Microsoft disses Windows security to sell...more Windows

I stumbled across this fascinating Microsoft tutorial today entitled "How to Justify a Desktop Upgrade." It's an attempt to coach IT professionals on how to sell desktop upgrades internally. Apparently the value of Vista is not readily apparent, requiring detailed instructions on how to connive and cajole into an upgrade from XP.

The most intriguing thing about the tutorial is its implicit rejection of Microsoft's older technology. Just a few years ago Microsoft was pitching the world on how secure and cool XP was. Now it's telling us largely the opposite:

[M]anagement may not be aware that the most compelling reason to migrate to a newer operating system, such as Windows Vista, is to take advantage of the latest security features.

"The problems with positioning upgrades is that, from a user perspective, the changes may not seem significant. But from an administrative perspective, some of the security features are huge,? [Bruce Johnson, a Microsoft partner] said.

"So, as an IT person, who is responsible for the security of the company from viruses and for making sure that everyone is safe, there are many features in Windows Vista that I like. It does a great job of keeping people from being able to browse certain sites. It protects from viruses, because there are a lot more things that will get locked down, and the lock down tends to be tighter. You have a tougher time having things happen accidentally. Probably the biggest hassle from a security perspective [with past technologies] is that users tended to run as administrators. In Vista, that?s not the default anymore."

Read between the lines and Microsoft is saying, "Our old security model was horrendous. defaulting to have users run as administrators? Foolishness! Oh, and guess what? Most of what we offer in Vista is not very new and hence not worth the upgrade, but since XP was a leaky ship, you'd better jump to Vista because it's Very Secure...at least, we'll say it is for now, until we need to upgrade you to our next OS."

With headings carrying such comforting thoughts as "The hidden cost of vulnerability," it's small wonder that many of us just dumped Windows altogether years ago in favor of the Mac (or Linux, in a smaller percentage of cases). When Microsoft's best reason for upgrading to Vista is how abysmal its old technology was about security, I can't see myself lining up to buy it.

Neither, apparently, can Microsoft, requiring it to devote web pages to showing ways to convince one's boss that an upgrade is necessary. It used to argue that XP is too expensive and that enterprises will save money by spending more money with Microsoft. Now it argues that XP's security stinks and hence requires an upgrade. Perhaps the Mac and Linux worlds just need to wait for Microsoft to do their marketing for them.

[theopensourcerer]

Here's a similar story via Silicon.com: http://www.theopensourcerer.com/2007/12/10/vista-beaten-by-both-apples-mac-os-x-and-linux/

[jspencer09]

So are you saying that the 6 year old Linux kernel is more secure than the kernel of today? 6 year old Linux, 6 year old Mac OS is more secure than the modern version? Regardless of OS, I think it's pretty safe to say that anything new will be more secure than the older product. Why such a shock then that a newer WinOS is more secure than an old one. You want to switch, use an alternate OS, more power to you, but your premise is flawed. ANY new OS will be more secure than any 6 year old OS.

[The_Decider]

Age has nothing to do with security.

Your premise is flawed and smacks of total ignorance.

[Kilz]

The premise that Microsoft is secure is flawed. There has never been a version of Windows you can run without antivirus. Linux users for the most part (even 6 years ago) do or did not install antivirus.
The patching history is also sad. It takes months to never for flaws to get patched with Windows. A flaw found in linux is patched in no time.

[jspencer09]

Decider: Age in and of itself doesn't have to do with security, but there have been many viruses, trojans, etc released into the wild in the past 6 years. If you were running a 6 year old Linux Kernel vs. A 2007 version, I would ever so humbly submit that the newer kernel is more secure, as it contains patches to all the security exploits that have been discovered, whereas the 6 year old kernel does not. Make sense? Thus, my original premise still stands. And let me break it down into small words so you can understand. Newer kernel better than older. 'k?
Kilz: Stop drinking your Penguin flavored Kool-Aid and read what I wrote. Nowhere in your post do you refute the concept that a 6 year old linux kernel is less secure than a modern what. That's what I wrote. It was an OS independent observation.
Now, everyone, feel free to resume your regularly scheduled MS bashing. Have fun kids.

[The_Decider]

Your premise is flawed.

Got some data to prove that the linux kernel today is more secure?

Or that Vista is more secure(LOL) then XP?

Newer does not always mean better. Sometime yes, sometimes no. that you think otherwise shows you are technically ignorant.

[nlindblad]

"Dear evil company.

You're almost 40 years behind in OS design. The simple principle of regular user accounts is that they are *regular*, they shouldn't have total administrative access.

Good thing it only took you eleven years or so to figure this out.

What will you do next? "Revolutionize" the world by including a distributed filesystem? Or build a stable base-system before stealing OS X features and looks?

It's OK to look at the various UNIX-copies, after all, that's how you got networking support in the first place."

[Matt Asay]

@jspencer09: No, I was just saying that flogging a product you were defending to the world a few days before the Vista launch is bad form. I can see Red Hat positioning its new releases with "enhanced XXXX" and what-not, but I doubt they'd ever say, "Our old software was really bad - you really should get the new software." It's a matter of emphasis. Microsoft is deriding the software that most of the world still uses. That might get people to upgrade to the newest version. It should get people wondering whether its new version is really going to be any better than the last version it promised was manna from heaven.

[interoperate]

Interesting news. So tens of millions of computer users throughout the world should be thankful to Microsoft because Microsoft is about to unleash a new round of global Windows XP installations via initiatives such as Windows XP on the Asus Eee PC, Intel Classmate PC and $3 Windows XP bundles for the so-called third-world!

Given that Microsoft is doing this, knowing full well that it is an irresponsible action from perspectives such as security and a Total Cost of Ownership, won't this new generation of global Windows XP users be justified in a class legal action against Microsoft?