On switching platforms

[chipotle]

This is playing off a post from cargoweasel about the newly discovered JPEG vulnerability in Windows. "How many times do you need this hammered into your skulls. Microsoft Windows is A BROKEN OPERATING SYSTEM," he writes. "What price sanity? How much is all that time and aggravation costing you? Is it really worth saving a couple hundred bucks?"

And these are good questions. I started to reply there, but decided I'd muse over here at greater length.

I have a friend who's thought occasionally about getting a Mac instead of his Windows machine -- he doesn't have any problems with Windows (that he's talked about), but he's comfortable with Unix and likes Apple's designs and so on and so on. And we can even set aside the argument about hardware price; if you're buying a new machine from scratch, the difference is pretty sharply reduced, particularly if you're buying a turnkey PC system from a big name vendor.

If he made that switch, though, the hardware cost isn't the issue. He would have to buy new copies of all of his programs. He has Corel Painter. He has Microsoft Office. He has an earlier Adobe bundle which is pretty much what became the Adobe Creative Suite.

So suddenly, that's $1500 more to make the switch, just based on those programs. And that's going for the "standard" version of the suites--tack on another few hundred if you go for the full shebang. And there are probably lots of little other programs he's bought over the years--not games--that add another few hundred. (He also has Maya, which is another $1999, although that's kind of an unusual case!)

This works both ways, of course. PC users can go on all they want about how the new AMD SuperChicken64 will run twice as fast as my G5, let me use ten times the memory and a better video card and do it all for two-thirds the price. And that's all great, but unless the SuperChicken comes with pretty direct equivalents to $1800 worth of software--yes, I just added it up--any theoretical savings switching to it is more than negated.

But what price sanity? is still a good question. Statistically, even Windows gods are increasingly risking being bitch-slapped by viruses, spyware and all sorts of other nasty crawlies. And even if they're not, Windows--both the original line and the NT line--is subject to what I called "creeping crud syndrome"--just through normal use, things subtly get messed up, until eventually you reinstall your operating system in frustration. I know Windows users who never seem to have any serious problems with their OS, but they appear to be in an ever-decreasing minority.

Comments

[shockwave77598.livejournal.com]

Changing platforms is an expensive undertaking. All the software has to migrate as well as any peripherals like printers and cameras.

Back in 99 or so, right when Apple canceled their licenses to make clone machines, I decided that Mac had no longterm future. I migrated to the PC and spent the bucks for software (most of it anyway.) For all the troubles windows has, I had just as many problems with system 8.6 that weren't caused by virii or worms.

Yes, Windows is far from perfect. Believe me, I know. You can reduce the number of problems by refusing to let MS have every card in your deck. That is, they have the OS, but you run a browser from a different company rather than IE and you use a firewall from a different company also. If I had my way, the ethernet stacks would come from a different vendor also.

[chipotle.livejournal.com]

The original MacOS was long in the tooth by System 8, and was definitely pretty crufty. I recall a comment from one of Apple's original engineers: "I see people with bumper stickers here in Silicon Valley that read 'Windows 95 = Mac 89'. It's true, but that's not the problem. The problem is that 'Mac 95 = Mac 89'." While I've used Macs on and off sine 1986, the first Mac that I bought was an iBook with System 9.1, and while I generally liked it, if OS X hadn't been around the bend it probably would have been the last Mac that I bought, too. (It didn't crash as often as my Windows 95 machine did, but on Windows, at least the entire system didn't go down with every crash.)

I'll have to say in Windows' defense that when I was running with it, the only problem I had with it was the "creeping crud" issue I mentioned. I never got any viruses, AFAIK. I was generally using Mozilla as a browser (this was in the pre-Firefox days) and used the simple hardware firewall in my router. My biggest complaint with it is that it's still very architecturally fragile; everything hinges on the registry, which is poorly understood even by developers who rely on it. There's still no good mechanism for library conflict and dependency resolution, or even library location, so after a year you end up with 20 different copies of three different versions of the same DLL. (I suspect this is what eventually causes the creeping crud.) And Microsoft's reliance on their insecure component architecture for so much of the user application layer, including operating system components outside the kernel, is a constant nightmare. ActiveX, which survives as one part of .NET to this day, is basically OLE, and my suspicion is that its problems can't be fully corrected without breaking some level of backward compatibility--which Microsoft goes out of its way not to do. (A dismaying amount of modern Windows code actually consists of OS-level workarounds for specific bugs in legacy applications.)

[pathia.livejournal.com]

My computer is a gaming box that happens to have other purposes. Until Mac's have more games than PC's, I will never even think about owning one.

I've never had any issues with spyware, viruses or anything at all completely against my own will. If I ever had a problem, it was because of me being dumb.

