Sale (POS) systems in which they say that Open Source software is less secure because anyone can look at the source code and find the holes in it, whereas a closed source system like Microsoft's does not suffer such vulnerabilities.

That would explain why Windows systems get hacked into regularly then, would it? And why OpenBSD is so secure?

Nice try Microsoft. Not very convincing though. They of course fail to mention that if someone does discover a hole in Open Source software they're quite likely to fix it themselves rather than using it to hack into somewhere - since it seems that the majorty of hackers hate Microsoft.

By 'hacker'... do you mean 'cracker'? Microsoft systems don't get hacked, because there's no source code to hack. They do, however, get cracked. Broadly, the opposite is true of Linux.


I find this argument laughable. As Eric Raymond said, as Linus' Law: "Given enough eyeballs, all bugs are shallow." I don't know about (Open|Free|Net)BSD.

POS systems would only be vulnerable to changes by the public if a) they had source code on the system, b) it had a keyboard, and c) they were running the thing as root. None of these is a good idea for a POSS. Windows 9x (not WinNT or 2000, and I don't know about ME) is impossible to run as a nonprivileged user, and so are much *more* vulnerable.

Yes, I meant 'cracked'. Woops.

And I think Microsoft were talking about cracking coming through the Internet, not from members of the public in the shop - presumably they're assuming shops will be using the Internet to link their shops together and transfer stock information etc. etc.

(Oh yes, Me has almost identical multiuser features to 9x - that is to say, virtually none and certainly no access restrictions)

That makes the statement even more silly. See link 4 on my liks page for some statistics - quite shocking, I think you'll agree.

If you configure the firewall properly (prob. on another machine), you can surely stop any third party from using a nonprivileged account to do anything dangerous at all to the computer. Of course, there are likely to be back doors...

#include

Yes, and the back doors are the reason why closed-source is considered less secure, because you can't look inside and find them.