Feeds

Surprises inside Microsoft Vista's EULA

Not a thing of beauty

SANS - Survey on application security programs

If you listen to pro-Microsoft journo Paul Thurrott (whose protestations of fairness and openness are about as accurate as those I hear from FOX News), this has always been the case: "The Windows XP EULA appears to implicitly allow infinite transfers because it doesn't explicitly explain how many times one might transfer a single copy of XP. As it turns out, infinite transfers wasn't the intention." Ohhhhh! How silly of the thousands and thousands of people who read "You may move the Product to a different Workstation Computer. After the transfer, you must completely remove the Product from the former Workstation Computer," in the Windows XP Professional EULA and then actually took what it said at face value!

C'mon. How stupid does Thurrott - and Microsoft, who fed him this line of bull - think we are? They can attempt to rewrite history all they want, but that doesn't erase the truth: Microsoft is limiting, in a ruthless fashion, what security professionals and other users can do with the operating systems they buy. Ed Bott's, "Get facts, not spin, about Vista's new license" exposes the lies and misperceptions coming from Redmond and its shills for what they are, and I urge you to read his piece. What's the result of Microsoft's actions? Less freedom and much higher costs to end users. And, I'll add, a further lowering of respect for Microsoft.

If you thought that the legal troubles the company faced in the late 90s would perhaps mellow it out, you were wrong. Far from it. The draconian limitations I've discussed could only be enacted by a monopoly unafraid of alienating its users, as it feels they have no other alternative. Microsoft may yet learn, however, that there are limits to what its users will bear.

To paraphrase what my fifth-grade teacher often told his rambunctious class, "Beware the wrath of a patient user base." Security pros have already given Microsoft a deserved black eye over the never-ending string of gaffes and vulnerabilities streaming out of the company. It seems now as though another black eyes and a bloody nose may be coming, along with a final wave goodbye. There comes a point at which corporate hubris causes a fall, and we may be seeing the beginning of that collapse. If so, Microsoft will have no one but itself to blame.

Scott Granneman teaches at Washington University in St. Louis, consults for WebSanity, and writes for SecurityFocus and Linux Magazine. His latest book, Hacking Knoppix, is in stores now.

This article originally appeared in Security Focus.

Copyright © 2006, SecurityFocus

Top three mobile application threats

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.