note
tilly
I am mixed in my opinions about this.<P>
So let me start with the uncontroversial note that I find
it ironic that Larry Wall criticized Lisp as an exemplar
of the "sweep-it-under-someone-else's-carpet" school of
simplicity. Ironic because a large part of what I think
is good about Perl is how it has encouraged people to hide
complexity under someone else's carpet. (Very frequently
with that someone being an author on CPAN.) This is one
of the reasons that programming in Perl is productive,
because you get a lot done with little work.<P>
That said the security model of Windows is not one of the
things that I would call a shining success. To be sure
they have a lot of interesting ideas. However security is
one thing that you don't want to get wrong, and Microsoft
has done exactly that, repeatedly. Plus when I hear someone
say, "sophisticated", what I hear is, "complex, poorly
understood, and likely buggy". Those are not things you
want in a security model.<P>
Not that Unix is an exemplar here either. As with most
things, Unix takes the approach of solving a very simple
problem and declaring that to be enough. Well it isn't.
With the sole exception of OpenBSD, there is not a single
flavour of modern Unix that I would feel comfortable
letting an untrusted and competent cracker local access
to. And the security model of Unix is also singularly
unsuited to handling a complex permissioning system.
Plus authenticating actions by the current user/group of
the process is using global data. If you need to do
complex stuff with restricted access to permissions
beyond the normal, well be cautious because it is easy
to go wrong. (This is a key cause of why Unix is so
characteristically vulnerable to root compromises.)<P>
But for all that Unix is not very good, it is head and
shoulders above Windows in practice. Largely because
Unix made a lot of the mistakes that Windows is still
making a long time ago. (Based on theory, I am favorably
inclined to believe the claims of the
[http://www.eros-os.org|EROS] folks that they really do
have a good security model. At least reading their
articles taught me a lot about where and why security
goes wrong!)<P>
Now back to Windows and Unix. And unbridled advocacy.<P>
IMNSHO anyone who is so put off by the perceived faults of
a system that they cannot see the qualities is a
narrow-minded fool. Unlike [jcwren], I am not a fan of
Windows. But I am not stupid either. Microsoft may not
have always achieved and held their position through using
the best technical product, but when they truly do put out
the worst (hello Bob) they don't succeed. Windows has
merits. It has things it does very well. Office is a
capable office suite. A lot of research and effort went
into IE. Any programmer who is blinded by bigotry and
decides that this is irrelevant is hurting themselves
first, second, and third.<P>
In fact many of the things that I do not like about Windows
are tied to intentional decisions. For instance I do not
like the way that Windows pushes people in subtle and not
so subtle ways to interact through the GUI rather than with
a command line. I am <b>not</b> visually oriented. I
generally prefer text. Always have, probably always will.
(Which might be why I am writing this from Debian, using
fvwm2 as my window manager. Isn't the purpose of a GUI to
let you run more xterms...? :-)<P>
What this means is that Windows is generally harder to
script than Unix. But Windows is easier for most people
to use on the desktop. Now do I think that it is
possible to have a system that is better than either is
tooday? Yes. But that doesn't change the fact that the
choice to actively focus on moving people off of the
command prompt and to the GUI was intentional on the part
of Microsoft. And it wasn't necessarily (my preferences
notwithstanding) the <i>wrong</i> decision to make
either.<P>
Now for two further takes on this kind of religious war
see [http://www.perl.com/pub/2000/12/advocacy.html|Why I
hate Advocacy] by [Dominus], and my previous thoughts on
this kind of argument at [id://68759].
70562
70645