Quote:
Originally posted by LennonCook:
No, no, and no
This article uses Apache and IIS to disprove both points. Apache is open source, and more popular than IIS (70% market share and rising, I believe), and yet it is historically the more secure of the two. The number of attacks is a factor, yes, but hardly the only one.
|
I did not say that a lower installed base of Alternative apps and OS's explained the lower security hazard rates... I said that the large number of Microsoft enemies has made M$ the prime target for hackers, and if those hackers redirected their energies to other manufacturers, you would see more problems being discovered in those software packages. That article doesn't even address that issue, not very thorough on their part. I'd give the article more credence if they hadn't tried to pull that straw man, it's hate of microsoft that drives attacks against it, not the straw man of "installed base".
Quote:
Security isn't the only benifit. Try making a web page sometime that will work across all browsers... you can't. You basically have two choices: have it work in IE, and have it work in everything else. And do not say "you should design specifically for the one with the greatest user base": the number of websites designed specifically for it is one of the only reasons IE still has a high market share (in the tech-savvy crowd at the very least).
|
I disagree, IE has the largest installed base because it ships preinstalled on the most popular OS (hence all the lawsuits... bundling was a blatantly anti-competitive practice... which also explains why M$ has so many enemies), and also because until recently (Firefox) there wasn't a lot of competition (I used to be a Netscape guy, switched to IE because it's better).
These days there's no excuse for 'IE only' web sites, I use Coldfusion for my App. Server and have no trouble accomodating any browser you want to use.
Quote:
Longhorn, from what I've seen, will if anything be worse. Microsoft do not plan to uncouple IE from the Windows core, infact they want to integrate it further, so that there is no difference between IE and Windows. This also applies for other programs that are nested deeply into Windows in a completely unremovable way, not just IE. In other words, yes it will be a "significant change in the security model", but I'm sure you will find it will be a change for the worse.
|
Sounds like wishful thinking. From what I've seen Longhorn has some innovative approaches to system security, from encrypted hardware communications to an independant security stack. There has never been another consumer OS with this level of integrated security so it's illogical to make pronouncements regarding it's expected failure with no data to corroborate. Personally I also wish they'd decouple apps. level programs (IE, Outlook, etc...) from the OS as that whole architecture is little more than another anti-competitive market share grab (generating lawsuits and lots of M$ hate) and is the single biggest architecture flaw in the windoes OS's, but it remains to be seen if the longhorn security model will hold water. Furthermore, while there's no doubt that the current implementation of IE has some serious issues, that won't necessarily translate into the Longhorn IE (which will be a major rewrite). Personally I think at worst it will still be a damn lot better than the current "no holds barred access/thumb in the damn security model" approach M$ follows.
[ 12-18-2004, 08:00 PM: Message edited by: Thoran ]