Microsoft actively pushes their OS into every market segment. It's not like they advertise it solely as a desktop consumer OS.
I've already excluded WinXP numerous times from my criticism, stating clearly that the techniques to mitigate this attack did not exist when it was designed. WannaCry however didn't just attack old systems. Indeed it appears an unpatched Windows 10 would have been affected as well.
I'm not blaming only Microsoft for WannCray, I'm just establishing they are not blameless, and unless they change somethign fundamental these attacks will never cease.
Yes, it's a counter to arguments being made pinning blame primarily on the NSA or users who failed to upgrade their system. Both of those are clearly part of the problem, but I'm trying to specifically highlight that Microsoft itself shares a portion of the blame.
Indeed it appears an unpatched Windows 10 would have been affected as well.
You continue to gloss over the fact that Microsoft patched the vulnerability far in advance of it being used (or at least, used widely).
With all these points being made, your argument boils down to "Microsoft is at fault because their software has vulnerabilities." Which, sure. Point me to a large C/C++ codebase that doesn't have any vulnerabilities. It's not reasonable to say that software just shouldn't have vulnerabilities.
What is reasonable to say is that vulnerabilities should be patched in an expedient manner. Which is was.
We have to assume there are vulenerabilities, precisely as you say. The goal is to design a system around this assumption. For this there are known techniques, which Windows does not appear to be using.
That is, I'm not holding anybody accountable for the particular error in SMB. This is unavoidable. What I take issue with is how this error allowed code injection and escalation.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Microsoft actively pushes their OS into every market segment. It's not like they advertise it solely as a desktop consumer OS.
I've already excluded WinXP numerous times from my criticism, stating clearly that the techniques to mitigate this attack did not exist when it was designed. WannaCry however didn't just attack old systems. Indeed it appears an unpatched Windows 10 would have been affected as well.
I'm not blaming only Microsoft for WannCray, I'm just establishing they are not blameless, and unless they change somethign fundamental these attacks will never cease.
The irony here is that the title of your article places blame on Microsoft.
Yes, it's a counter to arguments being made pinning blame primarily on the NSA or users who failed to upgrade their system. Both of those are clearly part of the problem, but I'm trying to specifically highlight that Microsoft itself shares a portion of the blame.
You continue to gloss over the fact that Microsoft patched the vulnerability far in advance of it being used (or at least, used widely).
With all these points being made, your argument boils down to "Microsoft is at fault because their software has vulnerabilities." Which, sure. Point me to a large C/C++ codebase that doesn't have any vulnerabilities. It's not reasonable to say that software just shouldn't have vulnerabilities.
What is reasonable to say is that vulnerabilities should be patched in an expedient manner. Which is was.
We have to assume there are vulenerabilities, precisely as you say. The goal is to design a system around this assumption. For this there are known techniques, which Windows does not appear to be using.
That is, I'm not holding anybody accountable for the particular error in SMB. This is unavoidable. What I take issue with is how this error allowed code injection and escalation.