Two Microsoft Security Setbacks and Two More Failures

Dr. Roy Schestowitz

2009-03-05 16:05:00 UTC
Modified: 2009-03-05 16:05:00 UTC

Summary: Additional signs of an ever-crumbling software giant

WITH A LOT of stuff happening today, we haven't the time to cover this thoroughly, so here are just the pointers:

Opinion: Windows 7's UAC is a broken mess; mend it or end it

The changes Microsoft has made to Windows 7's UAC render it little more than a pesky annoyance. If this is the path the company wishes to go down, it should stop doing things by halves and kill it off altogether.

The Tigger Trojan: Icky, Sticky Stuff

A relatively unknown data-stealing Trojan horse program that has claimed more than a quarter-million victims in the span of a few months aptly illustrates the sophistication of modern malware and the importance of a multi-layered approach to security.

When analysts at Sterling, Va., based security intelligence firm iDefense first spotted the trojan they call "Tigger.A" in November 2008, none of the 37 anti-virus products they tested it against recognized it. A month later, only one - AntiVir - detected it.

As for general failures (not in security):

Is Microsoft's Kumo Already A Failure?

Microsoft is testing its new search product, codenamed "Kumo." VentureBeat's MG Siegler hopes the long-awaited upgrade to Live Search "performs better than it looks." Reviewing the screen shots obtained by Kara Swisher, who broke the story, Siegler says Kumo looks "like a product that fell out of the ugly tree and hit every branch on the way down. Who picked this color scheme? Blue, light orange and gray? This looks like the ugly Cleveland Cavaliers' basketball uniforms from the 1990s."

App-V 4.6: Too little, too late?

As we've all learned by now, Windows 7 is simply a tweaked Vista. The application runtime model and API support mechanisms remain essentially unchanged. In fact, there's nothing radically new under the hood, which I'm guessing wasn't the original plan. Rather, integrating application virtualization into the OS and providing at least the option of running a cleaner core software stack was no doubt in the cards for Windows 7. However, expediency ultimately trumped purity, and the resulting Vista successor is now just a shadow of what it might have been (shades of the infamous "Longhorn reset").

More to come this evening. ⬆

"LH [Longhorn] is a pig and I don't see any solution to this problem. If we are to rise to the challenge of Linux..."

--Jim Allchin, Microsoft Vice President

Comments

David Gerard

2009-03-07 01:42:06

The UAC one is jawdropping. I've just submitted it to Slashdot; please click the little "+" at the left of the title bar to vote it up.
David Gerard

2009-03-07 01:42:38

This is the Slashdot firehose link.

