Showing messages 1 through 2 of 2.

• Thank God!
  2004-03-10 15:47:11  kollivier [Reply | View]
  
  
  Thank God someone else said that! I've always thought the same thing, but according to any Linux / Mac zealot that's not the case...but maybe that's just them being weird.
  
  Can we have some facts to back this point up? When people actually compare design decisions made by Microsoft and by Linux/Mac OS X developers, they've found that up until very recently Windows has always taken the 'least secure, easiest to use' route. (i.e. Let's enable potentially dangerous feature X for customers so that it will 'just work'.) Doing things like leaving IIS on by default on Win 2K and leaving the RPC port open (even on XP IIRC) were not prudent moves from a security perspective. Their IIS security model also gives too much permission to certain extensions, unlike Linux/Apache. Once you involve other MS products like Office and particularly Outlook, we could go on and on about poor security decisions. In fact, IMHO, they're red flags that the company has in the past not taken security as seriously as it should have.
  
  I do applaud Microsoft for their increased attention to security, but realistically, most of this attention is very recent and due directly to massive exploits of various security holes. Linux and Mac OS X were designed from the ground up to avoid leaving obvious holes open for people to exploit, taking a "closed unless you open it" approach to security. Any platform can be exploited, but some have historically done a better job of "locking the doors" and keeping people out than others.
  
  People who are inexperienced with computers and use an older version of a Microsoft OS (like Win 98, ME or in some respects 2000) very much need to deal with a bunch of security issues that they don't even understand just to keep their machine from being hijacked by a virus or worm. If MS had took some reasonable security measures from the start, measures that Unix has been using for decades, then these people wouldn't have to constantly be updating their OS and firewall protection just to keep using their computer.
  
  While it is very true that some portion of this problem is due to Microsoft's dominance in the desktop OS market, they really could have made some prudent decisions that would have avoided possibly a large majority of these exploits from ever taking off. If you dismiss the 'zealots' without even trying to figure out whether or not they actually have a point, then are they really the zealots here?
• Thank God!
  2004-03-16 15:42:15  musnat [Reply | View]
  
  
  "Linux and Mac OS X were designed from the ground up to avoid leaving obvious holes open for people to exploit, taking a "closed unless you open it" approach to security."
  
  Please don't insult us. I am a programmer, I have programmed for Unix/Linux mostly, I know allmost everything about Operating Systems, the history of Linux etc... What the hell makes you believe that Linus was thinking security first when he first implemented it. What makes you think that MacOS X is designed security in mind. Please be reasonable, you are talking to technical guys here. Only political people would claim that. However I understand you if you repeat what you read. Nothing in Unix or Linux has anything to do with special security. The only good thing about Unix was this super user separation, and for that windows xp had the same. If you would consider Windows 95 or 98 I could understand, but XP vs Unix? Most of the security problems come from services with ports open by default. Almost all linux services has security patches, you probably don't hear about it or that you just don't read about them.
  
  The only problem Microsoft had is that opening these ports by default even though many home users didn't need them. That's where Microsoft made a serious mistake, that's the only place you can really criticize Microsoft fairly.