North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Misplaced flamewar... WAS: RE: in case nobody else noticed it, there was a mail worm released today

  • From: Iljitsch van Beijnum
  • Date: Fri Jan 30 04:14:06 2004 
On 30-jan-04, at 7:20, Alexei Roudnev wrote:
Second problem is directory structure. In Unix, when I configure IDS (osiris
or Tripwire or Intact), I can just be sure, that 'bin' and 'etc' and 'sbin'
and 'libexec' directories does not have any variable files - all non-static
files are in /var (Solaris is an exception, they put some 'pid files into
.etc, but even here, it is not a problem). But windose... you have not any
directory which never changed, and I find few .dll files, changed every few
days. Every application puts log and data files into it's own directory
(with rare exception of applications, derived from Unix or written by people
with Unix background). It makes terrible difficult to configure IDS, and
makes system very vulnerable.
Actually IMO putting all their crap in their own dir is a feature rather than a bug. I really hate the way unix apps just put their stuff all over the place so it's an incredible pain to get rid of it again.

I think MacOS got it right: for most apps, installing just means dumping the icon wherever you want it to be, deinstalling is done by dropping it in the trash. The fact that the icon hides a directory with a bunch of different files in it is transparent to the user.

And if an installer wants to mess with the system, a request to provide the administrator password comes up, even for users with administrator privilidges.

Of course, it is all trade-off for functionality, but people overestimates
it - many MS benefits come from it's dominance , not from functionality.
I think MS's tradeoffs are mainly time to market vs even faster time to market. Hopefully they'll rip off Apple's ideas for their new stuff. Then add some zone alarm like stuff so apps can't mess with the network without the user's permission and we're in pretty good shape.

And it all makes it a very good target for the viruses / worms.

The fact that SMTP believes everything you tell it doesn't help either.