• Trustworthy computing memo is 20 years old

    • This topic has 5 replies, 4 voices, and was last updated 1 year ago.

    Do you feel more secure?

    Memo from Bill Gates – Stories (microsoft.com)

    Read the original memo. Do you feel that we’ve changed since then?

    Susan Bradley Patch Lady

    Viewing 4 reply threads
    • #2418540

      Well, let’s see:

      Every few years I have sent out a memo talking about the highest priority for Microsoft. Two years ago, it was the kickoff of our .NET strategy. Before that, it was several memos about the importance of the Internet to our future and the ways we could make the Internet truly useful for people. Over the last year it has become clear that ensuring .NET is a platform for Trustworthy Computing is more important than any other part of our work. If we don’t do this, people simply won’t be willing – or able – to take advantage of all the other great work we do. Trustworthy Computing is the highest priority for all the work we are doing. We must lead the industry to a whole new level of Trustworthiness in computing.

      From Bill’s memo (linked by Susan).
      Published on: January 11, 2012.

      Windows 8 was released on: August 1st, 2012.


      DEFCON at 1 on: January 16, 2022.

      Susan Bradley: “For those running a network with a domain controller, the side effects this month are extreme. Don’t patch.

      And so it goes.

      Like clouds and wind without rain is a man who boasts of a gift he does not give. ” Proverbs 25:14

      Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

      MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
      Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
      macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

    • #2418549

      Do you feel more secure?

      Memo from Bill Gates – Stories (microsoft.com)

      Read the original memo. Do you feel that we’ve changed since then?

      Absolutely NOT feeling more secure, just being most INsecure. It seams like in relation to the public, the revenues from public has become the sole product.

      “Have ‘we’ changed?”  Yes, you have, unfortunately.


      * _ the metaverse is poisonous _ *
    • #2418942

      Apparently, Microsoft accomplished its goal, and everyone trusts them now. Microsoft cancelled its Trustworthy Computing Initiative in 2014, shortly after Satya Nadella took over.

      Era Ends With Break Up of Trustworthy Computing Group at Microsoft



    • #2419115

      I think that starting with Windows 10, Microsoft has thrown their trustworthiness completely away.  This could be a why-I-don’t-like-Windows-10 rant.  I don’t want it to be.  One of the things I don’t like is the all-or-nothing massive monthy rollouts for Windows updates.  I was used to maintaining a logbook indexed by KB-number that told what the update did, and if it was toxic or safe.  And if it was toxic, I could block it.  And I didn’t appreciate ‘critical security updates’ being sent to me as adware to get me to update to Windows 10, or have it modifying the OS to backdoor TOS-policies from Windows 120 into Windows 7.  Like the policy which said (parapharasing): if Microsoft finds software and files on your system that Microsoft thinks you should not have, Microsoft reserves the right to delete it.  That must explain why bookmarks keep vanishing from browser lists.  I have a lot of old content and records.  Source code. Financial code.  Private correspondance.  I don’t want Microsoft to be rummaging through it looking for things to delete, or otherwise telemetry-tize.

      I was used to a telemetry where if there was some critical error message, up popped a box asking if I wanted to send the crash report to Microsoft or not.  I frequently sent those in.  But I don’t like massive amounts of content from my hard drives being sent in as some ‘telemetry’ to see how I’m using my system, and what I’m doing.  Certainly not without an opportunity to review the content of this telemetry first.

      Some of this behavior is appearing in the run-times of code produced by Visual Studio now, to the point where releases of visual Studio starting with VS2015 have a toxicity to it.  And Microsoft even markets a tool to ‘developers’ that allows them to buy the telemetry back so that ‘developers’ know how their product is being used.

      I’d hate to think that back in the day, IBM had a hidden hardline back into all the System 360’s and 370’s they sold, that let them telemeter their customers.

      Here’s a pet peeve of mine with Windows 10:  Font Control.  See, I have a cataract.  It makes it hard for me to read print.  I found that I needed to have print that was a little larger, but the really important thing is to have thick strokes in the font.  In other words, bold-face for everything.  I’ve been able to set the default system font for Windows 7 to a boldface, and a clean non-decorative font.  Sadly, in the lone Windows 10 box I have because Turbotax won’t run on Windows 7 any longer, I can only change the system font using a 3rd party tool, but it won’t let me set it to Bold.  Attributes are simply not a setting.  Who is coding this stuff?  Amateurs?  I don’t have this issue with Linux, though it is full of issues.


      • #2419227

        I use this to make some fonts bold

        Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts] "Segoe UI (TrueType)"="" "Segoe UI Bold (TrueType)"="" "Segoe UI Bold Italic (TrueType)"="" "Segoe UI Italic (TrueType)"="" "Segoe UI Light (TrueType)"="" "Segoe UI Semibold (TrueType)"="" "Segoe UI Symbol (TrueType)"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes] "Segoe UI"="Tahoma Bold"

        Details at https://www.tenforums.com/tutorials/67931-change-default-system-font-windows-10-a.html

        also this site has a free product that does reg changes but lamentedly the effectiveness of these are failing with newer Windows update or maybe video drivers. They have a paid product that I have not used that loads at boot time.



        Just because you don't know where you are going doesn't mean any road will get you there.
    • #2419147

      The “security push” of 2002 brought us things like UAC, which iirc was supposed to be a temporary measure until the app ecosystem caught up to support running as non-admin.. but after 20 years we are all still admin by default, and now trained into click-monkeys to say yes to anything that pops up.

      It feels like they’re constantly fighting the last war.. like Windows 11 and TPM chips.

      The current war is ransomware and spyware.. scouring your drive to steal passwords, or bitcoin wallets, etc. UAC doesn’t help with that. TPM doesn’t help with that.

      I don’t think TwC, as an organization, was a good idea (“security is everyone’s job”) but I don’t feel like there’s strong all-up ownership of security, within Windows, today.

    Viewing 4 reply threads
    Reply To: Trustworthy computing memo is 20 years old

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: