filePro and Vista

[Fairlight]

On Mon, Nov 27, 2006 at 09:42:11AM -0800, Bill Campbell, the prominent pundit,
witicized:
> 
> ``Security forcasts'' are to be taken with a large grain of salt
> considering that many of them are made by organizations that have
> a vested interest in Microsoft's insecurity, and spread FUD to
> get people to buy useless products for OS X.  Here's an
> interesting article I saw recently on the subject.

I will agree with your statement that certain organisations have a vested
interest in the vendor.  I wouldn't consider SANS part of that group,
however.

> That's certainly true, but the usual FUD arguments ignore the
> fundamental security issues with Windows that aren't generally
> available in *NIX based systems which have been designed for
> multi-user network operations from day one while Windows was
> originally a program loader for non-networked hobby machines.
> Remember that Unix was originally developed by Bell Labs, and the
> phone companies have always had issues with people attempting to
> crack into their systems.

UNIX proper was originally an OS for switches if I remember my history,
yes?  At any rate, I agree on your point of what they ignore.  However, I'd
add that OS/X's and *nix's (Linux, *BSD, et al) influx of security
vulnerabilities in recent years has been driven by two factors.  One of
these is a huge preponderance of applications written in the security
nightmare that is PHP.  I maintain that there is something fundamentally
wrong with the design of a package driving a large percentage of web-based
software in which 95%+ of Web Application security vulnerabilities have PHP
in the alert title.  I can't remember the last time I saw a perl or even
ASP based alert; and even when there are one or two in dribs and drabs,
they're in the minority.  So there's one hole.

The other hole is that applications like P2P sharing programs, IM programs,
and whole application suites written to replace, emulate, or even be
straight ports of 'doze programs have been brought to these traditionally
more secure platforms.  The security holes aren't always in the platform
itself, but rather in the applications running upon it.  It happens that
*nix just plain has better protection against such attrocities--but
sometimes that's still not been enough.  But the more that is ported over
of the application collections, the more issues *nix will have to contend
with that it traditionally did not.  That curve will only rise as people
keep aiming for a popular *nix desktop.

> There's also a major problem with software folks who don't have a
> clue about running in multi-user environment where ownership,
> file locking, and concurrency are major issues.  Many Windows
> programs require the user to run with Administrator priviledges
> because the authors couldn't bother to do it right.  Of course
> this isn't unique to Windows as I've seen far too many accounting
> programs for *nix that require 777 permissions on everything to
> work properly.

Tell me.  *sigh*

> BTW:  I'm typing this from a PowerPC Mac Mini, and my fresh
> laptop is a 15in PowerBook which replaces my 7+ year old ThinkPad
> 600 which has run many versions of Linux over its lifetime.

Finally made a change, eh?  I'm -still- tickled with my Compaq Presario
V3015NR.  That baby never gets old.  That it's running XP Home and I have
no problems with it doing so say something about the progress 'doze has
made.  In fact, I have zero desire to install *nix on it of any flavour.

Know what the biggest obstacle in me wanting a *nix desktop again actually
is?  Lack of current game ports.  We have a fair amount of legacy/classic
stuff available, but you can't run something like World of Warcraft without
using emulators--which is never really the best way to go from a
performance standpoint, as you need at least 20% more powerful gear to run
it at proper metrics, usually.  Actually, I just read that they just
UNbanned a bunch of people running WoW from Linux under emulation once they
figured out what was going on and why they'd been banned under false
assumptions.

Give me native ports of every game out there (especially with Mesa, et al,
there really isn't a problem with APIs) and I'd strongly consider the move.
Not until.  I dual-booted for years, booting less and less to *nix the less
ports that were made available for it.  I finally gave it up as a lost
cause for a desktop for my mixed usage pattern.  I use Win2K on desktop and
keep PuTTY connected to an internal linux server here 24/7, on which I run
screen, connecting to lots of different things.  And I get my games.  I
know there are some like yourself that don't game at all.  There are,
however, a decent percentage of us who do, and for whom it is an issue of
some consideration when choosing a platform.

mark->
-- 
Try our new SPF-0 lotion, SunScream[tm].  Get it while it's hot!