Linked by Eugenia Loli on Wed 8th Dec 2004 20:48 UTC, submitted by Nicholas
Editorial I just spent the last several days reading the lengthy essay "Ying and Yang of Security" which explores the origins of security on the personal computer and explains why the current models are outdated. It seems to argue that security systems designed to keep the system safe are relics of the days of mainframes when the system was more important than the user, but for a personal computer the user is more important than the system.
Permalink for comment
To read all comments associated with this story, please click here.
Not bad
by Archangel on Thu 9th Dec 2004 01:23 UTC

Quite a read, but not a bad article. He did miss a few bits like RPC, which has turned out to be crucial to Windows (in)security.

Mike: That's all very well, but that method of addressing security doesn't actually fix problems. XP SP2 does a good job of masking a lot of issues by turning the firewall on, but doesn't explain why those ports were listening in the first place. Seriously, a port listening for remote users to execute code on that machine, or one for them to alter the registry? Gonna cause trouble...

Groshong: They're referred to as features when they're something users want. Bloat is a feature users don't want.
Tabbed browsing and IE's Media sidebar would be a good example of each.
If anyone wants to argue, remember that the definition of bloat is 99% of the time personal; obviously not everyone considers it unnecessary or the developers wouldn't have put it in in the first place.

sociopatanonymous: Win+F2 has no effect on here, beyond generating a normal F2 event. Even if it did, it's almost completely useless because it's 60 characters long; nobody's going to seriously type that or anything similar when they want to su.
Windows would benefit hugely from prompting users to su in the GUI, ala KDE or just about anything else.