Windows optimize

Microsoft's love affair with security has lost its passion

Debra Littlejohn Shinder is beginning to feel as if the romance has gone out of Microsoft's love affair with security.

Not so long ago, Microsoft had a terrible reputation when it came to security. Then something happened. In the early 2000s, the company started to get serious about security. In response to all the complaints and concerns and the ever-increasing incidence and severity of the threat landscape, Craig Mundie set forth a framework for an initiative called Trustworthy Computing, the first pillar of which was defined as security. This was the point at which Microsoft officially declared security a top priority. And over the years, they delivered on that commitment.

Security on the upswing

Following the release of Mundie's white paper introducing the trustworthy computing concept, Service Pack 2 for Windows XP was released in 2004, and it was all about security. It added support for WPA encryption, a big reworking of the Internet Firewall, which was renamed as Windows Firewall (and which was enabled by default), blocking of "drive-by downloads" in IE, blocking of unsafe attachments in Outlook Express and Messenger, support for DEP, and the addition of the Windows Security Center.

Meanwhile, the Windows Server teams were likewise busily adding new security options and controls in each subsequent version of the OS. The first new version following the commitment to Trustworthy Computing was Windows Server 2003, and it broke new ground by coming out of the box with most services disabled by default. This was a big change from the "everything on" default configuration that Windows administrators were used to seeing in NT and Windows 2000 Server.

Did the love affair with security reach a peak?

Server 2008 R2 was built on the same code as Windows 7 and added some security-related features (such as DirectAccess and DNSSEC support), but the focus seemed to be moving away from security toward improvements to virtualization technologies such as cluster shared volumes, live migration, failover clustering, and so on. It's not that security didn't keep improving, it's just that new security technologies didn't seem to be as big of a deal as in previous versions.

Maybe that was inevitable. Maybe it means the OS has now reached a state that's "secure enough." Maybe it's just that security is no longer the "hot new thing" -- that position seems to have been captured by the cloud (which I'll talk more about later). Maybe it's like any love affair -- it can't burn hot forever.

I know that just because there doesn't seem to be quite the excitement about security anymore, it doesn't mean the company is abandoning its commitment to making Windows more secure. Commitment and focus are two different things; you can be committed to something without having that as your primary focus, right? (I'm sure many workaholic spouses will assure me that is the truth.)

Is the honeymoon over?

All I know is that it's beginning to feel as if the romance has gone out of the relationship. Maybe I'm more acutely aware of it because I'm a Security MVP. A few years back, our group was one of the biggest, and at MVP events we were treated as if we were something special. We got the prime meeting rooms at the Summit, we got the off-campus dinners, we got the best speakers, we got our own special parties, and we got the best MVP gifts. The last few years, we have not been so well treated.

Sure, I know Microsoft has cut the MVP budgets for everyone, but there's just not that aura of being a security specialist. The security-related products such as TMG and UAG seem to be falling by the wayside, with Forefront MVPs noting the lack of a product roadmap and other issues that I discussed in a previous column.

Perhaps even more troubling, some employees within the company who were focused on security, such as Steve Riley, have been laid off and their positions eliminated. Sure, people come and go, but when you look at the bigger picture, it just seems like part of an overall move away from security as the number-one top priority that it once enjoyed.

Is it about the cloud?

We all know that today's darling can easily be pushed into the background when something new comes along. And Microsoft has made no secret about what they're focused on and committed to today: the cloud. Maybe the idea is that security -- or at least client-side security -- won't matter as much when everything is in the cloud. That's something that will be taken care of by your cloud provider, and you won't have to worry about your computers being compromised because they'll just be semi-dumb terminals anyway. Your precious data won't reside on them; it'll be locked up, safe and sound, in some data warehouse somewhere halfway around the world.

Is Microsoft's love affair with security really over? Is that because of the cloud? I hope not. I hope it has just settled into a less high-intensity, more comfortable relationship that will continue to grow, both in the cloud (public and private) and on the local machine, whatever type of device that may be. However, maybe it's time to renew those vows.

Also read:

About

Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 add...

