Microsoft Hit By U.S. DOT Ban On Windows Vista, IE7, and Office 2007

[Kirkburn]

Let me be the one to turn this around just a bit.

Perhaps Microsoft should have been the one to followed the standards a bit more, and not done som much 'embrace, extend, extinguish' with web standards.

If IE6 followed the standards, then IE7 following them would not be such a "big hurdle" in the corporate upgrade process. The fact that many "designed for IE" pages had problems when viewed with IE7 says an awful lot, doesn't it?

I'm sorry, I thought we were discussing IE7. Yes, IE6 had problems, we get it. Thank you for exaggerating and reminding us how a 6 year old program wasn't up to scratch.

I should also point out Office 2007 does not require all that much training, and would give a productivity boost. Vista I can understand ... for now. But once the driver/support is at XP levels, there's no way in hell people should be staying with XP.

[Omegatron]

http://www.kde-look.org/CONTENT/content-fi...ta_Aero_WOW.jpg

:whistle:

[markwolfe Veteran]

I'm sorry, I thought we were discussing IE7. Yes, IE6 had problems, we get it. Thank you for exaggerating and reminding us how a 6 year old program wasn't up to scratch.

Look up. I think the point went over your head.

My point is that Microsoft brought this IE6 to IE7 hassle upon themselves. When they finally got around to fixing all that they had left broken (and deliberately deviated from standards) in IE6, they put themselves in introducing a more standards-compliant browser that is not-so-compliant with apps written specifically for IE6.

[Mike Frett]

I've been very quiet on this for a few years in fact. I'll speak. I agree, there isn't anything in Vista besides security upgrades that warrants me to upgrade. The security upgrades could have been put out for XP in some type of paid upgrade SP costing no more than 30-40USD.

If you're that conspiracy buff you could say these "upgrades" are designed to make you spend money to hold up a lagging hardware market. Either way, you're not going to tell me anything different.

Admittedly, there was some hesitation when XP came out but this is different. You're paying for a GUI. Yes I know, I know I'm on a biased Microsoft site and will get flamed but I don't care, I've been quiet long enough.

By the way, I have new Vista Business DVD hanging on my wall. I could take a picture for disbelievers. It'll stay there too.

In any case I wish you fine folk a nice weekend.

[Kirkburn]

Look up. I think the point went over your head.

My point is that Microsoft brought this IE6 to IE7 hassle upon themselves. When they finally got around to fixing all that they had left broken (and deliberately deviated from standards) in IE6, they put themselves in introducing a more standards-compliant browser that is not-so-compliant with apps written specifically for IE6.

It didn't go over my head, I was pointing out it wasn't really relevant to the discussion, and was just an attempt to get in a dig at Microsoft.

[dagamer34]

This is just a case of PR spin. Since when do employees in a company ever upgrade an OS? What this story merely means is that the IT department is not allowed to immediately start installing Vista on new PCs. Hell, no company in there right might should start using an OS as soon as it comes out!

Go back to your daily lives people!

[DirtyLarry Veteran]

I worked at a major, major pharmaceutical company as a freelance consultant for 5 months towards the end of last year, and they were still on Windows 98. I just mention this as I personally fail to see how it is news that a corporation with a large amount of employees would not or simply does not want to upgrade the current Operating System that they are currently using.

It is such a normal and common practice for larger companies to not upgrade until it is absolutely 110% necessary, I cannot help but think this is nothing but sensationalism at it's finest.

[Robgig1088]

the thing is, companies dont NEED the bleeding edge. Generally all that does is cause problems...

[PGHammer]

the thing is, companies dont NEED the bleeding edge. Generally all that does is cause problems...

The problem isn't the *bleeding edge* in this case. The US DOT has several reasons NOT to upgrade (other than spin):

1. The majority of non-in-house systems accessed from within DOT belong to the Departments of Homeland Security and Defense (most of which are still on, unsurprisingly, Windows 2000); therefore, cross-OS compatibility with outside customers and clients is a major issue.

2. One major thing that OMB (the agency that sets the rules for all of government) has been pushing is a *departmentwide* (if not governmentwide) OS standard. Parts of a department upgrading while others don't tends to muck things up.

3. The national transportation infrastructure (especially the airlanes and railroads) are administered by DOT-member agencies (the FAA and Federal Railroad Administration/FRA). When there are threats about, you don't want to even give the IMPRESSION that you're going to go renegade.

