Slashdot Mirror
Why Does Windows Still Suck?
RatBastard writes "SF Gate's Mark Morford asks: Why Does Windows Still Suck? After wtaching his significant other's Windows PC drown in a sea of viruses and worms after only 4 minutes on her new DSL connection, Mark Morford wonders why the masses have not stormed Redmond waving torches and scythes in anger over the never-ending security flaws in Windows. Why haven't they jetisoned the foul beast from Redmond and migrated en mass to the Macintosh or even Linux?"
I'm a gamer.
Wheel in the sky keeps on turnin'.
Why would you let your SO attach an unpatched and unprotected PC to the Internet? Would the author let her walk SF's Tenderloin after dark in a halter, leather mini & fishnets?
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
They don't know of anything else, and Windows came with the computer.
Because it's still Windows.
It's not a problem with Windows! The operating system is okay! It's digitally signed!
They don't care
Sounds like too easy of an answer, but for non-tech savvy people, a computer is just a tool for email, web, etc. If computers were a vital part of people's lives, they might care. Corporations can pay administrators to keep their computers clean, but joe twelvepack doesn't use his computer for anything that he can't do without. QED.
People who think they know everything really piss off those of us that actually do.
People have been taught that computers are inherently unstable, will often crash, are very complex machines that are basicly a house of cards. They have been fed the line that 'security is too hard!' so much they believe it.
Don't get me wrong, I'm a mac fanboy myself, and I agree 100% with most of the author's conetentions, but, some of his evidence is a bit whack:
He links to the Crack a Mac challenge, as evidence that macs are bulletproof. Fine, but read their story- most of the attempts to crack *that* mac were based on old UNIX and NT attacks, and well, duh! HOWEVER- nobody (hardly) uses macs for webserves. If we had been doing that for the past 15 years, well, perhaps there'd be heaps of *known* exploits. The Crack a Mac story doesn't prove that there aren't exploits, it proves that not many folks know what they are.
Without Antivirus, how do you know it's "clean as a whistle"? It's kind of a schrodinger's cat scenario; you haven't looked.
Second, the average user could no more tell you the difference from an OS and an application than from a Trojan versus a Virus.
Finally, the average user isn't all that clued that there are any other options out there, and there are few if any application or game ads on TV that say "Runs on Mac" or "Runs on Linux" to make them even look.
---
More rants like this on my blog
The worms and viruses are designed to be hard to detect. People have infected machines that they don't know are infected. Out of sight, out of mind.
Remember the days when Republicans were the party of fiscal responsibility?
Perhaps this is just human nature. But as a "switcher" who is approaching his one year anniversary with a PowerMac after almost 20 years of Windows and DOS (starting with DOS 2.0!) I can honestly say: Windows users, it's not your fault. Microsoft should be ashamed, not you. Windows sucks, and there are better choices out there for you. Make them! You'll be happy that you did.
It's "cheap", and by cheap I mean free as in "already installed on the PC when I bought it" cheap. No installation work needed, I'm used to using it's features, etc. - that's what the typical computer user would say these days.
And if the computer "breaks" or slows down it's not that expensive to go buy a new one. It's just a part of our American "throw-away" consumerism. Apple computer users are like the Jaguar and Mercedes crowd - they're pretty damn expensive cars, but they'll last for a long time and look great on the road no matter how old they are. Linux computer users trying to use Linux on the desktop are like the "ricers." The car doesn't always work, is usually a "work in progress," but when done right can demolish any comparably priced car. They're still not as classy or long-lasting as the Mercedes and Jaguars, but every once in a while they're pretty cool.
'Cept Linux users don't get hot booth babes at the trade shows.
Do you have to patch your brakes, or update your steering defintions on your car just to make it safe to use?
You don't drive a Ford I take it...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
It's the same reason why people don't storm the White House...
It's the same reason why people don't storm the RIAA headquarters...
It's the same reason why people don't storm the *insert whatever you like*...
Sure, Slashdotters might get angry and send off snail mail/email/faxes to whoever they're angry at. But we're a minority.