65 comments
JCitizen
JCitizen

All I know is my honeypot has become a boring hobby, instead of a lab necessity. So far, I'd about be bold enough to make this statement: IF: 1. You run as standard account user 2. Keep the operating system updated without fail 3. Keep the applications updated without fail. 4. Clean all temp and other similar files/folders before log off or reboot. 5. Run kernel based security applications that work even if infected with Zeus or variant. Then I'd say anti-virus and anti-malware and other security concerns are almost over. At least until the crooks invent new problems. I would say it is Microsoft's successes that make the end of the "engagement" seem to be at hand. You can't say MS has backed off security when you see how their Digital Crimes Unit has been so successful at breaking up spam and other criminal networks. Those stories never get media attention here at TR - If they do, I apologize, but I never see them in the alerts.

kdpawson
kdpawson

The good old days with Steve and Jesper, those guys really elevated the security at MS IMHO anyway. So it seem to me that since they departed (Kicked out) the security focus has shifted somewhat..... probably due to Apple and the Cloud fashion. I mean Apple don't really seem to be concerned about Security and the Cloud... well the Cloud is so cool and great and fixes everything and you don't need to worry about Security in Cloud it's magic!

Gudufl
Gudufl

Unfortunately it is not just Microsoft's security that is so tangled and convoluted but the OSs have moved in that direction too and succeeded in preventing employees from doing their jobs, as they now have to spend days figuring out how to do what they previously knew in "the new way" only to find out that it can no longer be done, or worth that the function they are looking for has been renamed and moved for what ever reason. As much as Windows is used, Microsoft in not very strong on consistency and that proves that they have absolutely no regard for the user or the NetAdmins. . I am tempted to predict that we will not see much improvement on this in the coming years. Of course, these quirks feed a whole industry of support personal and consultants and I for one would not want them to loose their jobs. Can you imagine what that would do to the USAs unemployment figures! If MS (Microsoft) is planning a move to the cloud, they are probably setting themselves up for a disaster or two. There are enough doomsday scenarios pertaining to the cloud and one should be cautious in underestimating those. Rather reminds me of the sad incident Japan has had to face with their recent nuclear disaster.

herlizness
herlizness

Some people are fed up with security dominating everything in their life. Security should be a background task.

PittDaddy
PittDaddy

One thing we all have to remember, no matter what our passion as IT specialists, is what we are doing this for. We have jobs to allow people to do their work more effectively. This is what matters to the end users, from the CEO to the lowest person on the org chart. They don't want another security program slowing them down as they are trying to complete their financial forecasts for the 3:00 meeting. They don't want to be told that they can't visit a site with information they need for their marketing pitch because someone decided some of the words on the site were banned. They don't want to have to wait for the "Genius" to show up next week to install a program they need to be more productive. We have all watched as the bad guys have attacked our systems and constantly see new security issues. Our job is to stop these things without interfering with the real reason for the computer, to get the work done. Microsoft understands that as important as security is, the people that run the average business are more concerned with being able to work on the project from anywhere in the world and at any time. To become more productive. Let's keep our jobs in perspective. Why do people like Macs? Because they are easy. Why do people love PCs? Because they make their jobs more productive. Why are people using smartphones? Because they can communicate with anyone, anywhere, with whatever method they prefer. Remember the big picture.

Tony Hopkinson
Tony Hopkinson

They were getting slaughtered. Doesn't matter where you sit on either side of the MS, fence, windows security was an oxymoron outside of Redmond PR notices, all of which indicated a complete lack of understanding of where the market was going. Now they've invested in it, again it doesn't matter where you sit re the fence, they aren't getting battered on all fronts. So windows security is good enough as far as the sales an marketing boys are concerned and focus can shifted elsewhere. Why is this a surprise?

tiredoftechrepublic
tiredoftechrepublic

"...and your precious data won't reside on them; it'll be locked up, safe and sound, in some data warehouse somewhere half-way around the world." You hope...

oldbaritone
oldbaritone

More and more, our experience is that Microsoft's security is so tangled and convoluted that well-meaning NetAdmins trying to create "good security policies" actually succeed in preventing employees from doing their jobs, and create an endless stack of help desk tickets to un-do the "security" so that employees can work.

Dr_Zinj
Dr_Zinj

Security is only half of disaster preparedness. Cluster shared volumes, live migration, failover clustering are technologies that lend themselves to data and processing duplication which are part of the data storage and recovery side of disaster preparedness. As much as I hate saying it, you have to look at the big picture. As for your loss of prime meeting rooms, dinners, speakers, parties, and gifts; welcome to the real world.

dccool
dccool

I believe the affair continue based on recent news that researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that's passing between a webserver and an end-user browser. They develop the called BEAST (Browser Exploit Against SSL/TLS) based in one vulnerability that resides in versions 1.0 and earlier of TLS, or transport layer security. Well Microsoft was one step forward, and W7/IIS/IE8 are already compatible with TLS 1.1 and 1.2 (only Opera was also aware). Based in this i believe that affair keeps on...

