Who will trust MS now?

It’s far too easy to catch a virus off the internet these days. In fact I did just that last Saturday, visiting a site through a Google search that had been hacked. Home users will continue to run PCs without AV protection if they have to pay for anti-virus software subscriptions. This software really should be free – a free subscription bundled with your monthly ISP bill.

Now Microsoft has a huge responsibility to protect users. Vista is sold as being more secure than Windows XP, yet it has had to issue an emergency patch to protect everyone’s PC from a flaw in its software, a flaw that would not have been so catastrophic if it’s software was designed better.

Microsoft has been working on improving the quality of its software through an initiative called Trustworthy Computing. Windows cannot be secure by design. The software that Microsoft writes has far too many links to the internal workings of Windows. If IE was a third-party application, we wouldn’t be faced with such a major update. But Microsoft insists on making its bloody web browser integral to the Windows operating system – unlike Firefox, Safari, Opera, Chrome etc.

The more its software becomes integrated, the greater the risk of a problem in a single component affecting the whole operating system.

Frankly, I think the only way to achieve Trustworthy Computing is to separate the operating system components from application software using some kind of microkernel architecture.It may be slower than monolithic designs like Windows, but such an approach should limit the effect of buffer overflow attacks