The MAJORITY are just too complacent with their lives. They're happy within their immediate environment. They may think it's not right, but they'll never take the action against it. It's too much of a hassle.
So instead they just acceot it. Windows crashing is obviously not so much of an inconvenience that they must storm Redmond. It's easier to push the reset button.
Why do people eat at McDonald's? They definitely don't make the best burger in town.
Things like consistency, convenience, perceived value, brand recognition, etc., all play a big role.
Try connecting an unpatched Solaris 2.6 box to the internet. Within a day it will be hacked and much more dangerous than any hacked Windows PC.
Caleb
Longhorn will be the first release of Windows authored completely after Microsoft began their Trusted Computing Initiative and released .NET. Longhorn will reimplement and convert major Windows subsystems to managed code. This alone will substantially improve security of the operating system, as while the APIs will remain the same legacy Win32 apps will end up talking to managed code beneath the Win32 API (yes, .NET makes this possible)
This will dramatically lessen the exploitation potential of code flaws in the Windows application libraries. Microsoft has to maintain support for legacy application, but that doesn't mean they can't get a fresh start on the underlying code, and doesn't mean that existing Microsoft applications can't be converted to managed code as well.
damn it, i'm sick of all the windows bashing.. it's an awesome OS... comes complete with a calculator and a paint program, not to mention the ability to clean your disk (i don't know how they do it, but they must have some crazy washer/dryer system inside) I hear this grinding sound inside my computer so that must be it. Also, it has the ability to change the background picture... how freakin' cool is that!? I can put up a picture of my cats!!! IT'S RIGHT THERE ON MY MONITOR!!! What more could you ask for in an OS?! Come on people!
Preinstalling their os with every new computer is huge advantage for them. If the government told them to sell their OS on the market for over $100(xp cost) then people would wise up and buy something else.
Another reason though is that Linux still can be a hassle like downloading firefox and having to use administrator login to install.
Not a very accurate analogy. Wouldn't it suck if the car were to unconditionally burst into flames unless you were sure to also purchase an extra $1000 in "safety features" and have them installed perfectly before ever attempting to drive it? (And without the dealer actually telling you this.)
Get it now? You microsoft apologists should really get a clue.
If all the software that people ran was available on linux and macs, games included, then more people, including myself, would switch. And honestly, I am computer savvy, but I am not even sure if there are still many different versions/releases of linux outhere, where to get them from, wether they are free or I gotta buy them. I know IT guys are all over linux, but I don't think the article, and the question is poses are aimed at IT/programmer types. So in a nutshell, being a regular guy using my computer, if there was more software available for linux, and it was clear how to acquire it, I would be switching. Most people, like myself just want to put a disc in a drive,install and not worry about it any more.
The only reason so many Windows boxes get pwned out of the box is because the 'bad guys' have already written exploits that get in through an unpatched bug.
Who's fault is this? Is it Microsofts? Not really, at least how I see it.
I blame the computer manufacturer that you bought the box from.
Those holes that are in your windows box when you plug it into the net already have patches written for them.
It's the manufacturers that refuse to slipstream these packages into the software builds that they stick on their machines coming out of the factory.
Dell builds your PC to order, as do a few other guys.
The hard drive has an OS imaged onto the drive on the line.
And since there is a common image for each machine of the same family, it's a very simple process for Dell to image their machines on the line.
Each model has it's own OS image, based on hardware.
It would take very little effort to slipstream an updated patch into those images. No PC has to sit in an open box waiting to be patched; they are patched when they're built. That is not a difficult solution, it would take the hiring of one or two guys in the factory to add a slipstream into the disk image (and slipstreaming is *very* easy, as long as you know the process.)
It would be easy as pie. Your machine would come off the line patched, and current. It would only be out of date by a few days, the time it would take to ship the box to you from the factory. The likelihood of a new exploit that would pwn you in that time is very, very low.
Same thing with going to a retailer. They should be provided current and up to date boxes when they leave the store. It would not be difficult for BestBuy/CircuitCity/et al to stick the box/laptop you buy inside their secured network, and patch the machine before you walk out the door with it.
Let's use an analogy that the author of the article used; a new car.