VytautasB
VytautasB

Very few have noted that while Microsoft was working to make its software secure it was making it possible for others to exploit it. Russia starting in 2003 and China in 2007 signed on to Microsoft's Governemnt Security Cooperation program which included the provision for access to it's source code. The intentions perhaps were honorable (not to mention marketing motives) but one can not help but wonder if these actions helped make STUXNET, Titan Rain, and what today is called Advanced Persistant Threat possible. For more information on the access provided to MS code suggest looking at: Tom Espiner's article at ZDNet UK, 8 July, 2010 ???Microsoft opens source code to Russian secret service ??? http://www.zdnet.co.uk/news/security/2010/07/08/microsoft-opens-source-code-to-russian-secret-service-40089481/

Gisabun
Gisabun

First. Unsure why it's stated that Microsoft is moving away from security when: 1) the number of vulnerabilities have dropped over the years [a security update can fix multiple vulnerabilities in one update but the numbers fixed inside have dropped even if the number of updates haven't as much] 2) The Windows 8 [and server team] have already promoted further security 3) unsure why it's mentioned that little was done since Windows 7 - without making wholesale changes to the OS, once it has been released, changing some areas could mean a huge update to the OS Microsoft doesn't have to worry much about security as Apple does. Some of the same whiners who left Windows for the Macs are probably the same whiners after getting hit with a virus will be the same ones who will whine about the same thing on a Mac [probably like that recent MacGuard outbreak - wonder how many who got hit use to use Windows?]. So Apple will have to beef up the security on the Macs

DSchr
DSchr

Why add a "takeaway"at the top of an article when all its does is re-state the title? A takeaway should be something worth knowing even if you don't read the article.

jkameleon
jkameleon

That "something" was a couple of jokers, who broke into a couple of thousand web stores running Microsoft software, stole all the credit card numbers, and posted them online. They misused only one credit card number: They ordered Viagra for Bill Gates. Gates run amuck, and halted all development. For a couple of months following the Viagra incident, Microsoft did nothing but plugging security holes.

Azizi Khan
Azizi Khan

Microsofts biggest security threat are its own users. The ones who insist that it's good enough to run XP and enterprises that still run on old browsers. It is still illegal to beat up idiots so for the moment we still have to put up with idiots who insist on using XP over Windows 7.

tiredoftechrepublic
tiredoftechrepublic

If users were educated to the things they need to know about (at their workstations or home computers) then security would be a much more simple task. Yes, some of the security should be behind the scenes, but knowing your basic cautions, such as turning off images in email programs for non-white listed contacts, virus scanning ALL attachments, even if from your white listed contacts... keeping their virus definitions up to date... etc. Security will never be a background process... it takes educated users to make it happen.

Tony Hopkinson
Tony Hopkinson

We are still developing software and then making it secure, instead of developing secure software. Same argument for any other quality based aspect of software design. Good job they can't look at our code, we'd be in a right mess..

seanferd
seanferd

The base architecture should be better. And MS should know better, from times before Windows ever existed. MS once sold a pretty good X86 Unix. So, for everyone fed up with adding security programs, etc., remember that even flaws in the OS would not be anywhere near as bad if the OS base architecture wasn't so half-baked. And while MS has steadily been dropping OS features that support older hardware and software, they haven't done the one thing which could really justify killing backwards compatibility: fix the base architecture. True privilege separation would be a good start.

AnsuGisalas
AnsuGisalas

In order for security to be a background task, it has to actually dominate everything done with the computer - in the sense that it can override and control user actions. No doubt a large percentage of the populace would be less at risk (and less harmful) if they had no choice but operate in a pre-secured environment. In order for security to be a user choice, it has to be hand-crafted - making security considerations a part of every task. This, arguably, is the more secure choice for the ones so able. The paradoxical in the situation is this: either it dominates our actions, or it dominates the landscape of our thoughts and planning.

