geen zin om al m'n commentaar naar het nederlands te vertalen:

Back to the article:
" there is an architecture here that is extremely componentized"
If this means more Microsoft programs will use (in example) the component "automatic file type regonizing" (which helps applications to regonize the type of file dispite their extension), this component (and others) has been subject to quite some security flaws and surely will be. I'd rather see very paranoide components and priveledge seperation then more components (which introduce overhead as each components has to be loaded seperately etc.)

-

"We have been very focused on helping customers with their security things"
I have seen countless (literary as I dont count them :) reports go unnoticed and some of the fixes that were released fixed the problem partily or not at all. I can't call that very focused.

-

"In terms of keeping the update very small and flowing automatically, there is a lot that we need to do."
Indeed, most company's will not apply all patches, as they interfere with their software or do not pass their tests.
Automaticly applying updates in a company envirement is dangerous but with the appearance of the Windows update server this becomes more manageable.

-

"We have built a compatible operating system. That's one of the things that Microsoft does."
I'm humored. Examples like the NTFS filesystem and the soon to be WinFS are far from compatible with non-MS products.
I have tried the 'compatible mode' of windows XP and I'm not very fond of it, as it doesn't work quite well.
I would love to see Microsoft releasing the specifications and such required for a port/module for other non-MS systems.

-

" We have talked about one, which is a security-focused release of the server, and we have even talked about some of the capabilities."
Windows 2003 server was a step in the good direction in my opinion. If they can take the (default) security further with the Longhorn server, I'm welcoming it.

"Sure. I think the idea that your address book should be usable by other applications, that your calendar should be accessible by other applications--that is a big part of Longhorn, because we move those rich user schemas down into the platform so that applications can all get at presence and phone numbers and annotate the address book, instead of things like each application having its own address book."
Ai caramba. One thing I have learned is that the address book of windows is very handy in case of exploits (ref: look at some of the mass mailing worms). Allthough it works very well, the potential abuse works very well aswell.

--------

If Microsoft can get longhorn to be a lot more secure (by default), while keeping the useability on an acceptable level (not disablying everything and warning the crap out of the user when he/she enables a simple item), I am welcoming it.

Last but not least, I would love to see Microsoft, besides implementing a good firewall/IDS, allow services such as Netbios, UPNP to be disabled (or not lissening on the network interface thus only at the local interface) without causing huge dependency failures with other services (ref: try disabling the rpc services, it's a dependency hell).