Recent Techrights' Posts

Slopwatch: Brian Fagioli, Google News, and Other LLM Slopfarms: Why does Google News keep promoting these fake articles?
Links 29/10/2025: Amazon Kept "Data Center Water Use Secret", "Abuse of Power" Against Media: Links for the day
Gemini Links 29/10/2025: "My Hardware Specs" and "Goodbye Debian…": Links for the day
EPO Cocainegate: Feedback and Clarifications: Part III will come out soon
Links 29/10/2025: "US Military Is Destroying the Planet Beyond Imagination" and Boat Strikes Deemed Unlawful: Links for the day
Quality Comes First (Techrights Search): It's generally working already, but we wish to polish it some more
Techrights Party Countdown: Late next week we'll be holding a party near our home
European Parliament and Council Directive on Privacy is Vanishing: "edited / censored some time more recently"
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 28, 2025: IRC logs for Tuesday, October 28, 2025
Slopwatch: The March of Slopfarms, From UbuntuPIT to Linux Journal and to Various Fake Sites Still Promoted by Google News: It's so worrying to see what the Web has become
Links 29/10/2025: CISA, Ukraine, and Amazon Problems: Links for the day
[Teaser] The EPO's Spokesperson, a Cocaine User, Fancies Young Women: How's that for "optics" in the EU and Europe's second-largest institution?
How Will António Campinos Respond to the EPO's 'Cocainegate'?: That's the same thing we saw and still see when the press deals with enablers and partners of Jeffrey Epstein
Join Us Now and Share the News - Part IV: There Cannot be Free Software Without Free Press and Free Information: One day, one can hope, more people will recognise that for Software Freedom we need free press and free thinkers
Join Us Now and Share the News - Part III: Principled Stance Is Never Cheap: Protecting the truth and insisting that the general public is made aware of things that really happened isn't cheap
Join Us Now and Share the News - Part II: Because Scarcity of Accurate Information Breeds Collective Ignorance: we too will strive to share information that's aggressively suppressed
Gemini Links 28/10/2025: More New Arrivals at Geminispace, xkcd on "Document Forgery": Links for the day
Join Us Now and Share the News - Part I: Defence of the Truth: This year we make a very strong, firm statement for truth, even if that means explaining our work to the top media judge in the country
Links 28/10/2025: Meta and Fentanylware (CheeTok) Age-Restricted Down Under, "Britain Needs China’s Money": Links for the day
Links 28/10/2025: Mass Layoffs at Amazon and Charter to Cut 1,200 Jobs: Links for the day
The Cocaine Patent Office - Part II: The Person Who Planted Paid-for Fake News for the European Patent Office (EPO) is a Cocaine User, Friend of António Campinos, Now on Record as Having Been Arrested: Background: High-level manager at the European Patent Office caught in public with cocaine, arrested
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, October 27, 2025: IRC logs for Monday, October 27, 2025
Google News Drowning in Slop (and Slopfarms That Hijack About Half the Results): Google News seems to be drowning in this stuff
Gemini Links 28/10/2025: "How to Maximize Your Positive Impact" and ASCII Art and Artist Attribution: Links for the day
PETA and Activism: Being staff or volunteer in PETA isn't easy
Big Blue, Huge Debt: debt will soar again
Links 27/10/2025: Mass Surveillance Sold as "AI", People Reluctant to Lose Physical Media: Links for the day
Parties and Milestones Again: we've begun putting up about 40 balloons
Techrights' 19th Anniversary: Bronze: Time to go back to preparing for this anniversary
Our Latest European Patent Office (EPO) Series Will Last Several Weeks, Will Ask the EPO Management and the European Union (EU) Very Difficult Questions: If nobody loses a job (or jobs) over this, then the EU basically became no better than Colombia or Nicaragua
Slopwatch: LinuxSecurity, UbuntuPIT, Brian Fagioli, and Google News: We focus on stories that are fake or LLM slop that disguises itself as "news" about Linux
Links 27/10/2025: Wikipedia Vandalism, Bruce Perens Opens up on Childhood: Links for the day
This Site Could Not be Done by LLMs Even If It Wanted to (Because It's Not a Parrot of What Other Sites Say): LLMs have no knowledge or deep understanding
Microsoft is Disloyal Towards Its Most Loyal Employees: Against its most faithful enablers
19 Years, No Censorship: No factual information is ever going to be removed, more so if it is in the public interest
We Are Not a Conventional Site, That's Why They Hate (or Love) Us: Throughout the week this week we'll be focusing on the EPO
Following the Line of Cocaine All the Way to the Top: Even a million denials and spin-doctoring won't distract from the core issue
The Cocaine Patent Office - Part I: António Campinos Brought Corruption and Nepotism to the EPO, Then Came the Cocaine: High-level manager at the European Patent Office (EPO) caught in public with cocaine, the Office has some answering to do
Purchasing/Possessing Computers Isn't the Same as Controlling Computers: Let's strive to put computers back under the control of their users, no matter who purchased these (usually the users)
Gemini Links 27/10/2025: Alhena 5.4.3 and Fixing Bash: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, October 26, 2025: IRC logs for Sunday, October 26, 2025
Thankfully We've Made Copies of More Interesting Data From statCounter: If statCounter (the Web site or the 'webapp') vanished overnight, we'd still have something left of it
More Silent Layoffs at IBM/Red Hat: when the media counts such layoffs or presents tallies the numbers are very incomplete