You buy a new Ford. Before you bought it, Ford issued a recall, due to a defective gas tank that may or may not explode. When you buy the car off the lot, it may have sat there a few months (parallel = older unpatched windows build). You take it home to find out that the recall was not applied to the vehicle; why not? Because the dealer says it's your responsibility to get it in to get fixed; not the dealers.
Would that be acceptable? No. Not for a moment. The same thing is happening with Windows, and you can't blame MS for it. It's the PC makers that sell you an exploitable box.
" Maybe if his S.O. was a little more competent, Windows wouldn't suck so much."
Think about it. If it was a TV.
"My SO plugged the brand new TV into the cable system and 4 minutes later it stopped working." You SO is a moron. Why wasn't your SO smart enough to open the back of the TV and rewire the power supply!
Or if it was a car.
"My SO just got a new car and the engine was trashed after driving it 4 minutes."
Why was your SO so stupid to drive a brand new car with out first opening the hood and setting the valve clearance!
You statement is just dumb and insulting. She is not a moron. She is just not a system admin. What is moronic is that people are selling Windows XP boxes that are so insecure that they can not live on the Internet long enough to download SP2.
Maybe every Windows Box should come with the network stack inactive. When you want to connect to the Internet a special super restricted TCP/IP stack pops up and downloads the latest updates for you. Windows is being pushed as a consumer item it should be expected to act like one.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
I can already tell this article will find itself in league with the all-time great classic technical-discussion.slashdot.org postings such as:
-Why does Windows still blow?
-Why does my Tux tattoo still itch?
-Why can't I still get a date?
and now back to the fallout shelter...
The whole topic of games development using DirectX vs OpenGL has been discussed to death here. Sure, the game writers could do it in OpenGL instead of DirectX, but Microsoft has apparently made using DirectX extremely easy. Maybe what it will take is someone to write a translation library that will basically translate the DirectX calls into OpenGL calls. Once that's out there, more games can be done for non-Windows systems. While all that's going on, OpenGL must be made friendlier to use than DirectX.
OK, it's a lot... but if you really want to lure the games developers to the side of platform independence, you have to give them a good reason to do so.
OCO is Loco
That reminds me of an email I got the other day when I asked the user if she had MS Word. I'll paste it here:
"I have microsoft explorer xp, but don't think it's microsoft word. It's call word perfect."
I can see it now - him sitting across the room, her with a laptop on a table... then she reaches around the back of the table and saying "Now I'll try out the internet connection".
Slow motion... the guy throwing himself across the room as the hand with the RJ45 inexorably moves into place faster than he can arrive.
NOOOOOOOOOOOOOOOOOOOOOOO!!!!!!!
ALl you need to make it a great scene in a movie is for the laptop to shake, slide off the table, then explode in a huge fireball when it impacts the carpet as the guy knocks her out of the way.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
When you tried to do this, companies would say that you needed to contact Microsoft for the refund. Microsoft would say you needed to contact the computer seller. Once you finished running around in circles, you found out that it only cost the manufacturer about $1.00 to put the copy of Windows on that machine, and that's what you'd have refunded to you.
Of course, if you needed to get Windows back on the machine, now you'd have to pay the $180 for a full copy of it, because you had to return any and all materials from your computer purchase in order to get your dollar back.
Of course, if you managed to convince the manufacturer to sell you a computer without an operating system pre-installed, you had to pay an extra $10-$50 for that choice. Why? In order to be sure the computer worked in the first place, they had to install Windows to test the peripherals and other devices! Oh, did you want warranty support too? Sorry. "We don't support other operating systems."
The whole pre-installation thing was pure genius on the part of Microsoft's marketing department.
OCO is Loco
No duh pre-installing Windows on computers is a huge advantage, but it's not like the vendors don't have a choice.
This article says otherwise.
Some history.
That's why. We have an agreement with IBM to use their hardware (golf course agreement - we send them biz, they send us biz) and for the most part I like it. I think their blade and 44X servers are GREAT.
