On switching platforms
2004-09-29 11:24![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
chipotleThis is playing off a post from ![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
cargoweasel about the newly discovered JPEG vulnerability in Windows. "How many times do you need this hammered into your skulls. Microsoft Windows is A BROKEN OPERATING SYSTEM," he writes. "What price sanity? How much is all that time and aggravation costing you? Is it really worth saving a couple hundred bucks?"
And these are good questions. I started to reply there, but decided I'd muse over here at greater length.
I have a friend who's thought occasionally about getting a Mac instead of his Windows machine -- he doesn't have any problems with Windows (that he's talked about), but he's comfortable with Unix and likes Apple's designs and so on and so on. And we can even set aside the argument about hardware price; if you're buying a new machine from scratch, the difference is pretty sharply reduced, particularly if you're buying a turnkey PC system from a big name vendor.
If he made that switch, though, the hardware cost isn't the issue. He would have to buy new copies of all of his programs. He has Corel Painter. He has Microsoft Office. He has an earlier Adobe bundle which is pretty much what became the Adobe Creative Suite.
So suddenly, that's $1500 more to make the switch, just based on those programs. And that's going for the "standard" version of the suites--tack on another few hundred if you go for the full shebang. And there are probably lots of little other programs he's bought over the years--not games--that add another few hundred. (He also has Maya, which is another $1999, although that's kind of an unusual case!)
This works both ways, of course. PC users can go on all they want about how the new AMD SuperChicken64 will run twice as fast as my G5, let me use ten times the memory and a better video card and do it all for two-thirds the price. And that's all great, but unless the SuperChicken comes with pretty direct equivalents to $1800 worth of software--yes, I just added it up--any theoretical savings switching to it is more than negated.
But what price sanity? is still a good question. Statistically, even Windows gods are increasingly risking being bitch-slapped by viruses, spyware and all sorts of other nasty crawlies. And even if they're not, Windows--both the original line and the NT line--is subject to what I called "creeping crud syndrome"--just through normal use, things subtly get messed up, until eventually you reinstall your operating system in frustration. I know Windows users who never seem to have any serious problems with their OS, but they appear to be in an ever-decreasing minority.
cargoweasel about the newly discovered JPEG vulnerability in Windows. "How many times do you need this hammered into your skulls. Microsoft Windows is A BROKEN OPERATING SYSTEM," he writes. "What price sanity? How much is all that time and aggravation costing you? Is it really worth saving a couple hundred bucks?"And these are good questions. I started to reply there, but decided I'd muse over here at greater length.
I have a friend who's thought occasionally about getting a Mac instead of his Windows machine -- he doesn't have any problems with Windows (that he's talked about), but he's comfortable with Unix and likes Apple's designs and so on and so on. And we can even set aside the argument about hardware price; if you're buying a new machine from scratch, the difference is pretty sharply reduced, particularly if you're buying a turnkey PC system from a big name vendor.
If he made that switch, though, the hardware cost isn't the issue. He would have to buy new copies of all of his programs. He has Corel Painter. He has Microsoft Office. He has an earlier Adobe bundle which is pretty much what became the Adobe Creative Suite.
So suddenly, that's $1500 more to make the switch, just based on those programs. And that's going for the "standard" version of the suites--tack on another few hundred if you go for the full shebang. And there are probably lots of little other programs he's bought over the years--not games--that add another few hundred. (He also has Maya, which is another $1999, although that's kind of an unusual case!)
This works both ways, of course. PC users can go on all they want about how the new AMD SuperChicken64 will run twice as fast as my G5, let me use ten times the memory and a better video card and do it all for two-thirds the price. And that's all great, but unless the SuperChicken comes with pretty direct equivalents to $1800 worth of software--yes, I just added it up--any theoretical savings switching to it is more than negated.
But what price sanity? is still a good question. Statistically, even Windows gods are increasingly risking being bitch-slapped by viruses, spyware and all sorts of other nasty crawlies. And even if they're not, Windows--both the original line and the NT line--is subject to what I called "creeping crud syndrome"--just through normal use, things subtly get messed up, until eventually you reinstall your operating system in frustration. I know Windows users who never seem to have any serious problems with their OS, but they appear to be in an ever-decreasing minority.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2004-09-29 14:35 (UTC)That mantra is repeated so often it's become an article of faith among some people in the Windows world, but the fact is, it simply is not true.
Virus writers can and do attack platofrms with vanishingly tiny market shares; look at the Whistler virus, which attacked a specific security vulnerability in a specific product (one particular version of the BlackICE software firewall). The total installed base of the vulnerable product was only 17,000--far fewer than the number of Macs Apple sells every five days--yet the virus writers targeted it nonetheless.
Windows' problems stem from its inherent insecurity, and from the fact that it was never designed as a secure operating system, not from its numbers.
Example: RPC (Remote Procedure Call) is a Windows service which was specifically designed to allow a remote process to start or stop programs running on another computer. RPC can not be disabled, because so many Windows services rely on it, even on a non-networked machine; every Windows box is rnning RPC, and it can't be stopped. This represents a huge security hole. Unix and Mac OS have an equivalent to Windows RPC, but it is not enabled by default, because it is not used by local services.
Example: Internet Explorer is always running on a Windows system; it's a part of the operating system, and its libraries load at system startup. When you double-click the Explorer icon, you are not launching Explorer; it's already running. You're just bringing up an instance of its user interface. because of this, and because it runs at what is effectively root-level access, anyone who can compromise Explorer can effectively gain root access to the target machine. Even if the user is running in a limited context (for example, as a non-administrative user) and can not, say, affect the contents of the Windows directory, Explorer can. And since it's always running, it can sometimes be exploited even if the user is using a different browser!!!. You are not protected by using an alternative browser; just peruse the Microsoft security bulletins, and look at all the bulletins that contain notations such as "This vulnerability can be exploited even if the user is not using Internet Explorer as his Web browser."
Example: Windows has no mechanism for validating process interaction. A process can send a message to anotehr process which masquerades as a message from the operating system, and that message simply gets placed in the process' message queue without problem. This allows one process to hijack another; it's a very useful thing for hackers, and "dropper" programs such as TROJ/Small.EN and TROJ/Small.AN use this to instruct Explorer to download and execute viruses or spyware without the user's knowledge or consent.
These problems are a result of fundamental architectural features of Windows; they make Windows easier to exploit regardless of Windows' market share. Were the market share of Windows and MacOS reversed, we might see more Mac viruses--but not to the same degree or in the same numbers. That's not a consequence of market share alone--it's a consequence of market share and inherently insecure design.