Microsoft points finger at the EU for not being able to lock down Windows

If they start to lock it down it just becomes the next iOS.

It's already horrible with their 'recommendations' left and right, and preinstalled stuff that you cannot remove.

And then it just becomes too easy for Microsoft to let their Windows Defender run in kernel mode and 3rd parties can't do that, so obviously they can outperform them.

Kinda like iOS' Safari. Hell, that one runs in user mode, but it required laws for 3rd parties to be able to provide native alternatives.

We all remember that Windows was a water-tight never-crash workhorse before the pesky EU stepped in and requested the APIs to be documented for once..

I'm beyond skeptical that this competition regulation prevents Microsoft from say ... having Windows roll back to the last known version of a driver/extension after a failed boot (or several). Or from having a hyper-minimal super-nanny API that uses a signed network call to add a level of control over the loading process. Or from having a built-in phased rollout API that only permits a rollout to increase in scope as more confidence is gained. And probably ten more ideas! Microsoft didn't trigger this outage, but it's very worrying if they disown it. There's a lot the OS vendor can do.

Hey Microsoft: Just stop trying to cloudify everything in the new Windows and focus on its stability instead of releasing an inconsistent UI every few years, and you will be good to go.

That's funny.

The Open Source Operating Systems that are around have much tighter security than Windows, yet their openness hasn't hurt them.

Perhaps the problem is more with Microsoft than anything else?

Would a bad driver update potentially have had similar consequences? (real question)

If so, this feels like a red herring.

Did the EU ask Microsoft to build leaky, fragile abstractions too? It sounds like Microsoft's architects are a bit too comfy.

Grewt, can the EU force Microsoft to open up their Linkedin API as well?

> “The document states that Microsoft is obligated to make available its APIs in its Windows Client and Server operating systems that are used by its security products to third-party security software makers.”

Which means, if Microsoft had made a more carefully scoped way of extending the kernel, or even avoided extending the kernel at all for their own security products, they would have perfectly been at liberty to demand it for everyone else.

I absolutely hate this focus on "security"; it's just pushing us faster towards the authoritarian dystopia that Stallman warned us about 25+ years ago.

This decision means security software vendors have a greater ability to muck up systems as CrowdStrike did this week when it crippled 8.5 million Windows PCs worldwide.

...and what about when Microsoft inevitably screws something up with its automatic updates and undoubtedly affects even more machines? They already have, multiple times. One of the most recent memorable occurrences: https://news.ycombinator.com/item?id=18189139

As the old saying goes, "Those who give up freedom for security deserve neither."

> Microsoft agreed back in 2009 with the European Commission that it would give makers of security software the same level of access to Windows that Microsoft gets.

Why Microsoft should have more access then others ? Becouse Crowdstrike / public internet straight to kernel updates combo ?

Whole thing is about locking _computers_ from buyers and that is a no go. We need more os'es and more freedom - just fact of MS existence (domination) is a proof that hardware-os monopoly owned by one company is not some natural law.

Now let's make IBM unlock their hardware-os monopoly to software vendors :)

The EU needs mandates to effectively exclude Windows from applications that are even slightly critical.

As an aside, it is sickening that so many simple displays and dedicated devices with simple UIs that could be implemented as static scenarios using proper capability-based multiserver architectures (such as the leading seL4 / LionsOS) do instead use complicated software stacks based on Linux (and sometimes even worse, Windows).

Brainstorming - I wonder if there's a way for Microsoft to test builds of updates that could do this. It could still be hard to manage.

How does Microsoft's deal with one country affect its software distribution in other countries?

Strangely Linux doesn’t have that problem.

"It's the EU's fault because they enabled competition who provided a more successful competing security product that our own security product"

>The document states that Microsoft is obligated to make available its APIs in its Windows Client and Server operating systems that are used by its security products to third-party security software makers

I guess even M/S has a hard time with reading comprehension. "make available" does not mean "no lock down". So does that mean when someone boots windows into Safe Mode, they are breaking the law in the EU ? I do not think so.