4. Lastly, it's a budget issue. Upgrades cost money. Even if you don't have to upgrade the hardware, the software, and training to use it, still has a fixed cost. IT upgrades are NOT cheap, and they have to be justified, especially when you are talking hundreds of seats across a national Cabinet-level department. There is no DOT-wide contract vehicle that will cover upgrades to IE 7, Office 2007, *or* Vista, let alone all three (or even any two).

So it's not spin, or any anti-MS bias, but "It's not in the budget."

[webeagle12]

http://www.kde-look.org/CONTENT/content-fi...ta_Aero_WOW.jpg

:whistle:

:rofl:

[Aero Ultimate]

Huh? You actually prefer IE 6 over IE 7? I think you might be the one with the sanity problem...

Oh come off it. I'm not that retarded to use IE in the first place.

Unless there's some vital compatibility problem (in which case, they should just fix it) - they should definitely be upgrading to IE 7. It's free, and the security advantages are very significant.

If they do need to do some fixing already, they would be far better off to upgrade to a proper Browser like Opera (or Firefox) rather than wasting time and effort on continuing to use that IE crap.

What bugs me are the comments about Vista not offering significant improvements - are they on crack? Security in Vista is so incredibly better than XP (or OS X for that matter) that I can't believe anyone who did even the slightest bit of research could deny that.

Security in Vista being incredibly better than XP? Sorry, but are you on crack?

Let's take a look at the oh-so-great security features as they are seen by the average user:

- Windows Defender: more holes than a swiss cheese, it doesn't even catch half of the malware. Anyone who relies solely on it is likely to have a nasty surprise soon.

- Windows Uac: You can see the vast amount of complaints there are about it here already, from at least half-way technically minded people. It will still be far worse for Joe Average, who is much more likely to turn it off rather than learning to adapt to it.

In a corporate enviroment, it would require a huge amount of very costy retraining to get people used to Uac, so it's also there much more likely to be turned off to prevent these expenses. Security: none.

- Windows Firewall: outbound filtering is turned off by default. To turn it on, you have to enter the management console (which causes an Uac prompt, which might scare some off already if they have Uac still turned on) and then add the snap-in for advanced firewall configuration. Even if they should've managed that, it will block now all outbound traffic if outbound filtering is turned on, without prior notice. You will have to create exceptions for all apps beforehand, which is anything but user-friendly and already far beyond the abilities of Joe Average.

In essence, the average user on Vista will only have a firewall with inbound filtering, just the same as in XP.

All in all, Vista still requires a good anti-virus and good anti-malware as well as a good firewall, same as XP.

If anything, you can rather say that Vista is more dangerous because it gives a false sense of security if you rely exclusively on the stuff that comes with Vista and don't use an additional AV and firewall as you should.

Finally, let's not forget what this topic is about: federal institutions, which most certainly have already their own set of professional security in place: routers, firewalls and anti-virus, and which thus would only scoff, at the very best, at the oh-so-great security features that Vista offers out-of-the-box.

There is absolutely no need for them to upgrade to Vista (much less if there aren't even professional security solutions for it avaiable which only remotely match their needs).

@Omegatron (http://www.kde-look.org/CONTENT/content-fi...ta_Aero_WOW.jpg)

Funny pic :laugh:

[p1p3]

- Windows Uac: You can see the vast amount of complaints there are about it here already, from at least half-way technically minded people. It will still be far worse for Joe Average, who is much more likely to turn it off rather than learning to adapt to it.

In a corporate enviroment, it would require a huge amount of very costy retraining to get people used to Uac, so it's also there much more likely to be turned off to prevent these expenses. Security: none.

In a corporate environment you wont be running as administrator and will be required to enter a password to get past the UAC prompt. If you run as a non administrator on XP today you will just get an access denied. UAC has the advantage that it enables poorly written apps to function from a limited user account as it can virtualize the filesystem and registry.

- Windows Firewall: outbound filtering is turned off by default. To turn it on, you have to enter the management console (which causes an Uac prompt, which might scare some off already if they have Uac still turned on) and then add the snap-in for advanced firewall configuration. Even if they should've managed that, it will block now all outbound traffic if outbound filtering is turned on, without prior notice. You will have to create exceptions for all apps beforehand, which is anything but user-friendly and already far beyond the abilities of Joe Average.

In essence, the average user on Vista will only have a firewall with inbound filtering, just the same as in XP.

Nobody in a big environment goes around and installs and configures every app and computer. You just push out the app to the computer/user and apply the policies needed for it to work. In other words you configure the firewall once for the app and push the settings to the 10 000 computers running it.