The reason why Windows has so many problems and exploits is because it has such a large base. The only reason hackers spend all their time messing up windows is because they can do the most damage.

If we lived in some freaky world and M$ was 5% of the market and Apple was 95% of the market I am pretty sure everything would be more or less switched completely (Security wise).

[cargoweasel.livejournal.com]

The reason why Windows has so many problems and exploits is because it has such a large base. The only reason hackers spend all their time messing up windows is because they can do the most damage.

If we lived in some freaky world and M$ was 5% of the market and Apple was 95% of the market I am pretty sure everything would be more or less switched completely (Security wise).

But that's the thing, we DON'T live in that freaky world. If people are driven to do bad things to a certain product, doesn't it make sense to avoid that product?
If OS X gets a lot more popular there will be more exploits and spyware for it. I'm not saying its invulnerable, I'm saying it's a good way RIGHT NOW to avoid all that security crap.

Since you are a gamer though the point is moot. Enjoy your system. :)

[chipotle.livejournal.com]

The ecosystem that 99% of Windows worms exist in depend on a specific set of variables--Outlook or Outlook Express, Internet Explorer, Microsoft Office--that aren't present on the Mac. (IE for the Mac is a completely different product, and Microsoft Entourage, the Mac email program that's an Outlook equivalent, doesn't have Outlook's vulnerabilities.) People who don't have that ecosystem on their Windows machine tend to be much less susceptible all around. If you use Windows, just don't use Outlook and don't use IE, and you get rid of 99% of the risk. (One would think this would be more obvious than it apparently is.)

It's an oft-repeated statement that the Mac would get as many viruses as Windows if it had the same market share, but as John Gruber noted (http://daringfireball.net/2004/06/broken_windows), "This argument ignores numerous facts, such as that the Mac’s share of viruses is effectively zero; no matter how you peg the Mac’s overall market share, its share of viruses/worms/Trojans is significantly disproportionate."

Most of Windows' vulnerabilities come from its reliance on descendants of the OLE component architecture, which was really a great technological idea--just one designed for a single-user, non-networked PC. Every attempt to extend it with a security model has been, to be charitable, a highly mixed bag. Unix certainly isn't flawless, either, but it has a fundamental advantage in a networked world: it was being designed for multiuser, multinode networks years before Microsoft itself existed, let alone Windows.

[pathia.livejournal.com]

Well, I don't use any of those products. I use Firefox, Thunderbird and OpenOffice. The OS itself has done me no wrong.

In fact, this current boot of Windows XP is on its 5th week and the only reason it rebooted last was the power went out in a thunderstorm.

[yasha-taur.livejournal.com]

While the apps (Outlook, etc...) are an important part of the malware problem on Windows, it is far from the main reason. The OS itself was written in a VERY un-secured fashion. SP2 is just beginning to close just SOME of the ports and services that have stupidly been wide open for years. People have reported new computers being attacked almost as soon as they have been put online, before the Windows Update has had a chance to finish. SP2 will slow things down for a while, but there are still a lot of vulnerabilities left to be exploited. And they WILL be exploited.

You can make Windows much more secure by adding anti-virus, ad blockers, pop-up blockers, and other programs. But again, these are things that you have to add, and keep up to date.

All OS's have some vulrabilities, and it is only a matter of time before the Mac OS-X gets a virus. But because the Mac was written with security in mind, I expect that it will be much more of a minor issue than many of the recent Windows bugs.

[pathia.livejournal.com]

*shrug*

I've never had any of those issues. I just don't see what the big deal is.

My annecdotal experience is that Mac users and obviously *nix users seem to know more about computing in general and are less likely to do something stupid.

IE doesn't exist on my machine btw, I use XPlite.

[chipotle.livejournal.com]

That's kind of amusing, since it's sort of what Mac uber-partisan John Gruber said later on in his column, in so many words. I think there's something to it, although I do recall a friend who used to like the Mac who hated the fact that under OS X it was possible to get to a command shell, even though it was moderately hidden. To me this was sort of like complaining that your car no longer had the hood welded shut.

I *have* seen people who know what they're doing with Windows still get biffed, but it's much rarer -- and it's often directly or indirectly caused by somebody else opening the barn door.

[tacit.livejournal.com]

"The reason why Windows has so many problems and exploits is because it has such a large base. The only reason hackers spend all their time messing up windows is because they can do the most damage."

That mantra is repeated so often it's become an article of faith among some people in the Windows world, but the fact is, it simply is not true.

Virus writers can and do attack platofrms with vanishingly tiny market shares; look at the Whistler virus, which attacked a specific security vulnerability in a specific product (one particular version of the BlackICE software firewall). The total installed base of the vulnerable product was only 17,000--far fewer than the number of Macs Apple sells every five days--yet the virus writers targeted it nonetheless.

