Secret agents on fire and Microsoft feels the love

Everything's gone horribly wrong

Letters Excuse us, but what colour is the sky out there? Is this Earth? Have we stepped through some kind of Stargate-esque parallel universe mirror? The reason we are so confused, is that so many of you have written in in support of Microsoft. Yeah. Really. Mindboggling stuff.

And what did the Beast of Redmond have to do to earn cuddly points from the usually hostile Reg readership? Add security to its operating system:

Erm excuse me, I don't _want_ software integrated with my OS at kernel level. There's plenty of ways to implement a firewall solution without having to resort to doing things at such a low level in the operating system.

Personally I feel all warm and cozy knowing that someone somewhere is doing something to make my choice of OS more secure and less susceptible to malicious activities. I actually welcome the idea that developers should be forced into implementing their solutions using OS-legal methods, maybe we'll see a noticeably reduced bug/problem count in the long run across all software titles.

Craig


Hi John, at the risk of sounding like I agree with M$ on something this seems like it would be the least they could do to make their product safer let the after-market security people do what they have to, their products are nearly always a week late and poorly engineered steaming piles of dung anyway. I have never used an anti-virus that didn't cause more problems than it solved ditto the old anti malware leaving big holes in the registry and killing already (usually) marginal machines requiring a real reinstall almost every time. Normally I am sympathetic to developers of any kind of software but these guys just seem like parasites. --Alan


I would rather not have J-Random AV software installing itself all over my system and hooking into the kernel. It's a major cause of system instability and I uninstalled the ZoneAlarm "security suite" for that reason. I don't like software that keeps running even when I explicitly quit it (ZA has to be uninstalled to really stop working!). I find the fact that all AV companies seem to be really scared of Vista a very good sign.

Nikolaus


Well, maybe not everyone was pro MS:

"rely on Microsoft and only Microsoft for Windows security"

In that case, it's time to change the slogan for Vista from "a breakthrough computing experience" to "a breakthrough hacking experience". Every time I read the words "Microsoft" and "security" without the notion of poor or lacking, I imagine black hats everywhere laughing their heads off. This is going to have them gasping for air for days on end.

Pascal.


I think what they wrote just proves a lot of ignorance on side of the developers at Agnitum. Agnitum is already using undocumented interfaces, undocumented structures - in short: hacker methods. Why are they so resilient to using it in future? Is it because they know they should have gone for the clean solution but did not because of tight deadlines and now realize they are "behind the schedule"?

BTW: Joanna Rutkowska has already announced to present a method to circumvent KPP without rebooting.

Oliver


Is the bell tolling for the big computer shows? Or was that just the sound of a death knell we heard? Either way, seems you lot hate walking around Comdex almost as much as we do:

What you say about IT shows applies to many other exhibitions too. The London Marathon Expo is absolutely enormous. It is miles from any car parking, which is of course quite extortionate at about £3 per hour. (I parked in Geneva for two hours a few weeks ago and it only cost a Euro!).

Anyone fool enough to turn up to it the day before the Marathon and walk around all afternoon buying up some very good offers will suffer the next day. I only went myself as I was requested to help out (next year, the answer will be no). I'd done the sensible thing and registered earlier in the week.

If you look at the size of the Excel centre it's evident that large exhibitions are big business.

Douglas Adams was nearly right. It wasn't shoe shops, it was exhibition centres.

John


That was so good that my legs ached in remembrance of the last few Comdex shows. :-}

The ultimate killer of the shows is really the Internet - that's what added speed to the decline of the major shows. While it isn't quite as 'real' as physically being there, the costs and time involved are orders of magnitude apart, the information is current all year, and access does not require an airplane ticket and travel time.

While I miss the shows in some minor ways, such as outside entertainment, the overall situation is better for everyone except the show outfits. Frankly, I don't feel sorry for their loss as they caused it by milking everything for large profits. Ultimately, greed and technology did them under.

Bill


I hear you. I can't remember the last time I managed to walk around an entire "big" show. Now if I could just find a way to to be seen to exhibit without actually going I'd be delighted! Ah well, back to preparing for IBC, the yearly huge broadcasting show in Amsterdam in September, just as the rain re-starts in earnest.

Cheers, Paul


Diebold and its voting machines make an appearance this week after a long absence. This is because they seem to have pioneered one button hackability. A useful feature, we are sure.

I can see it now: no matter how close the U.S. elections are (or are not) this fall, there will be someone - an "R" or a "D" - contesting the results. While it is the case that even a paper trail can be rigged or tampered with, it remains inexcusable that any voting system implementor would ever even consider designing and deploying a system that cannot bear up to manual scrutiny.

And think of the trees! If we weren't chopping them down to make rolls of receipt tapes and reams of printer/copier paper, they'd be subject to over-crowding, falling over onto each other, and rampant forest fires. Wood is good; the ultimate renewable resource.

-Del from the Pine Tree State, where we still use paper ballots


The process of voting is far too important to automate it. It is not open to public scrutiny, it involves hardware and software that can [and will] be tampered with in any number of ways.

The old-fashioned way is still the best: a piece of paper and a pencil. Just count the ballots with eyeballs attached to juries from all parties. Add them up and make sure you count all the votes. The US was unable to count all the votes, a disgrace if it would happen in a democratic country.

Compulsory voting by all citizens on paper ballots counted by real humans. It costs a bit of time and money but maybe, just maybe, it will prevent the country from going to war, an enterprise not altogether devoid of economic consequences in its own right. The vote is for the people. The sad thing is that they don't seem to understand how incredibly important it is that they actually take the time to go and do it.

Jorge


"...exploiting this shortcoming would require physically opening up the machine and a certain amount of hardware and programming skills, but that's hardly an insurmountable barrier to a sufficiently motivated hacker."

Would you use the same reasoning to suggest that bank vaults are insecure? After all, getting in would require physically opening up the door and a certain amount of hardware and ruthlessness in dealing with the guards, but that's hardly an insurmountable barrier to a sufficiently-motivated robber.

Michael

Sponsored: Today’s most dangerous security threats