Comments on: Vista plays hide-and-seek with hackers

Windows update beta aims to foil attacks by loading key system files in different locations each time the PC starts.

[firstlast]

Drop in ocean

It's a drop in ocean but finally we might see more secure Windows!
---
Pixel image editor - http://www.kanzelsberger.com

[qwerty75]

Weak band-aid fix

Ah, the great minds at MS.

First of all, it will not take long to identify the 256 possible locations, making this worthless. A hacker would just need slightly more code.

This is why the need to start from scratch. There is very little internal security built into the kernal and these lame workarounds don't work very well.

Look at OSX and Linux and see how tough it is to hack into and call system functions. Ask yourself if they got to that point using amaturish "security" solutions just like this one. Now wonder why the company with the largest bankroll can not do the same.

This is just more ineptitude from the most inept software company in the world.

[qwerty75]

also

If this is an example of the security improvements, stay far away from Vista or pay the price!

[Tanjore]

Microsoft is not claiming that it is the only security fix!!!!

You sound as if microsoft is publishing that this is only fix they are putting in.

Microsoft is going in the right direction.

[aabcdefghij987654321]

Hey MS, how about making your code secure instead?

Na, never happen.

[Mr. Network]

Obviously you are not a developer

You think it is just a matter of writing better code? If you're so smart why don't you offer to help? Microsoft has the best minds in the world hard at work trying to make Windows the most secure O/S in the world.

Code is logic, anyone with intent, coding abilities, and a sharp mind can poke holes in any logic. The logic contains millions of possibilities and exceptions. If you're smart enough to find a work around or 'exception' to some of the logic you can poke holes in it.

If it was just a matter of writing better code it would already be done. The problem is that knowledge and/or logic evolves on a daily basis.

Ever have a good thought and then a few weeks later have a thought on how to make the previous idea better? It's the same concept. So again, if you're soooo talented, why don't you do it and be quite; then everyone will buy your software because it is soo frikkin l33tski.

~Mr. Network

[grangerfx]

Oh yea. That will work.

*bangs head against computer screen*

[UntoldDreams]

Agreed

I can't believe any reputable security engineering team... even ones at Microshaft... would think this would solve anything for any length of time.

I don't get it. I don't respect their work very much but this is far "beneath" them.

The only outcome of this is that they will create more OS bugs rather than decrease viruses.

[UntoldDreams]

That's insane.

I can't believe any reputable security engineering team... even ones at Microshaft... would think this would solve anything for any length of time.

I don't get it. I don't respect their work very much but this is far "beneath" them.

The only outcome of this is that they will create more OS bugs rather than decrease viruses.

[willdryden]

MS has ignored security since Win95

The three basic functions of any multiprocessing OS are I/O control, memory management and CPU scheduling. Starting with Win95 and apparently continuing through Win Vista, they have forgotten to include I/O control in the OS. Buffer overruns should not be possible. The OS should truncate the I/O automatically to fit the allocated buffer as it did in MS DOS. This leads to some really weird data if you make a mistake coding the application, but the security of the system is maintained.

I hope some MS programmer reads this and takes it to his boss. MS has been writing dangerous OS's FOR YEARS.

[qwerty75]

That is crazy talk

Win95 had the most secure password system ever devised.

I mean, making someone think of a word or at least random letters and digits to gain access to any win95 box is security at its finest and most advanced!!! ;)