However, they have subtle differences with each set of machines that come off the production line. You can buy 4 servers at the same time and each will be a LITTLE different. Linux doesn't care. We use the same image with blades that we use with 345s that we use with 445s - no sweat.
BUT, with Windows, 2 blades (or whatever) require totally different drivers to be installed. My team can image (literally) tens (and probably 100-200, although we haven't tested that) of servers at once - using Linux in about a day. Windows - won't work, the requirements for the OS to have just the RIGHT driver for each server is a bloody NIGHTMARE.
Another issue is access. A lot of applications with Windows seem to need admin equivalent access and then want that ongoing to change anything. This means a lot of people need a LOT more access than we want to give out! With *nix, we've managed to use sudo and scripts to keep those boxes better locked down.
Otherwise, to be frank, I don't give a r@ts ass one way or the other. I simply line Linux b/c it works. If we could get past the image issue, I could probably live with Windows (and just suck it up WRT access).
Computer Science is Applied Philosophy
So I was reading /. when I came across a typical 'OMG Windows SuXors' article..
I casually sipped my afternoon coffee, set it down, and clicked the article link, bracing myself for the deluge of mind-numbing numbers and references to obscure studies.
After reading the article, I looked to the right side-bar for a list of other recent articles by the author. Trying to get a feel for the authors views, I decided to peruse a few of them.
Well, I must say. Mark Morford has to be one of the most rabid, extremist, over-reactive, leftist, tin-foil hat wearing, Moore wannabe's I've had the displeasure of reading.
Now, before the flames begin to rise, please understand the last paragraph was a simple reciprocle example of Mr. Morford's diatribes. Basically take a simple statement, and make it appear so sensationistically over-the-top.
So now to my point. How can this article be used on a news site, when it is simply nothing more than a rant? I use Linux and Windows, and on occasion Macs. I rarely have any problems with any of my systems. I have never had my Windows boxed filled with virii/trojans, nor have I had a crash in as long as I can remember. Am I just one of the lucky ones, or do I simply ignore the little monkey moving back and forth in a feeble attempt to evade my mouse click for a Free iPod
Actually, they don't. Microsoft have repeatedly threatened & upped the price on vendors who sell machines without the OS pre-installed. And they have also charged for a Windows license for every machine sold, regardless of what OS was actually on it. This was the meat of one of the many lawsuits pending against MSFT when W. took office (and then they went away...)
Karma: Excellent (Mainly due to Bill & Ted's Karma Adventure)
Heck, if I could get a contract with my employer that forced them to send me a check even though I screw up everything I do, I definately would go for it.
That is called a "Union". Popular for that very reason...
Longhorn will not be the answer. Managed code will not fix users from breaking their machine. One of the first and foremost reasons why computers get messed up is because of user mistakes. Using social engineering a virus tricks them into running something they shouldn't. No amount of "managed code" will protect the user from pressing the wrong buttons.
The answer has been staring at us for 20 years now. Many of the security problems in Windows are born of legacy. And ironically they were problems born from not learning lessons learned by other Operating Systems.
But in typical fashion, Microsoft is throwing more software at the flaws instead of fixing the fundemental design which created the issue in the first place. The whole chain about any virus using IE as an vector should show you this.
There are fundemental issues that were learned by other systems along time ago that MS continues to ignore and throw more software upon in an attempt to obscure the problems. So many things would go away if users never had the previliage to screw up their system easily. So many things would go away if the web browser was treated as a viewer instead of a platform for execution. So many tools could be simplified and made less confusing if they fixed the underlying problems...but they won't.
I'm sorry to sound like flamebait but I'm sick of it. Longhorn will get released and people will harass me on what in the world "code group permissions" are. People can't figure out IE's "zones" and they want me to explain to users how "code groups" work?! Thanks Microsoft...thanks for completely avoiding the problem.
So the biggest problem with Windows is the users? The solution is clear, then, get rid of Windows users: have them all buy a Mac or install Linux.
And then we'd be hearing instead, "The biggest problem with MacOS/Linux is that Apple/Linus gave a very powerful OS to Joe Servicepack who has NO CLUE how to get it stable and keep it stable."
