|
 |
Warp wrote:
> Darren New <dne### [at] san rrcom> wrote:
>>> If the very first version of DOS had had a similar account/password
>>> system as unixes,
>
>> ... then it wouldn't have run on an 8086, and MS would be broke.
>
> Or maybe we would have much better PCs today because they would not be
> based on (and mostly backwards-compatible with) a totally antiquated and
> obsolete architecture designed by IBM and Intel.
Maybe. But the machines had to be cheap enough for individuals to buy. More
importantly, they had to be cheap enough that they could go into the right
spot on the budget.
The only thing that made PCs "cheap" at the time was the clone makers. It's
hard to say whether things would have taken off or not, but it's not like
there weren't powerful UNIX-based machines with well-designed CPUs in the
mix at the time.
> Think about how the game industry has boosted the development of graphics
> cards. Imagine if the same boost would have been done to the PC architecture
> by OS vendors.
They had things like that. The Dolphin running Smalltalk. The Amiga's
specialized chips. LISP machines. IBM made an APL luggable computer I worked
on for a while. Heck, even the Mac was in the competition. And at the low
end you had dozens of radio shack, Apple ][, Vector Graphics, Tektroniks,
Kay-Pro, Commodore, and a dozen other brands of machines, many of which were
mostly compatible with each other at the software level via CP/M.
And the 8086/8088 was designed to run Pascal, which also didn't take off.
So... what happened?
>> It's hard to say. Most of the other systems of the day didn't have it either.
>
> Multi-user unix systems were certainly being used in many environments
> (eg. at universities with thousands of students) back when Windows95 didn't
> even exist. Back then things like logins, passwords and access rights were
> a given in those system. Yes, I have personal experience.
Sure. But the other computers you'd buy yourself, for one user, didn't have
any password stuff. I'm talking mostly the 8-bit computers that the IBM PC
wound up replacing. Sure, I used Solaris machines and even z8000-based UNIX
machines. They weren't something you'd buy for a secretary, tho.
And when you have a computer with thousands of users, you have someone
knowledgeable taking care of it, and everyone with access has a basic
understanding of computers or they wouldn't have access. It wasn't a general
purpose tool - it was a computing tool, and to use it, you needed a
fundamental understanding of how the computer worked.
>> Contrast with something like Singularity, where you explicitly list every
>> program you're going to run
>
> I never said that unix is the perfect system. I just said that it's
> *better* (in terms of safety) because the fundamental design is different
> (namely, it's intended to be a multi-user system).
Well, Windows is too, *now*. You can blame Windows users for the problems,
and blame Microsoft for Windows users. But having actually dealt with people
who don't know what they're doing, I have come to the conclusion that if you
put a general purpose tool in the hands of someone who has *no* idea how it
works, you're going to get scripted behaviors (i.e., people who take notes
on the steps they have to go thru to send a picture to their grandchild)
with no understanding or desire for understanding of the implications for
anything except "did it work?"
In other words, I don't think that having had logins from the beginning
would have taught people that mail can be forged. I mean, heck, do you think
having logins on the computer would teach people not to fall for Nigerian
scams? Do you think it would teach people not to fall for phishing scams?
Why would you think it would teach people not to fall for any other sort of
forged mail?
> The point is that if operating systems had had the proper design from
> the start, things like computer viruses wouldn't exist
I disagree. That's exactly why I listed all the security flaws that UNIX
fixed over time. Such OSes *would* have bugs, *did* have bugs, and they'd
continue to have bugs as new capabilities were introduced. Nobody has a
Morris worm before SMTP. Nobody had UUCP appending mail to /etc/passwd
before UUCP was around. Nobody stole passwords by connecting to a coworker's
X terminal before X was invented. Every operating systems has had viruses
and worms and such, including those who had multi-user access controls built
in to start with. Granted, it's hard to know exactly how many, especially
given the explosive growth in the number of machines in use and the
explosive growth in the number of computer-naive users. But, too, when a bug
was found in UNIX, it wasn't valuable to avoid reporting it, so they got
fixed instead of exploited, usually. Except Kevin Mitnick, who also made
international news by stealing stuff not from Windows machines, but from
UNIX machiens.
Now we're in a different world, where it's actually valuable to find and
exploit flaws, rather than reporting them when you come across them in
normal usage. (Sort of like now suddenly we need to protect airplanes from
terrorists, and not just the passengers. :-)
Basically, history does not bear out your statement, and the disproof is why
I listed all the UNIX flaws that had been fixed over time.
Heck, by all estimates, Mac OSX has more security holes in it than Windows
does (per installed unit, obviously), and it's based on an OS that has
always had logins.
That said, yes, certainly a system that has always had multi-user
authentication (and, more importantly, a separation of administrative duties
from daily operations) is superior to one that doesn't. But when every
system now has multi-user controls, and people try to deliver applications
over the internet yadda yadda, you wind up with viruses that don't need
administrative privs to propagate. I suspect that's the vast majority of
active viruses now - those that steal personal information or add you to a
bot-net, neither of which need (or even want) admin privileges.
--
Darren New, San Diego CA, USA (PST)
Serving Suggestion:
"Don't serve this any more. It's awful."
Post a reply to this message
|
|
