Inline... -----Original Message----- From: Ben Scott [mailto:[email protected]] Sent: Thursday, June 04, 2009 11:56 PM To: NT System Admin Issues Subject: My OS is better than your OS (was: Mac Anti-Malware)
[subject line changed to reflect the nature of this thread] On Thu, Jun 4, 2009 at 9:34 PM, Ken Schaefer<[email protected]> wrote: > UAC fixes this in Windows Vista and newer. Windows NT 3.1 (the first release) fixed it with user accounts. There wasn't anyone holding a gun to anyone's head saying, "Make all users admins or else". [sc] Indeed there wasn't. However, without backward compatibility with the Win16 world, adoption of that new-fangled OS would have not necessarily have been a given. This remained true thru 2000, and possibly up to XP, as until Win95/98/Millennium was vanquished, Wn32 code on those platforms didn't have to deal with this. [sc]Admittedly that doesn't make it "right", but the world/'net was a different place then, and market realities (aka user desires) do tend to rule. Now, there's definitely a very significant momentum in the 'doze world, where many people just assume everyone has admin rights. Even Microsoft still has this problem to significant extent. For example, their latest and greatest software development suite has a long list of things that don't work right if you don't have admin rights. This reduces overall practical security. [sc] I rather expect that DEV environments might be a bit odd in this regard (after all, you probably need SeDebug and other such perversions). I can say that from a biz software perspective, stuff from MS has been MUCH better in the last several years. It is taking some vendors a while to catch up tho. There are also legions of home computers that came pre-configured to auto-login to an admin account. If they were all running Linux or Mac OS X or BSD that way, they'd all have the same problems. [sc] Indeed. Mac OS X has a few things going for it: * Smaller installed base means it's a less attractive target. * Since Apple started from scratch with it relatively recently, they were able to build in a much better overall default security stance. Application developers and users are all used to the idea of security on that OS. [sc] The small base thing has seemed to work in Apple's favor. My concern form the earlier response was the assumption that end-user pwnage was the only significant attack vector... certainly untrue, although Apple's rather small based of servers probably makes that target somewhat less attractive as well. In conclusion, "Linux rulez, Windows suxors!" [sc] Well, if I _HAVE_ to, I'll take OpenBSD, thanks. ;-) See also: "Every OS Sucks", by Three Dead Trolls in a Baggie. http://www.deadtroll.com/video/ossuckscable.html -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