~REZ~ #43301. Who'd fake being me anyway?
Windows 98? Sucked. No arguments from anyone about that. Windows ME? Sucked. Again, little defense even from MS. Windows 2000? Not as sucky--marked improvement in stability. Windows XP? Much better. Not perfect, but glad to see it's better.
If you're going to run Windows the simple fact of life you're going to have to get used to is this: high maintenance. Well, maybe it's not all that bad...
- Patch and then patch again.
- Before you even think about plugging into the network, patch it from CDs after you re-install the OS (don't trust what comes from the factory)
- install your anti-virus and your adware prophylactics before you think about going on-line, too.
- Install Firefox and turn off that damned built-in firewall on XP2 after you install a 3rd party firewall package like ZoneAlarm.
- Don't log-in as Administrator ever and make sure you're using a 15 character password with a few unicode characters in it for all accounts.
- Install a firewall router on your LAN and work from behind it.
- Don't use the same password on any other computer.
- Update your virus DAT files daily--maybe twice a day
- Run RKDetector everynow and then just to make sure.
- Boot from a Knoppix CD once in a while to make sure you're not owned.
- If you enabled any kind of services, turn them off.
If you're running linux, you'll need to practice the same kind of vigilance. Those boxes are 0wn3d more often by "real" people instead of zombie processor or worms. In fact, crackers like Linux boxes much more than Windows because they're more fun and harder to 0wn.Macs are easily knocked over two if you're running services like SSH. A dictionary attack is trivial.
They all still suck
I might know what I'm talkin' about, but then again, this is Slashdot...
From here
Or this:
From here
Ashcroft and James didn't have their positions in Clinton's administration.
Bad Moderators, go sit in the corner and think about what you've done.
Open Source Java DAO Generator
In order to be sure the computer worked in the first place, they had to install Windows to test the peripherals and other devices!
That may have been an excuse in 1999, but Knot anymore.
Fuck, 800 plus comments as of now, and no one with any real insight gets modded up? Perhaps that is the problem, in itself? No one, not one person that I saw, attempted to take the arrticle and make a decent discussion out of it.
Premise 1: We have a computer user, who is a journalist, has been using Macs for nigh on 15 years, is not extremely tech savy (Get to that in a mo') and sees that his fellow computers users, most of them on one of the millions of brands of PC and one of the various flavours of Windows, be it from Win98 to WinXP, have, in general, more problems with their computers than he does.
What does all that tell me?
I am a Mac user myself (well, I use a PC as well with Linux and Win2000 on it and I used to be a Windows shop sys admin). I agree with his OBSERVATIONS 100%. I mean observations because apart from his subjective ranting on why the world doesn't string BillG up from the rafters, which is his OPINION, his article has a good point.
I have seen and expereienced the same problems with Windows machines, until learning better, such as the 20 seconds till being hacked when first going online with WinXP and the numerous bugs in the OS over the years. Yes, I know as well as you that putting a simple router in front of the machine stops 90% of the bugs and being careful about mails and what you download and keeping up with pacthces will stop the rest, but it is a real pain and, in my experience, one has to ask the simple question: why?
In that I agree with the article. Using Windows is more complex than a Mac with OSX. Now on to the tech savy bit. The author writes about the prize that was offered for hacking the webserver Webstar, which was the only real webserver on classic Mac OS. It was never used widely in the server world and thus is not a good example of application security. The guy reveals his lack of expertise because, all those who know that OSX is based on BSD know that the webserver shipped with OSX is Apache, the same one that upsets the numbers game of OSS with respect to commercial offerings when compared to IIS.
Also, the argument that Windows has more software available is a real one, especially for gamers and for CAD and specialised business applications and the situation will stay that way while Windows has such a dominating marketshare.
And that is a reason for staying with Windows, but it isn't the reason why 90% of the world's computer using public uses PC's and Windows. That reason is simply because PC's are more available and most people have no idea that there are alternatives and are only interested in getting a "computer" with which they can chat, browse, mail, write letters, store photos, listen to music etc. Although a Mac arguably, in my experience, does all of this much better than Windows does, most people will simply go to the nearest shop and use what is there.
