"Just trust us" as Microsoft's security policy

According to The Register, Microsoft has announced that 64-bit Windows Vista will be a black box to which only Microsoft has a key. Microsoft Security VP Ben Fathi apparently compared developers insisting on the ability to patch the kernel to "a Sony Walkman user invalidating their warranty by opening up the device" and stated "That's just not the way the box was designed... we're putting a stop to that."

While the desire to avoid having multiple application-installed kernel patches floating around is noble, I would have to ask if you trust Microsoft to know what is best for you. Perhaps next Microsoft will decide to deliver the "64-bit Windows Vista Service Pack 1" kernel on a secure ROM encrypted with your Windows license registration number. Time will tell if I've just inadvertently given away their strategy for 2009, but we can see how well "security through obscurity" has worked for Microsoft to date.

Compare that approach to that of OpenSolaris. While patching the kernel is something we go out of our way to make sure you don't have to do, we certainly don't forbid it. Our kernel API? Documented right here. You can browse the OpenSolaris source code here, or jump right to the kernel source directories here. It's up to you. We don't need to hide our kernel from anyone, least of all developers who want to know how things work. There are even books written by Sun engineers explaining how things work in detail.

If we don't already provide a capability you want, go ahead and add it. Submit the source code and we may even integrate it directly into our tree. Find a security bug? By all means let us know; you can even submit a fix if you like. Want to write your own scheduler? Feel free. New VM subsystem? If you've got the time and talent, go for it.

The key is that we won't prevent you from doing what you need or just want to do to make OpenSolaris more useful for you. We try to make OpenSolaris as feature rich as possible "out of the box," but logic dictates that we can never be all things to all people. You should feel free to customize things if you need to for your particular environment. That's what open source is all about.

In short, you're in control of your Operating System when you run OpenSolaris. Isn't that the way it should be?

If you're Microsoft, apparently not.

Comments:

So as I understand it, I have no other choice but to use Solaris/Linux/BSD or something else. OK put SATA drivers for common HW and BlueTooth and I dump f$%\^ing WINBLOWS. Someone tries to sell me his used laptop ( I am a geek). If I buy it, guess what I will use. Damn microsoft you hurt my feelings, I am gonna cry... from happiness :-)

Posted by Vasileios Anagnostopoulos on October 25, 2006 at 05:36 AM MDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

kucharsk

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today