Microsoft Pulls Vista RC2 Public Download

"Finding points of entry in Microsoft software has become so profitable that there's a lucrative black market business around the practice."

This point has been made numerous times here. You finally agree? Whichever OS is what is running on the majority of computers will be the target of these "lucrative businesses". As a datacenter manager, I would rather run UNIX or Z-OS for most of my critical apps...for mid-sized databases, MS-SQL is the standard. It used to be for file servers, you had Novell or Windows...now the standard is NetApp filers...No where in the mainstream enterprise datacenter, do you see X-Serve...and I don't think you will any time soon.

--tayme

"But honestly Vista isn't going to be any worse than XP in terms of security."

Maybe that should be Microsoft's marketing slogan for Vista: "Honest...It's no worse than XP!"

Yeah. That'll work! ;-)

I agree with Orion that Vista could use a little more time. I think if they waited until January before RTM then they could have something that was pretty much rock solid in terms of stability, unlike the rather dodgy experience a lot of people seem to be having now (something in RC2 makes it less stable on my PC than RC1).

On the other hand, when they do release it, I believe it won't be security that stops corporations from adopting it quickly, but application compatibility. The evidence for this lies with those who still aren't on XP SP2, they need their applications to continue to run. Even though MS do apparently try everything to remain compatible with apps, they can't check everything and stuff does break. With Vista, this is going to be even worse as apps are prevented from writing to places they previously could, or editing registry entries as if they owned them. As much as MS have worked on making this a non-existent problem, it will still be an issue.

And Preseton, can you please try and be consistent in your paragraphs? Windows is due a rewrite because Win32 dates back to DOS, yet Unix (with even older APIs) isn't? And I'd be willing to bet that the report on PatchGuard came from Symantec. And I'd also suspect that the changes "hammered onto the old Win32 codebase" are there to *reduce* the number of potential points of entry for hackers.

@orion:

I'm sure most departments will be waiting for SP1 before considering Vista, if they're even thinking of leaving 2000 or XP at all. Given the new changes that Microsoft has hammered onto the old Win32 codebase, there are a lot of potential points of entry for hackers to exploit the system.

There's already a report that PatchGuard is expected to be cracked and publicly revealed within the year. That means direct kernel access for malicious code.

There are probably millions of lines of code in Windows. It's been developed over a long time and while there's a lot of stuff in it that needed hardening, it's likely that the work they're doing is going to make it the most secure OS for the number of users that use it.

While *nix has a better base most programmers are not security experts and so all that code out there can be compromised if it's written poorly.

And while Vista may not be ready (I'm of the personal opinion it could use a little more time in the oven), it will probably be fine by Q3 2007. Microsoft probably won't even slow down development of Vista significantly until late next year. Vista's release now while prudent financially and ultimately fine for both businesses and consumers is premature. But honestly Vista isn't going to be any worse than XP in terms of security.