Comments on: Gartner takes Microsoft to task

Software giant should focus on securing Windows, not on entering anti-spyware and antivirus market, an analyst says.

[Bill Dautrive]

Exactly right!

Like usual, MS is paying lip service to security.

Security is an inside out thing, not a wrapper. Until they make products to be secure from the ground up, anti-virus companies will continue to see a booming business. Even most of the security 'fixes' seem to be workarounds that hide the flaw.

As for their motives for buying anti-virus firms, that one is easy. They are looking for a way to profit from their incompetance. Why fix something, or better yet do it right the first time, when they can extort money out of its many clueless customers wallets?

[Not Bugged]

Another blow from the same blowhard

Gartner's criticisms are weak, for example criticising MS for producing a new IE for XP only when a quick look at the schedule for that product shows it's going into a limited support mode just about the same time the beta for the new IE will start. A glance at a calendar should also show that Windows 2000 is now five years old, that's getting pretty long in the tooth for a piece of software.

[Andrew J Glina]

Win 2000

On the other hand, Win2K is so similar to WinXP that it is clearly just a decision designed to force an upgrade. A bit harsh, but as a Win2K user I am biased! (I feel that WinXP offers little over Win2K.)

[Homer J. Simpson]

Wrong...

From Microsofts own website: "Microsoft will offer a minimum of 10 years of support for Business and Developer products." This includes security fixes. Since MS opted to integrate IE into Windows, they should provide an IE upgrade for Windows 2000 as a matter of responsibility to their own Product Lifecycle schedule.

[tlite722]

Good advice...

for a person without a noggin...do yourself a favor and save your money if you buy this crap.

gartner, as usual, releases useless opinions to get ink with no real impact on anyone...let alone their clients. Gee, Microsoft will enter the combined antivirus/antispyware market in mid 2005...fascinating...way to go out on a limb there...

and their overriding goal should be to eliminate the need for antivirus...pretty lofty...i think we all should aspire to that. problem is that no matter how good the software is, it doesn't fix the weakest link: the dumb end user that opens or executes these viruses...thus one of the needs for antivirus after the fact.

no one wants to get sick...but all the medical miracles will never cure the common cold...

[tbeckner]

Secure?

"Until they make products to be secure from the ground up", how do they do this? Nobody in history has been able to create a completely secure product, unless of course the product did nothing! All anyone can hope for is to plug most of the holes. It is nonsense to believe they can create a perfectly secure product! Anything created by the mind of man can be broken into or bypassed by someone else. It is fools folly to believe that any product is totally secure. Operating Systems need additional security features, like wrappers. A multi-layered approach is the only way to secure software, but all layers need to be well designed and executed. To a degree everyone is right, Microsoft, Gartner, DM, ?Thorst Gorn?, and ?Joe Schmoe?, but mostly Microsoft is right. They are attacking problem in the multi-layered approach. And those who are running Windows 2000 products need to step forward to Windows XP and Windows Server 2003, because by the time IE 7.0 is released, the age of Windows 2000 products will be approaching six years.

[Bill Dautrive]

Nobody said it had to be perfect

MS develops software without concern for security, therefore its software is full of holes. Most, I repeat, MOST of the problems could have been avoided with some care. Just because writing secure code is difficult, doesn't mean they shouldn't try.

Countless security patches are not the answer, and if you think so you either no nothing of programming or are incompetant/lazy.

MS is not doing anything right. Even their security fixes are full of security holes.

Analysts

Sometimes it seems that analysts can be our enemies.
Since when is anyone or any company forced to upgrade anything based on what Microsoft does. Everybody and entity (company) has free mind and will. I moved over to Firefox, because I was tired of waiting for Internet Explorer updates. Likewise other individuals and companies can also. It may not be easy or even advisable for everyone and every company to do so. But, there is choice in the market. And we certainly don't need anlysts to tell us what we need and don't need. Give us your opinion and leave it at that. And yes I know I don't speak for everyone, but, I feel much better...thank you very much.

JC

[Prndll]

Choice?

What is choice when someone chooses to use MSN messanger and is then forced to upgrade or not use it? (according to MS decisions)

You talk about a choice to "move over" to Firefox...
Even when you use Firefox, you are still using IE because you are still using Windows.

[Jonathan]

What did you expect?

