Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : I am convinced... : Re: I am convinced... Server Time
3 Sep 2024 21:19:31 EDT (-0400)
  Re: I am convinced...  
From: Darren New
Date: 21 Dec 2010 15:55:22
Message: <4d11143a$1@news.povray.org>
 
Orchid XP v8 wrote:
> Either way, when they realised the true situation, they should have 
> changed their design practises. Radically.

Really, few other people understood the security flaws at the time either. 
HTTP wasn't invented with encryption in mind. SMTP had no controls on who 
could send mail. Basically, there wasn't even a standard encryption suite 
until long after Windows was networked and HTTP started being used for 
commercial applications.

 > Indeed, if you want to set file permissions, you can *only* do
 > it via the GUI.

cacls is so old it's deprecated in favor of icacls.

And no, Windows doesn't tend to provide command-line tools for things you 
can do via scripting. That's what scripting calls are for, and why 
powershell is looked on so favorably by windows admins.

When your fundamental OS interface is essentially object-oriented and 
API-based, you don't get a whole lot of non-programming command-line tools 
to manage stuff.  It's only when most of your configuration is stored as 
text files that you get text-based tools to manage it.

> Unfortunately, it turns out that 99% of all Windows software still 
> *assumes* that it has permission to do everything.

I don't believe that's true any more. It might have been when XP first came out.

> One could argue that it's not so much /Microsoft/ that is slow to adapt, 
> of even it's /users/. No, it's the people writing Windows software. If I 
> had a penny for every time I've had to do something stupid just to make 
> the buggy, barely-functional device driver for some crappy cheap-arse 
> piece of hardware work...

Exactly.

> Of course, Microsoft don't really help themselves sometimes. They have 
> an almost obsessive tendency of making everything as scriptable, 
> programmable and customisable as possible. I guess because all those 
> extra features look good on the tin?

It's in part because they have big customers who need that stuff. It's not 
like UNIX isn't scriptable programmable and customizable.

> All of which is very *powerful* and everything. But the net result is 
> that everything from emails to Word documents to spreadsheets, 
> databases, presentations, and so forth all can have arbitrary executable 
> code embedded in it,

And *that* is exactly why malware is still around in multi-user systems. And 
it happens in browsers and everything too, so it's not restricted to 
microsoft code.

> And it's no secret that you 
> can use Access to build what ammounts to a desktop application.

Well, that's kind of what it's for.

> And after the 198th time the user sees this annoying, unecessary error 
> message, they just stop paying attention. And then when a *real* threat 
> comes along, the user will blindly and automatically click "yes, please 
> run this unsigned code". Because they've had to click it a thousand 
> times before in order to get stuff done.

That's a part of the problem. You can't ask users to be making that sort of 
decision, either at the "access the file system" level or at the more 
fine-grained level. The Android mechanism makes a lot of sense to users. But 
in a system where you don't declare what code you're going to run or what 
privileges you need (which applies to both UNIX and Windows and most other 
systems), this doesn't work.

And that's why I thought the new types of hardware coming out (portables, 
games, phones, and custom server hardware) might provide a chance to get 
away from these legacy problems.

> - Microsoft failed to realise that networks would become "important" 
> (and hence, security would be necessary).

I disagree this was unique to Microsoft.

> - There is now a huge codebase of cheap, buggy, unsupported software 
> which people expect to work on Windows. If you start actually doing 
> things in a secure way, most of this software will break. (This is 
> technically a GOOD THING, but it doesn't sound very good to the people 
> who just want to do their stuff.)

Exactly.

> - Microsoft thinks that endless rafts of whizzy features are more 
> important than computer security. (That's quite a serious problem, right 
> there.)

I believe starting around the time of XP SP2 they realized their lack of 
security was actually hurting their business.

> - Unix is the OS for computer experts. Windows is the OS for idiots so 
> stupid that arguably they shouldn't be let near a computer in the first 
> place. Wanna guess which one has the biggest security problems?
> 
> - Windows systems outnumber Unix systems 10^4 : 1. Wanna guess which one 
> most people spend their time trying to attack?

Yes and yes.


-- 
Darren New, San Diego CA, USA (PST)
   Serving Suggestion:
     "Don't serve this any more. It's awful."


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.