Windows' problems stem from its inherent insecurity, and from the fact that it was never designed as a secure operating system, not from its numbers.

Example: RPC (Remote Procedure Call) is a Windows service which was specifically designed to allow a remote process to start or stop programs running on another computer. RPC can not be disabled, because so many Windows services rely on it, even on a non-networked machine; every Windows box is rnning RPC, and it can't be stopped. This represents a huge security hole. Unix and Mac OS have an equivalent to Windows RPC, but it is not enabled by default, because it is not used by local services.

Example: Internet Explorer is always running on a Windows system; it's a part of the operating system, and its libraries load at system startup. When you double-click the Explorer icon, you are not launching Explorer; it's already running. You're just bringing up an instance of its user interface. because of this, and because it runs at what is effectively root-level access, anyone who can compromise Explorer can effectively gain root access to the target machine. Even if the user is running in a limited context (for example, as a non-administrative user) and can not, say, affect the contents of the Windows directory, Explorer can. And since it's always running, it can sometimes be exploited even if the user is using a different browser!!!. You are not protected by using an alternative browser; just peruse the Microsoft security bulletins, and look at all the bulletins that contain notations such as "This vulnerability can be exploited even if the user is not using Internet Explorer as his Web browser."

Example: Windows has no mechanism for validating process interaction. A process can send a message to anotehr process which masquerades as a message from the operating system, and that message simply gets placed in the process' message queue without problem. This allows one process to hijack another; it's a very useful thing for hackers, and "dropper" programs such as TROJ/Small.EN and TROJ/Small.AN use this to instruct Explorer to download and execute viruses or spyware without the user's knowledge or consent.

These problems are a result of fundamental architectural features of Windows; they make Windows easier to exploit regardless of Windows' market share. Were the market share of Windows and MacOS reversed, we might see more Mac viruses--but not to the same degree or in the same numbers. That's not a consequence of market share alone--it's a consequence of market share and inherently insecure design.

[prickvixen.livejournal.com]

Cargo is rich and snobby and congenitally unable to understand that a lot of people can't just buy whatever they want. Cheap PCs preloaded with MS software are ubiquitous. His solution is fine for the affluent, but not for the majority of the population, whom I guess are just supposed to suck it up or stay off the net.

[cargoweasel.livejournal.com]

Oh, I'm rich and snobby, am I? I think my credit card company will be interested to know that. :P

Just so you know, I'm as poor as the next cube drone schmoe coming off an 18 month unemployed stretch. And I've had to go 3 years without buying a new computer of any kind. And the 2001-era iBook that was the bottom of the line when i got it is still my primary computer and is going to be for the next 6-8 months at least. It did need a logic board replacement last year but has run pretty well in 3 years. Total cost of ownership has been much less than a comparable 'commodity' PC would have been, because that PC would have had to be upgraded almost completely by now.

I feel I got my thousand bucks worth out of this laptop.

[prickvixen.livejournal.com]

Just so you know, I'm as poor as the next cube drone schmoe coming off an 18 month unemployed stretch.

Maybe you are now, but the fact that you can afford such devices at all means that you're affluent, whether you feel like it or not. It's not too surprising; people well into the upper class think of themselves as 'middle class', perhaps because they're not driving a gold-plated SUV which they wash in champagne every weekend.

I'm reluctant to get into a ghetto contest, but I've had a P3 800 running Win98 since early 2000, and as of this writing I still see no reason to get anything faster. My only real upgrade on it was to buy a slightly better video card to meet There's minimum requirements; 'better' in this case was just about the cheapest card Fry's still bothered to carry. And despite my being unemployed for the last three years, I'm under no illusion that I'm genuinely poor, as evidenced by the fact that I'm not on welfare and living in a doorway.

As for snobby, yes, you are... a good number of your LJ entries could be product endorsements for upscale consumer goods (for which Apple products qualify, incidentally). I'm not sure 'snobby' really counts as an insult in this case, since you seem rather proud of your choices, and of your contempt for products not meeting your standards.

Anyway, I suppose it was out of turn for me to jump on you at all, since I know you weren't addressing everyone, but rather just the people who can make expensive purchases at will. I probably shouldn't have said anything.

[cargoweasel.livejournal.com]

If you persist in saying I am rich and snobby, I shall have my butler thrash you roundly with this ivory-tipped silver walking stick.

[tacit.livejournal.com]

"Cargo is rich and snobby and congenitally unable to understand that a lot of people can't just buy whatever they want. Cheap PCs preloaded with MS software are ubiquitous."

Considering that baseline eMac systems, which are actually more powerful than baseline PC systems, are available for about $700, and come preloaded with productivity and home-office software, that argument is a bit difficult to support. Can you get a PC for less than $700? Yes, but i guarantee it ain't gonna come preloaded with any MS productivity software! Add Office and you're well above the price of the eMac.

