According to my inside source, after overloading too few developers with too much work, Ballmer, Sinofsky and Co. blamed them for delays. Now they're busy undermining and/or purging the veterans from Redmond soil. Only problem is, when they're through, there will be nobody left to write Windows code. That's a bad idea from any perspective, especially security.
Can a network run better without a professional network manager? In a continuing discussion with a self-taught, small business network administrator... who some think is a hero, but others charge is a goat... I discovered that sometimes, the answer is, "Absolutely yes!"
The new breed of rootkits is operating system-agnostic. 64-bit implementations of BSD, Linux, MacOS X, Windows Vista are all considered vulnerable, as long as they're riding atop the wrong chips from AMD and Intel. VM rootkits quietly sieze control of the chips' virtualization technology to control or pervert any and every process the attacker chooses. Current defense possibilities are depressingly mechanical.
Microsoft security guru Jeff Jones is extending the meme that Windows is more secure than Linux. Ever curious, I decided to check out his assumptions and methodologies. Setting aside easy red herrings like the timing of fixes, I still came across judgment calls that less MS-centric researchers might have made differently.
When we first built our newsblog, existing blogging software was dumb and ugly. So we wrote our own blogware in Python, using Zope as the platform. It was beyond state-of-the-art. But blogging software grew up with lots of exciting features, while simply maintaining our custom-built platform became more and more painful for our guy with more important things to do. In the end, we gained a lot, and lost a little.