undefined | Better HN

story

0 pointsarchangel_one13y ago0 comments

> Again, why do you (and others) keep comparing today's Linux/Android/OS X OS with a 10-15 year old Windows OS.

You argued that Windows was targeted solely because of its high market share. I'm drawing a comparison to another platform with high market share; there simply wasn't anything comparable ten years ago. And it is not obvious to me that it's not a valid comparison; Microsoft were a huge company who had been developing Windows for fifteen years at that point. Android is a lot younger, so you could just as well expect it to be less mature and therefore less secure.

And yes, I know it is possible to run it without being compromised. You obviously knew what you were doing; millions, even tens of millions of others didn't know and wound up with their computers zombified into botnets. That wasn't all because of their ignorance; there were times when a newly installed XP machine would be compromised less than fifteen minutes after being connected to the internet, which wasn't enough time to install the patches it needed. That can't be considered that user's fault, especially when they've just sat through half an hour of being told how they're installing The Most Secure Version Of Windows Yet!

> Of course they had to do all that. The Windows users back then were generally not very savvy...

Now you are missing my point. Microsoft didn't have to do anything. They could have built an operating system that was harder to use but more secure. I contend that it's even conceivable that they could have built an operating system that was roughly the same for ease of use, but still more secure; maybe they'd have been slower to market or had to compromise elsewhere. The point is that security was not a priority for them for years, they obviously just weren't that concerned. That may ultimately have been the right path for them, because they arguably didn't pay a high price really, but I don't personally consider it the technically best course.

> My point is that what is possible today, was not possible 10, 15, or 20 years ago both from a tech and user point of view... Just because someone can do OS security good today, dosn't mean you can blame someone else for not doing it good decades ago.

I think this is where we fundamentally disagree. I don't see why you think security is only something that can be achieved now and why it couldn't be ten or fifteen years ago. In the Unix world, people have known not to run as root for decades; Microsoft chose to ignore that for a long time and ultimately have been forced to shoehorn it back in for Vista. They could have done that in XP, if not long before; it certainly had the capability for it, they simply cut that out of XP Home and chose bad defaults for XP Pro.

0 comments

powertower13y ago

> And it is not obvious to me that it's not a valid comparison; ... Android is a lot younger, so you could just as well expect it to be less mature and therefore less secure.

There is a reason why PC games are so much more advanced in their design, graphics, and game-play today than they were 10-20 years ago.

By your logic, there is little reason why Crysis 3 should not have been developed 15 years ago. If they can do it now, and the product/market fit for it is good now, why not 15 years ago!

That's just not how it works.

> In the Unix world...

Different world, different people, different needs/wants.

Microsoft didn't ignore anything; they have maintained a billion users for more than a decade. And profited more than most companies with an increase in sales every single year. They did something right, more than they did something wrong.

Easy-of-use was a priority for them over security until after XP because...

1. It would have impacted their users negatively (do you remember the response due to the new security in Vista?... people couldn't handle a pop-up, couldn't understand privileges, etc).

2. There previous OSs started from a single-user standpoint and it's difficult to change that (and maintain backwards compatibility, 3rd party drivers and software, support, etc).

You make things seem so easy. That's not how it works.

archangel_oneOP13y ago

No, that is a totally different thing, and a fairly ridiculous comparison. You clearly can't have Crysis 3 15 years ago because the computers weren't powerful enough. Please don't apply a bad metaphor and tell me that's my reasoning, because it clearly wasn't.

Security does not require computing power, it needs careful code. By your logic, OpenBSD would have been an insecure mess 15 years ago, and nobody's web server would be getting hacked today. That is not how it works.

powertower13y ago

I've pointed out how ridiculous it's to blame Windows 95 for not being what today OSes are.

Since that wasn't good enough, I then pointed out how ridiculous it would be to compare IE6 (circa 2001) with the latest version of Chrome (2012).

But that wasn't good enough either.

So in the most general of ways I gave you one even better, which BTW had a small part to do with PC performance and more to do with everything else.

> OpenBSD would have been an insecure mess 15 years ago, and nobody's web server would be getting hacked today.

Have no idea what logic you're talking about.

I think we'll just have to disagree.

j / k navigate · click thread line to collapse

0 comments

powertower13y ago

> And it is not obvious to me that it's not a valid comparison; ... Android is a lot younger, so you could just as well expect it to be less mature and therefore less secure.

There is a reason why PC games are so much more advanced in their design, graphics, and game-play today than they were 10-20 years ago.

By your logic, there is little reason why Crysis 3 should not have been developed 15 years ago. If they can do it now, and the product/market fit for it is good now, why not 15 years ago!

That's just not how it works.

> In the Unix world...

Different world, different people, different needs/wants.

Easy-of-use was a priority for them over security until after XP because...

1. It would have impacted their users negatively (do you remember the response due to the new security in Vista?... people couldn't handle a pop-up, couldn't understand privileges, etc).

2. There previous OSs started from a single-user standpoint and it's difficult to change that (and maintain backwards compatibility, 3rd party drivers and software, support, etc).

You make things seem so easy. That's not how it works.

archangel_oneOP13y ago

powertower13y ago

I've pointed out how ridiculous it's to blame Windows 95 for not being what today OSes are.

Since that wasn't good enough, I then pointed out how ridiculous it would be to compare IE6 (circa 2001) with the latest version of Chrome (2012).

But that wasn't good enough either.

So in the most general of ways I gave you one even better, which BTW had a small part to do with PC performance and more to do with everything else.

> OpenBSD would have been an insecure mess 15 years ago, and nobody's web server would be getting hacked today.

Have no idea what logic you're talking about.

I think we'll just have to disagree.

j / k navigate · click thread line to collapse