"Sebastian Gottschalk" <seppi@seppig.de> wrote in message
news:4qai9cFm5re1U1@news.dfncis.de...
> Dana wrote:
>
> >> No, customers wanted a *web*browser (hint: something that's suitable
for
> >> surfing the web in terms of security) *delivered* with the OS. Well,
why
> >> didn't they ship Netscape 4.x?
> >
> > Because Microsoft had their own,
>
> No, they didn't.

Internet explorer. Which when those two first came out, I would say IE was
better than Netscape.
>
> > and there is no problem with them tying it to their OS.
>
> Wrong again.

No, I am quite right. There is nothing wrong with Microsoft tying internet
explorer to the OS.


>
> > If customers wanted a different web browser, there are quite a few
available
> > for them.
>
> If customers were able to make a choice or just recognize that there's a
> difference between a webbrowser and the WWW, then they would have chosen
> Netscape on a large base and not even considered misusing IE as a
> webbrowser.

That is not what happened, Internet Explorer became the popular choice over
NetScape.
>
> >> They're integrating DRM into the kernel. That's far away from security.
> >
> > That is how they are implementing security. Which the customers have
been
> > demanding.
>
> You forgot to specify which customers. Media companies trying to sell
their
> content by using DRM against the users, these aren't customers in the
usual
> meaning.
>
> > But windows is made for the masses who have no desire to mess with the
> > drivers, they just want an OS that works out of the box with minimal
> > configuration from the user to make it work
>
> I guess even normal users want a reliable workstation for doing serious
> work. With IE, DRM, and the lack of fundamental OS enhancements like a
> well-proven crypto filesystem a la TrueCrypt or extensive network
> monitoring capabilities (for WireShark you need WinPCap), you can't do
> anything serious on such machines. Normally you should be in constant fear
> of your data getting fucked up with you being unable to anything against
> it.

No one is forcing you to buy windows. Just do not turn around and try to
demand via theo courst and governments what Microsoft can and cannot do.

>
> >> On the other hand, malicious guys will simply buy a certificate. Not
that
> >> VeriSign would be trustworthy in any way...
> >
> > On that we agree, which is why Symmatic and Mcafee and those types will
> > still be in demand to come up with software to help protect windows.
>
> No.

Sure they can if they want.
>
> >>> there should be no reason I have to buy a third product solution to
> >>> secure
> >>> the OS I purchase from Microsoft.
> >>
> >> There has never been any such reason.
> > As you pointed out, microsoft has always been weak on security.
>
> No.

Yes, it is well known that Microsoft has put out some very vulnerable
software products.

> Microsoft has done many mistakes, ranging from a crappy default
> configuration over to user applications bundled to Windows and some legacy
> issues, but the core system of Windows itself has always been a very
clever
> and well-designed highly secure system. Hey, why do you think they got
> EAL4+ certification for Windows 2000? Or C2 for Windows XP? You can't
> achieve such a thing without at least a solid base.

That still does not help how vulnerable Win 2k is to attack.
Of course being the most widely used OS also plays a factor in this, in that
more people to to crack it.