Posted by: reformedmusings | August 30, 2008

Microsoft: The nighmare never ends

I try to keep up with the ZDNet blogs to see what’s cookin’ in the computing world. Recently they’ve had a number of interesting news items that paint an interesting picture when taken together.

First, Microsoft is sticking it to Windows XP Pro users yet again. Although they cannot even give away Vista to corporate IT departments, they originally included a kill switch to prevent piracy anyway. Microsoft used the kinder, gentler euphemism of “reduced functionality mode” in fine 1984 fashion. Although aimed at pirates, it produced collateral damage as expected amongst legitimate users performing normal functions. Inundated with negative feedback, they decided to remove the kill switch from Vista Service Pack 1 (SP1). Instead, they replaced it with a nag screen that looks like system death but supposedly retains system functionality. The is all part of another great Microsoft euphemism: “Windows Genuine Advantage.” The advantage is obviously theirs because they get your money and then give you what they decide that you deserve.

What’s that got to do with Windows XP Pro? Well, now Microsoft likes this version of its Vassal Control System (VCS, my more accurate term for WGA) in Vista so much that it’s adding it to XP Pro, putting legitimate XP users, including corporate ones, in the crosshairs again. This would probably be a good time to turn off Automatic Updates in your XP Pro system. Otherwise, Microsoft could just make it a silent update without user knowledge or concurrence like they’ve done before. Don’t believe the automatic Windows lie-box that will pop up telling you that you system is at risk. You’ll simply need to track security updates manually every week or so, downloading and installing them yourself to ensure all legitimate patches are current, that’s all. I did that for a while before switching to Kubuntu Linux and it all worked fine. Just roll it in with your regular virus, rootkit, adware, disk defragmentation, and file system and registry maintenance tasks. You are doing all those at least weekly, right?

Second, Microsoft wasn’t happy with just controlling your Windows experience. Oh no, they’ve moved on to their Office suite. Some months ago they decided to add their Vassal Control System nag to Office. I guess that will provide a consistent user experience for those Microsoft deems pirates, even if you’re a legitimate user who simply updates your system. This would be a good time to move to the free and open source OpenOffice.org, which even works great under Windows if you’re a dedicated vassal.

Third, Microsoft has been granted a patent for “page up” and “page down” for moving through documents. This has been a standard feature of keyboards since before the PC era, so I’m not sure how they got away with this one. Amazing what you can do with an unlimited quantity of money and lawyers. World domination, one page at a time.

I’ve saved the best for last. If you are a dedicated Microsoft vassal, you’re probably thinking that all this is no big deal because Microsoft has provided (for a hefty price) a stable and secure operating system and you never update your hardware or system BIOS anyway. Guess again. Two researchers have essentially rendered Vista’s security almost useless. It wasn’t that hard to slide a worm or virus in before, but now Mark Dowd and Alexander Sotirov have gone to the core. They have found a way to bypass Vista’s memory protection scheme simply using Java, ActiveX (the greatest security hole ever invented), and .NET elements in Internet Explorer. Using this approach, one can load arbitrary code almost anywhere in the memory system (depending on the exploit), allowing control and/or monitoring of your computer by anyone smart enough to write the code (or download it) and there’s nothing that you can do about it, other than switch to Linux. This makes rootkits look like child’s play, even though I’ve seen dedicated Microsoft bobble-heads trying to downplay the significance around the web.

How does all this add together for me? I think that these tidbits and past history shows Microsoft as a company more concerned with a handful of pirates (who will always find ways to bypass piracy protection) than either their legitimate customer’s user experience or their customers’ data security. Microsoft expended huge efforts embedding Internet Explorer deeply and indelibly into Windows, yet short-sheeted actual browser capability that would improve browsing security and overall user experience. That’s not too surprising since they didn’t write the original browser code anyway. They expended countless man-decades on their WGA anti-piracy system, which is really just a user-abuse system, yet left their users’ systems open to exploits based on gaping memory security holes in the core operating system. Years ago, I admired and even tauted Microsoft’s achievements, but over time their conduct and lack of performance wore the empire’s vernier transparently thin. I’ve long since thrown off the shackles of vassalhood to live free, just as the Jaffa freed themselves from the Goa’uld false gods.

At this point, if you’re a Microsoft vassal and not mad or scared, you might want to check your pulse. As for me, life is not only stable and secure here in Kubuntu Linux and Open Source land, it’s all free! And freedom tastes of reality. Sleep well!

Advertisements

Categories

%d bloggers like this: