tag:blogger.com,1999:blog-7555958.post116141007480760602..comments2024-03-18T12:52:48.117-07:00Comments on Mini-Microsoft: Ba-Da-????Who da'Punkhttp://www.blogger.com/profile/18205453956191063442noreply@blogger.comBlogger39125tag:blogger.com,1999:blog-7555958.post-1162353666027912292006-10-31T20:01:00.000-08:002006-10-31T20:01:00.000-08:00Regarding the kernel issue:I work at another major...Regarding the kernel issue:<BR/><BR/>I work at another major organization. Our unique requirements to implement and monitor computer activity requires products (that exist today) that have to hook into the kernel to provide the level of control necessary to assure regulatory and internal policy compliance.<BR/><BR/>These products are used by many other Fortune 500 companies.<BR/><BR/>No Kernel access for these key vendors, no Microsoft. It's not just about fixing any MS security problems, or McAfee and Symantec--but rather about enabling value-added third parties to, well, add value.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161846430285738302006-10-26T00:07:00.000-07:002006-10-26T00:07:00.000-07:00I completely applaud a secure kernel, and I also n...I completely applaud a secure kernel, and I also need to get in there and do things at the kernel level.<BR/><BR/>Force me to go through full rigor and secure development practices, feel free to put my name up on the bluescreen if I cause a crash, just sell me a license to sign my code such that I can put it into the kernel.<BR/><BR/>Anti-virus, anti-spyware, and anti-rootkit aren't the only legitimate products that have a need to hook the kernel. If you think about it for a while, there are a lot of security add-ons that by definition need to be in kernel space and need to interact with kernel pieces.<BR/><BR/>Anyone remember when Dr Watson was added, how many signed drivers there were, how many drivers microsoft previously knew about and how many drivers ended up being reported back through Dr Watson? There was a nice factor of 10 in there.<BR/><BR/>Windows isn't a Sony Walkman, it is a lego mindstorms and you are trying to keep people from plugging other wires into the microcontroller.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161831674199652232006-10-25T20:01:00.000-07:002006-10-25T20:01:00.000-07:00I guess we have created the greatest opportunity f...<I>I guess we have created the greatest opportunity for internal transfer after we ship Vista and Office 2007. Any taker?</I><BR/><BR/><B>Are you kidding?? There are hardly any jobs posted up on the career website and from what I hear, there is a company wide freeze going on.</B><BR/><BR/>My friend, of course I am joking. 2006 X'mas will be the darkest time for many people. I start to see my mini-me. I rekon I will skip the Vista party and Chrismas party (if there is any).<BR/><BR/>I don't know which Chrismas party I should go now. New org or the old one... Well, should be the new org.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161822426579904302006-10-25T17:27:00.000-07:002006-10-25T17:27:00.000-07:00Ombudsman, lol - what you need is a union. Person...Ombudsman, lol - what you need is a union. Personally, I always thought it would be fun to be a teamster. That way we could strike and shutdown shipping software boxes as well.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161822020703183902006-10-25T17:20:00.000-07:002006-10-25T17:20:00.000-07:00Regarding reduced loops for CSG conversion to FTE ...Regarding reduced loops for CSG conversion to FTE - I generally was looped for the original interview for the CSG spot. I didn't cut any corners in my interview just because it was CSG - they got the same level of grill I give everyone (which varies depending on my feel for their talents). Three of the best interview candidates that I saw were for CSG spots. All were later converted and I didn't feel bad about a, "reduced loop." These guys could think and code under great stress in the interview, and did well in day-to-day work as CSG. In contrast, nearly all of the straight FTE candidates sent to us from HR got the No Hire recommendation from me.<BR/><BR/>Note: as part of truth in anonymous blogging, I no longer work at MS, but I spent 6 years there starting in 1999.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161800944747831822006-10-25T11:29:00.000-07:002006-10-25T11:29:00.000-07:00>>"And if Windows actually gets secure enough to m...>>"And if Windows actually gets secure enough to make do without third party security software, they are doomed."<BR/><BR/>Let me take a stab at a flawed strategy that seems apparent from the outside: Alchin hires Mark Russinovich of Sysinternals as a top tier partner, fellow at Microsoft. Big whup de whup there. Mark's draw? Low level kernal manipulations and coder: the key holder to OS DNA is a requirement for Microsoft to be able to master security. Period.<BR/><BR/>Prior to that Mark's great program for semi-intelligent security freaks (Root Kit Revealer) catches Symantec, like Sony with its pants down in a root kit subterfuge. Symantec, bad bad boy. Microsoft gets paranoid thinking perhaps it gave away too much milk to its security partners. What to do. Cut the buggers off, what any normal sane schitzo-paranoid would do.<BR/><BR/>So what to do? First, Symantec started with Norton and Norton was not originally an anti virus company since viuses were not even know when he first developed some of his OS tools. <BR/><BR/>I use ESET, not Symantec or McAffee or Microsoft. I intend to continue that and will not load Defender on my system. Bottom line is if Microsoft tries to block security companies from the puddle, the fact is someone will get through the MS secure systems because to coin a phrase, it "takes a village" to manage security. Nothing Microsoft can or ever will do can protect us from lurking deviants, therefore, the calculation of keeping the `competition' out of the game will backfire on Microsoft security strategists one way or another.<BR/><BR/>My recommendation is everybody relax, let the dice tumble and watch as Microsoft scrambles to try to patch its Holy-Code, I mean holey-code on a daily basis.<BR/><BR/>BTW, Mark, you need to sell us a root kit revealer that works a little better: like allowing us to delete suspect rootkit files on the fly as identified accurately (not possibly like it is now).Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161796939641262792006-10-25T10:22:00.000-07:002006-10-25T10:22:00.000-07:00>> Why would any company in their right mind >> wi...>> Why would any company in their right mind <BR/>>> willingly partner with a company that could <BR/>>> be its competitor tomorrow?<BR/><BR/>Happens all the time, and not only with Microsoft. The most recent examples are disk burning (Roxio), plays for sure (everyone but Apple) and this whole antivirus thing.<BR/><BR/>The writing was on the wall for a LONG time, pretty much since Microsoft bought its own anti malware and antivirus companies. In this case, though, having this stuff in Windows is completely justified. <BR/><BR/>However:<BR/>a. Microsoft should not charge for it. It's like Toyota charged you extra for wheels not falling off the car while you're driving.<BR/>b. It should provide open APIs to replace it. If we don't - expect a bunch of lawsuits.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161794846632097062006-10-25T09:47:00.000-07:002006-10-25T09:47:00.000-07:00Since the Symantec/McAfee/ABM astroturf is getting...Since the Symantec/McAfee/ABM astroturf is getting a little weedy, let me chime in with a non-Microsoft, regular customer view.<BR/><BR/>Those companies ARE parasites from my point of view. Their products are resource hogs, interact with the desktop in an insecure way, and frequently don't work (q.v. new exploits that make it past their "shields"). I have always thought it was Microsoft's responsibility to handle security, not a third party's, so I applaud their attempt to nail down Vista (whether it works or not). This is so far from "arrogant" that I tend to assume bad faith on the people here making that claim. What it is is overdue.<BR/><BR/>The whining is pathetic from a customer point of view. Symantec/McAfee can't exist in an OS "ecosystem" that isn't heavily targeted by successful viruses and worms (see also OS X). And they know it. So now they're fudding the new network stack and the kernel security. I suspect their customers can see right through their meritless arguments.<BR/><BR/>Another view:<BR/><BR/><I>Many people in the IT industry and computer users in general are sick and tired of Antivirus companies and you can tell that by the abundant negative feedback we get whenever the subject of Symantec and McAfee come up.</I><BR/><BR/>http://blogs.zdnet.com/Ou/?p=343'<BR/><BR/>Hear, hear!