greg.epley64
greg.epley64

Amen, and your precious data's probably sitting on one, a much easier target than if it were right under your own nose where you could more easily keep an eye on it. There's NO such thing as a 100% secure data center, and anyone who thinks otherwise is a fool who deserves to have their data pilfered. Cloud computing is a very bad idea concocted by people who apparently never had anything bad or strange happen to them, who probably still believe if they're just a good person, nothing bad will happen to them or their "stuff".

adornoe
adornoe

Debra sounds like someone who, like you said, isn't being shown the love they were used to getting. It's like someone who doesn't get the VIP treatment anymore, or the child who begins to feel that "mommy doesn't love me anymore!". The emotions take over their lives and they start lashing back, But, they would be immediately back in the "we are special clique" if Microsoft would set up a "doughnut room" or a "champagne bar" just in their honor at the next meeting.

Ternarybit
Ternarybit

Was a microsoft buzzword back in the year 2000. There's a reason active directory still exists and integrates with kerberos. Consumers are an insignificant margin of the computing population when you talk licensing and security. There's no single way to manage their security so it's pointless to try.

blarman
blarman

"unsure why it's mentioned that little was done since Windows 7 - without making wholesale changes to the OS, once it has been released, changing some areas could mean a huge update to the OS" That's exactly _why_ MS hasn't done anything. They've hit the proverbial wall and only reengineering the OS design itself is going to help. Here I see a huge opportunity in Windows 8. Since they'll be moving to support mobile devices, this would be the perfect time to reengineer the OS for security. Instead, they're going to put a useless UI on a desktop OS and parade it around like its the panacea of computing. The honeymoon is definitely over and Microsoft is reverting back to its ways.

Neon Samurai
Neon Samurai

I'd suggest that "take away" is not even remotely the correct segment title given that it usually provides a one or two line summary of the article. I'm not taking anything away from the next person to read it after me. ("Take away" is one of those make-ears-bleed corporate speak buz-talk frases that wouldn't at all be missed if shot in the face and burried behind the barn with it's siblings "cirle the wagons", "down the bunny hole" and "offline" not in reference to networking or factory line operational status.)

AnsuGisalas
AnsuGisalas

[i][b]A judge at Swansea Crown Court said he had displayed a "sense of humour" by sending Viagra tablets to Microsoft boss Bill Gates using a stolen number and publishing what he said was the billionaire's own number.[/b][/i]

Deadly Ernest
Deadly Ernest

They have hundreds of thousands or millions of dollars invested in mission critical software created for their organisation that does NOT work with Win 7 because Microsoft chose to make command set changes to deny usability with XP compatible software. And please don't tout that XP Mode crap as it doesn't work with most 3rd party software and even fails to work properly with some MS software. In the above situations, the companies have NO choice about staying with XP as it costs way too much to in money and lost productivity to change the software to work with a new OS. And now they have Win 8 coming over the hill at them. A few have bitten the bullet and have invested in recoding their software - but recoding to work with Unix and Linux as they figure they will only need to recode this once for the next few decades, not every few years that MS requires.

blarman
blarman

In today's world, the users _are_ the biggest liability to security, but the fact of the matter is that Microsoft's design architecture allows for much bigger holes than it should. So many of their programs required admin access to run, didn't restrict access to any other folders, use virtual memory that is simply a file like any other on the hard drive, and allows direct kernel access to the WEB BROWSER. Some of this has been improved, but these aren't anything a user can do anything about. These are design issues with a direct bearing on security. Microsoft has been marketing their products intentionally to all users, then relying on the PC manufacturers to provide technical support, yet there is no training anyone is providing for basic users on how to really "use" a PC. Is this Microsoft's fault, I don't know, but if Microsoft were serious about security, they wouldn't place the users in a position to be compromised with their security architecture.

AllanMitch
AllanMitch

I can't believe you are still beating up users because of crappy products that Microsoft released. If Microsoft had gotten its act right the first time, there wouldn't complaints of users. OK, there would still be complaints :). But the idiots to blame are not the users, but rather the makers of products with security holes you can drive a truck through.

AnsuGisalas
AnsuGisalas

that the problem is in making secure software not be an optimization? If secure was not a matter of optimizing (however that would be achieved) then it wouldn't also be stapled on, and wouldn't be left at an arbitrary cut-off point of "secure enough".

tiredoftechrepublic
tiredoftechrepublic

I have said this on numerous posts and even gotten negative votes... lol Fix the bloated code base and allow skins for the users to have the same familiar interface they are productive on. How hard could that be?

