back to article Microsoft unleashes Windows attack tool

Developers, developers …. *&^%%!!# developers who break Windows! That may well be a refrain that motivated Redmond to release a new software tool, Surface Analyzer 1.0, which explains how new apps impact Windows’ ability to repel the various varieties of naughtyware. Microsoft explains the tool’s powers thusly: Attack …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Thumb Up

    They should have been doing this years ago

    Given the complexity of the modern Windows operating system today, such a tool would have probably saved us all a lot of trouble.

    1. Anonymous Coward
      Anonymous Coward

      Re: They should have been doing this years ago

      They have had these for their server products for years, they're called Best Practice Analysers (BPA) and they're very handy, especially if you schedule them to run occasionally and report back issues.

    2. Gordon Fecyk
      Thumb Down

      [s/They/Developers] should have been doing this years ago

      Fixed.

    3. Chemist

      Re: They should have been doing this years ago

      "Given the complexity of the modern Windows operating system today, such a tool would have probably saved us all a lot of trouble."

      Given the tools that gave us Windows operating system such tools could probably have saved us all a lot of trouble. - that's sorted that then !

  2. KrisMac

    Of course...

    ...now the malware developers out there can test their latest techniques against Microsoft's very own analysis program to see if they can escape detection... He Who Does Not Get Caught Wins!

    1. h4rm0ny

      Re: Of course...

      Yes, but it's the same principle as Open Source - better to find the weaknesses and fix them, rather than trust that others wont find them.

  3. Anonymous Coward
    Windows

    Odd move

    Now; I'm not denying that this is a useful tool and I fully agree with Stuart up there (+1 on its way after this).

    But isn't the timing a bit odd?

    I mean.. We could have used this years ago. But the upcoming future (as seen by MS) gives us development tools totally focussed on Metro, a Metro Office and (this is important): the fact that Metro by itself is basically a locked down environment. I think the latter is a very positive Metro achievement, but all the collateral (software only through marketplace) isn't.

    So I don't quite get it. Metro was locked down from the getgo, its by design.

    Could it be that MS is feeling the heat after all and are now releasing tools to secure the desktop app. best as possible?

  4. Anonymous Coward
    Black Helicopters

    Hmm,

    sounds like a stunt to highlight issues within XP, Shitsta and 7 to make users want to upgrade to the closed, walled in garden of Metro methinks.

    Or are they just out to get me?

  5. Nick Stallman
    FAIL

    CRITICAL SECURITY ISSUE: Windows located on computer

    Title says it all. Thats like a 1 line bash script.

    1. Anonymous Coward
      Anonymous Coward

      Re: CRITICAL SECURITY ISSUE: Windows located on computer

      Yes, because as the school kids keep telling us, Linux and programs running on Linux have never, ever had any single security issues in the entire history of it's existence.

      That's why there isn't a single website on the whole of the interwebs where these security holes are highlighted. That's why, when I search for "Linux Security" there isn't a single result returned.

      Can we have a muppet icon please?

      Oh BTW I use both.

      1. Anonymous Coward
        Anonymous Coward

        Re: CRITICAL SECURITY ISSUE: Windows located on computer

        "That's why, when I search for "Linux Security" there isn't a single result returned."

        Stop using Bing !

    2. h4rm0ny

      Re: CRITICAL SECURITY ISSUE: Windows located on computer

      I have a better 2 line bash script:

      read -p "You have downloaded this program from the Internet. Do you want to run it under your current login permissions? (y/n)

      [ "$REPLY" == "y"] || echo "Step away from the computer. Now."

      I have a four line version that asks for the root password too. ;)

      1. h4rm0ny

        Re: CRITICAL SECURITY ISSUE: Windows located on computer

        (yes, missing " on the first line, I know...)

    3. iaston

      Re: CRITICAL SECURITY ISSUE: Windows located on computer

      Not that I'm calling you an idiot or anything but if you visited http://web.nvd.nist.gov and searched for Linux in the vulnerability database and then searched for Windows you might come to your own conclusions about idiocy...

      1. h4rm0ny

        Re: CRITICAL SECURITY ISSUE: Windows located on computer

        "Not that I'm calling you an idiot or anything"

        Because that would be rude. ;)

        "if you visited http://web.nvd.nist.gov and searched for Linux in the vulnerability database and then searched for Windows you might come to your own conclusions about idiocy..."

        Just did a search on "Linux" and "Windows" exactly as asked, for the last three months to get an up to date feel for things. Got 119 results for Linux, 143 for Windows. They look in the same sort of region to me. But I suppose it is a small difference so you're right, I guess. MS are indeed better at finding and identifying vulnerabilities than Linux.

        Do you see how statistics are dangerous without examination? I'm not even saying that the above interpretation is right, I'm just saying that without careful examination, the simplisitic search doesn't show what you want it to say, and it most certainly doesn't counter my own point which was that the vast majority of security failures are due to the user, not the software and that this is true of Linux, Windows or Mac.

    4. Rob Carriere
      Trollface

      Re: CRITICAL SECURITY ISSUE: Windows located on computer

      @Nick Stallman ("Thats like a 1 line bash script."):

      Which wouldn't run on a stock Windows machine. You see, Windows machines are completely immune to Linux viruses...

      [Yes, I _am_ a Linux user]

  6. Zack Mollusc
    WTF?

    Apps?

    Why is anyone installing apps? Isn't everything done on clouds, now? Did I miss a memo?

  7. Homer 1
    Holmes

    Attack Surface Analyzer has identified a security weakness

    It's called "Windows".

    1. CmdrX3

      Re: Attack Surface Analyzer has identified a security weakness

      Guffaw, Guffaw... That old chesnut again?

      We could also be doing with a change the record icon.

  8. Anonymous Coward
    Anonymous Coward

    Absurd Idea

    The whole idea that Microsoft has or would ever test for weak programming, or anything with the word "security" involved is patently ridiculous.

    1. Anonymous Coward
      Anonymous Coward

      Re: Absurd Idea

      Obvious troll in obvious troll shock.

  9. Kiwi
    Coffee/keyboard

    "...Microsoft considers important to the security of the platform"

    You guys owe me a new keyboard!

This topic is closed for new posts.