Silicon Shecky

A person I know recently wrote a nice little blog piece about how Windows 7 is a Crossgrade. They made some really nice points, but missed the mark on a bunch of others.

First off, the statement that you do not “own” your copy of Windows is correct, this statement is also true of OSX. From the EULA for OSX, “The software (including Boot ROM code), documentation and any fonts accompanying this License whether on disk, in read only memory, on any other media or in any other form (collectively the “Apple Software”) are licensed, not sold, to you by Apple Computer, Inc.” This is why its called Licensing, and while even the GNU Public License allows one to modify the source code, there are still restrictions as to what you need to do for distribution otherwise you have broken the agreement. This is not inductive of owning the software itself.

The next thing is about viruses. I do not deny that Windows has more Malware made for it than any other Operating System, but in this case its about security through obscurity. The people who are writing the majority of viruses now seem to be doing it for money, a way to get personal information and sell it. The best and easiest way to do this efficiently is to target the weakest link, which would wind up being the end user. The majority of end user machines run Windows software. Now to be a bit more fair, Apple has finally started recommending that its users get some sort of anti-malware protection. As a matter of fact there was an OSX Botnet that was found to be active last year. Heck even Linux has a botnet which winds up distributing Windows Malware. So much for that argument.

Apple did a great thing with the $30 upgrade to Snow Leopard, and yes it has Windows beat on the price point there. Microsoft did have some good short term deals when Windows 7 came out such as special student pricing and family packs, but it does cost a bit more to go to Windows 7, and in the long run for an everyday user, it would be more efficient to get a new machine. Of course last year there were a number of companies that would send you Windows 7 for free if you bought a computer from them, a free upgrade from Vista.

Finally, is Windows 7 perfect. No it is not perfect, but it is better than prior versions, and is a step in the right direction. Nobody gets it 100% correct (Snow Leopard shiped with an old version of Flash with a major flaw), but they try. Honestly Microsoft’s OS is closer to Linux than Apple’s in my opinion, considering how much more guarded Apple is about allowing people develop for it. Speaking of Linux, I do use Ubuntu, and I love it. I would love to see more people use it, but I know that comes with some risks and more chance for it to become scrutinized more. I look at Firefox and see what could happen to Linux if it became more mainstream. Linux, I feel,  first needs to become more homogeneous so people don’t have to worry about what flavor of Linux they get.

There are pluses and minuses to every OS out there, and not everyone is going to agree on everything, but at least look at things logically and thoroughly first.

Who thinks its funny that the day after Patch Tuesday, Windows 7 and Server 2008 R2 get hit with a zero day exploit that causes them to crash? Its one of those things that the timing seems suspect on. Obviously they knew about the exploit before hand, and had to confirm it before they would allow the world to know about it.

Well if you think about it, waiting till Wednesday, Microsoft basically about itself a full month to get the patch out there. Its a stall tactic. Now considering the flaw does not allow access to data, allow rooting of the OS, or anything worse than a crash, it isn’t as bad as it could be.

The whole thing that people don’t understand about an exploit like this, and say Malware that gets on your system is where the real hole is. The ultimate hole in any OS is the end user. They don’t want to hear that going to their favorite adult site is what is causing them to get infected with malicious software. They patch their system, they only go to sites they trust.

Now I do agree that holes in the OS such as the recently patched kernel flaw can cause a ton of problems. Still once that gets patched, you have less of a chance of a drive by infection. When your users go to unsavory sites, sites that do a ton of redirecting, or just sites that really are not maintained, they cause a much bigger problem.

Then there is the problem of pirated software. The funny thing about pirated software is it usually isn’t the software itself that has the malware in it, its the crack that does. Whether it is a key generator or a small file you change out, that little piece of code is what opens you up. Mind you I’m not saying that file sharing is bad. I’m not bashing bittorrent at all. In fact Bittorrent is very useful for getting legitimate Open Source software, such as Linux ISOs.

I’m also well aware of how expensive software is. The amount of profit Microsoft makes off of Office is insane, and it wouldn’t be pirated nearly as much of the price came down to a more manageable level. The thing is that there is reputable legal free software that can do most of what the expensive software does, without cracks or malicious software hiding inside of a crack. Open Office, Gimp, Linux, VLC, Audacity, and many more Open Source projects are really coming into their own.

The bottom line is no matter what we do, unless we are willing to take the time to properly educate our end users, I don’t care how much you harden your system, something will happen to it. Best to be prepared, and have a slew of tools ready. Oh, and some of the best of those tools, are Open Source and free.

A new Zero day bug could crash Windows 7 and Server 2008 R2. Both new technologies, both have been officially released for less than a month, and to top it off, its related to the SMB protocol. It seems that we have been down this road before.

A couple of months ago Microsoft finally patched a different major problem with the SMB protocol. Just like that one, the recommendation is to turn of SMB, and close the ports for it. Now this is getting a bit ridiculous that something used for file sharing, that is a common protocol, and that has had major problems in Microsoft OSes before keeps having new issues.

The real question though is how long till there is a fix for it? The previous hole in SMB took a long time for them to fix. Now add on that Small Business, while they might not be using Server 2008 R2, could be starting to use Windows 7. How will this affect the adoption of Win 7 in the enterprise? Will it slow it down? Also does this hole affect Vista, XP, SBS 2008, SBS 2003, Server 2003, Server 2008 (non-R2)?

Hopefully, we will get answers.