Ahmen.
In fact I stopped hating Microsoft (for a while) after my first 10 installs of 2000 Server and Active Directory. I fell for the hype, which was mostly true, until I used Novell Netware 6.0 with eDirectory.
eDirectory is the same, plus better and it runs on Linux, Windows and pretty much any place you want to install it. The licensing is a lot more straight-forward, it's better than Active Directory, runs on Linux and it's Novell. We love Novell now don't we?
I say the question is:
Get your Unix fortune now!
Day 1: Couldn't partition my hard drive because the Slackware installation disk doesn't have drivers for SATA disk controllers. Spent the rest of the day searching the web for work-arounds.
Day 2: Located a message board where someone had posted a custom ISO image of Slackware disk 1 with a SATA-enabled kernel. Was able to partition my hard drive and get setup running, but when it came time to pick a kernel to install, it refused to let me insert disk 1 to grab the SATA kernel. Spent the rest of the day searching the web for work-arounds.
Day 3: Finally figured out that I could put the setup process in the background, unmount the CD, eject and re-insert disk 1, then bring setup back to the foreground. Completed setup and got X running. Copied over source for 2.6.10 kernel, which I had burned to a CD. Started doing configuration, and realized there were no Linux drivers available for my wireless network card. Spent the rest of the day searching the web for solutions.
Day 4: Discovered ndiswrapper, a module that allows you to use standard Windows drivers for wireless NICs under Linux. Downloaded and built it with no problems. Tried to load my NIC drivers, and the entire OS immediately locked up. Rebooted and tried a couple more times with the same results. Spent the next 2 days searching the web for solutions.
Day 6: Finally found a single post from someone who had the same hardware revision of the same card, who had been able to get it working using the 2.6.9 kernel. Burned the source to CD and installed it on Linux box, configured, compiled, rebooted, built ndiswrapper and it worked! Unfortunately, I couldn't get an address from DHCP server. Spent the rest of the day searching the web for solutions.
Day 7: Took a day off.
Day 8: Found out that I was using the wrong command to query DHCP (I was foolishly running dhcclient instead of dhcpcd, it's so obvious!), so now DHCP works and I can connect to the net without having to assign a static IP address. I spent the next couple days configuring the video drivers, audio drivers, and getting all the modules to configure correctly at boot-up.
Day 10: Started working on getting the video-capture card drivers working. Ran into a myriad of build errors right off the bat. Did some research and learned I needed to compile some extra features into the kernel before the drivers will build. So I reconfigure, build, install, reboot... and the kernel won't load. Decide to call it a day and have a few stiff drinks before I am tempted to toss the computer out the window.
Day 11: Okay, turned out it wasn't anything tragic, I booted to an older kernel, rebuilt the new kernel, and everything worked fine. But the capture card drivers still wouldn't build. Spent the rest of the day searching the web for solutions.
Day 12: Finally realized that all info I've found about using this particular capture card refers to the fact that the user was using a 2.4 kernel instead of 2.6. So I download the kernel source, configure, build, install, reboot... and now I can build and install the capture card drivers. Unfortunately, there are no drivers available in the kernel source for my motherboard sound chipset. But I figure I can address that problem later. I do a bunch of configuring, ho
Day 1:
....
...
I purchased the magazine which had Knoppix 3.x cd on the cover and booting my Father in laws pc ( windows , infected , dying ) proceeded to knx-hdinstall the operating system into the pc ( 3 yr old machine with router for internet connection ) . Completed the install of Knoppix Linux ( email configuration ) and rebooted. Showed In laws how to login , and mail and surf.
Day 2
Added In laws new digital camera
Day 3 through 365 : hear nothing from in laws but praise for system that works, has not been inconsistent and lets them use their computer as they "expected" to be able to use it
Day 366 : read story about user who makes poor purchasing descision and then complains about the product.
Day 367 : write sequel to story
okay the version of knoppix last year was old, but backing up their data to a usb flash drive and reinstalling to 3.7 the other day toook less than 10 minutes !
And thats why Firecrackers and kittens don't mix.