Amen. 10.0 was the shizz, literally. I had to reinstall my OS 9 in order for my old iMac G3 to work again after I booted into 10.0. If Tiger is based off of 10.0, then that would be the most amazing conspiracy to this day.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Why can't Microsoft build a secure operating system?
- Thread starter MACDRIVE
- Start date
- Sort by reaction score
Amen. 10.0 was the shizz, literally. I had to reinstall my OS 9 in order for my old iMac G3 to work again after I booted into 10.0. If Tiger is based off of 10.0, then that would be the most amazing conspiracy to this day.
Anyone who has worked with Unix level security and Windows level security knows the fundamental differences. They are great. As to the original question, I think the reason is (as someone else mentioned), MS has been the only game. Users deal with what is given to them. Again, the downside of letting this monopoly come to be. Where is the incentive?
When NT came out, MS had a clear avenue to develop a Unix-like OS, with Unix level security. I actually think that was their intention. But, they kept that stupid registry and eventually made it so casual users had to be given local admin rights. That is a disastrous combination. I deal with this crap everyday. Vista was suppose to be the 'clean break', the contrition for past sins. Instead, it looks like this version is more of an excuse to stop the loss of marketshare.
I received a call from MS last Thursday. They want to send a warm body out to do a dog and pony show on why Vista, and Office 2007 is such a great deal for us. I attempted to decline. They were insistent. I acquiesced, with the stipulation they wear body armor.
The problem with MS security isn't the applications, or the hardware. It's the OS. Compatibility isn't the problem. I'd argue Apple is compatible with more hardware per working engineer than MS is, and yet they pull it off. Linux is usually a few months behind the curve, but their compatibility with ancient systems is legendary and they're usually just a few months behind on new releases.
This is a lot of it. Once MS looses 5% of their market share because of security problems, they'll focus on security-- probably in some completely draconian method, but they'll put the money into it.
I think you have that backwards... Microsoft has 95% of the market. If they suddenly shut down windows and produce something better that's only 80% compatible, where do you think developers and users will go? They'll stick with what they know and at that point all they know is Microsoft. You can say "past performance does not indicate future results" until you're blue in the face and no one will get it.
Apple, on the other hand, had to risk alienating developers and users who were already in a position of wondering why they were bothering to fight the current and why they shouldn't just go with the major player. Imagine if Adobe had said, "you know, this just isn't worth it for us".
This is part of it too... Microsoft has designed a platform to attract developers (developers, developers) and businesses to build on and endorse. IE was intentionally designed to benefit advertisers, because websites want advertisers and IE wanted websites "best viewed on IE".
Symantec et al made a big stink about MS closing certain hooks that the AV writers used to plug into. MS claimed it was to secure the OS, but then they capitulated and left it open... Symantec wanted the hooks left open because that was how their tools attach to the kernel, not because it made it easier to write viruses (at least I hope that's not why), but what does it mean when you make your OS less secure because the AV companies ask you to?
------------
The other big problem in MS culture is the engineers attempts to out-geek each other. I read an article lately about how VBA is written-- what a freaking mess! No wonders they can't maintain that... They do stuff in their code that is very "clever" but not terribly smart-- they save a cycle here and there, but they can't maintain it, they can't secure it, and usually they can't even get it to work right in the first place.
This attitude spills over into their refusal to build to open standards. They think they can do things better themselves (either for technical or business reasons) and they lose the benefits of all the great minds outside of Microsoft.
Good point. However, the more resources they must expend on compatibility and legacy abilities, the less they can expend on security. I think it's related.
I think most of the hardware drivers and such are actually written by the hardware companies, and not by Microsoft. If it was the drivers that kept getting hacked (like the infamous Airport hack) then I'd push some of the blame off on others, but it seems to be the OS and MS components (*cough* IE) that keep getting compromised.
You're right that divided attentions can be a cause, and Apple does have more engineers working on their stuff than they actually employ (because much of OS X is open source), but with the huge amount of money and resources that MS has at its disposal I'd expect better. It's hard to manage these huge projects, but that's supposed to be their core competence...
I'm sure Vista was a clean break to start, but as time progressed, features fell out.
Wasn't there a recent admission that Microsoft started over with Vista in 2003? They probably went back to a less ambitious platform and that's why the Registry continues.
Microsoft could develop a secure operating system but it's much more difficult and not in tune with their work habits. They spend 100 % of their time attacking 65 % of the problem.
it's not that winblows is less secure, it's that windows is on something like 98% of computers in the world. What sort of hacker would go for only 1.5% of the computers in the world instead of 98%? My 2 cents
This argument has been debunked many, many times already. OSX is harder to crack, and there are plenty of people trying to do it if only for the notoriety of being the first one to write a successful Mac virus. You'd get more public attention with the first Mac Virus than another Windows exploit. If it was only obscurity that was the source of Mac security there would be many Mac viruses out there just to shut our smug arses up.