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161793586764427572006-10-25T09:26:00.000-07:002006-10-25T09:26:00.000-07:00"If your business model is parasitical you better ..."If your business model is parasitical you better live with the fact that it might go away."<BR/><BR/>Speaking on behalf of a highly successful parasite, I sincerely hope that your attitude is no longer in any way representative of that of responsible Microsoft management.<BR/><BR/>In any event, fuck you too.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161793553871213432006-10-25T09:25:00.000-07:002006-10-25T09:25:00.000-07:00>So what you're saying, is that you're against the...>So what you're saying, is that you're against the whole "create an ecosystem" thing that Microsoft implemented since its inception.<BR/><BR/>No, he's saying that if you take off the cover with the bright stickers that says "NO USER SERVICEABLE PARTS INSIDE!" and "Product warranty is voided if seal is broken!", you shouldn't be expecting much help or sympathy from the manufacturer if you go mucking about inside. <BR/><BR/>Mucking directly with the unexposed internals of a program isn't supported by anybody. I would have thought that this would be blatantly obvious.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161791930846459902006-10-25T08:58:00.000-07:002006-10-25T08:58:00.000-07:00I'm of two minds on the "access to the kernel" thi...I'm of two minds on the "access to the kernel" thing.<BR/><BR/>First, if Microsoft takes security seriously, that's good. If it takes security seriously enough that it will step on some toes rather than break security, that's good. Security should be taken that seriously.<BR/><BR/>On the other hand, Microsoft is destroying the safety net. Now if there's a security issue, there's going to be only one place to point the finger - Microsoft. They won't be able to say, "You should have kept your anti-virus software up to date." That's going to be a pretty heavy responsibility. Is Microsoft really ready for it?<BR/><BR/>Let's be clear here. In the current climate, Microsoft is potentially looking at lawsuits for security breaches. It's that serious. Symantec and McAfee have, in my opinion, made that less likely so far, because "everybody knows" you need to run such a package to keep your PC safe. But now Microsoft is going to have full liability.<BR/><BR/>The "destroying an ecosystem" thing is, to me, less of an issue. I mean, TCP used to be an add-on package to Windows. Is there anyone who seriously thinks that it still should be? No. The OS progresses, and add-on tools become no longer needed. (But new, different add-ons are then needed.)<BR/><BR/>But the "destroy your partners" theme gets a lot of play because of Microsoft behavior that is much less "improving the OS" and much more clearly "trying to own every dollar spent on software by everyone on the planet". This (the anti-virus stuff) isn't an instance of that behavior, but the behavior is both real and malignant.<BR/><BR/>MSSAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161783349918793842006-10-25T06:35:00.000-07:002006-10-25T06:35:00.000-07:00"If your business model is parasitical you better ..."If your business model is parasitical you better live with the fact that it might go away."<BR/><BR/>Like making sure that almost no one can buy a PC from a well-known brand without having to buy Windows as well?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161771349389041692006-10-25T03:15:00.000-07:002006-10-25T03:15:00.000-07:00About McAfee:It's like you liked me more when I ha...About McAfee:<BR/><I>It's like you liked me more when I had issues and you defined yourself by supporting me when I was troubled and untrustworthy. Now you're all clingy and suffocating me and spreading nasty things around about me. I've reformed myself and moved on. You need to, too.</I><BR/>LOL.<BR/>Of course they are clinging. Plugging the security holes in Windows is their main (only?) source of income.<BR/>So even the appearance of Microsoft shaping up is a threat to them. And if Windows actually gets secure enough to make do without third party security software, they are doomed.<BR/>Not that I'd miss them, their software causes its own share of problems...Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161759343715679602006-10-24T23:55:00.000-07:002006-10-24T23:55:00.000-07:00"So, we compromise our security because other peop..."So, we compromise our security because other people make money trying to improve our security?<BR/><BR/>Like hell.<BR/><BR/>If your business model is parasitical you better live with the fact that it might go away."<BR/><BR/>Above is one of the more amazing posts I have noted on Mini. What does it say about Microsoft? Lets see, to paraphrase, it says:<BR/><BR/>"We're so arrogant, we are sure we can take care of all the security problems with Microsoft software ourselves, even though others had to do it (to our benefit) for more than 25 years."<BR/><BR/>"Stupid partners."<BR/><BR/>"Anybody who ports a product that makes money that works on a Microsoft operating system is a parasite, and sooner or later they will be put out of business by us."<BR/><BR/>Somewhere along the way, you guys kind of lost your way and seem to have forgotten that which brung ya, i.e., your customers and your partners. Good luck, you will certainly need it.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161758659650015452006-10-24T23:44:00.000-07:002006-10-24T23:44:00.000-07:00>>is there really a hiring freeze going on?I recei...>>is there really a hiring freeze going on?<BR/><BR/>I received this in an email last week (I'm not a softie): <BR/><BR/>xxxxx:<BR/><BR/>I need your help! I am a Recruiter @ Microsoft and I would like to tap into your network. <BR/><BR/>What's in it for you? How about $1,000.00 for any referral that we hire into either of these 2 open positions? The positions are a Mixed Signal Engineer and an Electrical Engineer) which are located at our Silicon Valley campus and would be working with the Xbox 360 team, a significant part of Microsoft's Entertainment & Devices business. <BR/><BR/>xxxxx, it is our mission is to inform you about careers in Hardware at Microsoft's Entertainment & Devices Division, while at the same time thanking you with cash for helping us with referrals. We have identified you as an active member of this community either by professional association membership, through industry publications and/ or related public information sources. <BR/><BR/>If you can help us out, we have a special "thank you" for successful referrals. We are teaming with a company, www.H3.com to offer a referral reward bonus for a successful hire. The total reward for this position is $1,000.00 to be split among the referral chain (Please note that instead of receiving cash, the referral reward bonus can be donated in your name to your favorite charity). <BR/><BR/>Here's what you do get started:<BR/><BR/>Doesn't look like a freeze to me. BTW. my only association with Microsoft if you can call it that is that I post here often, but anonymously.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161751567651281072006-10-24T21:46:00.000-07:002006-10-24T21:46:00.000-07:00There are companies out there that have a business...<I>There are companies out there that have a business need to hook the kernel and they aren't all spyware, rootkit, or virus producers.</I><BR/><BR/>So, we compromise our security because other people make money trying to improve our security?<BR/><BR/>Like hell.<BR/><BR/>If your business model is parasitical you better live with the fact that it might go away.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161746029856372672006-10-24T20:13:00.000-07:002006-10-24T20:13:00.000-07:00is there really a hiring freeze going on?is there really a hiring freeze going on?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161669304449082482006-10-23T22:55:00.000-07:002006-10-23T22:55:00.000-07:00I guess we have created the greatest opportunity f...<I>I guess we have created the greatest opportunity for internal transfer after we ship Vista and Office 2007. Any taker?</I><BR/><BR/>Are you kidding?? There are hardly any jobs posted up on the career website and from what I hear, there is a company wide freeze going on.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161666780037379652006-10-23T22:13:00.000-07:002006-10-23T22:13:00.000-07:00That's really bad idea. Often managers pick out of...<I>That's really bad idea. Often managers pick out of newcomers stream a person they want to improve their team. Not "best guy" but "best fit for job guy".</I><BR/><BR/>This is mispractice. Hire for Microsoft, not just for your team.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161659246564869452006-10-23T20:07:00.000-07:002006-10-23T20:07:00.000-07:00Re-org Me: a recent comment regarding what's going...<I>Re-org Me: a recent comment regarding what's going on in SteveSi's and JonDe's org: "...You know, most PUMs found a position aligned with an appropriate triad. I believe it will all be worked out and everyone will find that they have greater responsibility and impact than before..."