Longhorn following Unix on security? - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 07-11-2005, 09:53 PM   #1 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Longhorn following Unix on security?

Longhorn following Unix on security?

Microsoft's delayed Longhorn operating system appears to be taking a page from the Unix management book by curbing user's administration rights.

Mike Nash, Microsoft's security business and technology unit corporate vice president, has said Longhorn would accord end-users certain rights and privileges apparently ending the concept that everyone using their PC is also the PC's administrator.

Speaking at Microsoft's Worldwide partner conference on Sunday, Nash indicated the architectural change is part of a move to improve security of desktop systems by limiting the ability for end-users to install applications or for malware to take control of a machine, turning it into a zombie.

The move mirrors techniques used in versions of Unix and Linux to create more limited variations of "the God user" or root account. This account provides a single user with total control of, and access to, an entire system's resources. Sun Microsystems, in particular, has touted very sophisticated user access controls - borrowed from Trusted Solaris - with its new Solaris 10 operating system. These controls let government agencies, for example, store information of different classifications on the same computer, as the OS governs who is authorized to see the data.

"In October 2003 someone asked: 'How come, when I go to a Windows machine, everyone has to be an administrator?'," Nash told conference delegates, referring to an incident at Microsoft's partner conference two years ago.

Nash said a key Longhorn feature would be increased "granularity" in administration capabilities "so people need a lower level of privilege to install applications and printers. When a higher level of privilege is required, we can elevate that. You can use Longhorn in a very effective way without being an admin."

Nash also used his presentation to try to disparage claims the open source method of software development produced more secure systems than Windows. "There's a big theory that with open source and more people looking at the source, this will lead to more secure products. We think our approach delivers more benefits," Nash said.

Among those benefits, according to Nash, is Windows XP Service Pack (SP) 2 which he said means users are up to 15 times less likely to become infected by malware than if they simply use XP SP 1 or Windows 2000 professional. Nash said 281m copies of XP 2 have been distributed during the year since launch.

Nash also trotted out figures from the Microsoft-sponsored Security Innovation study published in June that claimed Windows Server 2003 running SQL Server 2000 SP 3 is more secure than Red Hat's Enterprise Linux 3.0 running MySQL and Red Hat Enterprise Linux 3.0 running the Oracle 10g database.

The study, part of Microsoft's "Get the facts" campaign, claims SQL Server had zero vulnerabilities over the course of the year compared to seven for MySQL and 30 for Oracle 10g.

In a reference to Oracle's "Unbreakable Linux" advertising campaign, Nash said dryly: "Unbreakable? I think not."
__________________

__________________
Osiris is offline  
Old 07-12-2005, 12:45 AM   #2 (permalink)
Super Techie
 
Join Date: May 2005
Posts: 479
Default Re: Longhorn following Unix on security?

Quote:
Originally posted by Warez Monster
Longhorn following Unix on security?

Microsoft's delayed Longhorn operating system appears to be taking a page from the Unix management book by curbing user's administration rights.
hey, they are finally learning

Quote:
Originally posted by Warez Monster
Mike Nash, Microsoft's security business and technology unit corporate vice president, has said Longhorn would accord end-users certain rights and privileges apparently ending the concept that everyone using their PC is also the PC's administrator.
that's too new to get used to.. it took me about 1 month to completely get used to the concept that i don't have to use root account all the time.. if they are ganna do that, they better copy the same easy procedure like su root to switch to admin, or else they are so not getting anyone to use a more restrictive account :|

Quote:
Originally posted by Warez Monster
Nash said a key Longhorn feature would be increased "granularity" in administration capabilities "so people need a lower level of privilege to install applications and printers. When a higher level of privilege is required, we can elevate that. You can use Longhorn in a very effective way without being an admin."
feature?? let's rephrase this as heard in the long time MS fan's ear: "you cannot do everything you wanted, you cannot always be the 'god' of your own system.. so we are taking away most of your rights to do whatever you want on your system".. unless they got this advertisment campian down pad, i don't hear many people responding to this notion :|

Quote:
Originally posted by Warez Monster
Among those benefits, according to Nash, is Windows XP Service Pack (SP) 2 which he said means users are up to 15 times less likely to become infected by malware than if they simply use XP SP 1 or Windows 2000 professional. Nash said 281m copies of XP 2 have been distributed during the year since launch.
mmm.. ok.. you compared relative new updates to a older system... but you didn't support your previous claim that your closed source system is better than open source system.. where is the benefit in comparing a older system to a newer system running the same software?? as you clearly stated " We think our approach delivers more benefits".. more benefits to what? open source system?? you didn't mention open source system, how can it have more benefits?! of course you suppose to have more benefits in an update.. that's why they call it an update in the first place

Quote:
Originally posted by Warez Monster
Nash also trotted out figures from the Microsoft-sponsored Security Innovation study published in June that claimed Windows Server 2003 running SQL Server 2000 SP 3 is more secure than Red Hat's Enterprise Linux 3.0 running MySQL and Red Hat Enterprise Linux 3.0 running the Oracle 10g database.
didn't linux format website have already proved that all the "independent sources" you cited to be somehow related to you?!

Quote:
Originally posted by Warez Monster
The study, part of Microsoft's "Get the facts" campaign, claims SQL Server had zero vulnerabilities over the course of the year compared to seven for MySQL and 30 for Oracle 10g.
when you see "zero vulnerabilities", you know right away they are talking lies.. i'm a advocate of unix, and i never talk unix as if it's perfect.. in such a complex system, it will have vulnerabilities.. if you don't have it, your lying.. period..

Quote:
Originally posted by Warez Monster
In a reference to Oracle's "Unbreakable Linux" advertising campaign, Nash said dryly: "Unbreakable? I think not."
hey, everyone! come and look, the "Microsoft's security business and technology unit corporate vice president" (just discovered how darn long his title is when i copied and paste it.. and we know this guy couldn't know too much) is going to demonstrate once and for all how to break into a *nix box!!
__________________
lisp hacker :D
running: FreeBSD 5.4 - still learning :D
develop with: SBCL + emacs for lisp, Anjuta IDE +gcc for c, SPE for python..
browse with: opera
furtivefelon is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 12:21 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.