More on the Solaris ssh stuff (part 2)
As an update on the Solaris ssh stuff:
Sun has just today released version 08 of patch 114356, which fixes the 'xmalloc: zero size' problem (charmingly described in the patch README as 'New ssh in Sol. 9 exits if the key fingerprint cannot be found in the known_host files'), but not the problems with mech_krb5.so and the GSS stuff.
This is a good step forward, and it fixes the most important issue, since the xmalloc problem actually makes ssh unusable while the GSS stuff just spews noxious messages. But I remain not very happy with how long it's taken Sun to fix this ssh bug; 114356-07 was released on March 21st, which means it took just over three months. (I can't imagine a Linux distribution letting a trivially reproducible fatal ssh bug sit for three weeks, much less three months.)
Maybe Sun considers ssh an unimportant utility. If so, someone please disabuse them of this notion.
Microsoft has a problem
Microsoft's problem is that ordinary people can't keep Windows machines secured. Spyware and other malware is rampant, compromised Windows boxes are perhaps the single largest source of spam email on the Internet, and anti-virus and anti-spyware software is now considered a basic requirement on machines.
(Anecdotally, it's already to the point where it's often cheaper in a small business or home setting to replace a cheap Windows machine rather than try to clean it of malware.)
This matters because home users and other areas with ordinary people are pretty much where the expansion possibilities are for Windows. The business desktop market is pretty much saturated with Windows products, especially in businesses large enough to be able to hire good Windows sysadmins (who can keep those Windows machines free of viruses, spyware, and so on).
(This does assume that the potential growth is in machines that connect to networks, as opposed to isolated standalone machines. I think this is a pretty safe assumption to make.)
People are not very enthused about buying machines that are a hassle, and the security issues make Windows a hassle. I also suspect that they make people dislike Windows due to the hassles, and people disliking your software is never a good sign. (For a start, it drops their loyalty.)
This also affects Microsoft's desire to have Windows running everywhere and on everything. Right now, 'Windows everywhere' means 'viruses everywhere', which is not a very attractive proposition.