To a great extent that is true.
You also forgot a few points.
The little PC running MS-DOS, security wasn't a concern. The idea was to
have a "little" computer that could be used to type up stuff, do a bit of
"Basic" or even run a spreadsheet [e.g. Lotus 1 2 3]. The Internet came
along and one could also hook up the PC XT so that it could send and receive
email etc.
But security was not a concern. There were hardly any viruses at first ..
and these usually had to be physcially introduced by, say, 5 1/4 infloppy
disk.
The smallness, affordability, simplicity and, importantly, the support all
combined to make for a success. A run away success.
And Microsoft eventullay got around to putting a windowing system on these
early machines. But the Windows ran on DOS.
There was a decided naivete to the whole thing. Like Pearl Habour on
December 5th or New York on September 10.
Microsoft and many many others were having a great time too - like a
prosperous and growing town everyone could take a shot and see if they could
make it big - and then came two things: the World Wide Web followed shortly
after by "Chicago" - Windows 95.
Windows 95 was the most successful and wonderful mistake ever envisioned by
humankind. It succeeded getting half the world using PCs and on the
Internet. It show a lot of people about computers. It made more more people
billionaires and millionaires than you could shake a stick at. It
demonstrated some of the almost "miracle" like things computers could do and
get up to .. and ....... it ran on DOS ., [hense the mistake]. Microsoft, by
rights, had they not have to worry about competition etc. etc. should have
waited until they had a Windows 2000 like system ready and had spent some
time in considerable consideration of security and privacy.
But what's done was done. And it really was no one's fault. Most all of us
made the demands. We wanted computers and the Internet "now". We accepted,
no, almost begged, scratched and pleaded for Microsoft Windows and Microsoft
Office and other Microsoft products - we all dumped Netscape Navigator like
some filthy rag - we wanted the flush buttons and smooth scrolling - and the
flash for the websites. We were having a whale of a time.
Then the storms of viruses, excessive pronography, scams and malware which
hit some poeple like hurrican Katrina.
To be honest, I only ever caught one malware -as far as I know - and that
was when I ignored a call to install a certain patch for if I were running
Windows 2000 with IIS installed. But, otherwise I had already done some
reading etc. and was not one likely to fall for the "screensaver" in the
email. And since I had been involved with JavaScript, I had decided early on
to turn it off [a bit ironic - I knew how to code it, so I browse default
with it off].
Many of Microsoft's problems, security-wise, is its users. They want
JavaScript ON. They want Java ON .. always. They want ActiveX ON.
Vulnerabilites get identified and patched, but the user .. the user wants to
see the dancing bunnies - at all costs - and there's not much can be done. A
PC owner has the right to run as root. The install routine can make "users"
but at some point the software company has to "hand over the keys" so to
speak. Yet there's no requirement that the PC owner have ever read even a
magazine article on how to run the thing ..
... Anway, the storm has abated somewhat.
XP SP2 was released. The number of extememe vulnerabilities discovered in
Windows this past year is way fewer than say found in 2004. Many users are
much more circumscript in their behaviour. And Linux still hasn't found the
vendor support it needs for to "take the desktop" [and it probably never
will] so Microsoft - not having to look over its shoulder- has been taking
its time with Vista.
Vista will try - and will probably succeed - to rectify the security
situation through an alert system [and without fanfare, running some of
software e.g. Internet Explorer with only user privileges even if an
Adminstrator is logged on]. Vista will probably substantially reduce the
impact of malware much further than XP SP2.
So there you have it. No matter what Microsoft or Linus Torvalds does,
someone is going to log on as "root", regardless, and run
/bin/dancing_bunnies and there's nothing anyone can do about it.
But with firewalls and care and Vista, the rest of us have a better chance
at mitgating the impact.