[prickvixen.livejournal.com]

But I wasn't strictly comparing new machines. Someone made the point that old Apple machines hold their value better, while PCs devalue much faster. And there's just tons more of them out there because there are a hundred manufacturers making PCs or PC parts. So that's what the masses end up using: old PCs with a bunch of outdated but perfectly useful software. Again, you don't seem to understand that most people have to settle for whatever they can get.

[varjohaltia.livejournal.com]

Not to mention that this is not a new vulnerability. Fixes have been available for a good while now, and if you have autoupdate either install them or at least notify you of their availability, this is a non-issue.

The more common a platform is, the more obvious a target it is to all manner of miscreants. The more common a platform is, the more likely that hardware, software or what have you is available for it (at a good price).

There's a heck of a lot that MS needs to do to fix Windows, but despite it all I find it hard to believe that if the same effort that is going into breaking Windows currently was directed at Linux or OS X they'd fare that much better.

Any modern OS is reasonably secure if well setup and maintained. Windows XP SP2 is a far cry better than 2k or any of the previous iterations, as far as security out of the box goes.

Also, apart from the obvious financial cost there is a steep learning curve. There are so many little things you've learned about whatever platform you were using--keyboard shortcuts, troubleshooting, where to go for freeware, whom to ask for help, what works and what doesn't--that you have to relearn. This isn't "free" either, it will consume a lot of your time and lower your productivity.

[chipotle.livejournal.com]

Well, as I was suggesting to Dracono, I think Linux and OS X would fare better on the simple grounds that they lack the Black Sucking Tarpit of Doom known as OLE/ActiveX. There are architectural problems within Windows that can't be jettisoned without breaking backward compatibility--there are specific old Windows bugs which are being emulated to make legacy code happy. At this point, the alternative is very much to keep patching what they have, or to have a new architecture and an old one side-by-side, with all the complexity that entails. (I suspect Longhorn is trying for that latter mix, which is probably why it won't ship until 2009 or whatever it's been pushed back to by now.)

But, yes, there's a lot of other 'costs' associated in the learning curve with switching platforms and even applications. There was an interesting article about this in the guise of a review of BBEdit 8 (http://daringfireball.net/2004/09/bbedit_8) I came across earlier in the month. "The raw capabilities of a particular application are, for most users, irrelevant; it's the usability that matters. Features which aren't presented via an intuitive, discoverable, usable interface might as well not even exist." (He also makes the unusual--but, upon examination, logical--argument that the best reason to use Emacs or Vim is, in fact, their UI, not their feature set.)

[twentythoughts.livejournal.com]

If one uses other browsers and E-mail programs than IE and Outlook, which are truly sucky programs, and keeps one's antivirus program and firewall, not to mention the OS itself, updated, keeping Windows safe really isn't a problem. It's much like buying a cheap portable CD/MP3/MD player: The player might not be a problem at all, but you'll need to replace the useless earplugs that come with it.

Yeah, there is the 'Creeping crud' thing, but honestly... How big a problem is re-installing your OS every year or two?

I'll admit that I kinda wish I'd started off with a Mac, though :) What keeps me from moving over is the program issue.

[tacit.livejournal.com]

"If he made that switch, though, the hardware cost isn't the issue. He would have to buy new copies of all of his programs. He has Corel Painter. He has Microsoft Office. He has an earlier Adobe bundle which is pretty much what became the Adobe Creative Suite."

He needs to contact those vendors. Corel and Adobe both offer crossgrade versions (and the crossgrade for Adobe Creative Suite is very inexpensive). Re-buying the retail or upgrade versions of the software is not necessary.

[chipotle.livejournal.com]

I was going to say that I contacted Adobe a few years back about this and was told "bite us, no crossgrades," but I'm remembering that actually, I was told that by Macromedia. I need to add that to my list of "why I don't want to buy from Macromedia again." At any rate, the point still largely stands; for people who have as much invested in software as they do in their computer, switching platforms is non-trivial. Even if someone gave me a new high-end PC with all the current woo-woo hardware, I doubt I'd be using it very much.

Of course, Adobe pisses me off by not offering an upgrade path from InDesign 2 to the Creative Suite, but that's another kettle of fish.

[musewoozle.livejournal.com]

In short, I'm looking at it like this:

1) I've never had a virus or security problem in all my time as a Windows user. So I see the "What price sanity?" as over-exaggerated.

2) Granted, Windows does have a great deal of security vulnerabilities. However, I look at the security updates for Apple. I found the following.

http://docs.info.apple.com/article.html?artnum=25631

http://docs.info.apple.com/article.html?artnum=61798

For me, these seem like a huge number of security problems. I fail to see how Apple is innately better in terms of security than Windows by looking at concrete evidence of security flaws in both systems.