microsoft
10 Jul 2004“We must also work to change a number of customer perceptions, including the views that older versions of Office and Windows are good enough, and that Microsoft is not sufficiently focused on security.”
Microsoft CEO Steve Ballmer, addressing employees on the urgent need to deceive customers more aggressively, News.com, 6 July 2004
This is an interesting quote. Odd as it may sound coming from an inveterate Microsoft-hater, I don’t blame Microsoft entirely for their security problems. They are walking a remarkably fine line between making a product so usable that the dumbest of the dumb can use it, while maintaining some semblance of security as the #1 most targetted operating system in the world. It’s not a task I envy. Now, some programmers better than I (pretty much anyone) that are up on security might be able to make a case specifically for what Microsoft is doing wrong. All I know is that if the forces of idiocy and malice currently focused on Windows were ever to be unleashed on the UNIX world, I am not convinced it would fare much better – at first, at least.
Regarding the quote specifically: I think the answer to this is remarkably obvious. I, and many others I am sure, are disinclined to ever run the latest version of Windows because of its hardware requirements. WinXP is a bloated pig compared to Windows 2000. The number of user-perceivable changes are small, even if the security has been completely overhauled. If there’s no perceptible reason to upgrade, and it involves buying 512M of RAM and an upgraded processor, many people just won’t do it.
There has never been a security problem in all of my dealings with UNIX that involved changing the bulk of my operating system entirely, much less upgrading my physical computer, to fix.
A while back there was a rumbling about the specs for the new release of Longhorn:
Microsoft is expected to recommend that the “average” Longhorn PC feature a dual-core CPU running at 4 to 6GHz; a minimum of 2 gigs of RAM; up to a terabyte of storage; a 1 Gbit, built-in, Ethernet-wired port and an 802.11g wireless link; and a graphics processor that runs three times faster than those on the market today.
Now, I have since heard that this was bogus, and perhaps that these were just for a “target” system. Let’s hope, for Microsoft’s sake, that it was. Otherwise, they are going to have a whole lot of people opting to stick with Windows 2000 or XP.
Microsoft has, for far to long, put usability before security. You see the opposite with Linux, both ways have their flaws. Arguably the Linux approach is better, but we’ll likely never see a large number of linux based desktops to prove that point for a number of reasons. Microsoft is really trying in some cases though, XP SP2 is impressive, and Server 2003 is locked down by default.
If you want specifics about what they’ve done wrong.
Regarding Balmer’s quote, I have to disagree with you. 95% of the PC using population will never upgrade their OS from OEM preinstall. They buy the thing at CompUSA, they use it till they have some reason to upgrade, they upgrade, the cycle continues. Hardware requirements (for the OS) are something that matters only to geeks and pseudo-geeks (the people that watch TechTV). And you don’t need 512M for XP. My primary box has 256M, and that is perfectly adequate until I’m running SQL Server and a development environment. Until a year ago I had a Celeron 333Mhz with 128M that ran XP decent, it wasn’t a great experience, but it ran.
And with anything Longhorn, who cares, it’s so far out that a $400 Dell will probably be 6Ghz dual core by the Longhorn launch.
Oh, one more thing. I am very curious about how MS plans to sell Office 2003. It offers nothing compelling if you aren’t prepared to invest in XML data services, and I doubt most small business and home office users are going to make that investment.