|
![](/i/fill.gif) |
On 6/6/2011 12:02, Orchid XP v8 wrote:
> Yes. And it has taken them a spectacularly long time to figure out that this
> model is ineffective today.
Not really. They figured if you had a system where it was single-user,
adding access control wouldn't help unless you were smart enough to not get
infected to start with. If you had a system that was multi-user, you
probably already know how to create accounts that aren't super-user.
> (Apparently this is the company that thought that networks were just a "fad"
> that would go away after a while...)
Microsoft had networking before TCP/IP was popular enough to need DNS.
> They didn't do it in Windows 2000, they didn't do it in Windows XP, only in
> Windows Vista did they *finally* get it right.
If you had multiple users, you could create privileged users or
non-privileged users. If you had a multi-user networked machine, chances are
you were running AD or some such and didn't have an admin account.
> Granted, backwards compatibility didn't help them at all. But I'm pretty
> sure there are better solutions than what they actually came up with.
Remember that when you're talking about security, the result is to break
things. Security in this sense means "preventing things from working as
programmed." Hence, you can't increase security effectively without breaking
backward compatibility. It's a careful balancing act you have to do.
--
Darren New, San Diego CA, USA (PST)
"Coding without comments is like
driving without turn signals."
Post a reply to this message
|
![](/i/fill.gif) |