OT - MSFT

HB,

I have no IT credentials, but the idea that MSFT is going to come up with a revolutionary malware security program that actually works as adverised - well, to me it's a 'show me' proposition because:

1. Other MSFT 'protection' plans, such as 'User Accounts) have been horrific travesties  - I can't count how many times I've been, and still am, locked out of even changing a file name on my own Vista computer, because I don't have 'permission' despite the fact that I'm the only user, and the Administrator. The system is still incomprehensible in how it (doesn't?) work. And even if they could come up with a system that 'works', I'd want to see how many  'type 1' errors (false positives) it would come up with, denying access to programs which it (falsely) believes do not have valid certificates. (Hmm...monetize its 'brokeness' by having a 'fast lane' to issuing 'valid certifications' to companies that pony up? Nah, that's probably far too paranoid. But it doesn't rule out that MSFT doesn't screw it up to similar effect. Can't count how many times my MSFT operating systems have warned me about programs that didn't have the proper certification, that were absolutely safe in practice.)

2. It's a lot esasier to play computer security 'offense' than it is 'defense'. Playing 'offense' involves finding only one instance of unauthorized entry or operation. Playing 'defense' involves correctly identifying *every* attempt to skirt security. It's why I think hackers will always have the advantage. The US/Israeli manufactured 'stuxnet' virus more than matched any security measures by Iran. Too bad that 1. The virus got out of control (it was never meant to be spread to other computers). and 2. Infecting Iranian centrifuges with a virus that ruined equipment has been described as "dropping an atomic bomb along with the plans" - i.e., Want to learn how to make a great virus? Now that you (Iran) have stuxnet, (the original purpose was to make a virus that couldn't be detected as a virus) reverse-engineer it, learn from it, and revise to fit your needs. 

3. MSFT's track record on secure software hasn't exactly been stellar. Is there a reason at the end of the article that it says, Also see:  18 year old windows bug allows hackers to harvest credentials?

4. Trusting your computer security to MSFT seems to me kinda like asking Michael Jackson to babysit your kids.

I may be wrong.

(BTW, I notice that other people have 'cut and pasted' on this new board. Whatever I copy, it never lets me paste it. Is there some secret? Or is it just me and my Vista (no kidding) system?