From BBC News: David Aucsmith is Microsoft’s security architect, and he came to London this week to ask forgiveness for his company’s former sins. Speaking to an audience of senior police officers and security professionals at the E-Crime Congress, he admitted that when Windows 95 was released to the world it came with no security features at all.
This really pisses me off.
Don’t misunderstand: it doesn’t surprise me that Windows 95 shipped without security. It’s fact of which I am painfully aware. I am slightly surprised that Microsoft admits this, although it fits well with their “Everything we made before is crap; buy our new stuff cuz it’s great!” marketing machine.
What pisses me off is how much time and energy I spent trying to secure Windows 95 for years. Why did I spend so much time? Because I had Windows 95 deployed in four high school computer labs. They need security; otherwise some punk kid will trash the machine for kicks. (No, I’m not saying all kids are bad; I’m saying there are some who are. I know this because I’ve had to deal with their aftermath.)
We installed third party software. We worked with user, group, and machine policies. Nothing worked. We were utterly unable to secure the machines in the end.
And now Microsoft says, “Oh, yeah. Sorry about that. We didn’t really have any security measures in place back then. But you should try our new stuff, because we’re taking it seriously now.”
Riddle me this, Microsoft: WHY SHOULD I TRUST YOU NOW?