decoration decoration
Stories

GROKLAW
When you want to know more... 		decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books

Gear

Groklaw Gear

Click here to send an email to the editor of this weblog.

You won't find me on Facebook

Donate

Donate Paypal

No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.

What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments

Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
Even if MS get a clue and do some | 367 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
MS & security
Authored by: Ronny on Wednesday, March 20 2013 @ 10:50 PM EDT
MS have made some serious efforts to improve their security, but the focus has
been mostly on implementation rather than design. They still fail on design.

There has actually been some real work done at MS on security. For example, the
study done about ten years ago showing that Windows had about ten times as many
bugs per KLOC as Linux was re-done not long ago and showed them to be on
approximately an even footing.

On the other hand:

I had to implement Microsoft's TMG firewall not long ago (under protest) and it
had some pretty severe problems.
- At one point we had two people editing the firewall ruleset at once. This
corrupted the ruleset and effectively wiped it. (MS needs to learn about the
radical new "locking" technology.)
- The transparent proxy feature is basically either "on" or
"off", you can't have it on for one network and off for another. This
means that our DMZ can't access the Web at the moment because the network is set
to route outgoing traffic, so source NAT is not applied; instead the outgoing
interface IP on the firewall is used, and if that's a private address
connectivity breaks. In theory there is a configuration fix for this, which in
practice is ignored.
- If a nontrivial ruleset is backed up from one server and restored on another,
the ruleset cannot be edited once applied on the new server without jumping
through a number of hoops to renumber the rules.
- A server with 4GB of RAM is constantly running out of memory because it caches
objects in RAM (not metadata, but actual objects) and there is no way to modify
this behaviour.

If you look at the above list all items can be characterised as design issues
rather than as coding issues. This is arguable with the first (locking) issue,
as it's possible that they implemented locking but just screwed up the
implementation.

[ Reply to This | Parent | # ]

Even if MS get a clue and do some
Authored by: Anonymous on Thursday, March 21 2013 @ 09:16 AM EDT
redesign work, users are still screwed because Adobe and others leave big
holes in the software that runs on Windows.
Chris B

[ Reply to This | Parent | # ]
Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details ) 		Site layout based on Woodlands theme by Bryan Bell.
Groklaw logo by John Crowley.
News Picks logo by Ted Thompson.
Powered By GeekLog
Created this page in 0.03 seconds