-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 James Knott wrote:
Tero Pesonen wrote:
If that's too complicated for someone, they shouldn't be using a computer at all.
So, are Windows XP or Vista not safe then when used intelligently?
--Tero Pesonen
There are a number of flaws in the basic design of Windows that makes it more difficult to secure. One was a result of the "browser wars". When Netscape sued Microsoft for forced bundling of IE, Microsoft claim that IE couldn't be removed because it was part of the OS. At that time, it was simply another app, like Netscape. However, with the next Windows version, IE was deeply embedded in the kernel, using many common files etc. The result of this, was a security breech in IE became a breech in the kernel. There are many other examples, from the technical perspective about why Windows is inherently less secure. Ever notice how many Windows apps require a user to run with admin rights?
Windows NT as originally designed was secure but a combination of inputs from the sales team and the application group compromised what was a reasonably secure design extremely badly. (Essentially Microsoft bought the VMS design team from Digital, and NT originally owed a lot to VMS). The windows 9x/98/Me code stream was really Windows(4?)/MSDOS 7 with the GUI as a compulsory option. Many applications were designed to run on Windows 9x which did not have a security mechanism. One result was that there was additional requirement within many MFC applications that the application needed to be read/write (some types of editable data resources were embedded in the application). This immediately created a security issue (often compounded by issues with 3rd party drivers dropping temporary files in some very odd places). COM the basis of much of the system and application infrastructure originally had no intrinsic security mechanism. IE ActiveX controls are largely COM objects. Subverting a COM driver was a disturbingly easy thing to do. I believe this has since been addressed. Microsoft struggled for years to integrate the NT "Business" code stream with the 9x/Me "Home User" code stream and did not really succeed in any way until XP. On a another note, Novell introduced NDS for NT which effectively replaced the GINA component of NT with NDS based Netware and removed the domain services support (apparently Bill Gates went apoplectic when this happened). Therefore M$ introduced a whole set of checks into the server version of Office to ensure that it would only run with Domain Services support installed. (Domain Services had a much weaker security model than Novell Netware). This in itself created some interesting problems. Add to that the need to support workgroup peer to peer networking for Windows 16/32 bit systems with its truly dodgy security and you have a bit of a mess. Something that could have been quite good undermined by brush salesmen and sloppy program design. - -- ============================================================================== I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone. Bjarne Stroustrup ============================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFHrIP7asN0sSnLmgIRAuGgAKCKnOmH/Fxu7T4wMJ2M9z2fKvBAXwCeOvIU koBuOhfMHk7YUpNUlj/9gcI= =3Wmf -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org