</I><BR/><BR/>Mini, are you smoking? We all become our own mini-me. PUM is mini-PUM, GM is mini-GM, i.e. LPM or GPM. But I don't think you can firmly say "most" of the PUM that has aligned with an appropriate triad. Only very few of them. In Windows Live or WEX, many GMs and PUMs left the organization completely because they don't want to willingly accept the Lead PM role. Is that what you honestly meant by working? People take on the group manager (GPM, DN, TM) positions are "dutifully appointed." Will they be able to lead the team with their current performance? That is uncertain. Sorry, they haven't established their credibility yet. <BR/><BR/>Office re-org is also underway. I guess we have created the greatest opportunity for internal transfer after we ship Vista and Office 2007. Any taker?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161650710270481742006-10-23T17:45:00.000-07:002006-10-23T17:45:00.000-07:00Adam Bar: "She explained that the goal was to take...Adam Bar: "She explained that the goal was to take the discussion that currently takes place on Mini-Microsoft, and move it inside Microsoft so outsiders can't see it (she didn't explain it in quite those words, but that was the subtext of what she actually said)."<BR/><BR/>Private? But anything really interesting that gets said there is sure to be copied and pasted to someplace public, like Mini.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161623697228397302006-10-23T10:14:00.001-07:002006-10-23T10:14:00.001-07:00"Most of my friends agree that the hiring bar has ..."Most of my friends agree that the hiring bar has been significantly lowered"<BR/><BR/>Did you change groups recently? Hiring bars vary widely across divisions and even among groups within the same division. So do job levels, role definitions and expectations. In this situation, HR tries very hard to maintain the illusion of a single job market...everyone needs job security.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161623655719695192006-10-23T10:14:00.000-07:002006-10-23T10:14:00.000-07:00Anybody notice Ballmer's comments in Europe on our...Anybody notice Ballmer's comments in Europe on our R&D expense going to 7+ Billion. Wonder what bomb they are going to drop later this week? We are still recovering from their last bobo on the 2 bil. spending increase. I hope we learned our lesson from that.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161620208364861552006-10-23T09:16:00.000-07:002006-10-23T09:16:00.000-07:00"Tell me about it. Lowered and dismantled to the p..."Tell me about it. Lowered and dismantled to the point where the head of our org - get this - has his doofus relative working in our group. And yes it was 'cleared' by our 'HR'"<BR/><BR/>I wonder if that means the PM and Relative split the $1000 referral reward.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7555958.post-1161611352250483612006-10-23T06:49:00.000-07:002006-10-23T06:49:00.000-07:00"So, this member of the Department of Redundancy D...<I>"So, this member of the Department of Redundancy Department says, what's the benefit over Mini's blog that does have street cred for effecting change? I typed it in every MS Poll and I will type it here, Microsoft needs an Ombudsman department...a real person with real resources to look into real situations of incompetence and abuse."</I><BR/><BR/>"Here, here" on the Ombudsman theme! Touted it myself, a while back, without hearing it from you. Gee, if two people say it...it must be right! I wish.<BR/><BR/>Let's see, what would it mean? Essentially, arbitration when things got sticky. Employees could petition the Ombudsman for fair handling of departmental issues.<BR/><BR/>But wait, what about that mean old manager; you know, the one who has the power to stop you in your tracks should you interview internally. Isn't this the same case? Ombudsman or internal interview; what's the diff?<BR/><BR/>Not much, IMO. So, the problem lies with the manager and all managers in Microsoft who are given that same power.<BR/><BR/>So, once again, dear hearts, it all point back to where the buck stops: BillG, SteveB, or one of those "world traveling good will junket takers".<BR/><BR/>And so, it gets down to this: "Physician, heal thyself." What are the chances of that happening? Ohhhh, gloomy Monday, go away!Anonymousnoreply@blogger.com