Feeds

back to article Microsoft unleashes Windows attack tool

Developers, developers …. *&^%%!!# developers who break Windows! That may well be a refrain that motivated Redmond to release a new software tool, Surface Analyzer 1.0, which explains how new apps impact Windows’ ability to repel the various varieties of naughtyware. Microsoft explains the tool’s powers thusly: Attack Surface …

COMMENTS

This topic is closed for new posts.
Bronze badge
Thumb Up

They should have been doing this years ago

Given the complexity of the modern Windows operating system today, such a tool would have probably saved us all a lot of trouble.

10
0
Anonymous Coward

Re: They should have been doing this years ago

They have had these for their server products for years, they're called Best Practice Analysers (BPA) and they're very handy, especially if you schedule them to run occasionally and report back issues.

1
0
Thumb Down

[s/They/Developers] should have been doing this years ago

Fixed.

2
0
Silver badge

Re: They should have been doing this years ago

"Given the complexity of the modern Windows operating system today, such a tool would have probably saved us all a lot of trouble."

Given the tools that gave us Windows operating system such tools could probably have saved us all a lot of trouble. - that's sorted that then !

0
0

Of course...

...now the malware developers out there can test their latest techniques against Microsoft's very own analysis program to see if they can escape detection... He Who Does Not Get Caught Wins!

3
1
Silver badge

Re: Of course...

Yes, but it's the same principle as Open Source - better to find the weaknesses and fix them, rather than trust that others wont find them.

8
0
Silver badge
Windows

Odd move

Now; I'm not denying that this is a useful tool and I fully agree with Stuart up there (+1 on its way after this).

But isn't the timing a bit odd?

I mean.. We could have used this years ago. But the upcoming future (as seen by MS) gives us development tools totally focussed on Metro, a Metro Office and (this is important): the fact that Metro by itself is basically a locked down environment. I think the latter is a very positive Metro achievement, but all the collateral (software only through marketplace) isn't.

So I don't quite get it. Metro was locked down from the getgo, its by design.

Could it be that MS is feeling the heat after all and are now releasing tools to secure the desktop app. best as possible?

1
0
Silver badge
Black Helicopters

Hmm,

sounds like a stunt to highlight issues within XP, Shitsta and 7 to make users want to upgrade to the closed, walled in garden of Metro methinks.

Or are they just out to get me?

1
3
FAIL

CRITICAL SECURITY ISSUE: Windows located on computer

Title says it all. Thats like a 1 line bash script.

7
9
Anonymous Coward

Re: CRITICAL SECURITY ISSUE: Windows located on computer

Yes, because as the school kids keep telling us, Linux and programs running on Linux have never, ever had any single security issues in the entire history of it's existence.

That's why there isn't a single website on the whole of the interwebs where these security holes are highlighted. That's why, when I search for "Linux Security" there isn't a single result returned.

Can we have a muppet icon please?

Oh BTW I use both.

10
8
Anonymous Coward

Re: CRITICAL SECURITY ISSUE: Windows located on computer

"That's why, when I search for "Linux Security" there isn't a single result returned."

Stop using Bing !

11
0
Silver badge

Re: CRITICAL SECURITY ISSUE: Windows located on computer

I have a better 2 line bash script:

read -p "You have downloaded this program from the Internet. Do you want to run it under your current login permissions? (y/n)

[ "$REPLY" == "y"] || echo "Step away from the computer. Now."

I have a four line version that asks for the root password too. ;)

2
1
Silver badge

Re: CRITICAL SECURITY ISSUE: Windows located on computer

(yes, missing " on the first line, I know...)

0
0

Re: CRITICAL SECURITY ISSUE: Windows located on computer

Not that I'm calling you an idiot or anything but if you visited http://web.nvd.nist.gov and searched for Linux in the vulnerability database and then searched for Windows you might come to your own conclusions about idiocy...

0
0
Trollface

Re: CRITICAL SECURITY ISSUE: Windows located on computer

@Nick Stallman ("Thats like a 1 line bash script."):

Which wouldn't run on a stock Windows machine. You see, Windows machines are completely immune to Linux viruses...

[Yes, I _am_ a Linux user]

2
0
Silver badge

Re: CRITICAL SECURITY ISSUE: Windows located on computer

"Not that I'm calling you an idiot or anything"

Because that would be rude. ;)

"if you visited http://web.nvd.nist.gov and searched for Linux in the vulnerability database and then searched for Windows you might come to your own conclusions about idiocy..."

Just did a search on "Linux" and "Windows" exactly as asked, for the last three months to get an up to date feel for things. Got 119 results for Linux, 143 for Windows. They look in the same sort of region to me. But I suppose it is a small difference so you're right, I guess. MS are indeed better at finding and identifying vulnerabilities than Linux.

Do you see how statistics are dangerous without examination? I'm not even saying that the above interpretation is right, I'm just saying that without careful examination, the simplisitic search doesn't show what you want it to say, and it most certainly doesn't counter my own point which was that the vast majority of security failures are due to the user, not the software and that this is true of Linux, Windows or Mac.

4
0
WTF?

Apps?

Why is anyone installing apps? Isn't everything done on clouds, now? Did I miss a memo?

1
0
Holmes

Attack Surface Analyzer has identified a security weakness

It's called "Windows".

4
11

Re: Attack Surface Analyzer has identified a security weakness

Guffaw, Guffaw... That old chesnut again?

We could also be doing with a change the record icon.

6
1
Anonymous Coward

Absurd Idea

The whole idea that Microsoft has or would ever test for weak programming, or anything with the word "security" involved is patently ridiculous.

0
2
Anonymous Coward

Re: Absurd Idea

Obvious troll in obvious troll shock.

2
0
Coffee/keyboard

"...Microsoft considers important to the security of the platform"

You guys owe me a new keyboard!

0
0
This topic is closed for new posts.