From owner-freebsd-questions@FreeBSD.ORG Sun Mar 11 03:53:27 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9114C1065670 for ; Sun, 11 Mar 2012 03:53:27 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: from oproxy5-pub.bluehost.com (oproxy5.bluehost.com [IPv6:2605:dc00:100:2::a5]) by mx1.freebsd.org (Postfix) with SMTP id 543878FC08 for ; Sun, 11 Mar 2012 03:53:27 +0000 (UTC) Received: (qmail 15852 invoked by uid 0); 11 Mar 2012 03:53:26 -0000 Received: from unknown (HELO box543.bluehost.com) (74.220.219.143) by cpoproxy2.bluehost.com with SMTP; 11 Mar 2012 03:53:26 -0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=apotheon.com; s=default; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=jx7u9k9QMjdLYCX0LaOv8Il1IwD85NaqAWg99qXjBKE=; b=fSt83HmDD976ErPwy87VIqzkultyJlet1zro/TTAZOeK5Ck5jxKzrUrrlDWqg+tKtvLlOVMp3RzXTFvQ4/jwKkEXxanUDp9zEI7hqCMPAUZmdKzvNOkTu9ZOcAZ8oxNL; Received: from c-24-8-180-234.hsd1.co.comcast.net ([24.8.180.234] helo=localhost) by box543.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.76) (envelope-from ) id 1S6ZqY-0000IX-Ad for freebsd-questions@freebsd.org; Sat, 10 Mar 2012 20:53:26 -0700 Date: Sat, 10 Mar 2012 20:53:26 -0700 From: Chad Perrin To: freebsd-questions@freebsd.org Message-ID: <20120311035326.GC23967@hemlock.hydra> Mail-Followup-To: freebsd-questions@freebsd.org References: <201203101436.29082.erichfreebsdlist@ovitrap.com> <201203102331.33701.erichfreebsdlist@ovitrap.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201203102331.33701.erichfreebsdlist@ovitrap.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-Identified-User: {2737:box543.bluehost.com:apotheon:apotheon.com} {sentby:smtp auth 24.8.180.234 authed with perrin@apotheon.com} Subject: Re: Suggestion X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Mar 2012 03:53:27 -0000 On Sat, Mar 10, 2012 at 11:31:33PM +0700, Erich Dollansky wrote: > On Saturday 10 March 2012 22:08:37 Alejandro Imass wrote: > > > > ALL of Windows' problems are precisely based on poor design... just to > > name a few: Actually, I disagree with this statement. Many of MS Windows' problems are a result of poor management, too. For instance, the policy of hiding (known) grave security issues for years, and of launching smear campaigns against security researchers who get tired of waiting for Microsoft to do anything about such grave vulnerabilities and thus publish information for end users to use in making technology decisions and trying to mitigate their exposure, adds up to a whole lot of problem for MS Windows, too. It's certainly true that a lot of problems are based on poor design, though. > > > > - no clean separation of system and apps > > it is very clearly separated. Perhaps you can explain the pervasive spread of IE's tentacles throughout the system for much of the lifetime of the MS Windows family of operating systems, then. > > > - apps re-write system libs at will > > Isn't this another masterpiece FreeBSD is far off achieving? I'm not aware of any cases where installing or firing up an editor, web server, or mail user agent alters base system libraries. I think you are mistaken. > > > - no lib versioning > > I think that you are wrong here. It a long time ago but I think I > remember they put a version number into the library name. I read "no lib versioning" as meaning "we don't get the same support for being able to use multiple versions of a library for different purposes," but maybe I'm mistaken. > > > - there is not out of the box user / admin separation > > Another point where FreeBSD is far behind. It is not possible to give > every user on FreeBSD its own account and full administration rights. 1. Plan 9: some kind of next generation rights management and privilege separation 2. FreeBSD: architectural privilege separation between user accounts 3. MS Windows: user-level restrictions on what users can do, trivially bypassed by DRM software and malicious code I think the way you try to paint situations 2 and 3 as being equivalent is grossly off the mark. > > > - no filesystem-based security > > FAT rules! Uh . . . what? > > > - default network protocols are insecure > > Windows has meanwhile default network protocols? I think, I have to do > some catching up. I suspect this was a reference to things like SMB/CIFS and other common networking protocols and toolsets on MS Windows systems. -- Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]