On the side of Windows, it's been my feeling for awhile (not that I'm much of an authority) that a big problem in Windows is the level of access a single application is given to the OS kernel and other applications as well. A single app on Windows installs .dlls registry entries and shares .dlls and other information with other programs. This allows many more paths from innocuous applications to do malicious things to the system. This is especially true of MS applications that use their inside knowledge of Windows to increase performance, illustrated best by IE. When your browser is tied so tightly to your OS that you can't really uninstall it, you're just begging for trouble. With Macs applications tend to be more of the standalone package types and don't share many of their inner workings with other apps and rarely install bits outside of the .app directories.
So many reasons
There are many reasons Microsoft won't rewrite their OS anytime soon. Although Singularity is a project, who knows what will ever come of it. Vista IS essentially Windows XP SP3, but then again, there wasn't much difference between Win2000 Professional and XP.
There are several reasons Microsoft won't rework their OS anytime soon.
1) The money that comes from selling antivirus software. If there's no antivirus software on the market, who loses money and stock? The antivirus companies. This is why I believe some of the viruses and spyware out there are created by these same companies, to sell their product.
2) Mainly, application support. A complete rework of their operating system, although inevitable as it is (there's too much junk in the OS for it to go uncleaned much longer) will cause application complication (pardon the endrhyme), and will take some serious amount of time to rework and redeploy. Though things such as a 'Windows Classic' may come to exist, can you imagine the impact on the gaming industry? They have the most to lose, and yet they're being led on a string by this 'DirectX10' propaganda. The people that like to have the latest and greatest hardware to play the latest and greatest games are the ones that, sadly, are buying into Microsoft's propaganda....sort of like how they call us Apple fanboys.
3) The hacking and cracking potential of Windows. As already mentioned, Antivirus companies makes millions off selling to consumers, and potentially billions by selling server editions to Corporations and big companies. It's sort of a two way street that goes to the same place, Microsoft and companies like McAfee and Norton need these people to help make them money...a bit of an unintended side effect perhaps on the part of the hackers and virus writers.
4) Companies like Secunia would be pointless. Secunia is the company that always has to print papers talking about security vulnerabilities, and goes into great enough detail that one that has any knowledge of computers can exploit. Script kiddies and blackhatters everywhere drool at Secunia's latest revelations. If they aren't publishing these things, they stand to lose money, because no one would pay attention to them. The greatest threat, even if Microsoft fails to see it (or rather turns a blind eye to it) is Secunia's reckless disregard for computer safety by not keeping them silent and sending them to Microsoft.
5) Spyware, and Antispyware, for the same reasons as Antivirus.
These are only some of the reasons why Microsoft won't rewrite their OS anytime soon.
There are many reasons Microsoft won't rewrite their OS anytime soon. Although Singularity is a project, who knows what will ever come of it. Vista IS essentially Windows XP SP3, but then again, there wasn't much difference between Win2000 Professional and XP.
There are several reasons Microsoft won't rework their OS anytime soon.
1) The money that comes from selling antivirus software. If there's no antivirus software on the market, who loses money and stock? The antivirus companies. This is why I believe some of the viruses and spyware out there are created by these same companies, to sell their product.
2) Mainly, application support. A complete rework of their operating system, although inevitable as it is (there's too much junk in the OS for it to go uncleaned much longer) will cause application complication (pardon the endrhyme), and will take some serious amount of time to rework and redeploy. Though things such as a 'Windows Classic' may come to exist, can you imagine the impact on the gaming industry? They have the most to lose, and yet they're being led on a string by this 'DirectX10' propaganda. The people that like to have the latest and greatest hardware to play the latest and greatest games are the ones that, sadly, are buying into Microsoft's propaganda....sort of like how they call us Apple fanboys.
3) The hacking and cracking potential of Windows. As already mentioned, Antivirus companies makes millions off selling to consumers, and potentially billions by selling server editions to Corporations and big companies. It's sort of a two way street that goes to the same place, Microsoft and companies like McAfee and Norton need these people to help make them money...a bit of an unintended side effect perhaps on the part of the hackers and virus writers.
4) Companies like Secunia would be pointless. Secunia is the company that always has to print papers talking about security vulnerabilities, and goes into great enough detail that one that has any knowledge of computers can exploit. Script kiddies and blackhatters everywhere drool at Secunia's latest revelations. If they aren't publishing these things, they stand to lose money, because no one would pay attention to them. The greatest threat, even if Microsoft fails to see it (or rather turns a blind eye to it) is Secunia's reckless disregard for computer safety by not keeping them silent and sending them to Microsoft.
5) Spyware, and Antispyware, for the same reasons as Antivirus.
These are only some of the reasons why Microsoft won't rewrite their OS anytime soon.
I would argue that Microsoft has a secure OS. You just wouldn't use it when it is locked down.
Who wants to log into their computer at home? Who wants to have to remember passwords when installing software? My one XP machine has nice little pictures and logs into that users account (sans password) when you click on the picture.
That's what users wanted and thats what they got.
Who wants to log into their computer at home? Who wants to have to remember passwords when installing software? My one XP machine has nice little pictures and logs into that users account (sans password) when you click on the picture.
That's what users wanted and thats what they got.
Although it is true that crackers/spammers target Windows because it is popular doesn't imply that it is expected to be less secure than other Operating systems.
Apache runs almost 70% of world's web servers yet MS IIS has had way more problems (worms et. al) than Apache ever had. Just because a piece of software is more popular doesn't mean it is less secure.
I believe that was my point in showing a huge problem in the original comment that Vista is just a new skin for XP.
Some else saying Vista just SP3 for XP. Going off that Tiger just SP4 for OSX.
Just going to a form that most people here have a better understanding of explains the flaws in there arguments a bit better.
I suspect it's due a lot to the hooks that Microsoft put in every aspect of their OS and applications that allow them access to the underpinnings to add enhancements and other features.
I like the fact that Tiger requests your password when you perform updates and installs rather than assuming you should have the rights of the account that's logged on.
For the life of me I can't figure out how a single executable program like a downloader trojan or spyware could be installed on a computer OS or through a browser that was properly written without notifying the current user and requesting permission.
I like the fact that Tiger requests your password when you perform updates and installs rather than assuming you should have the rights of the account that's logged on.
For the life of me I can't figure out how a single executable program like a downloader trojan or spyware could be installed on a computer OS or through a browser that was properly written without notifying the current user and requesting permission.
Well I would be careful on that belief. OSX is about as easy to target with Trojan horses as windows because they use a huge weakness in security that can never be removed and that weakness is human one.
On OSX you just have to give the program permission to install and in doing so you are letting it pass all protection OSX has built in to it so as part of the installer is the Trojan and it gets installed with it. That or is it a trick file and it only thing is the Trojan. Trojan horse relay on human gullibility and stupidity to install and that is something that you can never remove.
Now I do know several Trojans have come out for OSX over the years but Trojans are pretty weak in viruses because they do not spread very easily or quickly and by definition Trojans are not viruses.
I would agree that a good bit of the code from 10.0 still exists in Tiger, but Tiger, just like Panther and Jaguar and Puma were more than just eye-candy upgrades. They were major releases in code and upgrades (for the most part) in stability, security and performance. In fact, I'd say that the later releases (aside from some of the effects used) actually reduced the eye-candy, instead focusing on how to make the personal computer better.
And pseudobrit, just cause Apple never released 10.0 on x86 doesn't mean that it wasn't possible. From what Steve said, OS X (which I take to include 10.0) has always been written in tandem, for both PPC and x86, just never released for x86.
On the original topic of a secure MS OS, I used to hate Apple for keeping the hardware and software locked up, but lately, as in since 2004 when I saw the light, I've realized that there are fewer problems with Apple computers because of this very reason. But I've noticed the support nightmares that I've had with Windows because of some incompatibilities, or just old code that doesn't run well/slows down. Not only do I have to constantly fix my work and home computers, but I'm troubleshooting all the PCs in the office, and my parent's computers as well as other family members/friends. In the end, I'm gonna get a MBP and hopefully switch my mom over to a mini and not have to worry about it as much.
But they avoid doing even the easy stuff. Microsoft must have long known that allowing system-level changes to be made without an administrative user having to provide explicit permission is a major security vulnerability, yet they failed to make this improvement in Vista.
...which, of course, it is. It's the same codebase. It's been updated and changed and added to over the years, naturally. It has never been re-written from scratch. Nothing particularly amazing....
As for security, there are quite a few million machines running OS X out there. You'd be sadly naive if you thought the various hackers and scammers out there wouldn't happily take advantage of them if they could. They don't have morals or ethics and aren't being "nice" to OS X just because there are fewer copies running than Windows. Anything is a target for them.
--Eric
Then again, you get a bloody wizard to interrupt your every action on the same machine.
Lay off the wizard -- he's my favorite Microsoft kludge!
Besides, he might get mad at you, and you don't want to see that.
What's the difference? I don't make any progress when a wizard gets involved in what I'm doing.
It's the perception of being helped on Windows vs. not needing help on Mac OS X.
I can work on either and get things done until the Wizard pops up and I spend too much time trying to dismiss it. Yeesh!
What's the difference? I don't make any progress when a wizard gets involved in what I'm doing.
It's the perception of being helped on Windows vs. not needing help on Mac OS X.
I can work on either and get things done until the Wizard pops up and I spend too much time trying to dismiss it. Yeesh!
Now I see your problem -- you insist on annoying the Wizard. I have it on very good authority that the Wizard does not appreciate being annoyed.