Seriously. Did you expect MS to really secure Windows. Everything MS has done to 2K, XP and probably Longhorn is intended to Band-Aid the core problem. And that problem is the default security in Windows sucks. Even MS knows that Window?s code is such a cluster**** that they aren?t focusing on securing Windows but securing the perimeter. Anti-Adware, anti-virus, firewalls, are there because MS is incapable of locking down the OS itself. And lets say for the sake of argument that they could lock down and secure the system. Even if they could they can?t. MS, actually Bill Gates under oath during the anti-trust trials stated that there are some security flaws that are in Windows because it allows the OS to function a certain way or it allows software to function a certain way. He was understandably vague since security by obscurity is a very dangerous way of securing your OS. At any rate the point is if MS did indeed lock down the OS they would break backwards compatibility and that isn?t something MS can risk without potentially endangering their beloved desktop monopoly. Maybe things will change in Longshot but I?m betting money not. I?ve got a running bet with a friend on when the first worm will be out for Longshot. I?m guessing 4 months. He?s saying a year. We?ll see. We?ll see.

4 months = eons

I'll one-up ya and say in the first quarter.

Shovel + Land = Poor Miners

Obviously M$ believes the negative hype about its own products. It is clearly stating that it cannot write safe code.

We may never have safe computing, but why lie about it and make money from it?

Bye Bye Bill.

This guy doesn't get it

Microsoft is spending billions of dollars improving the security of their software. Just because they are also planning to offer antivirus products does not mean that they are not going after root cause. They are just adding one more line of defense. No company in the world is investing as much money, time and effort as Microsoft is into solving the root causes of their security issues.

This is good strategy and a smart business move.

[Bill Dautrive]

re

<No company in the world is investing as much money, time and effort as Microsoft is into solving the root causes of their security issues.>

Yet, their products are still the most unsecure in the world.

[System Tyrant]

How about this.

According to the guy who created wild tangent and helped develope DirectX stated in an article the only way windows was ever going to become secure is if Microsoft rewrites it. Take that for what it's worth.

Marketing Does Not Mean Secure

Microsoft has sat in its marketing advantage for years, and Bill Gates believes his own marketing hype and legend (no reality to any of it), Steve Balmer is so out of touch. Fact is for years Microsoft has created the very problems it now wishes to solve has removed it?s self from it?s customers because well fact is they were all we could get even if we did not want their product but wanted a computer.

So as with the birth of Microsoft it?s self they buy and they have billions not some well known security product company but a privately held corporations that used spam to promote their security products from third world countries. This is not to say they do not have first rate programmers. Only that Microsoft could not buy any of the top security software vendors and their products, knowledge, or expertise. Yet now we are supposed to trust Microsoft? If they write the code and do not know how to make it secure how innovative and inventive are they truly? Or are they just putting those billions into patients are well known concepts and prior art like an adding machine, a type writer, a ledger sheet? Or a standard software patient for a standard it?s self.

Longhorn is just that a lost cause I feel as the cattle of the old West Angis came along and replaced them. Windows XP is like a console stereo if 1960 so much stuff inside it one part breaks the rest is useless. Work with their stud I do trust them well lost any trust in them around 1997, when Bill Gates not unlike Al Gore thought he invented the web.

Microsoft now want to take secure their own OS serious only they do not know how to do it so buy someone that hey a million is a lot of money in their country company and it?s free trust us. Me the dot com idea that you make money by offering it free is gone because you cannot make it free you will charge me now or later. The web is a dial tone that buzz you hear in the phone the faster the dial tone is clear and not for profit the better. Microsoft cannot be everything and I do not know what customer they listen to because I have not been able to actually confirm other then their actions that they simply did not listen are two days late and may have billions but you cannot but me into your product for a buck!

Ha! LOL all the web short hand expressions Microsoft+secure= DAH

first priority is money

Now if there was perfect software the software writers would soon become unemployed. It is in Microsoft's best interest NOT to make secure/good/bugfree/featureful software. If you can make people to upgrade you can charge them money.

Now if there comes a guy who thinks that this isn't good and writes some good/secure software and commits the atrocity of releasing it OpenSource what do you do? Because this heralds the end of the (imperfect product+ patches = imperfect product + money) strategy... But the guy with the money can do anything.

I say if Microsoft could profit on some obscurity like the Earth being flat in a short time you'd find TONS of "Get The Facts" studies made by famous research institutes financed by M$ proving
that the Earth was flat. That's FUD for you.

But hey for many people it's about money.