[Mordkanin]

http://www.kde-look.org/CONTENT/content-fi...ta_Aero_WOW.jpg

:whistle:

Hmm.

Those crash report screens are from a pre-beta 2 build, and that particular BSOD code is usually linked to bad hardware.

And Aero Ultimate, you seem to be forgetting about ASLR, Filesystem and registry virtualization, Protected Mode IE, service isolation, the ability to do things as a normal user (Try doing it in XP, It so very rarely works), and a whole bunch of changes to the kernel that are presently beyond my technical understanding.

Edited March 6, 2007 by MioTheGreat

[PGHammer]

- Windows Uac: You can see the vast amount of complaints there are about it here already, from at least half-way technically minded people. It will still be far worse for Joe Average, who is much more likely to turn it off rather than learning to adapt to it.

In a corporate enviroment, it would require a huge amount of very costy retraining to get people used to Uac, so it's also there much more likely to be turned off to prevent these expenses. Security: none.

@Omegatron (http://www.kde-look.org/CONTENT/content-fi...ta_Aero_WOW.jpg)

Funny pic :laugh:

In short, all the bitching about UAC is because it forces a different method of working as opposed to XP (especially from the so-called technically-minded). If half of them actually HAD a technical mind, they would be able to turn UAC off on an application-specific basis (this is easy enough to do) as opposed to turning it off systemwide (over HALF the bitching about XP's security is because of the lack of protection (basic protection) for critical system files afforded in open-source operating systems such as Linux distributions). I don't turn UAC off systemwide *ever*. Joe Average is actually *less* likely to turn it off, especially if he doesn't know how; it is actually the so-called *technically-minded* (including a lot of Neowinians) that are more likely to do so (and they are NOT the average users of Vista, or even Windows, by any stretch). If an application (that isn't a crack or system hack) *requires* systemwide (as opposed to application-specific) UAC to be turned off, than it is a security risk, plain and simple, and should not be used.

[Aero Ultimate]

In short, all the bitching about UAC is because it forces a different method of working as opposed to XP (especially from the so-called technically-minded). If half of them actually HAD a technical mind, they would be able to turn UAC off on an application-specific basis (this is easy enough to do) ...

Actually - no, it isn't! Have you actually used Uac? Then you would know that Uac is either on for all apps, or it is off for all apps. There's no way you can make an exclusion saying that you want to turn off Uac for certain apps only, so if any apps don't work properly with it on, then you have to turn it off (and then it's off for all apps), and then turn it back on again after you closed the app again.

You can only set Uac to automatically elevate so that it doesn't pop up up when you're running an app that is marked as requiring admin privileges when you're logged in with an admin account (doesn't work when logged in as normal user). However, also this is a setting that is either on for all apps or off for all apps. Again, there's no setting to auto-elevate only certain apps and not others.

[alphaomegainfinity]

What I believe is that companies won't upgrade for the newer softwares until they feel it is absolutely necessary and there is a substantial boost in their productivity by the use of those softwares.

[FlibbyFlobby]

This is just a case of PR spin. Since when do employees in a company ever upgrade an OS? What this story merely means is that the IT department is not allowed to immediately start installing Vista on new PCs. Hell, no company in there right might should start using an OS as soon as it comes out!

Go back to your daily lives people!

Your spot on. But OS zealots need articles like this make them feel like they're making 'progress'. I've seen it on numerous websites already, claiming it means the end of Microsoft. :rolleyes:

[Mordkanin]

Actually - no, it isn't! Have you actually used Uac? Then you would know that Uac is either on for all apps, or it is off for all apps. There's no way you can make an exclusion saying that you want to turn off Uac for certain apps only, so if any apps don't work properly with it on, then you have to turn it off (and then it's off for all apps), and then turn it back on again after you closed the app again.

You can only set Uac to automatically elevate so that it doesn't pop up up when you're running an app that is marked as requiring admin privileges when you're logged in with an admin account (doesn't work when logged in as normal user). However, also this is a setting that is either on for all apps or off for all apps. Again, there's no setting to auto-elevate only certain apps and not others.

This is not a bad thing. Allowing for UAC to differentiate between apps would be a nightmare. The only conceivable way I can see it working would require every app to be digitally signed, and even then, you'd just be asking for security problems to pop up in UAC down the road. This way ensures that a ton of different exploits pointing at UAC fail, just like the safe desktop prevents apps from playing with the cursor...

[qdave]

howeasy it is simply ban instead of solve the issues.

hurray for progress encouragment in usa :)