RE: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today
kenw@kmsi.net wrote: But, regardless, Win2K and WinXP do have restricted-user modes that tie this stuff down quite well. They tend to be used in corporate environments.
Indeed, and the one reason being that the last thing the IT staff wants is users installing apps, because even if the user is not installing a worm or Trojan, installing software inevitably generates incompatibilities and demand for more support.
But for home users, it gets to be a pain in the butt, because it prevents a lot of things users want to do, like installing games, multimedia apps and spyware.
Yep. In XP home, it's easy to have several users on the same machine but by default they all have administrative rights.
doug@nanog.con.com wrote: Microsoft software is inherently less safe than Linux/*BSD software. This is because Microsoft has favored usability over security. This is because the market has responded better to that tradeoff. This is because your mom doesn't want to have to hire a technical consultant to manage her IT infrastructure when all she wants to do is get email pictures of her grandkids.
Exactly. Michel.
If I install code, I'd like to know, when installation is trying to make _administrative_ change, explicitly - so that I have a chance to say YES or NO. In Windows, it is not implemented in installations - you _must_ begin installation as admin. Another big problem is permission system and directory structure. First of all, you are blind - no any analog of 'ls -l' which shows you file owner permissions so if someone change you WinNT directory to 'Writable by anyone_, you never notice it. Security system is toooo complicated for use by normal users; it's rich but require GURU to be configured. Second problem is directory structure. In Unix, when I configure IDS (osiris or Tripwire or Intact), I can just be sure, that 'bin' and 'etc' and 'sbin' and 'libexec' directories does not have any variable files - all non-static files are in /var (Solaris is an exception, they put some 'pid files into .etc, but even here, it is not a problem). But windose... you have not any directory which never changed, and I find few .dll files, changed every few days. Every application puts log and data files into it's own directory (with rare exception of applications, derived from Unix or written by people with Unix background). It makes terrible difficult to configure IDS, and makes system very vulnerable. Of course, it is all trade-off for functionality, but people overestimates it - many MS benefits come from it's dominance , not from functionality. And it all makes it a very good target for the viruses / worms. Alex Roudnev ==========
kenw@kmsi.net wrote: But, regardless, Win2K and WinXP do have restricted-user modes that tie this stuff down quite well. They tend to be used in corporate environments.
Indeed, and the one reason being that the last thing the IT staff wants is users installing apps, because even if the user is not installing a worm or Trojan, installing software inevitably generates incompatibilities and demand for more support.
But for home users, it gets to be a pain in the butt, because it prevents a lot of things users want to do, like installing games, multimedia apps and spyware.
Yep. In XP home, it's easy to have several users on the same machine but by default they all have administrative rights.
doug@nanog.con.com wrote: Microsoft software is inherently less safe than Linux/*BSD software. This is because Microsoft has favored usability over security. This is because the market has responded better to that tradeoff. This is because your mom doesn't want to have to hire a technical consultant to manage her IT infrastructure when all she wants to do is get email pictures of her grandkids.
Exactly. Michel.
On 30-jan-04, at 7:20, Alexei Roudnev wrote:
Second problem is directory structure. In Unix, when I configure IDS (osiris or Tripwire or Intact), I can just be sure, that 'bin' and 'etc' and 'sbin' and 'libexec' directories does not have any variable files - all non-static files are in /var (Solaris is an exception, they put some 'pid files into .etc, but even here, it is not a problem). But windose... you have not any directory which never changed, and I find few .dll files, changed every few days. Every application puts log and data files into it's own directory (with rare exception of applications, derived from Unix or written by people with Unix background). It makes terrible difficult to configure IDS, and makes system very vulnerable.
Actually IMO putting all their crap in their own dir is a feature rather than a bug. I really hate the way unix apps just put their stuff all over the place so it's an incredible pain to get rid of it again. I think MacOS got it right: for most apps, installing just means dumping the icon wherever you want it to be, deinstalling is done by dropping it in the trash. The fact that the icon hides a directory with a bunch of different files in it is transparent to the user. And if an installer wants to mess with the system, a request to provide the administrator password comes up, even for users with administrator privilidges.
Of course, it is all trade-off for functionality, but people overestimates it - many MS benefits come from it's dominance , not from functionality.
I think MS's tradeoffs are mainly time to market vs even faster time to market. Hopefully they'll rip off Apple's ideas for their new stuff. Then add some zone alarm like stuff so apps can't mess with the network without the user's permission and we're in pretty good shape.
And it all makes it a very good target for the viruses / worms.
The fact that SMTP believes everything you tell it doesn't help either.
On Fri, 30 Jan 2004, Iljitsch van Beijnum wrote:
Actually IMO putting all their crap in their own dir is a feature rather than a bug. I really hate the way unix apps just put their stuff all over the place so it's an incredible pain to get rid of it again.
Putting all crap in the working directory is bad design (no way to separate read-only stuff from mutable). Unix/Linux design (all over the place) is pure and simple lack of discipline, or "hack before thinking" approach. Plan 9 nearly got it right, but for the lack of persistent mounts (it's all in an rc file, executed at each login).
I think MacOS got it right: for most apps, installing just means dumping the icon wherever you want it to be, deinstalling is done by dropping it in the trash. The fact that the icon hides a directory with a bunch of different files in it is transparent to the user.
That's UI. Inside it's the same Unix crap.
I think MS's tradeoffs are mainly time to market vs even faster time to market.
It's mostly "We don't care, we don't have to, we're The Microsoft" mentality. --vadim
participants (4)
-
Alexei Roudnev
-
Iljitsch van Beijnum
-
Michel Py
-
Vadim Antonov