On Wed, Apr 28, 2010 at 11:27 AM, John Aldrich <[email protected]> wrote: > If the Microsoft security model is so good, why did it take them so > long to make it harder to run as a local admin by default?
It's not the Windows security model, but rather, Microsoft's apathy and lack of clue which has led to so many security problems on 'doze. NT supported everything you needed to secure a system in 1993. Microsoft didn't think security was important so they didn't bother. Microsoft apologists blame this on the software vendors, saying Microsoft couldn't do that because software vendors don't corporate. But when Microsoft wants to, say, create a new API for something, they just do, and abandon the old one, and everyone else has to play catchup. When hardware doesn't work with Vista, the same Microsoft apologists blame the hardware vendors for not publishing updated drivers. You can't have it both ways. Microsoft *could* have made security a priority. They didn't. Several major Microsoft products (Office, Visual Studio) have has trouble with admin rights. I remember parts of Office 2000 didn't work right without special permissions. When challenged that the Win 2000 logo (which O2K had) said that was a problem, Microsoft's response was that it didn't count. A similar thing happened with Visual Studio 2008. It's good to be the king -- you get to ignore your own laws. I've read that most people within Microsoft run with admin rights on their local PC. Microsoft's come a long way, but I still think there are large factions within Microsoft that don't get security. You end up with the security people fighting having to policing their own app people, or whatever. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