AnsuGisalas
AnsuGisalas

Stop using C# for one. Or keep track of things written in C# and inoculate them with extreme prejudice. Seems like there's one written every second.

AnsuGisalas
AnsuGisalas

Sorry, I just accidentally read the "down the bunny hole" with the original consonant for "bunny". I just talked about that somewhere else, so it was a forceful association :)

belli_bettens
belli_bettens

The question here is: who's the biggest idiot? The one that makes a crappy OS or the one that buys it? :-p

Tony Hopkinson
Tony Hopkinson

written would be more secure, but it's a lot harder to get paid for that. :(

AnsuGisalas
AnsuGisalas

that's the most secure kind of code there is! Code nobody's running, is code nobody is exploiting :p But I guess that's hard to sell to the brass...

Tony Hopkinson
Tony Hopkinson

enough point, but basically yes. It's not arbritraty though, unless you are the sort of heretic who believes the resources allocated to producing the software are. :( If you wrote secure software in the first place, you wouldn't have to expend resources resolving those issues. Security has a major advantage over say something like code quality, because it is visible, it has a chance of competing with other product quality requirements. On those rare occasions when theres some sort of resource shortfall ( :p ), and you have to choose between making a product you can sell, and making one that's secure but less apealling feature wise, watcha gonna do... After all it doesn't matter if the product is secure if no one is going to buy it anyway...

JCitizen
JCitizen

integrate virtual processes into the operating system, so they could throw backward compatibly out the window. They could give discounts to those that have old licenses for previous versions of Windows to run in VM. Otherwise we would never hear the end of the rue and cry about dumping the bloat.

JCitizen
JCitizen

That one tripped my funny bone too! :-bd

Deadly Ernest
Deadly Ernest

they have mission critical software that works in XP and MS have made sure it won't work in Win 7, so they either stay with XP or spend big bucks to have it changed to work with another OS. Some I know of are spending the money to have it changed to Unix / Linux as the cost is the same and they won't have to pay for another change when MS brings out Win 8 or Win 9. Other will stay with XP past EOL as they can't afford to upgrade to the hardware needed to run Win 7 - these are mostly home systems, while the earlier comment relates more to enterprise systems.

dccool
dccool

Thank you, and i promise i'll use "google translate" in my next comments. And, by the way... i agree with the discussion of Pros and Cons about OS and tecnologies, but not with the non-sense "my is better than yours".

Deadly Ernest
Deadly Ernest

buy via a retail outlet that only sells the systems preloaded with Windows, and usually the cheaper systems. In most cases, the DELL etc systems without and OS are their top middle to higher end systems that they expect enterprises to buy as light servers. BTW If you really believe that any MS software will readily step aside and disable itself, I know this guy who gives me commissions for referring people to buy land down in Florida ...

hippiekarl
hippiekarl

Stick around, though. If you leave I, for one, will miss your 'I'm so sick of Apple vs MS comments' diatribes. Now that you've started changing your screen-name every day or so, I'll miss the challenge of discerning which comments are yours by their content alone. Captain Wilikova, van winifred, tiredoftechrepublic.......c'mon; you're having too much fun here to leave. If you do, though, then happy trails to you, and always remember: My OS can beat up your OS......... ;)

JCitizen
JCitizen

We need posters such as you! Besides, many sites are worse, and hopefully this new vote system will be self policing. If enough people down vote it - it will disappear!

tiredoftechrepublic
tiredoftechrepublic

Not all American people are like this, 'dccool', my apologies. Oh, 'hippiekarl', I didn't see your reply... till after I posted. Well said!

tiredoftechrepublic
tiredoftechrepublic

While I do agree one should learn how to properly write and speak English, please be aware of the fact that there are people who post here, that live in other countries. If you had checked, before making yourself look foolish, you would see this poster (dccool) lives in Coimbra, Portugal, and may very well, be talking English lessons. They are not as fluent as you are, presumably having the advantage of being raised in America and living in Minnesota. Posters with attitudes like yours are one reason why I am considering canceling my TechRepublic membership. The main theme I see these days is the tired argument between PC, Apple or Linux. Are you listening TechRepublic? Why don't you furnish a separate, moderated site for each camp? That would get rid of all the fighting and let the folks that want to have a constructive, positive environment, have a space to really discuss things.

