OEM vs Retail XP Pro

[David Maynard]

It's almost like second nature that you use the 'Start' menu to shut
down the computer.

Maybe not but if you want to do something it's intuitive you have to
'start' somewhere.

Besides, you're begging the question. The issue wasn't whether everything
under the sun just naturally follows according to your particular
impression of intuitive (which I submit is artificially created for no
other purpose than to argue). The issue was whether it's more intuitive
than Linux. And I see nothing more 'intuitive', or equally intuitive, about
shutting down a system from a pretty green ball than a START button.

 

[David Maynard]

Matt wrote:




Not to mention, these same people were claiming the opposite when the Mac
was in its heyday...

I have no idea who 'these same people' are.

 

[David Maynard]

Mxsmanic wrote:




Oh my god! Don't make me laugh... The whole user account fumble on Windows
makes it insecure. When users have to run their applications as
administrator, it defeats having user accounts at all for security reasons.

Except the premise is false. Users do not "have to run their applications
as administrator."

And a similar complaint can be made about Linux tasks that change
themselves to root during execution, or simply execute with root
privileges. Not to mention it's probably one of the most popular 'fixes'
users do for an access problem: change it to root.

 

[David Maynard]

Ruel Smith wrote:




I wanted to add, that the fact that it promotes users running in full blown
administrator mode at all, which is what 99% of all users do anyway,
demonstrates that security pretty much wasn't even a consideration at all
when it was developed.

That's nonsense. Windows does not 'promote' running as Administrator.

Users do it because they're lazy, don't understand user privileges anyway,
and don't realize the vulnerability it creates.

And to conclude that "security pretty much wasn't even a consideration"
from users abusing it is absurd.

 

[Mxsmanic]

Oh my god! Don't make me laugh... The whole user account fumble on Windows
makes it insecure.

What "user account fumble"?

When users have to run their applications as administrator, it defeats
having user accounts at all for security reasons.

Perhaps, but applications are distinct from the operating system. If an
application is so poorly designed that it cannot run without
administrative privileges, that's a defect in the application, and
there's nothing that any operating system can do about it.

 

[Mxsmanic]

I wanted to add, that the fact that it promotes users running in full blown
administrator mode at all, which is what 99% of all users do anyway,
demonstrates that security pretty much wasn't even a consideration at all
when it was developed.

Security was a key feature of Windows NT, the predecessor of all modern
versions of Windows (NT, XP, 200x). When the OS is run as a server,
it's rare for users to log in as administrators (even among sysadmins).

When Windows or any OS is run as a desktop, the end user typically has
direct physical access to the machine. There isn't any way to secure a
machine to which the user has direct physical access, and so not much is
lost if he logs in as an administrator. Most desktops are far less
mission-critical than servers, anyway, so a compromise of a desktop has
less far-reaching effects than a compromise of a server.

 

[Mxsmanic]

Yes, but you said Unix didn't get anything from Linux, didn't you?

I don't recall what I said.

Are we comparing NetBSD or AIX vs. Linux desktop systems? I thought we were
comparing a typical desktop Unix, like FreeBSD vs. Linux.

I was comparing all versions of UNIX to Linux, IIRC.

 

[Mxsmanic]

Speech recognition can be extremely frustrating, but sooner or later
it will be usable by most people.

Speech recognition, like a GUI, is only a solution to certain problems,
not all. I can type faster and more accurately than I can speak.

 

[Mxsmanic]

You're full of crap. Maytags are NOT the most reliable brand of appliance
out there. Maytags are only middle of the road in reliability, though they
tend to be made of better parts, meaning less plastic.

With major appliances, "middle of the road" still means "zero support,
zero repair" in most cases.

As a matter of fact, I believe Kenmore is the most reliable according to
Consumer Reports, and they're rebranded Whirlpool machines, though Speed
Queen left the market years ago, and their machines are sold in the retail
market under the Amana name, and some lines of Maytags.

The majority of washing machines run until they are thrown away, so it
doesn't matter which brand they are. The same cannot be said of
computers, at least once software enters the equation.

 

[Harlo Peterson]

That's nonsense. Windows does not 'promote' running as Administrator.

Users do it because they're lazy, don't understand user privileges anyway,
and don't realize the vulnerability it creates.

And to conclude that "security pretty much wasn't even a consideration"
from users abusing it is absurd.

I have been running as a non-privileged user on windows xp pro for a few
years now. It generally works fine except, for example, programs like
Quicken and Norton anti-virus. Quicken insists on putting user state in its
program files directory. NAV wants you to log in as an admistrator to run
full system scans, you can't schedule a service to do this. The point is WXP
has good security, a lot of application programs don't run properly unless
you are an admistrator and most users are not willing, like I am, to hack
directory and file protections, and investigate which files need protection
changes, to get them to work.

 

[Mxsmanic]

I have been running as a non-privileged user on windows xp pro for a few
years now. It generally works fine except, for example, programs like
Quicken and Norton anti-virus. Quicken insists on putting user state in its
program files directory. NAV wants you to log in as an admistrator to run
full system scans, you can't schedule a service to do this. The point is WXP
has good security, a lot of application programs don't run properly unless
you are an admistrator and most users are not willing, like I am, to hack
directory and file protections, and investigate which files need protection
changes, to get them to work.

What advantages have you obtained in exchange for your efforts to make
things work with only user privileges?

