windows vs linux

[dasgupta]

Derleth:

But what could a hijacked browser do if it doesn’t have root access? The user might lose some files, which would be pretty bad if he was dumb enough not to have backups of the vital stuff. But it would all be cured by a simple reinstallation of the browser and a cleansing of the temp files, as opposed to the full OS reinstall a similarly compromised Windows machine might need. The user could (probably) even save his bookmarks and Jimmy’s homework.

Could it spread? Maybe to machines of the same kind, with the same browser with the same flaws. In other words, it wouldn’t stand a chance in hell: The odds of the loser being in contact with a machine that similar to his would be so small that no epidemic could start. The worm would search around for similar machines, find none, and die on the initial batch of hosts when the losers upgraded browsers.

To be a suitable home desktop replacement, giving the basic user - ie: the first user created - root access would be a must. You simply cannot expect home users to know that they should log out, or use su to install programs. Most users don’t even want a password to log onto their OS. They just want it to work.

Likewise, if Linux were the top desktop OS, likely there would be a single popular distro - not to mention browser and email client - that a virus could exploit.

IMO, one of the reasons Windows is vulnerable is that to be poised as the top desktop, it must be easy and user friendly for home users, first time users, children, etc. If Linux were in the same position, making the OS easy and friendly for users would open similar holes.

[leenmi]

dasgupta:

To be a suitable home desktop replacement, giving the basic user - ie: the first user created - root access would be a must. You simply cannot expect home users to know that they should log out, or use su to install programs. Most users don’t even want a password to log onto their OS. They just want it to work.

Likewise, if Linux were the top desktop OS, likely there would be a single popular distro - not to mention browser and email client - that a virus could exploit.

IMO, one of the reasons Windows is vulnerable is that to be poised as the top desktop, it must be easy and user friendly for home users, first time users, children, etc. If Linux were in the same position, making the OS easy and friendly for users would open similar holes.

And yet when Apple based OS X on BSD, they maintained role separation and ease of use, then wrapped it all up in one truly gorgeous package. The OS is easy and friendly for users and similar holes are not opened.

[John_Kentzel-Griffin]

Since this is more about opinion than fact, I’ll move it to IMHO.

DrMatrix - GQ Moderator

[Derleth]

LSLGuy, dasgupta, I refer you both to leenmi’s post and to MacOS X, a secure UNIX that both your [grand]mothers could use.

The average user doesn’t need to have much direct access to his system. He needs to be protected from that kind of direct access, in fact, because he stands a good chance of screwing himself over. This makes UNIX ideal as a real end-user OS, in the most corporate sense of the phrase.

You both mention software installation as a time when he’d need root permissions. Nonsense. UNIX allows you to install your software into your own home directory, binaries, libraries, documentation and all, and run it as if it were system software. Most Linux machines aren’t set up that way by default now, but it would be a trivial task to make the change. Most software doesn’t need direct access to the machine any more than the user does, and UNIX software that doesn’t need it doesn’t demand it. It goes through library functions, instead.

This means that the user can make a backup of all his files without much hassle, since they’re all in the same part of the directory tree. This, therefore, makes upgrades a hell of a lot less painful.

Installation of device drivers is more problematic, because a device driver does need direct hardware access. This can be alleviated by creating a special user with access to some of the files in the /dev directory and nothing else: Not root, but with direct access the system’s user shouldn’t have. If you both think that passwords are not acceptable, you can create passwordless accounts under UNIX with a predictable loss of security. But the beauty of this method is that the account doesn’t really have access to very much.

The idea that everyone will standardize around a single web browser and email program is a bit harder to shoot down, but I don’t think it’s the certainty dasgupta makes it out to be. For one thing, there won’t be any proprietary data formats or protocols. That means that people can switch between programs without losing anything. And for another, a lot of people do indeed like to make their machine their own, which is more possible under UNIX than Windows.

Now, these designs are my ideas about the UNIX that captures the nontechnical desktop market, not real comments on the various UNIXes that are in use by people like me right now. The UNIX I’m designing is essentially the same as the one sitting on my desk, but it is a long way from being an exact replica.