Hey, it's Friday once again, and you all know what that means: it's Wildly Off-Topic Microsoft-Bashing Day! We actually had to hang onto today's little gem for a while in order to save it for the weekend, which would gravely compromise our journalistic integrity if, you know, we actually had any. That's not to say we didn't suffer for our art, however. Putting something aside for a couple of days and actually remembering to come back to it puts a pretty serious strain on our delicate frontal lobes, but hey, you know us; we're nothing if not slaves to tradition.
Surprisingly, while today's tidbit does concern Microsoft's security (or gross lack thereof), it doesn't involve the latest hole to be discovered or worm to wreak twelve kinds of havoc on the civilized world. Instead, we're following the Redmond Gang on a trip down Memory Lane. Faithful viewer Jerry Luttrell tipped us off to an InfoWorld which reported a few days ago that David Aucsmith, Security Architect and Chief Technology Officer of Microsoft's Security Business Unit (nice job title; his business cards must have a fold-out panel) flat out admitted that "Windows 95 was written without a single security feature."
We can practically hear your gasp of utter shock from here. Are you okay? Do you want to lie down for a while?
Oh, but it only gets better: not only was Windows 95 (whose codebase formed the backbone of all of Microsoft's consumer operating systems until the release of Windows XP) cobbled together with absolute no security whatsoever, but Aucsmith also tries to excuse that fact by insisting that "many of the current security issues could not have been foreseen." Current security issues? Like, oh, let's say... viruses? Because viruses certainly didn't exist in 1995, no siree. (BBC News gives a nice history lesson that shows just how wrong Aucsmith's statement is.)
And then, of course, there's the coup de grâce. After admitting that Windows 95 had zero security and that the security in Windows NT is lacking because it was "written before the Internet" and that even Windows Server 2003's security was slapped together "before buffer overflows became a frequent target," and after spooking the audience by telling them that all their businesses "face increasing threats from cyber criminals attempting extortion and fraud," Aucsmith offers a simple solution: "If you want more secure software, upgrade."
Hey, David-- what was that part about businesses facing threats from cyber criminals attempting extortion, again?
Remember, folks, you're watching AtAT: where overt and unprovoked Microsoft-bashing is never really off-topic!