belli_bettens
belli_bettens

I just wanted to provoke a meanigful discussion by providing a bold statement in reply to @AllanMitch. Too bad the trolls can't pick it up.

hippiekarl
hippiekarl

He's from Coimbra (according to his avatar; lay your cursor on it), and it should be obvious that English is not his first---maybe not even his second---language. Your assumption that all TechRepublic readers/posters must be English-speaking Americans is the acme of xenophobia. I'd love to watch you try to compose a comment in his native tongue; at least he provided a link to support his contention (and TR's Chad Perrin types in English). My first belly-laugh of the day today: grouchy parochials blaming foreigners for the quality of American politicians! The guy's got his OWN politicians (and probably isn't too proud of THEM, either)......America isn't the whole world, greg, just because you think so. And, (@ Icopling), the author of the comment above yours is NOT a product of "Our liberal school system"; the "above example of horrible grammar" is the result of someone communicating in their 2nd (or 3rd) language to YOU. Why are you unable to tell the difference between absolute gibberish and someone making a comment in an unwieldy, foreign (to them) language. Gibberish doesn't have a point; his comment did (and it was clear enough to anyone who was following the conversation). Maybe your teacher-fiance' will tip you off to a few real English words, BTW, to substitute for 'evidenced', such as 'shown', 'indicated', 'denoted' or even 'evinced'. What's YOUR excuse for bad English?!

Rndmacts
Rndmacts

Quit buying from Best Buy and that type of store, and don't buy branded computers such as HP, DELL etc. I buy all my computers from a local store and get better prices and the OS is always an option, unless its for a client I usually choose no OS and load my own. Maybe the author is upset because with Windows 7 made security an integral part of the OS, if the user hasn't installed a 3rd party after 30 days then MSE is installed automatically as part of the update service. With Window 8 Microsoft has announced that MSE is installed by default and activated, if the user wants a 3rd party solution it will step aside and turn itself off. As the bulk of users didn't understand the need for security software much of the problems were caused by their naivete, that option is now being removed as browsers are getting smarter and the OS offers world class security as a built in feature.

seanferd
seanferd

Until then, you're just being a troll.

lcopling
lcopling

I agree. Because my fiance' is a teacher, I have a few teacher friends now. One confided in me recently that management no longer wants teachers to teach correct grammar in school! Our liberal school system is destroying our ability to communicate, as evidenced by the above example of horrible grammar. Can you say, PROOFREAD?

greg.epley64
greg.epley64

"No one should make own opinions based in believes... we should know about the thing to can say something, and not only blame everyone by the things we just do not know..." One thing I don't know's what the hell you were trying to say in this unintelligible statement. How about learning to write a straightforward English statement? "we should know about the thing to can say something", for example. What the hell does that mean? We should know what we are talking about? Then WRITE it that way!!!! It scares me to think we've got people this incapable of writing English out there in the United States voting for our President and other elected leaders. No wonder we've got so many idiots in Washington right now.

Ternarybit
Ternarybit

If that were true, bastille wouldn't exist.

Ternarybit
Ternarybit

TigerDirect sells overpriced hobbyist garbage assembled by people who shouldn't be issued a driver's license, much less an A+ certification. They literally have a 26% DOA rate. Go with XoticPC

Morti
Morti

If you want to buy a new computer without an operating system, may I suggest you check TigerDirect? Go to their computer section and select Systemax brand. One of the options is for No OS. I just saw 5 different boxes in that category. BTW, Systemax is built in the USA. Hope this helps.

parnote
parnote

As if anyone really had much of a choice, since it comes bundled on every consumer computer available? Just try to buy a consumer computer today WITHOUT Windows installed ... I sure wish I could! About the only way I can get a computer without Windows installed is to build my own desktop. Then, I can avoid paying the Microsoft tax. As for laptops ... I'm pretty much screwed, and will have to pay the Microsoft tax, getting a laptop with Windows pre-installed. I don't have hardly any options (only a few) when it comes to getting a barebones laptop and adding hardware options, and purchasing it without Windows installed. So, usually the first thing I do with a new laptop (or any other computer installed with Windows) is to put my Live CD in from PCLinuxOS, reformat the hard drive to ext4, and install PCLinuxOS. THEN and ONLY THEN is my computer secure. Bye bye Windows. Bye bye insecurity.

Neon Samurai
Neon Samurai

You know a lot of enterprise or even smaller sized businesses where the user is responsible for purchasing there own workstation OS do you?