 

[Matt]

Ruel Smith writes:




Security was a key feature of Windows NT, the predecessor of all modern
versions of Windows (NT, XP, 200x). When the OS is run as a server,
it's rare for users to log in as administrators (even among sysadmins).

When Windows or any OS is run as a desktop, the end user typically has
direct physical access to the machine. There isn't any way to secure a
machine to which the user has direct physical access, and so not much is
lost if he logs in as an administrator.

That's true and relevant if you assume the user is trying to ruin the
computer. It's not clear that you are grasping the concept that admin
priveleges permit people to ruin their computers accidentally.

Most desktops are far less
mission-critical than servers, anyway, so a compromise of a desktop has
less far-reaching effects than a compromise of a server.

Try telling that to a home user who just lost everything from their hard
drive.

 

[Ruel Smith]

Meanwhile as Linux suddenly developed a very Windows 95 looking
desktop...

Is that why Microsoft has been spying on KDE, looking for ideas to
incorporate into the Longhorn desktop? Maybe they should have just went
back and looked at their own Windows 95 instead?

 

[Matt]

I have been running as a non-privileged user on windows xp pro for a few
years now. It generally works fine except, for example, programs like
Quicken and Norton anti-virus. Quicken insists on putting user state in its
program files directory. NAV wants you to log in as an admistrator to run
full system scans, you can't schedule a service to do this. The point is WXP
has good security, a lot of application programs don't run properly unless
you are an admistrator and most users are not willing, like I am, to hack
directory and file protections, and investigate which files need protection
changes, to get them to work.

Thank you.

I haven't had any trouble running as an ordinary user 99% of the time
under Linux.

 

[Ruel Smith]

What "user account fumble"?

On Windows, on the desktop, if you create user accounts for everyone in your
house, certain applications still require to be run as administrator (they
are numerous, too). So, in those accounts, they have to be setup to run as
administrator to run at all in the user accounts. This is a major security
vulnerability. A security breach in one of those applications enables them
to compromise the entire operating system.

In Linux, applications are run in the user space in the user accounts. Any
vulnerabilities are restricted to destroying the user account, but not the
system itself.

Worst of all, most Windows users do not create user accounts at all, and
simply operate as administrator 24/7. Talk about vulnerable...

This is a fumble. Why have user accounts at all, if they are not secure?

Perhaps, but applications are distinct from the operating system. If an
application is so poorly designed that it cannot run without
administrative privileges, that's a defect in the application, and
there's nothing that any operating system can do about it.

Wrong. That's a defect in the operating system that it allows the
application to run in administrator mode at all from a user account.

 

[Matt]

Unless Linux can be made to recognize and work with common hardware, it
isn't going anywhere on the desktop, no matter what Linux apologists
say.

True. That's where Brazil, Korea, China, and others come into the picture.

Those giants are adopting Linux en masse, which means that hardware
makers will be at a significant disadvantage if they don't provide
drivers for Linux. Can a hardware maker ignore 5% to 10% of the world
market and still outdo their competitors? No. We in the West don't see
huge Linux growth yet, but its growth in the East (especially among
small businesses) will bring it to that critical mass.

When the hardware compatibility problems are out of the way, the
software situation will improve. Large institutions in the West
(cities, corporations, universities) are already seeing the chance to
save big money by switching to Linux. Free applications such as the
Firefox browser and OpenOffice are smoothing the transition away from
MS. Commercial software makers will port their stuff to Linux. Then
Linux will be easy for the home user.

Longhorn is still two years out and is not going to be much better than
XP.

 

[Ruel Smith]

Except the premise is false. Users do not "have to run their applications
as administrator."

And a similar complaint can be made about Linux tasks that change
themselves to root during execution, or simply execute with root
privileges. Not to mention it's probably one of the most popular 'fixes'
users do for an access problem: change it to root.

Try again. First of all, there are many applications that have to be run as
administrator or they simply don't run in the user account.

Secondly, yes, you can be so stupid as to change an application to run in
root mode, but it's not necessary and pretty stupid to do so. All Linux
applications are designed to be run in user mode. An idiot can make his
Linux system insecure, and nothing is stopping him. However, by design,
it's not nearly as insecure as Windows.

Getting root privileges is temporary in Linux. You simply turn it on for the
task you need to take care of, and when you exit the application, such as a
control panel type of application where you need to make system wide
changes, or exit your superuser (su) status, it's gone. You are not left
vulnerable.

Regardless of how you spin this, it's true, and reinforces my position
contrary to Mxsmanic's claim that "Linux has a much more primitive security
model than Windows."

 

[Ruel Smith]

But that's Debian Potato from 2000-2003 (Sarge became 'stable' in 2003) so
one doesn't expect Windows style 'user friendly' and I can't run KDE in 32
meg of RAM on a 50Mhz Arm.

Umm, last I looked, Sarge is "testing", and Woody is "stable".

 

[Matt]

<hardware incompatibility anecdotes>

Brazil, Korea, China, and others are adopting Linux en masse, which
means that hardware makers will be at a significant disadvantage if they
don't provide drivers for Linux. Can a hardware maker ignore 5% to 10%
of the world market and still outdo their competitors? No. We in the
West don't see huge Linux growth yet, but its growth in the East
(especially among small businesses) will bring it to that critical mass.

When the hardware compatibility problems are out of the way, the
software situation will improve.

 

[Matt]

Would have helped if you hadn't snipped out the attribution to begin with.

You are right.