Why Microsoft will fail
Some material is very old and may be incorrect today
© February 2009 Anthony Lawrence
Poor Microsoft. The phrase "caught between a rock and a hard place"
tells exactly where they are right now. The "rock" here is that
Microsoft desperately needs to fix the horrible security they
are famous for and the "hard place" is that their user base
doesn't want them to do that.
Oh, of course the Microsoft users want to be secure. They
are sick to death of worrying about viruses and zero day attacks. They
are sick of virus software bogging down their work. Users
WANT security. They just don't want to have to do any work.
Microsoft went a long way toward fixing security with Vista.
They added User Access Controls (UAC) that pestered users
with "Do you want to allow this action?" type prompts. Users
hate them and no wonder: most of the time we have no idea
WHY we are being asked such questions or what the effect might
be if we answer yes or no.
The complaints about this feature were legion. Everybody
hated them. Even people who should know better want them
gone: ItWire, writing about how Windows 7 may well be a do or die effort, begs
please no more endless UAC dialogue boxes
Microsoft, ever anxious to satisfy its customers, decided that
users should have control of this feature. After all, if you
are always going to just hold the door open and invite any program
that asks to do as it pleases, why bother to ask? So Windows
7 includes user settings to eliminate those silly questions. Do
I want stuff to just install? Why, yes, thanks. Ask me no
questions and I won't have to admit my woeful ignorance.
But - oops! - apparently someone has found a way to
change those setting without your knowledge:
Code aims to bypass UAC security in Windows 7 says that
two kids came up with a way to do that. That's not too surprising
by itself, but Microsoft's reaction is. They say that's OK:
(from Microsoft Denies Windows 7 UAC Vulnerability)
"However, Microsoft is standing by the change to UAC's default
setting, saying it was the result of "a great deal of usability
feedback on UAC prompting behavior," and that the feature cannot
be exploited unless there is already malicious code running on the
machine and "something else has already been breached.""
Well, yeah, and we all know THAT will never happen.
Just some other random thoughts:
- - IBM would dearly love to squish Microsoft between the high and the low end
of the market, and they are aggressively pushing Linux at both ends. I think
the idea is that Microsoft becomes the toothpaste..
- - Folks are getting concerned about Microsoft's closed security model. Code
Red sure is contributing. A recent article in Computer World quoted several
people as saying they plan to move off Microsoft at least for Web servers.
- - The Dept. of Justice may have screwed up this time, but the States aren't
giving up and my bet is that DOJ will try again anyway. Microsoft is too
much the bully to get away with this forever.
- - In spite of licenses that say they are blameless, surely someday somebody
is going to succeed with a suit for damages from lost business. It may be
someone damaged collaterally- e.g., someone flooded with Code Red messages
from compromised Microsoft servers- Microsoft's licensing has nothing to do
with that. I am not a lawyer, of course, but I've always admired their
creativity in such matters.
- - Other countries, like China as a great big example, don't like Microsoft
(just because it's a U.S. company) and are quite likely to move to Linux
officially or just de facto. The influence of those markets will only make
Linux stronger here because of the increased incentive to port for the
millions and millions of customers.
- - I buy a few shares of Microsoft every month. Given the whimsical
playfulness that the gods have exhibited toward every other effort I have
made to amass wealth, I can almost guarantee that the company is heading for
the big flush Real Soon Now. Nothing would make me happier than to lose
every dime I have in their stock.
If you found something useful today, please consider a small donation.
Got something to add? Send me email.